package org.gluu.oxauth.interop;

import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import org.gluu.oxauth.BaseTest;
import org.gluu.oxauth.client.AuthorizationRequest;
import org.gluu.oxauth.client.AuthorizationResponse;
import org.gluu.oxauth.client.AuthorizeClient;
import org.gluu.oxauth.client.JwkClient;
import org.gluu.oxauth.client.RegisterClient;
import org.gluu.oxauth.client.RegisterRequest;
import org.gluu.oxauth.client.RegisterResponse;
import org.gluu.oxauth.client.model.authorize.Claim;
import org.gluu.oxauth.client.model.authorize.ClaimValue;
import org.gluu.oxauth.client.model.authorize.JwtAuthorizationRequest;
import org.gluu.oxauth.load.LoadConstants;
import org.gluu.oxauth.model.common.ResponseType;
import org.gluu.oxauth.model.crypto.OxAuthCryptoProvider;
import org.gluu.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.gluu.oxauth.model.jws.RSASigner;
import org.gluu.oxauth.model.jwt.Jwt;
import org.gluu.oxauth.model.register.ApplicationType;
import org.gluu.oxauth.model.util.StringUtils;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;

/* loaded from: input_file:org/gluu/oxauth/interop/ProvidingIdTokenWithEssentialAuthTimeClaim.class */
public class ProvidingIdTokenWithEssentialAuthTimeClaim extends BaseTest {
    @Parameters({"userId", "userSecret", "redirectUri", "redirectUris", "dnName", "keyStoreFile", "keyStoreSecret", "sectorIdentifierUri"})
    @Test
    public void providingIdTokenWithEssentialAuthTimeClaim(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        showTitle("OC5:FeatureTest-Providing ID Token with Essential auth time Claim");
        List asList = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str4));
        registerRequest.setResponseTypes(asList);
        registerRequest.setSectorIdentifierUri(str8);
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec = registerClient.exec();
        showClient(registerClient);
        Assert.assertEquals(exec.getStatus(), LoadConstants.THREAD_POOL_SIZE, "Unexpected response code: " + exec.getEntity());
        Assert.assertNotNull(exec.getClientId());
        Assert.assertNotNull(exec.getClientSecret());
        Assert.assertNotNull(exec.getRegistrationAccessToken());
        Assert.assertNotNull(exec.getClientIdIssuedAt());
        Assert.assertNotNull(exec.getClientSecretExpiresAt());
        String clientId = exec.getClientId();
        String clientSecret = exec.getClientSecret();
        OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str6, str7, str5);
        List asList2 = Arrays.asList("openid");
        String uuid = UUID.randomUUID().toString();
        String uuid2 = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId, asList2, str3, uuid);
        authorizationRequest.setState(uuid2);
        JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret, oxAuthCryptoProvider);
        jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createEssential(true)));
        authorizationRequest.setRequest(jwtAuthorizationRequest.getEncodedJwt());
        new AuthorizeClient(this.authorizationEndpoint).setRequest(authorizationRequest);
        AuthorizationResponse authenticateResourceOwnerAndGrantAccess = authenticateResourceOwnerAndGrantAccess(this.authorizationEndpoint, authorizationRequest, str, str2);
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getLocation(), "The location is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getAccessToken(), "The accessToken is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getTokenType(), "The tokenType is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getIdToken(), "The idToken is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getState(), "The state is null");
        String idToken = authenticateResourceOwnerAndGrantAccess.getIdToken();
        authenticateResourceOwnerAndGrantAccess.getAccessToken();
        Jwt parse = Jwt.parse(idToken);
        Assert.assertNotNull(parse.getHeader().getClaimAsString("typ"));
        Assert.assertNotNull(parse.getHeader().getClaimAsString("alg"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("iss"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("aud"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("exp"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("iat"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("sub"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("at_hash"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("auth_time"));
        Assert.assertTrue(new RSASigner(SignatureAlgorithm.RS256, JwkClient.getRSAPublicKey(this.jwksUri, parse.getHeader().getClaimAsString("kid"))).validate(parse));
    }
}
