package org.gluu.oxauth.ciba;

import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import org.apache.commons.lang.RandomStringUtils;
import org.gluu.oxauth.BaseTest;
import org.gluu.oxauth.client.BackchannelAuthenticationClient;
import org.gluu.oxauth.client.BackchannelAuthenticationRequest;
import org.gluu.oxauth.client.BackchannelAuthenticationResponse;
import org.gluu.oxauth.client.RegisterClient;
import org.gluu.oxauth.client.RegisterRequest;
import org.gluu.oxauth.client.RegisterResponse;
import org.gluu.oxauth.client.TokenClient;
import org.gluu.oxauth.client.TokenRequest;
import org.gluu.oxauth.client.TokenResponse;
import org.gluu.oxauth.load.LoadConstants;
import org.gluu.oxauth.model.ciba.BackchannelAuthenticationErrorResponseType;
import org.gluu.oxauth.model.common.BackchannelTokenDeliveryMode;
import org.gluu.oxauth.model.common.GrantType;
import org.gluu.oxauth.model.crypto.signature.AsymmetricSignatureAlgorithm;
import org.gluu.oxauth.model.register.ApplicationType;
import org.gluu.oxauth.model.register.RegisterRequestParam;
import org.gluu.oxauth.model.token.TokenErrorResponseType;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;

/* loaded from: input_file:org/gluu/oxauth/ciba/BackchannelAuthenticationExpiredRequestsTests.class */
public class BackchannelAuthenticationExpiredRequestsTests extends BaseTest {
    @Parameters({"clientJwksUri", "backchannelUserCode", "userId"})
    @Test
    public void backchannelTokenDeliveryModePollExpiredRequest(String str, String str2, String str3) throws InterruptedException {
        TokenResponse exec;
        showTitle("backchannelTokenDeliveryModePollExpiredRequest");
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", (List) null);
        registerRequest.setJwksUri(str);
        registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
        registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.POLL);
        registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
        registerRequest.setBackchannelUserCodeParameter(true);
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec2 = registerClient.exec();
        showClient(registerClient);
        Assert.assertEquals(exec2.getStatus(), LoadConstants.THREAD_POOL_SIZE, "Unexpected response code: " + exec2.getEntity());
        Assert.assertNotNull(exec2.getClientId());
        Assert.assertNotNull(exec2.getClientSecret());
        Assert.assertNotNull(exec2.getRegistrationAccessToken());
        Assert.assertNotNull(exec2.getClientSecretExpiresAt());
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_USER_CODE_PARAMETER.toString()));
        Assert.assertEquals((String) exec2.getClaims().get(RegisterRequestParam.BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.POLL.getValue());
        Assert.assertEquals((String) exec2.getClaims().get(RegisterRequestParam.BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.RS256.getValue());
        Assert.assertEquals((String) exec2.getClaims().get(RegisterRequestParam.BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
        String clientId = exec2.getClientId();
        String clientSecret = exec2.getClientSecret();
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(6);
        String uuid = UUID.randomUUID().toString();
        BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
        backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
        backchannelAuthenticationRequest.setLoginHint(str3);
        backchannelAuthenticationRequest.setClientNotificationToken(uuid);
        backchannelAuthenticationRequest.setUserCode(str2);
        backchannelAuthenticationRequest.setRequestedExpiry(1);
        backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
        backchannelAuthenticationRequest.setBindingMessage(randomAlphanumeric);
        backchannelAuthenticationRequest.setAuthUsername(clientId);
        backchannelAuthenticationRequest.setAuthPassword(clientSecret);
        BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(this.backchannelAuthenticationEndpoint);
        backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
        BackchannelAuthenticationResponse exec3 = backchannelAuthenticationClient.exec();
        showClient(backchannelAuthenticationClient);
        Assert.assertEquals(exec3.getStatus(), LoadConstants.THREAD_POOL_SIZE, "Unexpected response code: " + exec3.getEntity());
        Assert.assertNotNull(exec3.getAuthReqId());
        Assert.assertNotNull(exec3.getExpiresIn());
        Assert.assertNotNull(exec3.getInterval());
        int i = 0;
        do {
            Thread.sleep(3500L);
            TokenRequest tokenRequest = new TokenRequest(GrantType.CIBA);
            tokenRequest.setAuthUsername(clientId);
            tokenRequest.setAuthPassword(clientSecret);
            tokenRequest.setAuthReqId(exec3.getAuthReqId());
            TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
            tokenClient.setRequest(tokenRequest);
            exec = tokenClient.exec();
            showClient(tokenClient);
            i++;
            if (i >= 5 || exec.getStatus() != 400) {
                break;
            }
        } while (exec.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING);
        Assert.assertEquals(exec.getStatus(), 400, "Unexpected HTTP status resposne: " + exec.getEntity());
        Assert.assertNotNull(exec.getEntity(), "The entity is null");
        Assert.assertEquals(exec.getErrorType(), TokenErrorResponseType.EXPIRED_TOKEN, "Unexpected error type, should be expired_token.");
        Assert.assertNotNull(exec.getErrorDescription());
    }

    @Parameters({"clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "userId"})
    @Test
    public void backchannelTokenDeliveryModePingExpiredRequest(String str, String str2, String str3, String str4) throws InterruptedException {
        TokenResponse exec;
        showTitle("backchannelTokenDeliveryModePingExpiredRequest");
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", (List) null);
        registerRequest.setJwksUri(str);
        registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
        registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
        registerRequest.setBackchannelClientNotificationEndpoint(str2);
        registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
        registerRequest.setBackchannelUserCodeParameter(true);
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec2 = registerClient.exec();
        showClient(registerClient);
        Assert.assertEquals(exec2.getStatus(), LoadConstants.THREAD_POOL_SIZE, "Unexpected response code: " + exec2.getEntity());
        Assert.assertNotNull(exec2.getClientId());
        Assert.assertNotNull(exec2.getClientSecret());
        Assert.assertNotNull(exec2.getRegistrationAccessToken());
        Assert.assertNotNull(exec2.getClientSecretExpiresAt());
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_USER_CODE_PARAMETER.toString()));
        Assert.assertTrue(exec2.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
        Assert.assertEquals((String) exec2.getClaims().get(RegisterRequestParam.BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
        Assert.assertEquals((String) exec2.getClaims().get(RegisterRequestParam.BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.RS256.getValue());
        Assert.assertEquals((String) exec2.getClaims().get(RegisterRequestParam.BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
        String clientId = exec2.getClientId();
        String clientSecret = exec2.getClientSecret();
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(6);
        String uuid = UUID.randomUUID().toString();
        BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
        backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
        backchannelAuthenticationRequest.setLoginHint(str4);
        backchannelAuthenticationRequest.setClientNotificationToken(uuid);
        backchannelAuthenticationRequest.setUserCode(str3);
        backchannelAuthenticationRequest.setRequestedExpiry(1);
        backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
        backchannelAuthenticationRequest.setBindingMessage(randomAlphanumeric);
        backchannelAuthenticationRequest.setAuthUsername(clientId);
        backchannelAuthenticationRequest.setAuthPassword(clientSecret);
        BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(this.backchannelAuthenticationEndpoint);
        backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
        BackchannelAuthenticationResponse exec3 = backchannelAuthenticationClient.exec();
        showClient(backchannelAuthenticationClient);
        Assert.assertEquals(exec3.getStatus(), LoadConstants.THREAD_POOL_SIZE, "Unexpected response code: " + exec3.getEntity());
        Assert.assertNotNull(exec3.getAuthReqId());
        Assert.assertNotNull(exec3.getExpiresIn());
        Assert.assertNotNull(exec3.getInterval());
        int i = 0;
        do {
            Thread.sleep(3500L);
            TokenRequest tokenRequest = new TokenRequest(GrantType.CIBA);
            tokenRequest.setAuthUsername(clientId);
            tokenRequest.setAuthPassword(clientSecret);
            tokenRequest.setAuthReqId(exec3.getAuthReqId());
            TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
            tokenClient.setRequest(tokenRequest);
            exec = tokenClient.exec();
            showClient(tokenClient);
            i++;
            if (i >= 5 || exec.getStatus() != 400) {
                break;
            }
        } while (exec.getErrorType() == TokenErrorResponseType.AUTHORIZATION_PENDING);
        Assert.assertEquals(exec.getStatus(), 400, "Unexpected HTTP status resposne: " + exec.getEntity());
        Assert.assertNotNull(exec.getEntity(), "The entity is null");
        Assert.assertEquals(exec.getErrorType(), TokenErrorResponseType.EXPIRED_TOKEN, "Unexpected error type, should be expired_token.");
        Assert.assertNotNull(exec.getErrorDescription());
    }

    @Parameters({"clientJwksUri", "backchannelClientNotificationEndpoint", "backchannelUserCode", "userId"})
    @Test
    public void backchannelBigExpirationTimeAreNotAlloed(String str, String str2, String str3, String str4) throws InterruptedException {
        showTitle("backchannelBigExpirationTimeAreNotAlloed");
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", (List) null);
        registerRequest.setJwksUri(str);
        registerRequest.setGrantTypes(Arrays.asList(GrantType.CIBA));
        registerRequest.setBackchannelTokenDeliveryMode(BackchannelTokenDeliveryMode.PING);
        registerRequest.setBackchannelClientNotificationEndpoint(str2);
        registerRequest.setBackchannelAuthenticationRequestSigningAlg(AsymmetricSignatureAlgorithm.RS256);
        registerRequest.setBackchannelUserCodeParameter(true);
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec = registerClient.exec();
        showClient(registerClient);
        Assert.assertEquals(exec.getStatus(), LoadConstants.THREAD_POOL_SIZE, "Unexpected response code: " + exec.getEntity());
        Assert.assertNotNull(exec.getClientId());
        Assert.assertNotNull(exec.getClientSecret());
        Assert.assertNotNull(exec.getRegistrationAccessToken());
        Assert.assertNotNull(exec.getClientSecretExpiresAt());
        Assert.assertTrue(exec.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()));
        Assert.assertTrue(exec.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()));
        Assert.assertTrue(exec.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_USER_CODE_PARAMETER.toString()));
        Assert.assertTrue(exec.getClaims().containsKey(RegisterRequestParam.BACKCHANNEL_CLIENT_NOTIFICATION_ENDPOINT.toString()));
        Assert.assertEquals((String) exec.getClaims().get(RegisterRequestParam.BACKCHANNEL_TOKEN_DELIVERY_MODE.toString()), BackchannelTokenDeliveryMode.PING.getValue());
        Assert.assertEquals((String) exec.getClaims().get(RegisterRequestParam.BACKCHANNEL_AUTHENTICATION_REQUEST_SIGNING_ALG.toString()), AsymmetricSignatureAlgorithm.RS256.getValue());
        Assert.assertEquals((String) exec.getClaims().get(RegisterRequestParam.BACKCHANNEL_USER_CODE_PARAMETER.toString()), new Boolean(true).toString());
        String clientId = exec.getClientId();
        String clientSecret = exec.getClientSecret();
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(6);
        String uuid = UUID.randomUUID().toString();
        BackchannelAuthenticationRequest backchannelAuthenticationRequest = new BackchannelAuthenticationRequest();
        backchannelAuthenticationRequest.setScope(Arrays.asList("openid", "profile", "email", "address", "phone"));
        backchannelAuthenticationRequest.setLoginHint(str4);
        backchannelAuthenticationRequest.setClientNotificationToken(uuid);
        backchannelAuthenticationRequest.setUserCode(str3);
        backchannelAuthenticationRequest.setRequestedExpiry(10000000);
        backchannelAuthenticationRequest.setAcrValues(Arrays.asList("auth_ldap_server", "basic"));
        backchannelAuthenticationRequest.setBindingMessage(randomAlphanumeric);
        backchannelAuthenticationRequest.setAuthUsername(clientId);
        backchannelAuthenticationRequest.setAuthPassword(clientSecret);
        BackchannelAuthenticationClient backchannelAuthenticationClient = new BackchannelAuthenticationClient(this.backchannelAuthenticationEndpoint);
        backchannelAuthenticationClient.setRequest(backchannelAuthenticationRequest);
        BackchannelAuthenticationResponse exec2 = backchannelAuthenticationClient.exec();
        showClient(backchannelAuthenticationClient);
        Assert.assertEquals(exec2.getStatus(), 400, "Unexpected response code: " + exec2.getEntity());
        Assert.assertNull(exec2.getAuthReqId());
        Assert.assertNull(exec2.getExpiresIn());
        Assert.assertEquals(exec2.getErrorType(), BackchannelAuthenticationErrorResponseType.INVALID_REQUEST);
        Assert.assertNotNull(exec2.getErrorDescription());
    }
}
