package org.xdi.oxauth.ws.rs;

import java.util.ArrayList;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;
import org.xdi.oxauth.BaseTest;
import org.xdi.oxauth.client.AuthorizationRequest;
import org.xdi.oxauth.client.AuthorizationResponse;
import org.xdi.oxauth.client.AuthorizeClient;
import org.xdi.oxauth.client.CheckSessionClient;
import org.xdi.oxauth.client.CheckSessionResponse;
import org.xdi.oxauth.client.JwkClient;
import org.xdi.oxauth.client.TokenClient;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.client.TokenResponse;
import org.xdi.oxauth.client.UserInfoClient;
import org.xdi.oxauth.client.UserInfoResponse;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.common.Prompt;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.jws.RSASigner;
import org.xdi.oxauth.model.jwt.Jwt;
import org.xdi.oxauth.model.userinfo.Schema;

/* loaded from: input_file:org/xdi/oxauth/ws/rs/AuthorizationCodeFlowHttpTest.class */
public class AuthorizationCodeFlowHttpTest extends BaseTest {
    @Parameters({"authorizeUrl", "tokenUrl", "checkSessionUrl", "userId", "userSecret", "clientId", "clientSecret", "redirectUri"})
    @Test
    public void authorizationCodeFlow(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        showTitle("authorizationCodeFlow");
        ArrayList arrayList = new ArrayList();
        arrayList.add(ResponseType.CODE);
        arrayList.add(ResponseType.ID_TOKEN);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("openid");
        arrayList2.add("profile");
        arrayList2.add("address");
        arrayList2.add("email");
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(arrayList, str6, arrayList2, str8, (String) null);
        authorizationRequest.setState("af0ifjsldkj");
        authorizationRequest.setAuthUsername(str4);
        authorizationRequest.setAuthPassword(str5);
        authorizationRequest.getPrompts().add(Prompt.NONE);
        AuthorizeClient authorizeClient = new AuthorizeClient(str);
        authorizeClient.setRequest(authorizationRequest);
        AuthorizationResponse exec = authorizeClient.exec();
        showClient(authorizeClient);
        Assert.assertEquals(exec.getStatus(), 302, "Unexpected response code: " + exec.getStatus());
        Assert.assertNotNull(exec.getLocation(), "The location is null");
        Assert.assertNotNull(exec.getCode(), "The authorization code is null");
        Assert.assertNotNull(exec.getState(), "The state is null");
        Assert.assertNotNull(exec.getScope(), "The scope is null");
        String scope = exec.getScope();
        String code = exec.getCode();
        String idToken = exec.getIdToken();
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setRedirectUri(str8);
        tokenRequest.setAuthUsername(str6);
        tokenRequest.setAuthPassword(str7);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
        TokenClient tokenClient = new TokenClient(str2);
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec2 = tokenClient.exec();
        showClient(tokenClient);
        Assert.assertEquals(exec2.getStatus(), 200, "Unexpected response code: " + exec2.getStatus());
        Assert.assertNotNull(exec2.getEntity(), "The entity is null");
        Assert.assertNotNull(exec2.getAccessToken(), "The access token is null");
        Assert.assertNotNull(exec2.getExpiresIn(), "The expires in value is null");
        Assert.assertNotNull(exec2.getTokenType(), "The token type is null");
        Assert.assertNotNull(exec2.getRefreshToken(), "The refresh token is null");
        exec2.getAccessToken();
        String refreshToken = exec2.getRefreshToken();
        CheckSessionClient checkSessionClient = new CheckSessionClient(str3);
        CheckSessionResponse execCheckSession = checkSessionClient.execCheckSession(idToken);
        showClient(checkSessionClient);
        Assert.assertEquals(execCheckSession.getStatus(), 200, "Unexpected response code: " + execCheckSession.getStatus());
        Assert.assertNotNull(execCheckSession.getEntity());
        Assert.assertTrue(execCheckSession.isValid());
        Assert.assertNotNull(execCheckSession.getExpiresIn());
        Assert.assertTrue(execCheckSession.getExpiresIn().intValue() > 0);
        Assert.assertNotNull(execCheckSession.getIssuer());
        Assert.assertNotNull(execCheckSession.getSubject());
        Assert.assertNotNull(execCheckSession.getAudience());
        Assert.assertNotNull(execCheckSession.getExpiration());
        Assert.assertNull(execCheckSession.getAuthenticationContextClassReference());
        Assert.assertNotNull(execCheckSession.getAuthenticationTime());
        Assert.assertNotNull(execCheckSession.getOxInum());
        Assert.assertNotNull(execCheckSession.getOxValidationUri());
        Assert.assertNotNull(execCheckSession.getOxOpenIdConnectVersion());
        Jwt parse = Jwt.parse(idToken);
        Assert.assertNotNull(parse.getHeader().getClaimAsString("typ"));
        Assert.assertNotNull(parse.getHeader().getClaimAsString("alg"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("iss"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("aud"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("exp"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("iat"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("sub"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("c_hash"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("auth_time"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("oxInum"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("oxValidationURI"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("oxOpenIDConnectVersion"));
        Assert.assertTrue(new RSASigner(SignatureAlgorithm.RS256, JwkClient.getRSAPublicKey(parse.getHeader().getClaimAsString("jku"), parse.getHeader().getClaimAsString("kid"))).validate(parse));
        TokenClient tokenClient2 = new TokenClient(str2);
        TokenResponse execRefreshToken = tokenClient2.execRefreshToken(scope, refreshToken, str6, str7);
        showClient(tokenClient2);
        Assert.assertEquals(execRefreshToken.getStatus(), 200, "Unexpected response code: " + execRefreshToken.getStatus());
        Assert.assertNotNull(execRefreshToken.getEntity(), "The entity is null");
        Assert.assertNotNull(execRefreshToken.getAccessToken(), "The access token is null");
        Assert.assertNotNull(execRefreshToken.getTokenType(), "The token type is null");
        Assert.assertNotNull(execRefreshToken.getRefreshToken(), "The refresh token is null");
        Assert.assertNotNull(execRefreshToken.getScope(), "The scope is null");
    }

    @Parameters({"authorizeUrl", "tokenUrl", "checkSessionUrl", "userInfoUrl", "userId", "userSecret", "clientId", "clientSecret", "redirectUri"})
    @Test
    public void revokeTokens(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9) throws Exception {
        showTitle("revokeTokens");
        ArrayList arrayList = new ArrayList();
        arrayList.add(ResponseType.CODE);
        arrayList.add(ResponseType.ID_TOKEN);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("openid");
        arrayList2.add("profile");
        arrayList2.add("address");
        arrayList2.add("email");
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(arrayList, str7, arrayList2, str9, (String) null);
        authorizationRequest.setState("af0ifjsldkj");
        authorizationRequest.setAuthUsername(str5);
        authorizationRequest.setAuthPassword(str6);
        authorizationRequest.getPrompts().add(Prompt.NONE);
        AuthorizeClient authorizeClient = new AuthorizeClient(str);
        authorizeClient.setRequest(authorizationRequest);
        AuthorizationResponse exec = authorizeClient.exec();
        showClient(authorizeClient);
        Assert.assertEquals(exec.getStatus(), 302, "Unexpected response code: " + exec.getStatus());
        Assert.assertNotNull(exec.getLocation(), "The location is null");
        Assert.assertNotNull(exec.getCode(), "The authorization code is null");
        Assert.assertNotNull(exec.getState(), "The state is null");
        Assert.assertNotNull(exec.getScope(), "The scope is null");
        Assert.assertNotNull(exec.getIdToken(), "The id token is null");
        String scope = exec.getScope();
        String code = exec.getCode();
        String idToken = exec.getIdToken();
        Jwt parse = Jwt.parse(idToken);
        Assert.assertNotNull(parse.getHeader().getClaimAsString("typ"));
        Assert.assertNotNull(parse.getHeader().getClaimAsString("alg"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("iss"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("aud"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("exp"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("iat"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("sub"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("c_hash"));
        Assert.assertNotNull(parse.getClaims().getClaimAsString("auth_time"));
        Assert.assertTrue(new RSASigner(SignatureAlgorithm.RS256, JwkClient.getRSAPublicKey(parse.getHeader().getClaimAsString("jku"), parse.getHeader().getClaimAsString("kid"))).validate(parse));
        TokenClient tokenClient = new TokenClient(str2);
        TokenResponse execAuthorizationCode = tokenClient.execAuthorizationCode(code, str9, str7, str8);
        showClient(tokenClient);
        Assert.assertEquals(execAuthorizationCode.getStatus(), 200, "Unexpected response code: " + execAuthorizationCode.getStatus());
        Assert.assertNotNull(execAuthorizationCode.getEntity(), "The entity is null");
        Assert.assertNotNull(execAuthorizationCode.getAccessToken(), "The access token is null");
        Assert.assertNotNull(execAuthorizationCode.getTokenType(), "The token type is null");
        Assert.assertNotNull(execAuthorizationCode.getRefreshToken(), "The refresh token is null");
        String accessToken = execAuthorizationCode.getAccessToken();
        String refreshToken = execAuthorizationCode.getRefreshToken();
        CheckSessionClient checkSessionClient = new CheckSessionClient(str3);
        CheckSessionResponse execCheckSession = checkSessionClient.execCheckSession(idToken);
        showClient(checkSessionClient);
        Assert.assertEquals(execCheckSession.getStatus(), 200, "Unexpected response code: " + execCheckSession.getStatus());
        Assert.assertNotNull(execCheckSession.getEntity());
        Assert.assertTrue(execCheckSession.isValid());
        Assert.assertNotNull(execCheckSession.getExpiresIn());
        Assert.assertTrue(execCheckSession.getExpiresIn().intValue() > 0);
        Assert.assertNotNull(execCheckSession.getIssuer());
        Assert.assertNotNull(execCheckSession.getSubject());
        Assert.assertNotNull(execCheckSession.getAudience());
        Assert.assertNotNull(execCheckSession.getExpiration());
        Assert.assertNull(execCheckSession.getAuthenticationContextClassReference());
        Assert.assertNotNull(execCheckSession.getAuthenticationTime());
        Assert.assertNotNull(execCheckSession.getOxInum());
        Assert.assertNotNull(execCheckSession.getOxValidationUri());
        Assert.assertNotNull(execCheckSession.getOxOpenIdConnectVersion());
        TokenClient tokenClient2 = new TokenClient(str2);
        TokenResponse execAuthorizationCode2 = tokenClient2.execAuthorizationCode(code, str9, str7, str8);
        showClient(tokenClient2);
        Assert.assertEquals(execAuthorizationCode2.getStatus(), 400, "Unexpected response code: " + execAuthorizationCode2.getStatus());
        Assert.assertNotNull(execAuthorizationCode2.getEntity(), "The entity is null");
        Assert.assertNotNull(execAuthorizationCode2.getErrorType(), "The error type is null");
        Assert.assertNotNull(execAuthorizationCode2.getErrorDescription(), "The error description is null");
        TokenClient tokenClient3 = new TokenClient(str2);
        TokenResponse execRefreshToken = tokenClient3.execRefreshToken(scope, refreshToken, str7, str8);
        showClient(tokenClient3);
        Assert.assertEquals(execRefreshToken.getStatus(), 401, "Unexpected response code: " + execRefreshToken.getStatus());
        Assert.assertNotNull(execRefreshToken.getEntity(), "The entity is null");
        Assert.assertNotNull(execRefreshToken.getErrorType(), "The error type is null");
        Assert.assertNotNull(execRefreshToken.getErrorDescription(), "The error description is null");
        CheckSessionClient checkSessionClient2 = new CheckSessionClient(str3);
        CheckSessionResponse execCheckSession2 = checkSessionClient2.execCheckSession(idToken);
        showClient(checkSessionClient2);
        Assert.assertEquals(execCheckSession2.getStatus(), 401, "Unexpected response code: " + execCheckSession2.getStatus());
        Assert.assertNotNull(execCheckSession2.getErrorType(), "Unexpected result: errorType not found");
        Assert.assertNotNull(execCheckSession2.getErrorDescription(), "Unexpected result: errorDescription not found");
        UserInfoClient userInfoClient = new UserInfoClient(str4);
        UserInfoResponse execUserInfo = userInfoClient.execUserInfo(accessToken, Schema.OPEN_ID);
        showClient(userInfoClient);
        Assert.assertEquals(execUserInfo.getStatus(), 400, "Unexpected response code: " + execUserInfo.getStatus());
        Assert.assertNotNull(execUserInfo.getErrorType(), "Unexpected result: errorType not found");
        Assert.assertNotNull(execUserInfo.getErrorDescription(), "Unexpected result: errorDescription not found");
    }
}
