package org.xdi.oxauth.ws.rs;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;
import org.xdi.oxauth.BaseTest;
import org.xdi.oxauth.client.AuthorizationRequest;
import org.xdi.oxauth.client.QueryStringDecoder;
import org.xdi.oxauth.client.RegisterRequest;
import org.xdi.oxauth.client.model.authorize.Claim;
import org.xdi.oxauth.client.model.authorize.ClaimValue;
import org.xdi.oxauth.client.model.authorize.JwtAuthorizationRequest;
import org.xdi.oxauth.model.common.Prompt;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.crypto.OxAuthCryptoProvider;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.register.ApplicationType;
import org.xdi.oxauth.model.register.RegisterRequestParam;
import org.xdi.oxauth.model.register.RegisterResponseParam;
import org.xdi.oxauth.model.util.StringUtils;

/* loaded from: input_file:org/xdi/oxauth/ws/rs/RequestObjectSigningAlgRestrictionEmbeddedTest.class */
public class RequestObjectSigningAlgRestrictionEmbeddedTest extends BaseTest {

    @ArquillianResource
    private URI url;
    private static String clientId1;
    private static String clientSecret1;
    private static String registrationAccessToken1;
    private static String registrationClientUri1;
    private static String clientId2;
    private static String clientSecret2;
    private static String registrationAccessToken2;
    private static String registrationClientUri2;
    private static String clientId3;
    private static String clientSecret3;
    private static String registrationAccessToken3;
    private static String clientId4;
    private static String clientSecret4;
    private static String registrationAccessToken4;
    private static String clientId5;
    private static String clientSecret5;
    private static String registrationAccessToken5;
    private static String clientId6;
    private static String clientSecret6;
    private static String registrationAccessToken6;
    private static String clientId7;
    private static String clientSecret7;
    private static String registrationAccessToken7;
    private static String clientId8;
    private static String clientSecret8;
    private static String registrationAccessToken8;
    private static String clientId9;
    private static String clientSecret9;
    private static String registrationAccessToken9;
    private static String clientId10;
    private static String clientSecret10;
    private static String registrationAccessToken10;
    private static String clientId11;
    private static String clientSecret11;
    private static String registrationAccessToken11;

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void omittedRequestObjectSigningAlgStep1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setJwksUri(str3);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("omittedRequestObjectSigningAlgStep1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId1 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret1 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken1 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
            registrationClientUri1 = jSONObject.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"registerPath"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep1"})
    public void omittedRequestObjectSigningAlgStep2(String str) throws Exception {
        new RegisterRequest((String) null);
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + registrationClientUri1.substring(registrationClientUri1.indexOf("?") + 1)).request();
        request.header("Authorization", "Bearer " + registrationAccessToken1);
        Response response = request.get();
        String str2 = (String) response.readEntity(String.class);
        showResponse("omittedRequestObjectSigningAlgStep2", response, str2);
        Assert.assertEquals(response.getStatus(), 200, "Unexpected response code. " + str2);
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            Assert.assertFalse(jSONObject.has(RegisterRequestParam.REQUEST_OBJECT_SIGNING_ALG.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.APPLICATION_TYPE.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.RESPONSE_TYPES.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.REDIRECT_URIS.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.APPLICATION_TYPE.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.CLIENT_NAME.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
            Assert.assertTrue(jSONObject.has("scopes"));
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3NONE(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder builder = null;
        try {
            List asList = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
            List asList2 = Arrays.asList("openid", "profile", "address", "email");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.NONE, new OxAuthCryptoProvider());
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3NONE", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("id_token"), "The idToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3HS256(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder builder = null;
        try {
            List asList = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
            List asList2 = Arrays.asList("openid", "profile", "address", "email");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS256, clientSecret1, new OxAuthCryptoProvider());
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3HS256", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("id_token"), "The idToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3HS384(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder builder = null;
        try {
            List asList = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
            List asList2 = Arrays.asList("openid", "profile", "address", "email");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS384, clientSecret1, new OxAuthCryptoProvider());
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3HS384", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("id_token"), "The idToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3HS512(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder builder = null;
        try {
            List asList = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
            List asList2 = Arrays.asList("openid", "profile", "address", "email");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.HS512, clientSecret1, new OxAuthCryptoProvider());
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3HS512", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("id_token"), "The idToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3RS256(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        Invocation.Builder builder = null;
        try {
            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str7, str8, str6);
            List asList = Arrays.asList(ResponseType.TOKEN);
            List asList2 = Arrays.asList("openid");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.RS256, oxAuthCryptoProvider);
            jwtAuthorizationRequest.setKeyId(str5);
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3RS256", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri", "RS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3RS384(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        Invocation.Builder builder = null;
        try {
            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str7, str8, str6);
            List asList = Arrays.asList(ResponseType.TOKEN);
            List asList2 = Arrays.asList("openid");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.RS384, oxAuthCryptoProvider);
            jwtAuthorizationRequest.setKeyId(str5);
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3RS384", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri", "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3RS512(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        Invocation.Builder builder = null;
        try {
            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str7, str8, str6);
            List asList = Arrays.asList(ResponseType.TOKEN);
            List asList2 = Arrays.asList("openid");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.RS512, oxAuthCryptoProvider);
            jwtAuthorizationRequest.setKeyId(str5);
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3RS512", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri", "ES256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3ES256(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        Invocation.Builder builder = null;
        try {
            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str7, str8, str6);
            List asList = Arrays.asList(ResponseType.TOKEN);
            List asList2 = Arrays.asList("openid");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES256, oxAuthCryptoProvider);
            jwtAuthorizationRequest.setKeyId(str5);
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3ES256", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3ES384(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        Invocation.Builder builder = null;
        try {
            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str7, str8, str6);
            List asList = Arrays.asList(ResponseType.TOKEN);
            List asList2 = Arrays.asList("openid");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES384, oxAuthCryptoProvider);
            jwtAuthorizationRequest.setKeyId(str5);
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3ES384", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test(dependsOnMethods = {"omittedRequestObjectSigningAlgStep2"})
    public void omittedRequestObjectSigningAlgStep3ES512(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws Exception {
        Invocation.Builder builder = null;
        try {
            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(str7, str8, str6);
            List asList = Arrays.asList(ResponseType.TOKEN);
            List asList2 = Arrays.asList("openid");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId1, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.ES512, oxAuthCryptoProvider);
            jwtAuthorizationRequest.setKeyId(str5);
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("omittedRequestObjectSigningAlgStep3ES512", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestObjectSigningAlgNoneStep1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.NONE);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgNoneStep1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId2 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret2 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken2 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
            registrationClientUri2 = jSONObject.getString(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"registerPath"})
    @Test(dependsOnMethods = {"requestObjectSigningAlgNoneStep1"})
    public void requestObjectSigningAlgNoneStep2(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + registrationClientUri2.substring(registrationClientUri2.indexOf("?") + 1)).request();
        request.header("Authorization", "Bearer " + registrationAccessToken2);
        Response response = request.get();
        String str2 = (String) response.readEntity(String.class);
        showResponse("requestObjectSigningAlgNoneStep2", response, str2);
        Assert.assertEquals(response.getStatus(), 200, "Unexpected response code. " + str2);
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.REQUEST_OBJECT_SIGNING_ALG.toString()));
            Assert.assertEquals(SignatureAlgorithm.fromString(jSONObject.getString(RegisterRequestParam.REQUEST_OBJECT_SIGNING_ALG.toString())), SignatureAlgorithm.NONE);
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.APPLICATION_TYPE.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.RESPONSE_TYPES.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.REDIRECT_URIS.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.APPLICATION_TYPE.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.CLIENT_NAME.toString()));
            Assert.assertTrue(jSONObject.has(RegisterRequestParam.ID_TOKEN_SIGNED_RESPONSE_ALG.toString()));
            Assert.assertTrue(jSONObject.has("scopes"));
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri"})
    @Test(dependsOnMethods = {"requestObjectSigningAlgNoneStep2"})
    public void requestObjectSigningAlgNoneStep3(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder builder = null;
        try {
            List asList = Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN);
            List asList2 = Arrays.asList("openid", "profile", "address", "email");
            String uuid = UUID.randomUUID().toString();
            String uuid2 = UUID.randomUUID().toString();
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, clientId2, asList2, str4, uuid);
            authorizationRequest.setState(uuid2);
            authorizationRequest.getPrompts().add(Prompt.NONE);
            authorizationRequest.setAuthUsername(str2);
            authorizationRequest.setAuthPassword(str3);
            JwtAuthorizationRequest jwtAuthorizationRequest = new JwtAuthorizationRequest(authorizationRequest, SignatureAlgorithm.NONE, new OxAuthCryptoProvider());
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("name", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("nickname", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("email_verified", ClaimValue.createNull()));
            jwtAuthorizationRequest.addUserInfoClaim(new Claim("picture", ClaimValue.createEssential(false)));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("auth_time", ClaimValue.createNull()));
            jwtAuthorizationRequest.addIdTokenClaim(new Claim("acr", ClaimValue.createValueList(new String[]{"2"})));
            String encodedJwt = jwtAuthorizationRequest.getEncodedJwt();
            authorizationRequest.setRequest(encodedJwt);
            System.out.println("Request JWT: " + encodedJwt);
            builder = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
            builder.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
            builder.header("Accept", "text/plain");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
        Response response = builder.get();
        showResponse("requestObjectSigningAlgNoneStep3", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        try {
            URI uri = new URI(response.getLocation().toString());
            Assert.assertNotNull(uri.getFragment(), "Query string is null");
            Map decode = QueryStringDecoder.decode(uri.getFragment());
            Assert.assertNotNull(decode.get("access_token"), "The accessToken is null");
            Assert.assertNotNull(decode.get("id_token"), "The idToken is null");
            Assert.assertNotNull(decode.get("scope"), "The scope is null");
            Assert.assertNotNull(decode.get("state"), "The state is null");
        } catch (URISyntaxException e2) {
            e2.printStackTrace();
            Assert.fail("Response URI is not well formed");
        }
    }

    @Parameters({"registerPath", "redirectUris"})
    @Test
    public void requestObjectSigningAlgHS256Step1(String str, String str2) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str3 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.HS256);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str3 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str3));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgHS256Step1", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId3 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret3 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken3 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"registerPath", "redirectUris"})
    @Test
    public void requestObjectSigningAlgHS384Step1(String str, String str2) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str3 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.HS384);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str3 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str3));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgHS384Step1", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId4 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret4 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken4 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"registerPath", "redirectUris"})
    @Test
    public void requestObjectSigningAlgHS512Step1(String str, String str2) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str3 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.HS512);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str3 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str3));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgHS512Step1", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId5 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret5 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken5 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestObjectSigningAlgRS256Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setJwksUri(str3);
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS256);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgRS256Step1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId6 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret6 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken6 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestObjectSigningAlgRS384Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setJwksUri(str3);
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS384);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgRS384Step1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId7 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret7 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken7 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestObjectSigningAlgRS512Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setJwksUri(str3);
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.RS512);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgRS512Step1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId8 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret8 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken8 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestObjectSigningAlgES256Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setJwksUri(str3);
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES256);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgES256Step1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId9 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret9 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken9 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestObjectSigningAlgES384Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str4 = null;
        try {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setJwksUri(str3);
            registerRequest.setRequestObjectSigningAlg(SignatureAlgorithm.ES384);
            registerRequest.setResponseTypes(Arrays.asList(ResponseType.TOKEN, ResponseType.ID_TOKEN));
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            str4 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str4));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestObjectSigningAlgES256Step1", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str5);
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId10 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret10 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
            registrationAccessToken10 = jSONObject.getString(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString());
        } catch (JSONException e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str5);
        }
    }
}
