package org.xdi.oxauth.ws.rs;

import java.net.URI;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;
import org.xdi.oxauth.BaseTest;
import org.xdi.oxauth.client.RegisterRequest;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.crypto.OxAuthCryptoProvider;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.register.ApplicationType;
import org.xdi.oxauth.model.register.RegisterResponseParam;
import org.xdi.oxauth.model.util.StringUtils;

/* loaded from: input_file:org/xdi/oxauth/ws/rs/TokenRestWebServiceWithHSAlgEmbeddedTest.class */
public class TokenRestWebServiceWithHSAlgEmbeddedTest extends BaseTest {

    @ArquillianResource
    private URI url;
    private static String clientId1;
    private static String clientSecret1;
    private static String clientId2;
    private static String clientSecret2;
    private static String clientId3;
    private static String clientSecret3;

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestAccessTokenWithClientSecretJwtHS256Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
        registerRequest.setJwksUri(str3);
        registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        Response post = request.post(Entity.json(registerRequest.getJSONParameters().toString(4)));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwtHS256Step1", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId1 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret1 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"tokenPath", "userId", "userSecret", "audience"})
    @Test(dependsOnMethods = {"requestAccessTokenWithClientSecretJwtHS256Step1"})
    public void requestAccessTokenWithClientSecretJwtHS256Step2(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Content-Type", "application/x-www-form-urlencoded");
        OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider();
        TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        tokenRequest.setUsername(str2);
        tokenRequest.setPassword(str3);
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthUsername(clientId1);
        tokenRequest.setAuthPassword(clientSecret1);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        tokenRequest.setCryptoProvider(oxAuthCryptoProvider);
        tokenRequest.setAudience(str4);
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwtHS256Step2", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has("access_token"), "Unexpected result: access_token not found");
            Assert.assertTrue(jSONObject.has("token_type"), "Unexpected result: token_type not found");
            Assert.assertTrue(jSONObject.has("refresh_token"), "Unexpected result: refresh_token not found");
            Assert.assertTrue(jSONObject.has("scope"), "Unexpected result: scope not found");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestAccessTokenWithClientSecretJwtHS384Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
        registerRequest.setJwksUri(str3);
        registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        Response post = request.post(Entity.json(registerRequest.getJSONParameters().toString(4)));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwtHS384Step1", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId2 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret2 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"tokenPath", "userId", "userSecret", "audience"})
    @Test(dependsOnMethods = {"requestAccessTokenWithClientSecretJwtHS384Step1"})
    public void requestAccessTokenWithClientSecretJwtHS384Step2(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Content-Type", "application/x-www-form-urlencoded");
        OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider();
        TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        tokenRequest.setUsername(str2);
        tokenRequest.setPassword(str3);
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthUsername(clientId2);
        tokenRequest.setAuthPassword(clientSecret2);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        tokenRequest.setCryptoProvider(oxAuthCryptoProvider);
        tokenRequest.setAlgorithm(SignatureAlgorithm.HS384);
        tokenRequest.setAudience(str4);
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwtHS384Step2", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has("access_token"), "Unexpected result: access_token not found");
            Assert.assertTrue(jSONObject.has("token_type"), "Unexpected result: token_type not found");
            Assert.assertTrue(jSONObject.has("refresh_token"), "Unexpected result: refresh_token not found");
            Assert.assertTrue(jSONObject.has("scope"), "Unexpected result: scope not found");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
    }

    @Parameters({"registerPath", "redirectUris", "clientJwksUri"})
    @Test
    public void requestAccessTokenWithClientSecretJwtHS512Step1(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
        registerRequest.setJwksUri(str3);
        registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
        Response post = request.post(Entity.json(registerRequest.getJSONParameters().toString(4)));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwtHS512Step1", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.REGISTRATION_CLIENT_URI.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_ID_ISSUED_AT.toString()));
            Assert.assertTrue(jSONObject.has(RegisterResponseParam.CLIENT_SECRET_EXPIRES_AT.toString()));
            clientId3 = jSONObject.getString(RegisterResponseParam.CLIENT_ID.toString());
            clientSecret3 = jSONObject.getString(RegisterResponseParam.CLIENT_SECRET.toString());
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"tokenPath", "userId", "userSecret", "audience"})
    @Test(dependsOnMethods = {"requestAccessTokenWithClientSecretJwtHS512Step1"})
    public void requestAccessTokenWithClientSecretJwtHS512Step2(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Content-Type", "application/x-www-form-urlencoded");
        OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider();
        TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        tokenRequest.setUsername(str2);
        tokenRequest.setPassword(str3);
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthUsername(clientId3);
        tokenRequest.setAuthPassword(clientSecret3);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        tokenRequest.setCryptoProvider(oxAuthCryptoProvider);
        tokenRequest.setAlgorithm(SignatureAlgorithm.HS512);
        tokenRequest.setAudience(str4);
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwtHS512Step2", post, str5);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has("access_token"), "Unexpected result: access_token not found");
            Assert.assertTrue(jSONObject.has("token_type"), "Unexpected result: token_type not found");
            Assert.assertTrue(jSONObject.has("refresh_token"), "Unexpected result: refresh_token not found");
            Assert.assertTrue(jSONObject.has("scope"), "Unexpected result: scope not found");
        } catch (Exception e) {
            Assert.fail(e.getMessage(), e);
        }
    }
}
