package org.xdi.oxauth.ws.rs;

import java.net.URI;
import java.util.Arrays;
import java.util.List;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;
import org.xdi.oxauth.BaseTest;
import org.xdi.oxauth.client.RegisterRequest;
import org.xdi.oxauth.client.RegisterResponse;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.register.ApplicationType;
import org.xdi.oxauth.model.util.StringUtils;

/* loaded from: input_file:org/xdi/oxauth/ws/rs/TokenRestWebServiceEmbeddedTest.class */
public class TokenRestWebServiceEmbeddedTest extends BaseTest {

    @ArquillianResource
    private URI url;
    private static String clientId;
    private static String clientSecret;

    @Parameters({"registerPath", "redirectUris"})
    @Test
    public void dynamicClientRegistration(String str, String str2) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str3 = null;
        try {
            List asList = Arrays.asList(ResponseType.CODE, ResponseType.TOKEN, ResponseType.ID_TOKEN);
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setResponseTypes(asList);
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            registerRequest.setGrantTypes(Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS, GrantType.CLIENT_CREDENTIALS));
            str3 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str3));
        String str4 = (String) post.readEntity(String.class);
        showResponse("dynamicClientRegistration", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            RegisterResponse valueOf = RegisterResponse.valueOf(str4);
            ClientTestUtil.assert_(valueOf);
            clientId = valueOf.getClientId();
            clientSecret = valueOf.getClientSecret();
        } catch (Exception e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"tokenPath", "redirectUri"})
    @Test(dependsOnMethods = {"dynamicClientRegistration"})
    public void requestAccessToken(String str, String str2) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode("6f6f3f01-a034-4336-bf31-2e74868e5838");
        tokenRequest.setRedirectUri(str2);
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str3 = (String) post.readEntity(String.class);
        showResponse("requestAccessToken", post, str3);
        Assert.assertEquals(post.getStatus(), 400, "Unexpected response code.");
        Assert.assertNotNull(str3, "Unexpected result: " + str3);
        try {
            JSONObject jSONObject = new JSONObject(str3);
            Assert.assertTrue(jSONObject.has("error"), "The error type is null");
            Assert.assertTrue(jSONObject.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str3);
        }
    }

    @Parameters({"tokenPath", "userId", "userSecret"})
    @Test(dependsOnMethods = {"dynamicClientRegistration"})
    public void requestAccessTokenPassword(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        tokenRequest.setUsername(str2);
        tokenRequest.setPassword(str3);
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenPassword", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has("access_token"), "Unexpected result: access_token not found");
            Assert.assertTrue(jSONObject.has("token_type"), "Unexpected result: token_type not found");
            Assert.assertTrue(jSONObject.has("refresh_token"), "Unexpected result: refresh_token not found");
            Assert.assertTrue(jSONObject.has("scope"), "Unexpected result: scope not found");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"tokenPath", "userId", "userSecret", "audience"})
    @Test
    public void requestAccessTokenWithClientSecretJwtFail(String str, String str2, String str3, String str4) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Content-Type", "application/x-www-form-urlencoded");
        TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        tokenRequest.setUsername(str2);
        tokenRequest.setPassword(str3);
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthPassword("INVALID_SECRET");
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_JWT);
        tokenRequest.setAudience(str4);
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str5 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenWithClientSecretJwt Fail", post, str5);
        Assert.assertEquals(post.getStatus(), 401, "Unexpected response code.");
        Assert.assertNotNull(str5, "Unexpected result: " + str5);
        try {
            JSONObject jSONObject = new JSONObject(str5);
            Assert.assertTrue(jSONObject.has("error"), "The error type is null");
            Assert.assertTrue(jSONObject.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str5);
        }
    }

    @Parameters({"tokenPath"})
    @Test(dependsOnMethods = {"dynamicClientRegistration"})
    public void requestAccessTokenClientCredentials(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str2 = (String) post.readEntity(String.class);
        showResponse("requestAccessTokenClientCredentials", post, str2);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("access_token"), "Unexpected result: access_token not found");
            Assert.assertTrue(jSONObject.has("token_type"), "Unexpected result: token_type not found");
            Assert.assertTrue(jSONObject.has("scope"), "Unexpected result: scope not found");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        }
    }

    @Parameters({"tokenPath"})
    @Test(dependsOnMethods = {"dynamicClientRegistration"})
    public void refreshingAccessTokenFail(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        TokenRequest tokenRequest = new TokenRequest(GrantType.REFRESH_TOKEN);
        tokenRequest.setRefreshToken("tGzv3JOkF0XG5Qx2TlKWIA");
        tokenRequest.setScope("email read_stream manage_pages");
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str2 = (String) post.readEntity(String.class);
        showResponse("refreshingAccessTokenFail", post, str2);
        Assert.assertEquals(post.getStatus(), 401, "Unexpected response code.");
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("error"), "The error type is null");
            Assert.assertTrue(jSONObject.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        }
    }
}
