package org.xdi.oxauth.ws.rs;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;
import org.xdi.oxauth.BaseTest;
import org.xdi.oxauth.client.AuthorizationRequest;
import org.xdi.oxauth.client.ClientInfoRequest;
import org.xdi.oxauth.client.QueryStringDecoder;
import org.xdi.oxauth.client.RegisterRequest;
import org.xdi.oxauth.client.RegisterResponse;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.model.common.AuthorizationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.common.Prompt;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.register.ApplicationType;
import org.xdi.oxauth.model.util.StringUtils;

/* loaded from: input_file:org/xdi/oxauth/ws/rs/ClientInfoRestWebServiceEmbeddedTest.class */
public class ClientInfoRestWebServiceEmbeddedTest extends BaseTest {

    @ArquillianResource
    private URI url;
    private static String clientId;
    private static String clientSecret;
    private static String accessToken1;
    private static String accessToken2;
    private static String accessToken3;

    @Parameters({"registerPath", "redirectUris"})
    @Test
    public void dynamicClientRegistration(String str, String str2) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        String str3 = null;
        try {
            List asList = Arrays.asList(ResponseType.TOKEN);
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "oxAuth test app", StringUtils.spaceSeparatedToList(str2));
            registerRequest.setResponseTypes(asList);
            registerRequest.addCustomAttribute("oxAuthTrustedClient", "true");
            registerRequest.setGrantTypes(Arrays.asList(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS));
            str3 = registerRequest.getJSONParameters().toString(4);
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage());
        }
        Response post = request.post(Entity.json(str3));
        String str4 = (String) post.readEntity(String.class);
        showResponse("dynamicClientRegistration", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code. " + str4);
        Assert.assertNotNull(str4, "Unexpected result: " + str4);
        try {
            RegisterResponse valueOf = RegisterResponse.valueOf(str4);
            ClientTestUtil.assert_(valueOf);
            clientId = valueOf.getClientId();
            clientSecret = valueOf.getClientSecret();
        } catch (Exception e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"authorizePath", "userId", "userSecret", "redirectUri"})
    @Test(dependsOnMethods = {"dynamicClientRegistration"})
    public void requestClientInfoStep1ImplicitFlow(String str, String str2, String str3, String str4) throws Exception {
        String uuid = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(Arrays.asList(ResponseType.TOKEN), clientId, Arrays.asList("clientinfo"), str4, UUID.randomUUID().toString());
        authorizationRequest.setState(uuid);
        authorizationRequest.getPrompts().add(Prompt.NONE);
        authorizationRequest.setAuthUsername(str2);
        authorizationRequest.setAuthPassword(str3);
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + authorizationRequest.getQueryString()).request();
        request.header("Authorization", "Basic " + authorizationRequest.getEncodedCredentials());
        request.header("Accept", "text/plain");
        Response response = request.get();
        showResponse("requestClientInfo step 1 Implicit Flow", response, (String) response.readEntity(String.class));
        Assert.assertEquals(response.getStatus(), 302, "Unexpected response code.");
        Assert.assertNotNull(response.getLocation(), "Unexpected result: " + response.getLocation());
        if (response.getLocation() != null) {
            try {
                URI uri = new URI(response.getLocation().toString());
                Assert.assertNotNull(uri.getFragment(), "Fragment is null");
                Map decode = QueryStringDecoder.decode(uri.getFragment());
                Assert.assertNotNull(decode.get("access_token"), "The access token is null");
                Assert.assertNotNull(decode.get("state"), "The state is null");
                Assert.assertNotNull(decode.get("token_type"), "The token type is null");
                Assert.assertNotNull(decode.get("expires_in"), "The expires in value is null");
                Assert.assertNotNull(decode.get("scope"), "The scope must be null");
                Assert.assertNull(decode.get("refresh_token"), "The refresh_token must be null");
                Assert.assertEquals((String) decode.get("state"), uuid);
                accessToken1 = (String) decode.get("access_token");
            } catch (URISyntaxException e) {
                e.printStackTrace();
                Assert.fail("Response URI is not well formed");
            } catch (Exception e2) {
                e2.printStackTrace();
                Assert.fail("Unexpected error");
            }
        }
    }

    @Parameters({"clientInfoPath"})
    @Test(dependsOnMethods = {"requestClientInfoStep1ImplicitFlow"})
    public void requestClientInfoStep2PostImplicitFlow(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Authorization", "Bearer " + accessToken1);
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(new ClientInfoRequest((String) null).getParameters())));
        String str2 = (String) post.readEntity(String.class);
        showResponse("requestClientInfo step 2 POST Implicit Flow", post, str2);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store, private"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("displayName"), "Unexpected result: displayName not found");
            Assert.assertTrue(jSONObject.has("inum"), "Unexpected result: inum not found");
            Assert.assertTrue(jSONObject.has("oxAuthAppType"), "Unexpected result: oxAuthAppType not found");
            Assert.assertTrue(jSONObject.has("oxAuthIdTokenSignedResponseAlg"), "Unexpected result: oxAuthIdTokenSignedResponseAlg not found");
            Assert.assertTrue(jSONObject.has("oxAuthRedirectURI"), "Unexpected result: oxAuthRedirectURI not found");
            Assert.assertTrue(jSONObject.has("oxAuthScope"), "Unexpected result: oxAuthScope not found");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        } catch (Exception e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage());
        }
    }

    @Parameters({"clientInfoPath"})
    @Test(dependsOnMethods = {"requestClientInfoStep1ImplicitFlow"})
    public void requestClientInfoStep2GetImplicitFlow(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str + "?" + new ClientInfoRequest((String) null).getQueryString()).request();
        request.header("Authorization", "Bearer " + accessToken1);
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response response = request.get();
        String str2 = (String) response.readEntity(String.class);
        showResponse("requestClientInfo step 2 GET Implicit Flow", response, str2);
        Assert.assertEquals(response.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(response.getHeaderString("Cache-Control") != null && response.getHeaderString("Cache-Control").equals("no-store, private"), "Unexpected result: " + response.getHeaderString("Cache-Control"));
        Assert.assertTrue(response.getHeaderString("Pragma") != null && response.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + response.getHeaderString("Pragma"));
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("displayName"), "Unexpected result: displayName not found");
            Assert.assertTrue(jSONObject.has("inum"), "Unexpected result: inum not found");
            Assert.assertTrue(jSONObject.has("oxAuthAppType"), "Unexpected result: oxAuthAppType not found");
            Assert.assertTrue(jSONObject.has("oxAuthIdTokenSignedResponseAlg"), "Unexpected result: oxAuthIdTokenSignedResponseAlg not found");
            Assert.assertTrue(jSONObject.has("oxAuthRedirectURI"), "Unexpected result: oxAuthRedirectURI not found");
            Assert.assertTrue(jSONObject.has("oxAuthScope"), "Unexpected result: oxAuthScope not found");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        } catch (Exception e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage());
        }
    }

    @Parameters({"tokenPath", "userId", "userSecret"})
    @Test(dependsOnMethods = {"dynamicClientRegistration"})
    public void requestClientInfoStep1PasswordFlow(String str, String str2, String str3) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        TokenRequest tokenRequest = new TokenRequest(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        tokenRequest.setUsername(str2);
        tokenRequest.setPassword(str3);
        tokenRequest.setScope("clientinfo");
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        request.header("Authorization", "Basic " + tokenRequest.getEncodedCredentials());
        Response post = request.post(Entity.form(new MultivaluedHashMap(tokenRequest.getParameters())));
        String str4 = (String) post.readEntity(String.class);
        showResponse("requestClientInfoStep1PasswordFlow", post, str4);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertTrue(!str4.equals(null), "Unexpected result: " + str4);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            Assert.assertTrue(jSONObject.has("access_token"), "Unexpected result: access_token not found");
            Assert.assertTrue(jSONObject.has("token_type"), "Unexpected result: token_type not found");
            Assert.assertTrue(jSONObject.has("refresh_token"), "Unexpected result: refresh_token not found");
            Assert.assertTrue(jSONObject.has("scope"), "Unexpected result: scope not found");
            accessToken3 = jSONObject.getString("access_token");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str4);
        }
    }

    @Parameters({"clientInfoPath"})
    @Test(dependsOnMethods = {"requestClientInfoStep1PasswordFlow"})
    public void requestClientInfoStep2PasswordFlow(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Authorization", "Bearer " + accessToken3);
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(new ClientInfoRequest((String) null).getParameters())));
        String str2 = (String) post.readEntity(String.class);
        showResponse("requestUserInfoStep2PasswordFlow", post, str2);
        Assert.assertEquals(post.getStatus(), 200, "Unexpected response code.");
        Assert.assertTrue(post.getHeaderString("Cache-Control") != null && post.getHeaderString("Cache-Control").equals("no-store, private"), "Unexpected result: " + post.getHeaderString("Cache-Control"));
        Assert.assertTrue(post.getHeaderString("Pragma") != null && post.getHeaderString("Pragma").equals("no-cache"), "Unexpected result: " + post.getHeaderString("Pragma"));
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("displayName"), "Unexpected result: displayName not found");
            Assert.assertTrue(jSONObject.has("inum"), "Unexpected result: inum not found");
            Assert.assertTrue(jSONObject.has("oxAuthAppType"), "Unexpected result: oxAuthAppType not found");
            Assert.assertTrue(jSONObject.has("oxAuthIdTokenSignedResponseAlg"), "Unexpected result: oxAuthIdTokenSignedResponseAlg not found");
            Assert.assertTrue(jSONObject.has("oxAuthRedirectURI"), "Unexpected result: oxAuthRedirectURI not found");
            Assert.assertTrue(jSONObject.has("oxAuthScope"), "Unexpected result: oxAuthScope not found");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        } catch (Exception e2) {
            e2.printStackTrace();
            Assert.fail(e2.getMessage());
        }
    }

    @Parameters({"clientInfoPath"})
    @Test
    public void requestClientInfoInvalidRequest(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Content-Type", "application/x-www-form-urlencoded");
        Response post = request.post(Entity.form(new MultivaluedHashMap(new ClientInfoRequest((String) null).getParameters())));
        String str2 = (String) post.readEntity(String.class);
        showResponse("requestClientInfoInvalidRequest", post, str2);
        Assert.assertEquals(post.getStatus(), 400, "Unexpected response code.");
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("error"), "The error type is null");
            Assert.assertTrue(jSONObject.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        }
    }

    @Parameters({"clientInfoPath"})
    @Test
    public void requestClientInfoInvalidToken(String str) throws Exception {
        Invocation.Builder request = ResteasyClientBuilder.newClient().target(this.url.toString() + str).request();
        request.header("Content-Type", "application/x-www-form-urlencoded");
        ClientInfoRequest clientInfoRequest = new ClientInfoRequest("INVALID-TOKEN");
        clientInfoRequest.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);
        Response post = request.post(Entity.form(new MultivaluedHashMap(clientInfoRequest.getParameters())));
        String str2 = (String) post.readEntity(String.class);
        showResponse("requestClientInfoInvalidToken", post, str2);
        Assert.assertEquals(post.getStatus(), 400, "Unexpected response code.");
        Assert.assertNotNull(str2, "Unexpected result: " + str2);
        try {
            JSONObject jSONObject = new JSONObject(str2);
            Assert.assertTrue(jSONObject.has("error"), "The error type is null");
            Assert.assertTrue(jSONObject.has("error_description"), "The error description is null");
        } catch (JSONException e) {
            e.printStackTrace();
            Assert.fail(e.getMessage() + "\nResponse was: " + str2);
        }
    }
}
