package org.xdi.oxd.server;

import com.google.common.collect.Lists;
import java.io.IOException;
import javax.ws.rs.BadRequestException;
import junit.framework.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;
import org.xdi.oxd.client.ClientInterface;
import org.xdi.oxd.common.CoreUtils;
import org.xdi.oxd.common.params.GetAccessTokenByRefreshTokenParams;
import org.xdi.oxd.common.params.GetAuthorizationCodeParams;
import org.xdi.oxd.common.params.GetTokensByCodeParams;
import org.xdi.oxd.common.response.GetClientTokenResponse;
import org.xdi.oxd.common.response.GetTokensByCodeResponse;
import org.xdi.oxd.common.response.RegisterSiteResponse;

/* loaded from: input_file:org/xdi/oxd/server/GetTokensByCodeTest.class */
public class GetTokensByCodeTest {
    @Parameters({"host", "opHost", "redirectUrl", "userId", "userSecret"})
    @Test
    public void whenValidCodeIsUsed_shouldGetTokenInResponse(String str, String str2, String str3, String str4, String str5) throws IOException {
        ClientInterface newClient = Tester.newClient(str);
        RegisterSiteResponse registerSite = RegisterSiteTest.registerSite(newClient, str2, str3);
        refreshToken(tokenByCode(newClient, registerSite, str4, str5, CoreUtils.secureRandomString()), newClient, registerSite.getOxdId());
    }

    @Parameters({"host", "opHost", "redirectUrl", "userId", "userSecret"})
    @Test
    public void whenInvalidCodeIsUsed_shouldGet400BadRequest(String str, String str2, String str3, String str4, String str5) throws IOException {
        ClientInterface newClient = Tester.newClient(str);
        tokenByInvalidCode(newClient, RegisterSiteTest.registerSite(newClient, str2, str3), str4, str5, CoreUtils.secureRandomString());
    }

    public static GetClientTokenResponse refreshToken(GetTokensByCodeResponse getTokensByCodeResponse, ClientInterface clientInterface, String str) {
        TestUtils.notEmpty(getTokensByCodeResponse.getRefreshToken());
        GetAccessTokenByRefreshTokenParams getAccessTokenByRefreshTokenParams = new GetAccessTokenByRefreshTokenParams();
        getAccessTokenByRefreshTokenParams.setOxdId(str);
        getAccessTokenByRefreshTokenParams.setScope(Lists.newArrayList(new String[]{"openid"}));
        getAccessTokenByRefreshTokenParams.setRefreshToken(getTokensByCodeResponse.getRefreshToken());
        getAccessTokenByRefreshTokenParams.setProtectionAccessToken(Tester.getAuthorization());
        GetClientTokenResponse accessTokenByRefreshToken = clientInterface.getAccessTokenByRefreshToken(Tester.getAuthorization(), getAccessTokenByRefreshTokenParams);
        Assert.assertNotNull(accessTokenByRefreshToken);
        TestUtils.notEmpty(accessTokenByRefreshToken.getAccessToken());
        TestUtils.notEmpty(accessTokenByRefreshToken.getRefreshToken());
        return accessTokenByRefreshToken;
    }

    public static GetTokensByCodeResponse tokenByCode(ClientInterface clientInterface, RegisterSiteResponse registerSiteResponse, String str, String str2, String str3) {
        String secureRandomString = CoreUtils.secureRandomString();
        String codeRequest = codeRequest(clientInterface, registerSiteResponse.getOxdId(), str, str2, secureRandomString, str3);
        TestUtils.notEmpty(codeRequest);
        GetTokensByCodeParams getTokensByCodeParams = new GetTokensByCodeParams();
        getTokensByCodeParams.setOxdId(registerSiteResponse.getOxdId());
        getTokensByCodeParams.setCode(codeRequest);
        getTokensByCodeParams.setState(secureRandomString);
        GetTokensByCodeResponse tokenByCode = clientInterface.getTokenByCode(Tester.getAuthorization(), getTokensByCodeParams);
        Assert.assertNotNull(tokenByCode);
        TestUtils.notEmpty(tokenByCode.getAccessToken());
        TestUtils.notEmpty(tokenByCode.getIdToken());
        TestUtils.notEmpty(tokenByCode.getRefreshToken());
        return tokenByCode;
    }

    public static GetTokensByCodeResponse tokenByInvalidCode(ClientInterface clientInterface, RegisterSiteResponse registerSiteResponse, String str, String str2, String str3) {
        String secureRandomString = CoreUtils.secureRandomString();
        codeRequest(clientInterface, registerSiteResponse.getOxdId(), str, str2, secureRandomString, str3);
        String secureRandomString2 = CoreUtils.secureRandomString();
        String oxdId = registerSiteResponse.getOxdId();
        GetTokensByCodeParams getTokensByCodeParams = new GetTokensByCodeParams();
        getTokensByCodeParams.setOxdId(oxdId);
        getTokensByCodeParams.setCode(secureRandomString2);
        getTokensByCodeParams.setState(secureRandomString);
        GetTokensByCodeResponse getTokensByCodeResponse = null;
        try {
            getTokensByCodeResponse = clientInterface.getTokenByCode(Tester.getAuthorization(), getTokensByCodeParams);
            Assert.assertNotNull(getTokensByCodeResponse);
            TestUtils.notEmpty(getTokensByCodeResponse.getAccessToken());
            TestUtils.notEmpty(getTokensByCodeResponse.getIdToken());
            TestUtils.notEmpty(getTokensByCodeResponse.getRefreshToken());
        } catch (BadRequestException e) {
            org.junit.Assert.assertEquals(e.getMessage(), "HTTP 400 Bad Request");
        }
        return getTokensByCodeResponse;
    }

    public static String codeRequest(ClientInterface clientInterface, String str, String str2, String str3, String str4, String str5) {
        GetAuthorizationCodeParams getAuthorizationCodeParams = new GetAuthorizationCodeParams();
        getAuthorizationCodeParams.setOxdId(str);
        getAuthorizationCodeParams.setUsername(str2);
        getAuthorizationCodeParams.setPassword(str3);
        getAuthorizationCodeParams.setState(str4);
        getAuthorizationCodeParams.setNonce(str5);
        return clientInterface.getAuthorizationCode(Tester.getAuthorization(), getAuthorizationCodeParams).getCode();
    }
}
