package org.picketlink.test.idm.credential;

import java.util.Calendar;
import java.util.Date;
import org.junit.Assert;
import org.junit.Test;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.credential.TOTPCredential;
import org.picketlink.idm.credential.TOTPCredentials;
import org.picketlink.idm.credential.util.TimeBasedOTP;
import org.picketlink.idm.model.sample.User;
import org.picketlink.test.idm.AbstractPartitionManagerTestCase;
import org.picketlink.test.idm.Configuration;
import org.picketlink.test.idm.testers.FileStoreConfigurationTester;
import org.picketlink.test.idm.testers.IdentityConfigurationTester;
import org.picketlink.test.idm.testers.JPAStoreConfigurationTester;

@Configuration(include = {JPAStoreConfigurationTester.class, FileStoreConfigurationTester.class})
/* loaded from: input_file:org/picketlink/test/idm/credential/TOTPCredentialTestCase.class */
public class TOTPCredentialTestCase extends AbstractPartitionManagerTestCase {
    public static final String DEFAULT_TOTP_SECRET = "my_secret";
    public static final String DEFAULT_PASSWORD = "passwd";

    public TOTPCredentialTestCase(IdentityConfigurationTester identityConfigurationTester) {
        super(identityConfigurationTester);
    }

    @Test
    public void testSuccessfulValidation() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        identityManager.updateCredential(createUser, new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET));
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        tOTPCredentials.setToken(new TimeBasedOTP().generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        Assert.assertNotNull(tOTPCredentials.getValidatedAccount());
    }

    @Test
    public void testMultipleDevices() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        identityManager.updateCredential(createUser, new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET));
        TOTPCredential tOTPCredential = new TOTPCredential(DEFAULT_PASSWORD, "iphone_secret");
        tOTPCredential.setDevice("My IPhone #SN-121212121");
        identityManager.updateCredential(createUser, tOTPCredential);
        TOTPCredential tOTPCredential2 = new TOTPCredential(DEFAULT_PASSWORD, "android_secret");
        tOTPCredential2.setDevice("My Android #SN-56757554");
        identityManager.updateCredential(createUser, tOTPCredential2);
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP();
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        tOTPCredentials.setToken(timeBasedOTP.generate("iphone_secret"));
        tOTPCredentials.setDevice("My IPhone #SN-121212121");
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        tOTPCredentials.setToken(timeBasedOTP.generate("android_secret"));
        tOTPCredentials.setDevice("My Android #SN-56757554");
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        tOTPCredentials.setToken(timeBasedOTP.generate("iphone_secret"));
        tOTPCredentials.setDevice("My Android #SN-56757554");
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, tOTPCredentials.getStatus());
        Assert.assertNull(tOTPCredentials.getValidatedAccount());
        tOTPCredentials.setToken(timeBasedOTP.generate("android_secret"));
        tOTPCredentials.setDevice("My IPhone #SN-121212121");
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, tOTPCredentials.getStatus());
        Assert.assertNull(tOTPCredentials.getValidatedAccount());
    }

    @Test
    public void testDelayWindow() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        identityManager.updateCredential(createUser, new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET));
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP();
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, -30);
        timeBasedOTP.setCalendar(calendar);
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
    }

    @Test
    public void testUpdatePasswordAndSecret() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        identityManager.updateCredential(createUser, new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET));
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP();
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        TOTPCredential tOTPCredential = new TOTPCredential("new_password", DEFAULT_TOTP_SECRET);
        Thread.sleep(1000L);
        identityManager.updateCredential(createUser, tOTPCredential);
        tOTPCredentials.setPassword(new Password("new_password"));
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        TOTPCredential tOTPCredential2 = new TOTPCredential("new_password", "new_secret");
        Thread.sleep(1000L);
        identityManager.updateCredential(createUser, tOTPCredential2);
        tOTPCredentials.setPassword(new Password("new_password"));
        tOTPCredentials.setToken(timeBasedOTP.generate("new_secret"));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, tOTPCredentials.getStatus());
        Assert.assertNull(tOTPCredentials.getValidatedAccount());
    }

    @Test
    public void testUpdateSecret() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        identityManager.updateCredential(createUser, new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET));
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP();
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        identityManager.updateCredential(createUser, new TOTPCredential("new_secret"));
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        tOTPCredentials.setToken(timeBasedOTP.generate("new_secret"));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
    }

    @Test
    public void testInvalidToken() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        identityManager.updateCredential(createUser, new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET));
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP();
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, -60);
        timeBasedOTP.setCalendar(calendar);
        tOTPCredentials.setToken(timeBasedOTP.generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, tOTPCredentials.getStatus());
        Assert.assertNull(tOTPCredentials.getValidatedAccount());
    }

    @Test
    public void testResetPassword() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        User createUser = createUser("someUser");
        TOTPCredential tOTPCredential = new TOTPCredential(DEFAULT_PASSWORD, DEFAULT_TOTP_SECRET);
        Calendar calendar = Calendar.getInstance();
        calendar.add(12, -5);
        identityManager.updateCredential(createUser, tOTPCredential, new Date(), calendar.getTime());
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        tOTPCredentials.setToken(new TimeBasedOTP().generate(DEFAULT_TOTP_SECRET));
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.EXPIRED, tOTPCredentials.getStatus());
        tOTPCredentials.setUsername(createUser.getLoginName());
        tOTPCredentials.setPassword(new Password(DEFAULT_PASSWORD));
        tOTPCredentials.setToken("12345678");
        identityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, tOTPCredentials.getStatus());
    }
}
