package org.keycloak.testsuite.broker;

import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.keycloak.models.IdentityProviderSyncMode;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;

/* loaded from: input_file:org/keycloak/testsuite/broker/KcOidcBrokerClientSecretJwtCustomSignAlgTest.class */
public class KcOidcBrokerClientSecretJwtCustomSignAlgTest extends AbstractBrokerTest {

    /* loaded from: input_file:org/keycloak/testsuite/broker/KcOidcBrokerClientSecretJwtCustomSignAlgTest$KcOidcBrokerConfigurationWithJWTAuthentication.class */
    private class KcOidcBrokerConfigurationWithJWTAuthentication extends KcOidcBrokerConfiguration {
        String clientSecret;
        String signAlg;

        private KcOidcBrokerConfigurationWithJWTAuthentication() {
            this.clientSecret = UUID.randomUUID().toString();
            this.signAlg = "HS384";
        }

        @Override // org.keycloak.testsuite.broker.KcOidcBrokerConfiguration, org.keycloak.testsuite.broker.BrokerConfiguration
        public List<ClientRepresentation> createProviderClients() {
            List<ClientRepresentation> createProviderClients = super.createProviderClients();
            KcOidcBrokerClientSecretJwtCustomSignAlgTest.this.log.info("Update provider clients to accept JWT authentication");
            for (ClientRepresentation clientRepresentation : createProviderClients) {
                if (clientRepresentation.getAttributes() == null) {
                    clientRepresentation.setAttributes(new HashMap());
                }
                clientRepresentation.setClientAuthenticatorType("client-secret-jwt");
                clientRepresentation.setSecret(this.clientSecret);
                clientRepresentation.getAttributes().put("token.endpoint.auth.signing.alg", this.signAlg);
            }
            return createProviderClients;
        }

        @Override // org.keycloak.testsuite.broker.KcOidcBrokerConfiguration, org.keycloak.testsuite.broker.BrokerConfiguration
        public IdentityProviderRepresentation setUpIdentityProvider(IdentityProviderSyncMode identityProviderSyncMode) {
            IdentityProviderRepresentation createIdentityProvider = BrokerTestTools.createIdentityProvider("kc-oidc-idp", OidcBackchannelLogoutBrokerConfiguration.SUB_CONSUMER_IDP_OIDC_PROVIDER_ID);
            Map<String, String> config = createIdentityProvider.getConfig();
            applyDefaultConfiguration(config, identityProviderSyncMode);
            config.put("clientAuthMethod", "client_secret_jwt");
            config.put("clientSecret", this.clientSecret);
            config.put("clientAssertionSigningAlg", this.signAlg);
            return createIdentityProvider;
        }
    }

    @Override // org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    protected BrokerConfiguration getBrokerConfiguration() {
        return new KcOidcBrokerConfigurationWithJWTAuthentication();
    }
}
