package org.keycloak.testsuite.account;

import java.io.IOException;
import java.util.Map;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.common.Profile;
import org.keycloak.representations.account.UserProfileAttributeMetadata;
import org.keycloak.representations.account.UserRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.forms.VerifyProfileTest;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.REMOTE})
@EnableFeature(Profile.Feature.DECLARATIVE_USER_PROFILE)
/* loaded from: input_file:org/keycloak/testsuite/account/AccountRestServiceWithUserProfileTest.class */
public class AccountRestServiceWithUserProfileTest extends AccountRestServiceTest {
    private static String UP_CONFIG_FOR_METADATA = "{\"attributes\": [{\"name\": \"firstName\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {\"scopes\":[\"profile\"]}, \"displayName\": \"${profile.firstName}\", \"validations\": {\"length\": { \"max\": 255 }}},{\"name\": \"lastName\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {}, \"displayName\": \"Last name\", \"annotations\": {\"formHintKey\" : \"userEmailFormFieldHint\", \"anotherKey\" : 10, \"yetAnotherKey\" : \"some value\"}},{\"name\": \"attr_with_scope_selector\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"selector\": {\"scopes\": [\"profile\"]}},{\"name\": \"attr_required\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {}},{\"name\": \"attr_required_by_role\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {\"roles\" : [\"user\"]}},{\"name\": \"attr_required_by_scope\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {\"scopes\": [\"profile\"]}},{\"name\": \"attr_not_required_due_to_role\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {\"roles\" : [\"admin\"]}},{\"name\": \"attr_readonly\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\"]}},{\"name\": \"attr_no_permission\",\"permissions\": {\"view\": [\"admin\"], \"edit\": [\"admin\"]}}]}";

    @Override // org.keycloak.testsuite.account.AbstractRestServiceTest
    @Before
    public void before() {
        super.before();
        enableDynamicUserProfile();
        setUserProfileConfiguration(null);
    }

    @Override // org.keycloak.testsuite.account.AccountRestServiceTest
    protected boolean isDeclarativeUserProfile() {
        return true;
    }

    @Override // org.keycloak.testsuite.account.AccountRestServiceTest
    @Test
    public void testGetUserProfileMetadata_EditUsernameAllowed() throws IOException {
        setUserProfileConfiguration(UP_CONFIG_FOR_METADATA);
        UserRepresentation user = getUser();
        Assert.assertNotNull(user.getUserProfileMetadata());
        assertUserProfileAttributeMetadata(user, "username", "${username}", true, false);
        assertUserProfileAttributeMetadata(user, "email", "${email}", true, false);
        UserProfileAttributeMetadata assertUserProfileAttributeMetadata = assertUserProfileAttributeMetadata(user, "firstName", "${profile.firstName}", false, false);
        Assert.assertNull(assertUserProfileAttributeMetadata.getAnnotations());
        Assert.assertEquals(255, assertValidatorExists(assertUserProfileAttributeMetadata, "length").get("max"));
        UserProfileAttributeMetadata assertUserProfileAttributeMetadata2 = assertUserProfileAttributeMetadata(user, "lastName", "Last name", true, false);
        Assert.assertNotNull(assertUserProfileAttributeMetadata2.getAnnotations());
        Assert.assertEquals(3L, assertUserProfileAttributeMetadata2.getAnnotations().size());
        assertAnnotationValue(assertUserProfileAttributeMetadata2, "formHintKey", "userEmailFormFieldHint");
        assertAnnotationValue(assertUserProfileAttributeMetadata2, "anotherKey", 10);
        assertUserProfileAttributeMetadata(user, "attr_with_scope_selector", "attr_with_scope_selector", false, false);
        assertUserProfileAttributeMetadata(user, "attr_required", "attr_required", true, false);
        assertUserProfileAttributeMetadata(user, "attr_required_by_role", "attr_required_by_role", true, false);
        assertUserProfileAttributeMetadata(user, "attr_required_by_scope", "attr_required_by_scope", false, false);
        assertUserProfileAttributeMetadata(user, "attr_not_required_due_to_role", "attr_not_required_due_to_role", false, false);
        assertUserProfileAttributeMetadata(user, "attr_readonly", "attr_readonly", false, true);
        Assert.assertNull(getUserProfileAttributeMetadata(user, "attr_no_permission"));
    }

    @Override // org.keycloak.testsuite.account.AccountRestServiceTest
    @Test
    public void testGetUserProfileMetadata_EditUsernameDisallowed() throws IOException {
        try {
            RealmRepresentation representation = this.adminClient.realm("test").toRepresentation();
            representation.setEditUsernameAllowed(false);
            this.adminClient.realm("test").update(representation);
            setUserProfileConfiguration(UP_CONFIG_FOR_METADATA);
            UserRepresentation user = getUser();
            Assert.assertNotNull(user.getUserProfileMetadata());
            assertUserProfileAttributeMetadata(user, "username", "${username}", true, true);
            assertUserProfileAttributeMetadata(user, "email", "${email}", true, false);
            UserProfileAttributeMetadata assertUserProfileAttributeMetadata = assertUserProfileAttributeMetadata(user, "firstName", "${profile.firstName}", false, false);
            Assert.assertNull(assertUserProfileAttributeMetadata.getAnnotations());
            Assert.assertEquals(255, assertValidatorExists(assertUserProfileAttributeMetadata, "length").get("max"));
            UserProfileAttributeMetadata assertUserProfileAttributeMetadata2 = assertUserProfileAttributeMetadata(user, "lastName", "Last name", true, false);
            Assert.assertNotNull(assertUserProfileAttributeMetadata2.getAnnotations());
            Assert.assertEquals(3L, assertUserProfileAttributeMetadata2.getAnnotations().size());
            assertAnnotationValue(assertUserProfileAttributeMetadata2, "formHintKey", "userEmailFormFieldHint");
            assertAnnotationValue(assertUserProfileAttributeMetadata2, "anotherKey", 10);
            assertUserProfileAttributeMetadata(user, "attr_with_scope_selector", "attr_with_scope_selector", false, false);
            assertUserProfileAttributeMetadata(user, "attr_required", "attr_required", true, false);
            assertUserProfileAttributeMetadata(user, "attr_required_by_role", "attr_required_by_role", true, false);
            assertUserProfileAttributeMetadata(user, "attr_required_by_scope", "attr_required_by_scope", false, false);
            assertUserProfileAttributeMetadata(user, "attr_not_required_due_to_role", "attr_not_required_due_to_role", false, false);
            assertUserProfileAttributeMetadata(user, "attr_readonly", "attr_readonly", false, true);
            Assert.assertNull(getUserProfileAttributeMetadata(user, "attr_no_permission"));
            RealmRepresentation representation2 = testRealm().toRepresentation();
            representation2.setEditUsernameAllowed(true);
            testRealm().update(representation2);
        } catch (Throwable th) {
            RealmRepresentation representation3 = testRealm().toRepresentation();
            representation3.setEditUsernameAllowed(true);
            testRealm().update(representation3);
            throw th;
        }
    }

    protected void assertAnnotationValue(UserProfileAttributeMetadata userProfileAttributeMetadata, String str, Object obj) {
        Assert.assertNotNull("Missing annotations for attribute " + userProfileAttributeMetadata.getName(), userProfileAttributeMetadata.getAnnotations());
        Assert.assertEquals("Unexpexted value of the " + str + " annotation for attribute " + userProfileAttributeMetadata.getName(), obj, userProfileAttributeMetadata.getAnnotations().get(str));
    }

    protected Map<String, Object> assertValidatorExists(UserProfileAttributeMetadata userProfileAttributeMetadata, String str) {
        Assert.assertNotNull("Missing validators for attribute " + userProfileAttributeMetadata.getName(), userProfileAttributeMetadata.getValidators());
        Assert.assertTrue("Missing validtor " + str + " for attribute " + userProfileAttributeMetadata.getName(), userProfileAttributeMetadata.getValidators().containsKey(str));
        return (Map) userProfileAttributeMetadata.getValidators().get(str);
    }

    @Override // org.keycloak.testsuite.account.AccountRestServiceTest
    @Test
    public void testUpdateProfile() throws IOException {
        setUserProfileConfiguration("{\"attributes\": [{\"name\": \"firstName\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {}},{\"name\": \"lastName\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {}},{\"name\": \"attr1\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}},{\"name\": \"attr2\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}}]}");
        super.testUpdateProfile();
    }

    @Override // org.keycloak.testsuite.account.AccountRestServiceTest
    @Test
    public void testUpdateSingleField() throws IOException {
        setUserProfileConfiguration("{\"attributes\": [{\"name\": \"firstName\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}},{\"name\": \"lastName\",\"permissions\": {\"view\": [\"admin\", \"user\"], \"edit\": [\"admin\", \"user\"]}, \"required\": {}}]}");
        super.testUpdateSingleField();
    }

    protected void setUserProfileConfiguration(String str) {
        VerifyProfileTest.setUserProfileConfiguration(testRealm(), str);
    }

    protected void enableDynamicUserProfile() {
        RealmRepresentation representation = testRealm().toRepresentation();
        VerifyProfileTest.enableDynamicUserProfile(representation);
        testRealm().update(representation);
    }
}
