package org.keycloak.testsuite.actions;

import java.util.List;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.After;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.events.EventType;
import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.UserSessionRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
import org.keycloak.testsuite.util.GreenMailRule;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.SecondBrowser;
import org.openqa.selenium.WebDriver;

/* loaded from: input_file:org/keycloak/testsuite/actions/AppInitiatedActionResetPasswordTest.class */
public class AppInitiatedActionResetPasswordTest extends AbstractAppInitiatedActionTest {

    @Rule
    public GreenMailRule greenMail;

    @Page
    protected LoginPasswordUpdatePage changePasswordPage;

    @Drone
    @SecondBrowser
    private WebDriver driver2;

    public AppInitiatedActionResetPasswordTest() {
        super(UserModel.RequiredAction.UPDATE_PASSWORD.name());
        this.greenMail = new GreenMailRule();
    }

    @Override // org.keycloak.testsuite.AbstractTestRealmKeycloakTest
    public void configureTestRealm(RealmRepresentation realmRepresentation) {
        realmRepresentation.setResetPasswordAllowed(Boolean.TRUE);
    }

    @After
    public void after() {
        ApiUtil.resetUserPassword(testRealm().users().get(findUser(AssertEvents.DEFAULT_USERNAME).getId()), "password", false);
    }

    @Test
    public void resetPassword() throws Exception {
        this.loginPage.open();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        this.events.expectLogin().assertEvent();
        doAIA();
        this.changePasswordPage.assertCurrent();
        Assert.assertTrue(this.changePasswordPage.isCancelDisplayed());
        this.changePasswordPage.changePassword("new-password", "new-password");
        this.events.expectRequiredAction(EventType.UPDATE_PASSWORD).assertEvent();
        assertKcActionStatus("success");
        EventRepresentation assertEvent = this.events.expectLogin().assertEvent();
        this.oauth.openLogout();
        this.events.expectLogout(assertEvent.getSessionId()).assertEvent();
        this.loginPage.open();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "new-password");
        this.events.expectLogin().assertEvent();
    }

    @Test
    public void resetPasswordRequiresReAuth() throws Exception {
        this.loginPage.open();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        this.events.expectLogin().assertEvent();
        setTimeOffset(350);
        doAIA();
        this.loginPage.assertCurrent();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        this.changePasswordPage.assertCurrent();
        Assert.assertTrue(this.changePasswordPage.isCancelDisplayed());
        this.changePasswordPage.changePassword("new-password", "new-password");
        this.events.expectRequiredAction(EventType.UPDATE_PASSWORD).assertEvent();
        assertKcActionStatus("success");
    }

    @Test
    public void cancelChangePassword() throws Exception {
        doAIA();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        this.changePasswordPage.assertCurrent();
        this.changePasswordPage.cancel();
        assertKcActionStatus("cancelled");
    }

    @Test
    public void resetPasswordUserHasUpdatePasswordRequiredAction() throws Exception {
        this.loginPage.open();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        UserResource userResource = testRealm().users().get(findUser(AssertEvents.DEFAULT_USERNAME).getId());
        UserRepresentation representation = userResource.toRepresentation();
        representation.getRequiredActions().add(UserModel.RequiredAction.UPDATE_PASSWORD.name());
        userResource.update(representation);
        this.events.expectLogin().assertEvent();
        doAIA();
        this.changePasswordPage.assertCurrent();
        Assert.assertFalse(this.changePasswordPage.isCancelDisplayed());
        this.changePasswordPage.changePassword("new-password", "new-password");
        this.events.expectRequiredAction(EventType.UPDATE_PASSWORD).assertEvent();
        assertKcActionStatus("success");
    }

    @Test
    public void checkLogoutSessions() {
        OAuthClient oAuthClient = new OAuthClient();
        oAuthClient.init(this.driver2);
        this.loginPage.open();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        this.events.expectLogin().assertEvent();
        UserResource userResource = testRealm().users().get(findUser(AssertEvents.DEFAULT_USERNAME).getId());
        List userSessions = userResource.getUserSessions();
        Assert.assertEquals(1L, userSessions.size());
        String id = ((UserSessionRepresentation) userSessions.get(0)).getId();
        oAuthClient.doLogin(AssertEvents.DEFAULT_USERNAME, "password");
        this.events.expectLogin().assertEvent();
        Assert.assertEquals(2L, userResource.getUserSessions().size());
        doAIA();
        this.changePasswordPage.assertCurrent();
        Assert.assertTrue("Logout sessions is checked by default", this.changePasswordPage.isLogoutSessionsChecked());
        this.changePasswordPage.changePassword("All Right Then, Keep Your Secrets", "All Right Then, Keep Your Secrets");
        this.events.expectRequiredAction(EventType.UPDATE_PASSWORD).assertEvent();
        assertKcActionStatus("success");
        List userSessions2 = userResource.getUserSessions();
        Assert.assertEquals(1L, userSessions2.size());
        Assert.assertEquals("Old session is still valid", id, ((UserSessionRepresentation) userSessions2.get(0)).getId());
    }

    @Test
    public void uncheckLogoutSessions() {
        OAuthClient oAuthClient = new OAuthClient();
        oAuthClient.init(this.driver2);
        UserResource userResource = testRealm().users().get(findUser(AssertEvents.DEFAULT_USERNAME).getId());
        this.loginPage.open();
        this.loginPage.login(AssertEvents.DEFAULT_USERNAME, "password");
        this.events.expectLogin().assertEvent();
        oAuthClient.doLogin(AssertEvents.DEFAULT_USERNAME, "password");
        this.events.expectLogin().assertEvent();
        Assert.assertEquals(2L, userResource.getUserSessions().size());
        doAIA();
        this.changePasswordPage.assertCurrent();
        this.changePasswordPage.uncheckLogoutSessions();
        this.changePasswordPage.changePassword("All Right Then, Keep Your Secrets", "All Right Then, Keep Your Secrets");
        this.events.expectRequiredAction(EventType.UPDATE_PASSWORD).assertEvent();
        assertKcActionStatus("success");
        Assert.assertEquals(2L, userResource.getUserSessions().size());
    }
}
