package org.keycloak.testsuite.keys;

import java.security.interfaces.RSAPublicKey;
import java.util.List;
import javax.ws.rs.core.Response;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.common.util.PemUtils;
import org.keycloak.jose.jws.AlgorithmType;
import org.keycloak.keys.KeyProvider;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.ErrorRepresentation;
import org.keycloak.representations.idm.KeysMetadataRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.LoginPage;

/* loaded from: input_file:org/keycloak/testsuite/keys/GeneratedRsaKeyProviderTest.class */
public class GeneratedRsaKeyProviderTest extends AbstractKeycloakTest {

    @Rule
    public AssertEvents events = new AssertEvents(this);

    @Page
    protected AppPage appPage;

    @Page
    protected LoginPage loginPage;

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        list.add((RealmRepresentation) AbstractAdminTest.loadJson(getClass().getResourceAsStream("/testrealm.json"), RealmRepresentation.class));
    }

    @Test
    public void defaultKeysize() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "rsa-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        getCleanup().addComponentId(createdId);
        add.close();
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        Assert.assertEquals(1L, representation.getConfig().size());
        Assert.assertEquals(Long.toString(currentTimeMillis), representation.getConfig().getFirst("priority"));
        KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation = (KeysMetadataRepresentation.KeyMetadataRepresentation) this.adminClient.realm("test").keys().getKeyMetadata().getKeys().get(0);
        Assert.assertEquals(createdId, keyMetadataRepresentation.getProviderId());
        Assert.assertEquals(AlgorithmType.RSA.name(), keyMetadataRepresentation.getType());
        Assert.assertEquals(currentTimeMillis, keyMetadataRepresentation.getProviderPriority());
        Assert.assertEquals(2048L, ((RSAPublicKey) PemUtils.decodePublicKey(((KeysMetadataRepresentation.KeyMetadataRepresentation) r0.getKeys().get(0)).getPublicKey())).getModulus().bitLength());
    }

    @Test
    public void largeKeysize() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "rsa-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        createRep.getConfig().putSingle("keySize", "4096");
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        getCleanup().addComponentId(createdId);
        add.close();
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        Assert.assertEquals(2L, representation.getConfig().size());
        Assert.assertEquals("4096", representation.getConfig().getFirst("keySize"));
        KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation = (KeysMetadataRepresentation.KeyMetadataRepresentation) this.adminClient.realm("test").keys().getKeyMetadata().getKeys().get(0);
        Assert.assertEquals(createdId, keyMetadataRepresentation.getProviderId());
        Assert.assertEquals(AlgorithmType.RSA.name(), keyMetadataRepresentation.getType());
        Assert.assertEquals(currentTimeMillis, keyMetadataRepresentation.getProviderPriority());
        Assert.assertEquals(4096L, ((RSAPublicKey) PemUtils.decodePublicKey(((KeysMetadataRepresentation.KeyMetadataRepresentation) r0.getKeys().get(0)).getPublicKey())).getModulus().bitLength());
    }

    @Test
    public void updatePriority() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "rsa-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        getCleanup().addComponentId(createdId);
        add.close();
        String publicKey = ((KeysMetadataRepresentation.KeyMetadataRepresentation) this.adminClient.realm("test").keys().getKeyMetadata().getKeys().get(0)).getPublicKey();
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        representation.getConfig().putSingle("priority", Long.toString(currentTimeMillis + 1000));
        this.adminClient.realm("test").components().component(createdId).update(representation);
        Assert.assertEquals(publicKey, ((KeysMetadataRepresentation.KeyMetadataRepresentation) this.adminClient.realm("test").keys().getKeyMetadata().getKeys().get(0)).getPublicKey());
    }

    @Test
    public void updateKeysize() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "rsa-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        getCleanup().addComponentId(createdId);
        add.close();
        String publicKey = ((KeysMetadataRepresentation.KeyMetadataRepresentation) this.adminClient.realm("test").keys().getKeyMetadata().getKeys().get(0)).getPublicKey();
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        representation.getConfig().putSingle("keySize", "4096");
        this.adminClient.realm("test").components().component(createdId).update(representation);
        Assert.assertNotEquals(publicKey, ((KeysMetadataRepresentation.KeyMetadataRepresentation) this.adminClient.realm("test").keys().getKeyMetadata().getKeys().get(0)).getPublicKey());
        Assert.assertEquals(2048L, ((RSAPublicKey) PemUtils.decodePublicKey(publicKey)).getModulus().bitLength());
        Assert.assertEquals(4096L, ((RSAPublicKey) PemUtils.decodePublicKey(r0)).getModulus().bitLength());
    }

    @Test
    public void invalidKeysize() throws Exception {
        ComponentRepresentation createRep = createRep("invalid", "rsa-generated");
        createRep.getConfig().putSingle("keySize", "1234");
        assertErrror(this.adminClient.realm("test").components().add(createRep), "'Key size' should be 1024, 2048 or 4096");
    }

    protected void assertErrror(Response response, String str) {
        if (!response.hasEntity()) {
            Assert.fail("No error message set");
        }
        Assert.assertEquals(str, ((ErrorRepresentation) response.readEntity(ErrorRepresentation.class)).getErrorMessage());
        response.close();
    }

    protected ComponentRepresentation createRep(String str, String str2) {
        ComponentRepresentation componentRepresentation = new ComponentRepresentation();
        componentRepresentation.setName(str);
        componentRepresentation.setParentId("test");
        componentRepresentation.setProviderId(str2);
        componentRepresentation.setProviderType(KeyProvider.class.getName());
        componentRepresentation.setConfig(new MultivaluedHashMap());
        return componentRepresentation;
    }
}
