package org.keycloak.testsuite.model;

import java.lang.invoke.SerializedLambda;
import java.util.concurrent.atomic.AtomicReference;
import org.hamcrest.core.Is;
import org.hamcrest.core.IsNull;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.common.util.Time;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserManager;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.models.utils.ResetTimeOffsetEvent;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.ClientManager;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.sessions.AuthenticationSessionModel;
import org.keycloak.sessions.CommonClientSessionModel;
import org.keycloak.sessions.RootAuthenticationSessionModel;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.ModelTest;
import org.keycloak.testsuite.oauth.OAuthGrantTest;
import org.keycloak.testsuite.util.InfinispanTestTimeServiceRule;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.REMOTE})
/* loaded from: input_file:org/keycloak/testsuite/model/AuthenticationSessionProviderTest.class */
public class AuthenticationSessionProviderTest extends AbstractTestRealmKeycloakTest {

    @Rule
    public InfinispanTestTimeServiceRule ispnTestTimeService = new InfinispanTestTimeServiceRule(this);

    @Before
    public void before() {
        this.testingClient.server().run(keycloakSession -> {
            RealmModel realm = keycloakSession.realms().getRealm("test");
            keycloakSession.users().addUser(realm, "user1").setEmail("user1@localhost");
            keycloakSession.users().addUser(realm, "user2").setEmail("user2@localhost");
        });
    }

    @After
    public void after() {
        this.testingClient.server().run(keycloakSession -> {
            RealmModel realm = keycloakSession.realms().getRealm("test");
            keycloakSession.sessions().removeUserSessions(realm);
            UserModel userByUsername = keycloakSession.users().getUserByUsername(realm, "user1");
            UserModel userByUsername2 = keycloakSession.users().getUserByUsername(realm, "user2");
            UserManager userManager = new UserManager(keycloakSession);
            if (userByUsername != null) {
                userManager.removeUser(realm, userByUsername);
            }
            if (userByUsername2 != null) {
                userManager.removeUser(realm, userByUsername2);
            }
        });
    }

    @Test
    @ModelTest
    public void testLoginSessionsCRUD(KeycloakSession keycloakSession) {
        AtomicReference atomicReference = new AtomicReference();
        AtomicReference atomicReference2 = new AtomicReference();
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            ClientModel clientByClientId = realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID);
            RootAuthenticationSessionModel createRootAuthenticationSession = keycloakSession2.authenticationSessions().createRootAuthenticationSession(realm);
            atomicReference.set(createRootAuthenticationSession.getId());
            AuthenticationSessionModel createAuthenticationSession = createRootAuthenticationSession.createAuthenticationSession(clientByClientId);
            atomicReference2.set(createAuthenticationSession.getTabId());
            createAuthenticationSession.setAction("foo");
            createRootAuthenticationSession.setTimestamp(100);
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession3 -> {
            RealmModel realm = keycloakSession3.realms().getRealm("test");
            ClientModel clientByClientId = realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID);
            RootAuthenticationSessionModel rootAuthenticationSession = keycloakSession3.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference.get());
            AuthenticationSessionModel authenticationSession = rootAuthenticationSession.getAuthenticationSession(clientByClientId, (String) atomicReference2.get());
            testAuthenticationSession(authenticationSession, clientByClientId.getId(), null, "foo");
            Assert.assertThat(Integer.valueOf(rootAuthenticationSession.getTimestamp()), Is.is(100));
            authenticationSession.setAction("foo-updated");
            rootAuthenticationSession.setTimestamp(200);
            authenticationSession.setAuthenticatedUser(keycloakSession3.users().getUserByUsername(realm, "user1"));
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession4 -> {
            RealmModel realm = keycloakSession4.realms().getRealm("test");
            UserModel userByUsername = keycloakSession4.users().getUserByUsername(realm, "user1");
            RootAuthenticationSessionModel rootAuthenticationSession = keycloakSession4.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference.get());
            ClientModel clientByClientId = realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID);
            testAuthenticationSession(rootAuthenticationSession.getAuthenticationSession(clientByClientId, (String) atomicReference2.get()), clientByClientId.getId(), userByUsername.getId(), "foo-updated");
            Assert.assertThat(Integer.valueOf(rootAuthenticationSession.getTimestamp()), Is.is(200));
            keycloakSession4.authenticationSessions().removeRootAuthenticationSession(realm, rootAuthenticationSession);
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession5 -> {
            Assert.assertThat(keycloakSession5.authenticationSessions().getRootAuthenticationSession(keycloakSession5.realms().getRealm("test"), (String) atomicReference.get()), IsNull.nullValue());
        });
    }

    @Test
    @ModelTest
    public void testAuthenticationSessionRestart(KeycloakSession keycloakSession) {
        AtomicReference atomicReference = new AtomicReference();
        AtomicReference atomicReference2 = new AtomicReference();
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            ClientModel clientByClientId = realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID);
            UserModel userByUsername = keycloakSession2.users().getUserByUsername(realm, "user1");
            AuthenticationSessionModel createAuthenticationSession = keycloakSession2.authenticationSessions().createRootAuthenticationSession(realm).createAuthenticationSession(clientByClientId);
            atomicReference.set(createAuthenticationSession.getParentSession().getId());
            atomicReference2.set(createAuthenticationSession.getTabId());
            createAuthenticationSession.setAction("foo");
            createAuthenticationSession.getParentSession().setTimestamp(100);
            createAuthenticationSession.setAuthenticatedUser(userByUsername);
            createAuthenticationSession.setAuthNote("foo", "bar");
            createAuthenticationSession.setClientNote("foo2", "bar2");
            createAuthenticationSession.setExecutionStatus("123", CommonClientSessionModel.ExecutionStatus.SUCCESS);
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession3 -> {
            RealmModel realm = keycloakSession3.realms().getRealm("test");
            keycloakSession3.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference.get()).getAuthenticationSession(realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID), (String) atomicReference2.get()).getParentSession().restartSession(realm);
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession4 -> {
            RealmModel realm = keycloakSession4.realms().getRealm("test");
            ClientModel clientByClientId = realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID);
            RootAuthenticationSessionModel rootAuthenticationSession = keycloakSession4.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference.get());
            Assert.assertThat(rootAuthenticationSession.getAuthenticationSession(clientByClientId, (String) atomicReference2.get()), IsNull.nullValue());
            Assert.assertThat(Boolean.valueOf(rootAuthenticationSession.getTimestamp() > 0), Is.is(true));
        });
    }

    @Test
    @ModelTest
    public void testExpiredAuthSessions(KeycloakSession keycloakSession) {
        AtomicReference atomicReference = new AtomicReference();
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            try {
                setAccessCodeLifespan(keycloakSession2, 10, 10, 30);
                createAuthSession(keycloakSession2, atomicReference);
                testExpiredOffset(keycloakSession2, 25, false, (String) atomicReference.get());
                testExpiredOffset(keycloakSession2, 35, true, (String) atomicReference.get());
                setAccessCodeLifespan(keycloakSession2, -1, 40, -1);
                createAuthSession(keycloakSession2, atomicReference);
                testExpiredOffset(keycloakSession2, 35, false, (String) atomicReference.get());
                testExpiredOffset(keycloakSession2, 45, true, (String) atomicReference.get());
                setAccessCodeLifespan(keycloakSession2, 50, -1, -1);
                createAuthSession(keycloakSession2, atomicReference);
                testExpiredOffset(keycloakSession2, 45, false, (String) atomicReference.get());
                testExpiredOffset(keycloakSession2, 55, true, (String) atomicReference.get());
                Time.setOffset(0);
                keycloakSession.getKeycloakSessionFactory().publish(new ResetTimeOffsetEvent());
                setAccessCodeLifespan(keycloakSession2, 60, 300, 1800);
            } catch (Throwable th) {
                Time.setOffset(0);
                keycloakSession.getKeycloakSessionFactory().publish(new ResetTimeOffsetEvent());
                setAccessCodeLifespan(keycloakSession2, 60, 300, 1800);
                throw th;
            }
        });
    }

    @Test
    @ModelTest
    public void testOnRealmRemoved(KeycloakSession keycloakSession) {
        AtomicReference atomicReference = new AtomicReference();
        AtomicReference atomicReference2 = new AtomicReference();
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            RealmModel createRealm = keycloakSession2.realms().createRealm("foo-realm");
            createRealm.setDefaultRole(keycloakSession2.roles().addRealmRole(createRealm, "default-roles-" + createRealm.getName()));
            createRealm.addClient("foo-client");
            atomicReference.set(keycloakSession2.authenticationSessions().createRootAuthenticationSession(realm).getId());
            atomicReference2.set(keycloakSession2.authenticationSessions().createRootAuthenticationSession(createRealm).getId());
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession3 -> {
            new RealmManager(keycloakSession3).removeRealm(keycloakSession3.realms().getRealmByName("foo-realm"));
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession4 -> {
            RealmModel realm = keycloakSession4.realms().getRealm("test");
            Assert.assertThat(keycloakSession4.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference.get()), IsNull.notNullValue());
            Assert.assertThat(keycloakSession4.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference2.get()), IsNull.nullValue());
        });
    }

    @Test
    @ModelTest
    public void testOnClientRemoved(KeycloakSession keycloakSession) {
        AtomicReference atomicReference = new AtomicReference();
        AtomicReference atomicReference2 = new AtomicReference();
        AtomicReference atomicReference3 = new AtomicReference();
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            atomicReference3.set(keycloakSession2.authenticationSessions().createRootAuthenticationSession(realm).getId());
            AuthenticationSessionModel createAuthenticationSession = keycloakSession2.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference3.get()).createAuthenticationSession(realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID));
            AuthenticationSessionModel createAuthenticationSession2 = keycloakSession2.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference3.get()).createAuthenticationSession(realm.getClientByClientId(OAuthGrantTest.THIRD_PARTY_APP));
            atomicReference.set(createAuthenticationSession.getTabId());
            atomicReference2.set(createAuthenticationSession2.getTabId());
            createAuthenticationSession.setAuthNote("foo", "bar");
            createAuthenticationSession2.setAuthNote("foo", "baz");
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession3 -> {
            RealmModel realm = keycloakSession3.realms().getRealm("test");
            RootAuthenticationSessionModel rootAuthenticationSession = keycloakSession3.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference3.get());
            Assert.assertThat(Integer.valueOf(rootAuthenticationSession.getAuthenticationSessions().size()), Is.is(2));
            Assert.assertThat(rootAuthenticationSession.getAuthenticationSession(realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID), (String) atomicReference.get()).getAuthNote("foo"), Is.is("bar"));
            Assert.assertThat(rootAuthenticationSession.getAuthenticationSession(realm.getClientByClientId(OAuthGrantTest.THIRD_PARTY_APP), (String) atomicReference2.get()).getAuthNote("foo"), Is.is("baz"));
            new ClientManager(new RealmManager(keycloakSession3)).removeClient(realm, realm.getClientByClientId(OAuthGrantTest.THIRD_PARTY_APP));
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession4 -> {
            RealmModel realm = keycloakSession4.realms().getRealm("test");
            RootAuthenticationSessionModel rootAuthenticationSession = keycloakSession4.authenticationSessions().getRootAuthenticationSession(realm, (String) atomicReference3.get());
            Assert.assertThat(rootAuthenticationSession.getAuthenticationSession(realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID), (String) atomicReference.get()).getAuthNote("foo"), Is.is("bar"));
            Assert.assertThat(rootAuthenticationSession.getAuthenticationSession(realm.getClientByClientId(OAuthGrantTest.THIRD_PARTY_APP), (String) atomicReference2.get()), IsNull.nullValue());
            realm.addClient(OAuthGrantTest.THIRD_PARTY_APP);
        });
    }

    private void testAuthenticationSession(AuthenticationSessionModel authenticationSessionModel, String str, String str2, String str3) {
        Assert.assertThat(authenticationSessionModel.getClient().getId(), Is.is(str));
        if (str2 == null) {
            Assert.assertThat(authenticationSessionModel.getAuthenticatedUser(), IsNull.nullValue());
        } else {
            Assert.assertThat(authenticationSessionModel.getAuthenticatedUser().getId(), Is.is(str2));
        }
        if (str3 == null) {
            Assert.assertThat(authenticationSessionModel.getAction(), IsNull.nullValue());
        } else {
            Assert.assertThat(authenticationSessionModel.getAction(), Is.is(str3));
        }
    }

    private void createAuthSession(KeycloakSession keycloakSession, AtomicReference<String> atomicReference) {
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            Time.setOffset(0);
            atomicReference.set(keycloakSession2.authenticationSessions().createRootAuthenticationSession(realm).getId());
        });
    }

    private void testExpiredOffset(KeycloakSession keycloakSession, int i, boolean z, String str) {
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            Time.setOffset(i);
            keycloakSession2.authenticationSessions().removeExpired(realm);
        });
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession3 -> {
            RealmModel realm = keycloakSession3.realms().getRealm("test");
            if (z) {
                Assert.assertThat(keycloakSession3.authenticationSessions().getRootAuthenticationSession(realm, str), IsNull.nullValue());
            } else {
                Assert.assertThat(keycloakSession3.authenticationSessions().getRootAuthenticationSession(realm, str), IsNull.notNullValue());
            }
        });
    }

    private void setAccessCodeLifespan(KeycloakSession keycloakSession, int i, int i2, int i3) {
        KeycloakModelUtils.runJobInTransaction(keycloakSession.getKeycloakSessionFactory(), keycloakSession2 -> {
            RealmModel realm = keycloakSession2.realms().getRealm("test");
            if (i != -1) {
                realm.setAccessCodeLifespan(i);
            }
            if (i2 != -1) {
                realm.setAccessCodeLifespanUserAction(i2);
            }
            if (i3 != -1) {
                realm.setAccessCodeLifespanLogin(i3);
            }
        });
    }

    @Override // org.keycloak.testsuite.AbstractTestRealmKeycloakTest
    public void configureTestRealm(RealmRepresentation realmRepresentation) {
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1374117609:
                if (implMethodName.equals("lambda$before$26a8868a$1")) {
                    z = true;
                    break;
                }
                break;
            case -609886860:
                if (implMethodName.equals("lambda$after$26a8868a$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/model/AuthenticationSessionProviderTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession -> {
                        RealmModel realm = keycloakSession.realms().getRealm("test");
                        keycloakSession.sessions().removeUserSessions(realm);
                        UserModel userByUsername = keycloakSession.users().getUserByUsername(realm, "user1");
                        UserModel userByUsername2 = keycloakSession.users().getUserByUsername(realm, "user2");
                        UserManager userManager = new UserManager(keycloakSession);
                        if (userByUsername != null) {
                            userManager.removeUser(realm, userByUsername);
                        }
                        if (userByUsername2 != null) {
                            userManager.removeUser(realm, userByUsername2);
                        }
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/model/AuthenticationSessionProviderTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession2 -> {
                        RealmModel realm = keycloakSession2.realms().getRealm("test");
                        keycloakSession2.users().addUser(realm, "user1").setEmail("user1@localhost");
                        keycloakSession2.users().addUser(realm, "user2").setEmail("user2@localhost");
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
