package org.keycloak.testsuite.broker;

import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.AuthenticationManagementResource;
import org.keycloak.admin.client.resource.IdentityProviderResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.models.IdentityProviderSyncMode;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
import org.keycloak.testsuite.util.ExecutionBuilder;

/* loaded from: input_file:org/keycloak/testsuite/broker/KcOidcFirstBrokerLoginDetectExistingUserTest.class */
public class KcOidcFirstBrokerLoginDetectExistingUserTest extends AbstractInitializedBaseBrokerTest {

    @Page
    protected LoginUpdateProfilePage loginUpdateProfilePage;

    @Override // org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    protected BrokerConfiguration getBrokerConfiguration() {
        return new KcOidcBrokerConfiguration();
    }

    @Override // org.keycloak.testsuite.broker.AbstractInitializedBaseBrokerTest, org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    @Before
    public void beforeBrokerTest() {
        super.beforeBrokerTest();
        this.log.debug("creating detect existing user flow for realm " + this.bc.providerRealmName());
        RealmResource realm = this.adminClient.realm(this.bc.consumerRealmName());
        AuthenticationManagementResource flows = realm.flows();
        flows.createFlow(newFlow("detectExistingUserFlow", "detectExistingUserFlow", "basic-flow", true, false));
        AuthenticationFlowRepresentation flow = getFlow(flows, "detectExistingUserFlow");
        Assert.assertNotNull("The authentication flow must exist", flow);
        String id = flow.getId();
        addExecution(flows, id, "idp-detect-existing-broker-user", 10);
        addExecution(flows, id, "idp-auto-link", 20);
        IdentityProviderResource identityProviderResource = realm.identityProviders().get(this.bc.getIDPAlias());
        IdentityProviderRepresentation identityProviderRepresentation = (IdentityProviderRepresentation) realm.identityProviders().findAll().get(0);
        identityProviderRepresentation.setFirstBrokerLoginFlowAlias("detectExistingUserFlow");
        identityProviderRepresentation.getConfig().put("syncMode", IdentityProviderSyncMode.FORCE.toString());
        identityProviderResource.update(identityProviderRepresentation);
        Assert.assertEquals("Two executions must have been created", 2L, getFlow(flows, "detectExistingUserFlow").getAuthenticationExecutions().size());
    }

    private void addExecution(AuthenticationManagementResource authenticationManagementResource, String str, String str2, int i) {
        authenticationManagementResource.addExecution(ExecutionBuilder.create().parentFlow(str).requirement(AuthenticationExecutionModel.Requirement.REQUIRED.toString()).authenticator(str2).priority(i).authenticatorFlow(false).build());
    }

    private AuthenticationFlowRepresentation getFlow(AuthenticationManagementResource authenticationManagementResource, String str) {
        return (AuthenticationFlowRepresentation) authenticationManagementResource.getFlows().stream().filter(authenticationFlowRepresentation -> {
            return str.equals(authenticationFlowRepresentation.getAlias());
        }).findFirst().get();
    }

    private AuthenticationFlowRepresentation newFlow(String str, String str2, String str3, boolean z, boolean z2) {
        AuthenticationFlowRepresentation authenticationFlowRepresentation = new AuthenticationFlowRepresentation();
        authenticationFlowRepresentation.setAlias(str);
        authenticationFlowRepresentation.setDescription(str2);
        authenticationFlowRepresentation.setProviderId(str3);
        authenticationFlowRepresentation.setTopLevel(z);
        authenticationFlowRepresentation.setBuiltIn(z2);
        return authenticationFlowRepresentation;
    }

    @Test
    public void loginWhenUserDoesNotExistOnConsumer() {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        createUser(this.bc.providerRealmName(), "firstandlastname", "password", "Firstname", "Lastname", "firstnamelastname@example.org");
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        logInWithIdp(this.bc.getIDPAlias(), "firstandlastname", "password");
        this.loginPage.assertCurrent(this.bc.consumerRealmName());
        Assert.assertEquals("User firstandlastname authenticated with identity provider " + this.bc.getIDPAlias() + " does not exists. Please contact your administrator.", this.loginPage.getInstruction());
    }

    @Test
    public void loginWhenUserExistsOnConsumer() {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        createUser(this.bc.providerRealmName(), "firstandlastname", "password", "Firstname(loginWhenUserExistsOnConsumer)", "Lastname(loginWhenUserExistsOnConsumer)", "firstnamelastname@example.org");
        createUser(this.bc.consumerRealmName(), "firstandlastname", "THIS PASSWORD IS USELESS", null, null, "firstnamelastname@example.org");
        String accountUrl = getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName());
        getLogger().error("> LOG INTO " + accountUrl);
        this.driver.navigate().to(accountUrl);
        logInWithIdp(this.bc.getIDPAlias(), "firstandlastname", "password");
        Assert.assertTrue(this.driver.getTitle().contains("Account Management"));
        Assert.assertTrue("email must be in the page", this.driver.getPageSource().contains("value=\"firstnamelastname@example.org\""));
        Assert.assertTrue("firstname must appear in the page", this.driver.getPageSource().contains("value=\"Firstname(loginWhenUserExistsOnConsumer)\""));
        Assert.assertTrue("lastname must appear in the page", this.driver.getPageSource().contains("value=\"Lastname(loginWhenUserExistsOnConsumer)\""));
    }
}
