package org.keycloak.testsuite.authz;

import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.ws.rs.core.Response;
import org.junit.Assert;
import org.keycloak.admin.client.resource.AuthorizationResource;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ClientsResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.authorization.client.AuthzClient;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.authorization.AuthorizationRequest;
import org.keycloak.representations.idm.authorization.AuthorizationResponse;
import org.keycloak.representations.idm.authorization.Permission;
import org.keycloak.representations.idm.authorization.PermissionRequest;
import org.keycloak.representations.idm.authorization.ResourceOwnerRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.RoleBuilder;
import org.keycloak.testsuite.util.RolesBuilder;
import org.keycloak.testsuite.util.UserBuilder;

/* loaded from: input_file:org/keycloak/testsuite/authz/AbstractResourceServerTest.class */
public abstract class AbstractResourceServerTest extends AbstractAuthzTest {
    protected static final String REALM_NAME = "authz-test";

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        list.add(RealmBuilder.create().name(REALM_NAME).roles(RolesBuilder.create().realmRole(RoleBuilder.create().name("uma_authorization").build()).realmRole(RoleBuilder.create().name("uma_protection").build())).user(UserBuilder.create().username("marta").password("password").addRoles("uma_authorization", "uma_protection").role("resource-server-test", "uma_protection")).user(UserBuilder.create().username("alice").password("password").addRoles("uma_authorization", "uma_protection").role("resource-server-test", "uma_protection")).user(UserBuilder.create().username("kolo").password("password")).client(ClientBuilder.create().clientId("resource-server-test").secret("secret").authorizationServicesEnabled(true).redirectUris("http://localhost/resource-server-test").defaultRoles("uma_protection").directAccessGrants().serviceAccountsEnabled(true)).client(ClientBuilder.create().clientId(AssertEvents.DEFAULT_CLIENT_ID).redirectUris("http://localhost:8180/auth/realms/master/app/auth", "https://localhost:8543/auth/realms/master/app/auth").publicClient()).testEventListener().build());
    }

    protected AuthorizationResponse authorize(String str, String[] strArr, String str2) {
        return authorize(null, null, str, strArr, null, null, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String[] strArr, String str2, String str3) {
        return authorize(null, null, null, null, null, str2, str3, new PermissionRequest(str, strArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String[] strArr) {
        return authorize(null, null, str, strArr, null, null, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String str2, String str3, String[] strArr) {
        return authorize(str, str2, str3, strArr, null, null, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String str2, PermissionRequest... permissionRequestArr) {
        return authorize(str, str2, null, null, null, null, null, permissionRequestArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String str2, String str3, String[] strArr, String str4) {
        return authorize(str, str2, str3, strArr, null, str4, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String str2, String str3, String[] strArr, String[] strArr2) {
        return authorize(str, str2, str3, strArr, strArr2, null, null);
    }

    protected AuthorizationResponse authorize(String str, String str2, String str3, String[] strArr, String[] strArr2, String str4, String str5) {
        return authorize(str, str2, strArr2, str4, null, str5, null, new PermissionRequest(str3, strArr));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizationResponse authorize(String str, String str2, String[] strArr, String str3, String str4, String str5, String str6, PermissionRequest... permissionRequestArr) {
        AuthorizationRequest authorizationRequest = new AuthorizationRequest((str != null ? getAuthzClient().protection(str, str2) : getAuthzClient().protection()).permission().create(Arrays.asList(permissionRequestArr)).getTicket());
        if (strArr != null) {
            StringBuilder sb = new StringBuilder();
            for (String str7 : strArr) {
                if (sb.length() > 0) {
                    sb.append(" ");
                }
                sb.append(str7);
            }
            authorizationRequest.setScope(sb.toString());
        }
        authorizationRequest.setRpt(str3);
        authorizationRequest.setClaimTokenFormat(str6);
        authorizationRequest.setClaimToken(str5);
        return (str != null ? getAuthzClient().authorization(str, str2) : str4 != null ? getAuthzClient().authorization(str4) : getAuthzClient().authorization()).authorize(authorizationRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RealmResource getRealm() {
        return this.adminClient.realm(REALM_NAME);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ClientResource getClient(RealmResource realmResource) {
        ClientsResource clients = realmResource.clients();
        return (ClientResource) clients.findByClientId("resource-server-test").stream().map(clientRepresentation -> {
            return clients.get(clientRepresentation.getId());
        }).findFirst().orElseThrow(() -> {
            return new RuntimeException("Expected client [resource-server-test]");
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthzClient getAuthzClient() {
        try {
            return AuthzClient.create(httpsAwareConfigurationStream(getClass().getResourceAsStream("/authorization-test/default-keycloak-uma2.json")));
        } catch (IOException e) {
            throw new RuntimeException("Failed to create authz client", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void assertPermissions(Collection<Permission> collection, String str, String... strArr) {
        Iterator<Permission> it = collection.iterator();
        while (it.hasNext()) {
            Permission next = it.next();
            if (next.getResourceName().equalsIgnoreCase(str) || next.getResourceId().equals(str)) {
                Set scopes = next.getScopes();
                Assert.assertEquals(strArr.length, scopes.size());
                if (scopes.containsAll(Arrays.asList(strArr))) {
                    it.remove();
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResourceRepresentation addResource(String str, String... strArr) throws Exception {
        return addResource(str, null, false, strArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResourceRepresentation addResource(String str, boolean z, String... strArr) throws Exception {
        return addResource(str, null, z, strArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResourceRepresentation addResource(String str, String str2, boolean z, String... strArr) throws Exception {
        AuthorizationResource authorization = getClient(getRealm()).authorization();
        ResourceRepresentation resourceRepresentation = new ResourceRepresentation(str, new String[0]);
        if (str2 != null) {
            resourceRepresentation.setOwner(new ResourceOwnerRepresentation(str2));
        }
        resourceRepresentation.setOwnerManagedAccess(Boolean.valueOf(z));
        resourceRepresentation.addScope(strArr);
        Response create = authorization.resources().create(resourceRepresentation);
        resourceRepresentation.setId(((ResourceRepresentation) create.readEntity(ResourceRepresentation.class)).getId());
        create.close();
        return resourceRepresentation;
    }

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    protected boolean isImportAfterEachMethod() {
        return true;
    }
}
