package org.keycloak.testsuite.oauth;

import java.util.List;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.ServerURLs;
import org.openqa.selenium.By;

/* loaded from: input_file:org/keycloak/testsuite/oauth/AccessTokenDuplicateEmailsTest.class */
public class AccessTokenDuplicateEmailsTest extends AbstractKeycloakTest {

    @Rule
    public AssertEvents events = new AssertEvents(this);

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void beforeAbstractKeycloakTest() throws Exception {
        super.beforeAbstractKeycloakTest();
    }

    @Before
    public void clientConfiguration() {
        this.oauth.clientId(AssertEvents.DEFAULT_CLIENT_ID);
        this.oauth.realm("test-duplicate-emails");
    }

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        list.add((RealmRepresentation) AbstractAdminTest.loadJson(getClass().getResourceAsStream("/testrealm-duplicate-emails.json"), RealmRepresentation.class));
    }

    @Test
    public void loginFormUsernameLabel() throws Exception {
        this.oauth.openLoginForm();
        this.oauth.redirectUri(ServerURLs.getAuthServerContextRoot() + "/does/not/matter/");
        Assert.assertEquals("Username", this.driver.findElement(By.xpath("//label[@for='username']")).getText());
    }

    @Test
    public void loginWithNonDuplicateEmailUser() throws Exception {
        this.oauth.doLogin("non-duplicate-email-user", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(ApiUtil.findUserByUsername(this.adminClient.realm("test-duplicate-emails"), "non-duplicate-email-user").getId(), verifyToken.getSubject());
        Assert.assertEquals("non-duplicate-email-user@localhost", verifyToken.getEmail());
    }

    @Test
    public void loginWithFirstDuplicateEmailUser() throws Exception {
        this.oauth.doLogin("duplicate-email-user1", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(ApiUtil.findUserByUsername(this.adminClient.realm("test-duplicate-emails"), "duplicate-email-user1").getId(), verifyToken.getSubject());
        Assert.assertEquals("duplicate-email-user@localhost", verifyToken.getEmail());
    }

    @Test
    public void loginWithSecondDuplicateEmailUser() throws Exception {
        this.oauth.doLogin("duplicate-email-user2", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(ApiUtil.findUserByUsername(this.adminClient.realm("test-duplicate-emails"), "duplicate-email-user2").getId(), verifyToken.getSubject());
        Assert.assertEquals("duplicate-email-user@localhost", verifyToken.getEmail());
    }

    @Test
    public void loginWithNonDuplicateEmail() throws Exception {
        this.oauth.doLogin("non-duplicate-email-user@localhost", "password");
        Assert.assertEquals("Invalid username or password.", this.driver.findElement(By.className("kc-feedback-text")).getText());
    }

    @Test
    public void loginWithDuplicateEmail() throws Exception {
        this.oauth.doLogin("duplicate-email-user@localhost", "password");
        Assert.assertEquals("Invalid username or password.", this.driver.findElement(By.className("kc-feedback-text")).getText());
    }
}
