package org.keycloak.testsuite.admin.client.authorization;

import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.adapters.config.PolicyEnforcerConfig;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.representations.idm.authorization.JSPolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ResourceServerRepresentation;

/* loaded from: input_file:org/keycloak/testsuite/admin/client/authorization/AuthorizationTest.class */
public class AuthorizationTest extends AbstractAuthorizationTest {
    @Test
    public void testEnableAuthorizationServices() {
        ClientResource clientResource = getClientResource();
        ClientRepresentation resourceServer = getResourceServer();
        RealmResource realm = realmsResouce().realm(getRealmId());
        UserRepresentation userRepresentation = (UserRepresentation) realm.users().search("service-account-" + resourceServer.getClientId()).get(0);
        Assert.assertNotNull(userRepresentation);
        Assert.assertTrue(realm.users().get(userRepresentation.getId()).roles().clientLevel(resourceServer.getId()).listEffective().stream().anyMatch(roleRepresentation -> {
            return "uma_protection".equals(roleRepresentation.getName());
        }));
        enableAuthorizationServices(false);
        enableAuthorizationServices(true);
        UserRepresentation serviceAccountUser = clientResource.getServiceAccountUser();
        Assert.assertNotNull(serviceAccountUser);
        RealmResource realm2 = realmsResouce().realm(getRealmId());
        Assert.assertTrue(realm2.users().get(serviceAccountUser.getId()).roles().clientLevel(resourceServer.getId()).listEffective().stream().anyMatch(roleRepresentation2 -> {
            return "uma_protection".equals(roleRepresentation2.getName());
        }));
        JSPolicyRepresentation jSPolicyRepresentation = new JSPolicyRepresentation();
        jSPolicyRepresentation.setName("should be removed");
        jSPolicyRepresentation.setCode("");
        clientResource.authorization().policies().js().create(jSPolicyRepresentation);
        Assert.assertEquals(1L, clientResource.authorization().resources().resources().size());
        Assert.assertEquals(3L, clientResource.authorization().policies().policies().size());
        enableAuthorizationServices(false);
        enableAuthorizationServices(true);
        ResourceServerRepresentation settings = clientResource.authorization().getSettings();
        Assert.assertEquals(PolicyEnforcerConfig.EnforcementMode.ENFORCING.name(), settings.getPolicyEnforcementMode().name());
        Assert.assertTrue(settings.isAllowRemoteResourceManagement());
        Assert.assertEquals(resourceServer.getId(), settings.getClientId());
        Assert.assertEquals(1L, clientResource.authorization().resources().resources().size());
        Assert.assertEquals(2L, clientResource.authorization().policies().policies().size());
        UserRepresentation serviceAccountUser2 = clientResource.getServiceAccountUser();
        Assert.assertNotNull(serviceAccountUser2);
        Assert.assertTrue(realm2.users().get(serviceAccountUser2.getId()).roles().clientLevel(resourceServer.getId()).listEffective().stream().anyMatch(roleRepresentation3 -> {
            return "uma_protection".equals(roleRepresentation3.getName());
        }));
    }

    @Test
    public void testRemoveDefaultResourceWithAdminEventsEnabled() {
        RealmResource testRealmResource = testRealmResource();
        RealmRepresentation representation = testRealmResource.toRepresentation();
        representation.setAdminEventsEnabled(true);
        testRealmResource.update(representation);
        ClientResource clientResource = getClientResource();
        ClientRepresentation resourceServer = getResourceServer();
        ResourceServerRepresentation settings = clientResource.authorization().getSettings();
        Assert.assertEquals(PolicyEnforcerConfig.EnforcementMode.ENFORCING.name(), settings.getPolicyEnforcementMode().name());
        Assert.assertEquals(resourceServer.getId(), settings.getClientId());
        List resources = clientResource.authorization().resources().resources();
        Assert.assertEquals(1L, resources.size());
        clientResource.authorization().resources().resource(((ResourceRepresentation) resources.get(0)).getId()).remove();
        Assert.assertTrue(clientResource.authorization().resources().resources().isEmpty());
    }
}
