package org.keycloak.testsuite.adapter.servlet;

import java.net.URL;
import java.util.List;
import javax.ws.rs.core.UriBuilder;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.adapter.page.MultiTenant;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainers;
import org.keycloak.testsuite.util.URLAssert;
import org.keycloak.testsuite.util.WaitUtils;
import org.keycloak.testsuite.utils.io.IOUtil;

@AppServerContainers({@AppServerContainer("app-server-undertow"), @AppServerContainer("app-server-wildfly"), @AppServerContainer("app-server-wildfly-deprecated"), @AppServerContainer("app-server-eap"), @AppServerContainer("app-server-eap6"), @AppServerContainer("app-server-eap71")})
/* loaded from: input_file:org/keycloak/testsuite/adapter/servlet/MultiTenancyTest.class */
public class MultiTenancyTest extends AbstractServletsAdapterTest {

    @Page
    private MultiTenant tenantPage;

    @Override // org.keycloak.testsuite.adapter.AbstractServletsAdapterTest, org.keycloak.testsuite.adapter.AbstractAdapterTest
    public void addAdapterTestRealms(List<RealmRepresentation> list) {
        list.add(IOUtil.loadRealm("/adapter-test/tenant1-realm.json"));
        list.add(IOUtil.loadRealm("/adapter-test/tenant2-realm.json"));
    }

    @Override // org.keycloak.testsuite.adapter.AbstractAdapterTest, org.keycloak.testsuite.AbstractKeycloakTest
    protected boolean isImportAfterEachMethod() {
        return false;
    }

    @Deployment(name = "multi-tenant")
    protected static WebArchive multiTenant() {
        return servletDeploymentMultiTenant("multi-tenant", MultiTenantServlet.class, ErrorServlet.class, MultiTenantResolver.class);
    }

    @After
    public void afterTest() {
        this.driver.manage().deleteAllCookies();
    }

    @Test
    public void testTenantsLoggingOut() {
        doTenantRequests("tenant1", true);
        doTenantRequests("tenant2", true);
    }

    @Test
    public void testTenantsWithoutLoggingOut() {
        doTenantRequests("tenant1", true);
        doTenantRequests("tenant2", true);
        doTenantRequests("tenant1", false);
        doTenantRequests("tenant2", true);
        logout("tenant1");
    }

    @Test
    public void testUnauthorizedAccessNotLoggedIn() {
        String authServer = this.authServerPage.toString();
        this.driver.navigate().to(this.tenantPage.getTenantRealmUrl("tenant1"));
        WaitUtils.waitForPageToLoad();
        URLAssert.assertCurrentUrlStartsWith(authServer);
        this.testRealmLoginPage.form().login("user-tenant2", "user-tenant2");
        URLAssert.assertCurrentUrlStartsWith(authServer);
    }

    @Test
    public void testUnauthorizedAccessLoggedIn() {
        doTenantRequests("tenant1", false);
        this.driver.navigate().to(this.tenantPage.getTenantRealmUrl("tenant2"));
        URLAssert.assertCurrentUrlStartsWith(this.authServerPage.toString());
        logout("tenant1");
    }

    private void doTenantRequests(String str, boolean z) {
        String uri = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(this.authServerPage.getAuthRoot())).build(new Object[]{str}).toString();
        URL tenantRealmUrl = this.tenantPage.getTenantRealmUrl(str);
        this.driver.navigate().to(tenantRealmUrl);
        URLAssert.assertCurrentUrlStartsWith(uri);
        this.testRealmLoginPage.form().login("bburke@redhat.com", "password");
        this.log.debug("Current url: " + this.driver.getCurrentUrl());
        URLAssert.assertCurrentUrlStartsWith(tenantRealmUrl.toString());
        String pageSource = this.driver.getPageSource();
        this.log.debug(pageSource);
        Assert.assertTrue(pageSource.contains("Username: bburke@redhat.com"));
        Assert.assertTrue(pageSource.contains("Realm: " + str));
        if (z) {
            this.driver.navigate().to(tenantRealmUrl + "/logout");
            Assert.assertFalse(this.driver.getPageSource().contains("Username: bburke@redhat.com"));
            Assert.assertTrue(this.driver.getCurrentUrl().startsWith(uri));
        }
        this.log.debug("---------------------------------------------------------------------------------------");
    }

    private void logout(String str) {
        String uri = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(this.authServerPage.getAuthRoot())).build(new Object[]{str}).toString();
        this.driver.navigate().to(this.tenantPage.getTenantRealmUrl(str) + "/logout");
        Assert.assertFalse(this.driver.getPageSource().contains("Username: bburke@redhat.com"));
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith(uri));
    }
}
