package org.keycloak.testsuite.broker;

import java.lang.invoke.SerializedLambda;
import java.util.List;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.common.Profile;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.pages.AccountFederatedIdentityPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.UpdateAccountInformationPage;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.REMOTE})
@DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
/* loaded from: input_file:org/keycloak/testsuite/broker/AccountLinkTest.class */
public class AccountLinkTest extends AbstractKeycloakTest {
    public static final String CHILD_IDP = "child";
    public static final String PARENT_IDP = "parent-idp";
    public static final String PARENT_USERNAME = "parent";

    @Page
    protected AccountFederatedIdentityPage accountFederatedIdentityPage;

    @Page
    protected UpdateAccountInformationPage profilePage;

    @Page
    protected LoginPage loginPage;

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("child");
        realmRepresentation.setEnabled(true);
        list.add(realmRepresentation);
        RealmRepresentation realmRepresentation2 = new RealmRepresentation();
        realmRepresentation2.setRealm("parent-idp");
        realmRepresentation2.setEnabled(true);
        list.add(realmRepresentation2);
    }

    @Before
    public void beforeBrokerTest() {
        if (this.testContext.isInitialized()) {
            return;
        }
        RealmResource realm = this.adminClient.realms().realm("parent-idp");
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("parent");
        userRepresentation.setEnabled(true);
        ApiUtil.createUserAndResetPasswordWithAdminClient(realm, userRepresentation, "password");
        RealmResource realm2 = this.adminClient.realms().realm("child");
        UserRepresentation userRepresentation2 = new UserRepresentation();
        userRepresentation2.setUsername("child");
        userRepresentation2.setEnabled(true);
        ApiUtil.createUserAndResetPasswordWithAdminClient(realm2, userRepresentation2, "password");
        ComponentRepresentation componentRepresentation = new ComponentRepresentation();
        componentRepresentation.setName("passthrough");
        componentRepresentation.setProviderId("pass-through-federated");
        componentRepresentation.setProviderType(UserStorageProvider.class.getName());
        componentRepresentation.setConfig(new MultivaluedHashMap());
        componentRepresentation.getConfig().putSingle("priority", Integer.toString(1));
        realm2.components().add(componentRepresentation);
        createParentChild();
        this.testContext.setInitialized(true);
    }

    public void createParentChild() {
        BrokerTestTools.createKcOidcBroker(this.adminClient, "child", "parent-idp");
    }

    @Test
    public void testAccountLink() {
        testAccountLink("child", "password", "child");
    }

    @Test
    public void testAccountLinkWithUserStorageProvider() {
        testAccountLink("passthrough", "secret", "child");
    }

    @Test
    public void testDeleteIdentityOnProviderRemoval() {
        assertFederatedIdentity("child", "password", "child");
        RealmResource realm = this.adminClient.realm("child");
        UsersResource users = realm.users();
        List search = users.search("child");
        Assert.assertFalse(search.isEmpty());
        String id = ((UserRepresentation) search.get(0)).getId();
        Assert.assertFalse(users.get(id).getFederatedIdentity().isEmpty());
        realm.identityProviders().get("parent-idp").remove();
        Assert.assertTrue(users.get(id).getFederatedIdentity().isEmpty());
        getTestingClient().server("child").run(AccountLinkTest::checkEmptyFederatedIdentities);
    }

    private static void checkEmptyFederatedIdentities(KeycloakSession keycloakSession) {
        RealmModel realm = keycloakSession.getContext().getRealm();
        UserModel userByUsername = keycloakSession.users().getUserByUsername(realm, "child");
        Assert.assertEquals(0L, keycloakSession.users().getFederatedIdentitiesStream(realm, userByUsername).count());
        Assert.assertNull(keycloakSession.users().getFederatedIdentity(realm, userByUsername, "parent-idp"));
    }

    protected void testAccountLink(String str, String str2, String str3) {
        assertFederatedIdentity(str, str2, str3);
        assertRemoveFederatedIdentity();
    }

    private void assertFederatedIdentity(String str, String str2, String str3) {
        this.accountFederatedIdentityPage.realm(str3);
        this.accountFederatedIdentityPage.open();
        this.loginPage.isCurrent();
        this.loginPage.login(str, str2);
        Assert.assertTrue(this.accountFederatedIdentityPage.isCurrent());
        this.accountFederatedIdentityPage.clickAddProvider("parent-idp");
        this.loginPage.isCurrent();
        this.loginPage.login("parent", "password");
        Assert.assertTrue(this.accountFederatedIdentityPage.isCurrent());
        Assert.assertTrue(this.driver.getPageSource().contains("id=\"remove-link-parent-idp\""));
        this.accountFederatedIdentityPage.logout();
        this.loginPage.isCurrent();
        this.loginPage.clickSocial("parent-idp");
        this.loginPage.login("parent", "password");
        System.out.println(this.driver.getCurrentUrl());
        System.out.println("--------------------------------");
        System.out.println(this.driver.getPageSource());
        Assert.assertTrue(this.accountFederatedIdentityPage.isCurrent());
        Assert.assertTrue(this.driver.getPageSource().contains("id=\"remove-link-parent-idp\""));
    }

    private void assertRemoveFederatedIdentity() {
        this.accountFederatedIdentityPage.clickRemoveProvider("parent-idp");
        Assert.assertTrue(this.driver.getPageSource().contains("id=\"add-link-parent-idp\""));
        this.accountFederatedIdentityPage.logout();
        this.loginPage.clickSocial("parent-idp");
        this.loginPage.login("parent", "password");
        this.profilePage.assertCurrent();
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 836180379:
                if (implMethodName.equals("checkEmptyFederatedIdentities")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/broker/AccountLinkTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return AccountLinkTest::checkEmptyFederatedIdentities;
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
