package org.keycloak.testsuite.adapter.servlet;

import java.io.IOException;
import java.lang.invoke.SerializedLambda;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import javax.ws.rs.core.Response;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientScopeModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.testsuite.adapter.AbstractServletsAdapterTest;
import org.keycloak.testsuite.adapter.page.ProductPortal;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainers;
import org.keycloak.testsuite.auth.page.login.PageWithLoginUrl;
import org.keycloak.testsuite.pages.ConsentPage;
import org.keycloak.testsuite.saml.AbstractSamlTest;
import org.keycloak.testsuite.util.URLAssert;
import org.keycloak.testsuite.util.WaitUtils;

@AppServerContainers({@AppServerContainer("app-server-undertow"), @AppServerContainer("app-server-wildfly"), @AppServerContainer("app-server-wildfly-deprecated"), @AppServerContainer("app-server-eap"), @AppServerContainer("app-server-eap6"), @AppServerContainer("app-server-eap71")})
/* loaded from: input_file:org/keycloak/testsuite/adapter/servlet/UserStorageConsentTest.class */
public class UserStorageConsentTest extends AbstractServletsAdapterTest {

    @Page
    private ProductPortal productPortal;

    @Page
    protected ConsentPage consentPage;

    @Deployment(name = "product-portal")
    protected static WebArchive productPortal() {
        return servletDeployment("product-portal", ProductServlet.class);
    }

    @Before
    public void addProvidersBeforeTest() throws URISyntaxException, IOException {
        ComponentRepresentation componentRepresentation = new ComponentRepresentation();
        componentRepresentation.setName("memory");
        componentRepresentation.setProviderId("user-password-map-arq");
        componentRepresentation.setProviderType(UserStorageProvider.class.getName());
        componentRepresentation.setConfig(new MultivaluedHashMap());
        componentRepresentation.getConfig().putSingle("priority", Integer.toString(0));
        componentRepresentation.getConfig().putSingle("importEnabled", Boolean.toString(false));
        addComponent(componentRepresentation);
    }

    protected String addComponent(ComponentRepresentation componentRepresentation) {
        Response add = testRealmResource().components().add(componentRepresentation);
        add.close();
        String createdId = ApiUtil.getCreatedId(add);
        getCleanup().addComponentId(createdId);
        return createdId;
    }

    public static void setupConsent(KeycloakSession keycloakSession) {
        RealmModel realmByName = keycloakSession.realms().getRealmByName(AbstractSamlTest.REALM_NAME);
        ClientModel clientByClientId = keycloakSession.clients().getClientByClientId(realmByName, "product-portal");
        clientByClientId.setConsentRequired(true);
        ClientScopeModel addClientScope = realmByName.addClientScope("clientScope");
        addClientScope.setProtocol("openid-connect");
        System.err.println("client scope protocol mappers size: " + addClientScope.getProtocolMappersStream().count());
        for (ProtocolMapperModel protocolMapperModel : (List) clientByClientId.getProtocolMappersStream().collect(Collectors.toList())) {
            if (protocolMapperModel.getProtocol().equals("openid-connect") && (protocolMapperModel.getName().equals("username") || protocolMapperModel.getName().equals("email") || protocolMapperModel.getName().equals("given name"))) {
                ProtocolMapperModel protocolMapperModel2 = new ProtocolMapperModel();
                protocolMapperModel2.setName(protocolMapperModel.getName());
                protocolMapperModel2.setProtocol(protocolMapperModel.getProtocol());
                HashMap hashMap = new HashMap();
                hashMap.putAll(protocolMapperModel.getConfig());
                protocolMapperModel2.setConfig(hashMap);
                protocolMapperModel2.setProtocolMapper(protocolMapperModel.getProtocolMapper());
                addClientScope.addProtocolMapper(protocolMapperModel2);
            }
            clientByClientId.removeProtocolMapper(protocolMapperModel);
        }
        clientByClientId.addClientScope(addClientScope, true);
    }

    public static void setupDisplayClientOnConsentScreen(KeycloakSession keycloakSession) {
        keycloakSession.clients().getClientByClientId(keycloakSession.realms().getRealmByName(AbstractSamlTest.REALM_NAME), "product-portal").setDisplayOnConsentScreen(true);
    }

    @Test
    public void testLogin() throws Exception {
        assertLogin();
    }

    @Test
    public void testLoginDisplayClientOnConsentScreen() throws Exception {
        this.testingClient.server().run(UserStorageConsentTest::setupDisplayClientOnConsentScreen);
        assertLogin();
    }

    private void assertLogin() throws InterruptedException {
        this.testingClient.server().run(UserStorageConsentTest::setupConsent);
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("memuser");
        String createUserAndResetPasswordWithAdminClient = ApiUtil.createUserAndResetPasswordWithAdminClient(testRealmResource(), userRepresentation, "password");
        System.out.println("uid: " + createUserAndResetPasswordWithAdminClient);
        Assert.assertTrue(createUserAndResetPasswordWithAdminClient.startsWith("f:"));
        RoleRepresentation representation = this.adminClient.realm(AbstractSamlTest.REALM_NAME).roles().get("user").toRepresentation();
        ArrayList arrayList = new ArrayList();
        arrayList.add(representation);
        this.adminClient.realm(AbstractSamlTest.REALM_NAME).users().get(createUserAndResetPasswordWithAdminClient).roles().realmLevel().add(arrayList);
        this.productPortal.navigateTo();
        URLAssert.assertCurrentUrlStartsWithLoginUrlOf((PageWithLoginUrl) this.testRealmPage);
        this.testRealmLoginPage.form().login("memuser", "password");
        Assert.assertTrue(this.consentPage.isCurrent());
        this.consentPage.confirm();
        URLAssert.assertCurrentUrlEquals(this.productPortal.toString());
        Assert.assertTrue(this.driver.getPageSource().contains("iPhone"));
        String uri = OIDCLoginProtocolService.logoutUrl(this.authServerPage.createUriBuilder()).queryParam("redirect_uri", new Object[]{this.productPortal.toString()}).build(new Object[]{AbstractSamlTest.REALM_NAME}).toString();
        this.driver.navigate().to(uri);
        WaitUtils.waitForPageToLoad();
        URLAssert.assertCurrentUrlStartsWithLoginUrlOf((PageWithLoginUrl) this.testRealmPage);
        this.productPortal.navigateTo();
        URLAssert.assertCurrentUrlStartsWithLoginUrlOf((PageWithLoginUrl) this.testRealmPage);
        this.testRealmLoginPage.form().login("memuser", "password");
        URLAssert.assertCurrentUrlEquals(this.productPortal.toString());
        Assert.assertTrue(this.driver.getPageSource().contains("iPhone"));
        this.driver.navigate().to(uri);
        this.adminClient.realm(AbstractSamlTest.REALM_NAME).users().delete(createUserAndResetPasswordWithAdminClient).close();
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1240938787:
                if (implMethodName.equals("setupConsent")) {
                    z = true;
                    break;
                }
                break;
            case -12177481:
                if (implMethodName.equals("setupDisplayClientOnConsentScreen")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/adapter/servlet/UserStorageConsentTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return UserStorageConsentTest::setupDisplayClientOnConsentScreen;
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/adapter/servlet/UserStorageConsentTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return UserStorageConsentTest::setupConsent;
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
