package org.keycloak.testsuite.forms;

import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.util.Map;
import java.util.UUID;
import javax.ws.rs.core.Response;
import org.apache.commons.io.IOUtils;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.common.Profile;
import org.keycloak.events.EventType;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.representations.idm.AuthenticationExecutionRepresentation;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.ExecutionBuilder;
import org.keycloak.testsuite.util.FlowBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;

@EnableFeature(value = Profile.Feature.UPLOAD_SCRIPTS, skipRestart = true)
/* loaded from: input_file:org/keycloak/testsuite/forms/ScriptAuthenticatorTest.class */
public class ScriptAuthenticatorTest extends AbstractFlowTest {

    @Page
    protected LoginPage loginPage;

    @Rule
    public AssertEvents events = new AssertEvents(this);
    private AuthenticationFlowRepresentation flow;
    private static final String userId = UUID.randomUUID().toString();
    private static final String failId = UUID.randomUUID().toString();
    public static final String EXECUTION_ID = "scriptAuth";

    @BeforeClass
    public static void enabled() {
        ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHORIZATION);
    }

    @Override // org.keycloak.testsuite.AbstractTestRealmKeycloakTest
    public void configureTestRealm(RealmRepresentation realmRepresentation) {
        UserRepresentation build = UserBuilder.create().id(failId).username("fail").email("fail@test.com").enabled(true).password("password").build();
        RealmBuilder.edit(realmRepresentation).user(build).user(UserBuilder.create().id(userId).username("user").email("user@test.com").enabled(true).password("password").build());
    }

    @Before
    public void configureFlows() throws Exception {
        if (this.testContext.isInitialized()) {
            return;
        }
        Assert.assertEquals(201L, testRealm().flows().createFlow(FlowBuilder.create().alias("scriptBrowser").description("dummy pass through registration").providerId("basic-flow").topLevel(true).builtIn(false).build()).getStatus());
        RealmRepresentation representation = testRealm().toRepresentation();
        representation.setBrowserFlow("scriptBrowser");
        representation.setDirectGrantFlow("scriptBrowser");
        testRealm().update(representation);
        this.flow = findFlowByAlias("scriptBrowser");
        AuthenticationExecutionRepresentation build = ExecutionBuilder.create().id("username password form").parentFlow(this.flow.getId()).requirement(AuthenticationExecutionModel.Requirement.REQUIRED.name()).authenticator("auth-username-password-form").build();
        AuthenticationExecutionRepresentation build2 = ExecutionBuilder.create().id("scriptAuth").parentFlow(this.flow.getId()).requirement(AuthenticationExecutionModel.Requirement.REQUIRED.name()).authenticator("auth-script-based").build();
        Response addExecution = testRealm().flows().addExecution(build);
        Assert.assertEquals(201L, addExecution.getStatus());
        addExecution.close();
        Response addExecution2 = testRealm().flows().addExecution(build2);
        Assert.assertEquals(201L, addExecution2.getStatus());
        addExecution2.close();
        this.testContext.setInitialized(true);
    }

    @Test
    public void loginShouldWorkWithScriptAuthenticator() {
        addConfigFromFile("/scripts/authenticator-example.js");
        this.loginPage.open();
        this.loginPage.login("user", "password");
        this.events.expectLogin().user(userId).detail("username", "user").assertEvent();
    }

    @Test
    public void loginShouldFailWithScriptAuthenticator() {
        addConfigFromFile("/scripts/authenticator-example.js");
        this.loginPage.open();
        this.loginPage.login("fail", "password");
        this.events.expect(EventType.LOGIN_ERROR).user((String) null).error("user_not_found").assertEvent();
    }

    @Test
    public void scriptWithClientSession() {
        addConfigFromFile("/scripts/client-session-test.js", ImmutableMap.of("realm", "test", "clientId", AssertEvents.DEFAULT_CLIENT_ID, "authMethod", "openid-connect"));
        this.loginPage.open();
        this.loginPage.login("user", "password");
        this.events.expectLogin().user(userId).detail("username", "user").assertEvent();
    }

    private void addConfigFromFile(String str) {
        addConfigFromFile(str, null);
    }

    private void addConfigFromFile(String str, Map<String, String> map) {
        testRealm().flows().newExecutionConfig("scriptAuth", createScriptAuthConfig("scriptAuth", str.substring(str.lastIndexOf("/") + 1), loadFile(str, map), "script based authenticator")).close();
        Assert.assertEquals(201L, r0.getStatus());
    }

    private String loadFile(String str, Map<String, String> map) {
        try {
            String iOUtils = IOUtils.toString(getClass().getResourceAsStream(str));
            if (map != null) {
                for (Map.Entry<String, String> entry : map.entrySet()) {
                    iOUtils = iOUtils.replaceAll("\\$\\{" + entry.getKey() + "}", entry.getValue());
                }
            }
            return iOUtils;
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private AuthenticatorConfigRepresentation createScriptAuthConfig(String str, String str2, String str3, String str4) {
        AuthenticatorConfigRepresentation authenticatorConfigRepresentation = new AuthenticatorConfigRepresentation();
        authenticatorConfigRepresentation.setAlias(str);
        authenticatorConfigRepresentation.getConfig().put("scriptCode", str3);
        authenticatorConfigRepresentation.getConfig().put("scriptName", str2);
        authenticatorConfigRepresentation.getConfig().put("scriptDescription", str4);
        return authenticatorConfigRepresentation;
    }
}
