package org.keycloak.testsuite.broker;

import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.util.OAuthClient;

/* loaded from: input_file:org/keycloak/testsuite/broker/KcOidcBrokerLogoutTest.class */
public class KcOidcBrokerLogoutTest extends AbstractBaseBrokerTest {

    @Rule
    public AssertEvents events = new AssertEvents(this);

    @Override // org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    protected BrokerConfiguration getBrokerConfiguration() {
        return KcOidcBrokerConfiguration.INSTANCE;
    }

    @Before
    public void createUser() {
        this.log.debug("creating user for realm " + this.bc.providerRealmName());
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername(this.bc.getUserLogin());
        userRepresentation.setEmail(this.bc.getUserEmail());
        userRepresentation.setEmailVerified(true);
        userRepresentation.setEnabled(true);
        RealmResource realm = this.adminClient.realm(this.bc.providerRealmName());
        ApiUtil.resetUserPassword(realm.users().get(ApiUtil.createUserWithAdminClient(realm, userRepresentation)), this.bc.getUserPassword(), false);
    }

    @Before
    public void addIdentityProviderToProviderRealm() {
        this.log.debug("adding identity provider to realm " + this.bc.consumerRealmName());
        this.adminClient.realm(this.bc.consumerRealmName()).identityProviders().create(this.bc.setUpIdentityProvider()).close();
    }

    @Before
    public void addClients() {
        addClientsToProviderAndConsumer();
    }

    @Test
    public void logoutWithoutInitiatingIdpLogsOutOfIdp() {
        logInAsUserInIDPForFirstTime();
        assertLoggedInAccountManagement();
        logoutFromRealm(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName());
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getProviderRoot(), "provider"));
        BrokerTestTools.waitForPage(this.driver, "sign in to provider", true);
    }

    @Test
    public void logoutWithActualIdpAsInitiatingIdpDoesNotLogOutOfIdp() {
        logInAsUserInIDPForFirstTime();
        assertLoggedInAccountManagement();
        logoutFromRealm(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName(), "kc-oidc-idp");
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getProviderRoot(), "provider"));
        waitForAccountManagementTitle();
    }

    @Test
    public void logoutWithOtherIdpAsInitiatinIdpLogsOutOfIdp() {
        logInAsUserInIDPForFirstTime();
        assertLoggedInAccountManagement();
        logoutFromRealm(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName(), "something-else");
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getProviderRoot(), "provider"));
        BrokerTestTools.waitForPage(this.driver, "sign in to provider", true);
    }

    @Test
    public void logoutAfterBrowserRestart() {
        this.driver.navigate().to(getLoginUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName(), "broker-app"));
        logInWithBroker(this.bc);
        updateAccountInformation();
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.realm(this.bc.consumerRealmName()).clientId("broker-app").redirectUri(BrokerTestTools.getConsumerRoot() + "/auth/realms/consumer/app").doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "broker-app-secret");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        String idToken = doAccessTokenRequest.getIdToken();
        this.log.debugf("Deleting %s and %s cookies", "KEYCLOAK_IDENTITY", "KEYCLOAK_IDENTITY_LEGACY");
        this.driver.manage().deleteCookieNamed("KEYCLOAK_IDENTITY");
        this.driver.manage().deleteCookieNamed("KEYCLOAK_IDENTITY_LEGACY");
        logoutFromRealm(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName(), null, idToken);
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getProviderRoot(), "provider"));
        BrokerTestTools.waitForPage(this.driver, "sign in to provider", true);
    }
}
