package org.keycloak.testsuite.keys;

import java.util.Iterator;
import java.util.List;
import javax.ws.rs.core.Response;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.MultivaluedHashMap;
import org.keycloak.keys.KeyProvider;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.ErrorRepresentation;
import org.keycloak.representations.idm.KeysMetadataRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.runonserver.RunHelpers;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.REMOTE})
/* loaded from: input_file:org/keycloak/testsuite/keys/GeneratedHmacKeyProviderTest.class */
public class GeneratedHmacKeyProviderTest extends AbstractKeycloakTest {

    @Rule
    public AssertEvents events = new AssertEvents(this);

    @Page
    protected AppPage appPage;

    @Page
    protected LoginPage loginPage;

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        list.add((RealmRepresentation) AbstractAdminTest.loadJson(getClass().getResourceAsStream("/testrealm.json"), RealmRepresentation.class));
    }

    @Test
    public void defaultKeysize() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "hmac-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        add.close();
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        Assert.assertEquals(1L, representation.getConfig().size());
        Assert.assertEquals(Long.toString(currentTimeMillis), representation.getConfig().getFirst("priority"));
        KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation = null;
        Iterator it = this.adminClient.realm("test").keys().getKeyMetadata().getKeys().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation2 = (KeysMetadataRepresentation.KeyMetadataRepresentation) it.next();
            if (keyMetadataRepresentation2.getAlgorithm().equals("HS256")) {
                keyMetadataRepresentation = keyMetadataRepresentation2;
                break;
            }
        }
        Assert.assertEquals(createdId, keyMetadataRepresentation.getProviderId());
        Assert.assertEquals("OCT", keyMetadataRepresentation.getType());
        Assert.assertEquals(currentTimeMillis, keyMetadataRepresentation.getProviderPriority());
        Assert.assertEquals(64L, Base64Url.decode((String) ((ComponentRepresentation) this.testingClient.server("test").fetch(RunHelpers.internalComponent(createdId))).getConfig().getFirst("secret")).length);
    }

    @Test
    public void largeKeysize() {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "hmac-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        createRep.getConfig().putSingle("secretSize", "512");
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        add.close();
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        Assert.assertEquals(2L, representation.getConfig().size());
        Assert.assertEquals("512", representation.getConfig().getFirst("secretSize"));
        KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation = null;
        Iterator it = this.adminClient.realm("test").keys().getKeyMetadata().getKeys().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation2 = (KeysMetadataRepresentation.KeyMetadataRepresentation) it.next();
            if (keyMetadataRepresentation2.getAlgorithm().equals("HS256")) {
                keyMetadataRepresentation = keyMetadataRepresentation2;
                break;
            }
        }
        Assert.assertEquals(createdId, keyMetadataRepresentation.getProviderId());
        Assert.assertEquals("OCT", keyMetadataRepresentation.getType());
        Assert.assertEquals(currentTimeMillis, keyMetadataRepresentation.getProviderPriority());
        Assert.assertEquals(512L, Base64Url.decode((String) ((ComponentRepresentation) this.testingClient.server("test").fetch(RunHelpers.internalComponent(createdId))).getConfig().getFirst("secret")).length);
    }

    @Test
    public void updateKeysize() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        ComponentRepresentation createRep = createRep("valid", "hmac-generated");
        createRep.setConfig(new MultivaluedHashMap());
        createRep.getConfig().putSingle("priority", Long.toString(currentTimeMillis));
        Response add = this.adminClient.realm("test").components().add(createRep);
        String createdId = ApiUtil.getCreatedId(add);
        add.close();
        Assert.assertEquals(64L, Base64Url.decode((String) ((ComponentRepresentation) this.testingClient.server("test").fetch(RunHelpers.internalComponent(createdId))).getConfig().getFirst("secret")).length);
        ComponentRepresentation representation = this.adminClient.realm("test").components().component(createdId).toRepresentation();
        representation.getConfig().putSingle("secretSize", "512");
        this.adminClient.realm("test").components().component(createdId).update(representation);
        Assert.assertEquals(512L, Base64Url.decode((String) ((ComponentRepresentation) this.testingClient.server("test").fetch(RunHelpers.internalComponent(createdId))).getConfig().getFirst("secret")).length);
    }

    @Test
    public void invalidKeysize() throws Exception {
        ComponentRepresentation createRep = createRep("invalid", "hmac-generated");
        createRep.getConfig().putSingle("secretSize", "1234");
        assertErrror(this.adminClient.realm("test").components().add(createRep), "'Secret size' should be 16, 24, 32, 64, 128, 256 or 512");
    }

    protected void assertErrror(Response response, String str) {
        if (!response.hasEntity()) {
            Assert.fail("No error message set");
        }
        Assert.assertEquals(str, ((ErrorRepresentation) response.readEntity(ErrorRepresentation.class)).getErrorMessage());
    }

    protected ComponentRepresentation createRep(String str, String str2) {
        ComponentRepresentation componentRepresentation = new ComponentRepresentation();
        componentRepresentation.setName(str);
        componentRepresentation.setParentId("test");
        componentRepresentation.setProviderId(str2);
        componentRepresentation.setProviderType(KeyProvider.class.getName());
        componentRepresentation.setConfig(new MultivaluedHashMap());
        return componentRepresentation;
    }
}
