package org.keycloak.testsuite.x509;

import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.util.PhantomJSBrowser;
import org.openqa.selenium.WebDriver;

/* loaded from: input_file:org/keycloak/testsuite/x509/X509BrowserLoginIssuerDnTest.class */
public class X509BrowserLoginIssuerDnTest extends AbstractX509AuthenticationTest {

    @Drone
    @PhantomJSBrowser
    private WebDriver phantomJS;

    @Before
    public void replaceTheDefaultDriver() {
        replaceDefaultWebDriver(this.phantomJS);
    }

    @BeforeClass
    public static void checkAssumption() {
        try {
            CertificateFactory.getInstance("X.509", "SUN");
        } catch (NoSuchProviderException | CertificateException e) {
            Assume.assumeNoException("Test assumes the SUN security provider", e);
        }
    }

    @BeforeClass
    public static void onBeforeTestClass() {
        configurePhantomJS("/ca.crt", "/certs/clients/test-user-san@localhost.cert.pem", "/certs/clients/test-user@localhost.key.pem", "password");
    }

    private String setup(boolean z) throws Exception {
        String str = z ? "1.2.840.113549.1.9.1=#1614636f6e74616374406b6579636c6f616b2e6f7267,cn=keycloak intermediate ca,ou=keycloak,o=red hat,st=ma,c=us" : "EMAILADDRESS=contact@keycloak.org, CN=Keycloak Intermediate CA, OU=Keycloak, O=Red Hat, ST=MA, C=US";
        UserRepresentation findUser = findUser(AssertEvents.DEFAULT_USERNAME);
        findUser.singleAttribute("x509_certificate_identity", str);
        updateUser(findUser);
        return str;
    }

    @Test
    public void loginAsUserFromCertIssuerDnCanonical() throws Exception {
        x509BrowserLogin(createLoginIssuerDNToCustomAttributeConfig(true), this.userId, AssertEvents.DEFAULT_USERNAME, setup(true));
    }

    @Test
    public void loginAsUserFromCertIssuerDnNonCanonical() throws Exception {
        x509BrowserLogin(createLoginIssuerDNToCustomAttributeConfig(false), this.userId, AssertEvents.DEFAULT_USERNAME, setup(false));
    }
}
