package org.keycloak.testsuite.broker;

import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.oauth.BackchannelLogoutTest;

/* loaded from: input_file:org/keycloak/testsuite/broker/KcOidcBrokerWithConsentTest.class */
public class KcOidcBrokerWithConsentTest extends AbstractInitializedBaseBrokerTest {
    @Override // org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    protected BrokerConfiguration getBrokerConfiguration() {
        return KcOidcBrokerConfiguration.INSTANCE;
    }

    @Override // org.keycloak.testsuite.broker.AbstractInitializedBaseBrokerTest, org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    public void beforeBrokerTest() {
        super.beforeBrokerTest();
        RealmResource realm = this.adminClient.realm(this.bc.providerRealmName());
        List findByClientId = realm.clients().findByClientId(BackchannelLogoutTest.BROKER_CLIENT_ID);
        Assert.assertEquals(1L, findByClientId.size());
        ClientRepresentation clientRepresentation = (ClientRepresentation) findByClientId.get(0);
        clientRepresentation.setConsentRequired(true);
        realm.clients().get(clientRepresentation.getId()).update(clientRepresentation);
        RealmResource realm2 = this.adminClient.realm(this.bc.consumerRealmName());
        RealmRepresentation representation = realm2.toRepresentation();
        representation.setAccessCodeLifespanLogin(30);
        representation.setAccessCodeLifespan(30);
        representation.setAccessCodeLifespanUserAction(30);
        realm2.update(representation);
    }

    @Test
    public void testConsentDeniedWithExpiredClientSession() {
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        this.log.debug("Clicking social " + this.bc.getIDPAlias());
        this.loginPage.clickSocial(this.bc.getIDPAlias());
        BrokerTestTools.waitForPage(this.driver, "sign in to", true);
        this.log.debug("Logging in");
        this.loginPage.login(this.bc.getUserLogin(), this.bc.getUserPassword());
        invokeTimeOffset(60);
        try {
            this.grantPage.assertCurrent();
            this.grantPage.cancel();
            Assert.assertEquals("Your login attempt timed out. Login will start from the beginning.", this.loginPage.getError());
        } finally {
            invokeTimeOffset(0);
        }
    }

    @Test
    public void testConsentDeniedWithExpiredAndClearedClientSession() {
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        logInWithBroker(this.bc);
        invokeTimeOffset(60);
        try {
            this.testingClient.server(this.bc.providerRealmName()).run(BrokerRunOnServerUtil.removeBrokerExpiredSessions());
            this.grantPage.assertCurrent();
            this.grantPage.cancel();
            Assert.assertEquals("Your login attempt timed out. Login will start from the beginning.", this.loginPage.getError());
        } finally {
            invokeTimeOffset(0);
        }
    }

    @Test
    public void testAccountManagementLinkingAndExpiredClientSession() {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        createUser(this.bc.consumerRealmName(), "consumer", "password", "FirstName", "LastName", "consumer@localhost.com");
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        this.loginPage.login("consumer", "password");
        this.accountPage.federatedIdentity();
        this.accountFederatedIdentityPage.clickAddProvider(this.bc.getIDPAlias());
        this.loginPage.login(this.bc.getUserLogin(), this.bc.getUserPassword());
        invokeTimeOffset(60);
        try {
            this.grantPage.assertCurrent();
            this.grantPage.cancel();
            this.accountFederatedIdentityPage.assertCurrent();
            Assert.assertEquals("The page expired. Please try one more time.", this.accountFederatedIdentityPage.getError());
            this.accountFederatedIdentityPage.clickAddProvider(this.bc.getIDPAlias());
            this.loginPage.login(this.bc.getUserLogin(), this.bc.getUserPassword());
            invokeTimeOffset(120);
            this.grantPage.assertCurrent();
            this.grantPage.accept();
            this.accountFederatedIdentityPage.assertCurrent();
            Assert.assertEquals("The page expired. Please try one more time.", this.accountFederatedIdentityPage.getError());
        } finally {
            invokeTimeOffset(0);
        }
    }

    @Test
    public void testLoginCancelConsent() {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        logInWithBroker(this.bc);
        this.grantPage.assertCurrent();
        this.grantPage.cancel();
        Assert.assertEquals("Sign in to " + this.bc.consumerRealmName(), this.driver.getTitle());
    }

    @Test
    public void testAccountManagementLinkingCancelConsent() throws Exception {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        createUser(this.bc.consumerRealmName(), "consumer", "password", "FirstName", "LastName", "consumer@localhost.com");
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        this.loginPage.login("consumer", "password");
        this.accountPage.federatedIdentity();
        this.accountFederatedIdentityPage.clickAddProvider(this.bc.getIDPAlias());
        this.loginPage.login(this.bc.getUserLogin(), this.bc.getUserPassword());
        this.grantPage.assertCurrent();
        this.grantPage.cancel();
        this.accountFederatedIdentityPage.assertCurrent();
        Assert.assertEquals("Consent denied.", this.accountFederatedIdentityPage.getError());
    }
}
