package org.keycloak.testsuite.broker;

import java.util.ArrayList;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.jose.jws.JWSInput;
import org.keycloak.jose.jws.JWSInputException;
import org.keycloak.representations.IDToken;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.testsuite.util.ClientBuilder;

/* loaded from: input_file:org/keycloak/testsuite/broker/KcOidcBrokerNonceParameterTest.class */
public class KcOidcBrokerNonceParameterTest extends AbstractBrokerTest {
    @Override // org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    protected BrokerConfiguration getBrokerConfiguration() {
        return new KcOidcBrokerConfiguration() { // from class: org.keycloak.testsuite.broker.KcOidcBrokerNonceParameterTest.1
            @Override // org.keycloak.testsuite.broker.KcOidcBrokerConfiguration, org.keycloak.testsuite.broker.BrokerConfiguration
            public List<ClientRepresentation> createConsumerClients() {
                ArrayList arrayList = new ArrayList(super.createConsumerClients());
                arrayList.add(ClientBuilder.create().clientId("consumer-client").publicClient().redirectUris(BrokerTestTools.getConsumerRoot() + "/auth/realms/master/app/auth/*").publicClient().build());
                return arrayList;
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.testsuite.broker.AbstractBrokerTest
    public void loginUser() {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        this.oauth.realm(this.bc.consumerRealmName());
        this.oauth.clientId("consumer-client");
        this.oauth.nonce("123456");
        Assert.assertEquals("123456", toIdToken(this.oauth.doAccessTokenRequest(this.oauth.doLoginSocial(this.bc.getIDPAlias(), this.bc.getUserLogin(), this.bc.getUserPassword()).getCode(), (String) null).getIdToken()).getNonce());
    }

    @Test
    public void testNonceNotSet() {
        updateExecutions(AbstractBrokerTest::disableUpdateProfileOnFirstLogin);
        this.oauth.realm(this.bc.consumerRealmName());
        this.oauth.clientId("consumer-client");
        this.oauth.nonce((String) null);
        Assert.assertNull(toIdToken(this.oauth.doAccessTokenRequest(this.oauth.doLoginSocial(this.bc.getIDPAlias(), this.bc.getUserLogin(), this.bc.getUserPassword()).getCode(), (String) null).getIdToken()).getNonce());
    }

    protected IDToken toIdToken(String str) {
        try {
            return (IDToken) new JWSInput(str).readJsonContent(IDToken.class);
        } catch (JWSInputException e) {
            throw new RuntimeException("Failed to deserialize RPT", e);
        }
    }
}
