package org.keycloak.testsuite.account;

import java.io.IOException;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.hamcrest.CoreMatchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.common.enums.AccountRestApiVersion;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractTestRealmKeycloakTest;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.util.TokenUtil;
import org.keycloak.testsuite.util.WebDriverLogDumper;
import org.openqa.selenium.JavascriptExecutor;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.REMOTE})
/* loaded from: input_file:org/keycloak/testsuite/account/AccountRestServiceCorsTest.class */
public class AccountRestServiceCorsTest extends AbstractTestRealmKeycloakTest {
    private static final String VALID_CORS_URL = "http://localtest.me:8180/auth";
    private static final String INVALID_CORS_URL = "http://invalid.localtest.me:8180/auth";
    private CloseableHttpClient client;
    private JavascriptExecutor executor;

    @Rule
    public TokenUtil tokenUtil = new TokenUtil();

    @Rule
    public AssertEvents events = new AssertEvents(this);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/keycloak/testsuite/account/AccountRestServiceCorsTest$Result.class */
    public static class Result {
        int status;
        String result;

        public Result(int i, String str) {
            this.status = i;
            this.result = str;
        }

        public int getStatus() {
            return this.status;
        }

        public String getResult() {
            return this.result;
        }
    }

    @Before
    public void before() {
        this.client = HttpClientBuilder.create().build();
        this.oauth.clientId("direct-grant");
        this.executor = this.driver;
    }

    @After
    public void after() {
        try {
            this.client.close();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.keycloak.testsuite.AbstractTestRealmKeycloakTest
    public void configureTestRealm(RealmRepresentation realmRepresentation) {
        realmRepresentation.setEditUsernameAllowed(false);
    }

    @Test
    public void testGetProfile() throws IOException, InterruptedException {
        this.driver.navigate().to(VALID_CORS_URL);
        doXhr(this.executor, getAccountUrl(), this.tokenUtil.getToken(), null, true);
    }

    @Test
    public void testGetProfileInvalidOrigin() throws IOException, InterruptedException {
        this.driver.navigate().to(INVALID_CORS_URL);
        doXhr(this.executor, getAccountUrl(), this.tokenUtil.getToken(), null, false);
    }

    @Test
    public void testUpdateProfile() throws IOException {
        this.driver.navigate().to(VALID_CORS_URL);
        doXhr(this.executor, getAccountUrl(), this.tokenUtil.getToken(), "{ \"firstName\" : \"Bob\" }", true);
    }

    @Test
    public void testUpdateProfileInvalidOrigin() throws IOException {
        this.driver.navigate().to(INVALID_CORS_URL);
        doXhr(this.executor, getAccountUrl(), this.tokenUtil.getToken(), "{ \"firstName\" : \"Bob\" }", false);
    }

    @Test
    public void testErrorResponse() {
        this.driver.navigate().to(VALID_CORS_URL);
        Result doXhr = doXhr(this.executor, getAccountUrl(), this.tokenUtil.getToken(), "{ \"username\" : \"vmuzikar\" }", true);
        Assert.assertEquals(400L, doXhr.getStatus());
        Assert.assertThat(doXhr.getResult(), CoreMatchers.containsString("readOnlyUsernameMessage"));
    }

    @Test
    public void testErrorResponseInvalidOrigin() {
        this.driver.navigate().to(INVALID_CORS_URL);
        doXhr(this.executor, getAccountUrl(), this.tokenUtil.getToken(), "{ \"username\" : \"vmuzikar\" }", false);
    }

    @Test
    public void testGetVersionedApi() {
        this.driver.navigate().to(VALID_CORS_URL);
        doXhr(this.executor, getAccountUrl() + "/" + AccountRestApiVersion.DEFAULT.getStrVersion(), this.tokenUtil.getToken(), null, true);
    }

    @Test
    public void testGetVersionedApiInvalidOrigin() {
        this.driver.navigate().to(INVALID_CORS_URL);
        doXhr(this.executor, getAccountUrl() + "/" + AccountRestApiVersion.DEFAULT.getStrVersion(), this.tokenUtil.getToken(), null, false);
    }

    private String getAccountUrl() {
        return this.suiteContext.getAuthServerInfo().getContextRoot().toString() + "/auth/realms/test/account";
    }

    private Result doXhr(JavascriptExecutor javascriptExecutor, String str, String str2, String str3, boolean z) {
        Result result = null;
        Throwable th = null;
        try {
            String[] split = ((String) javascriptExecutor.executeScript("var r = new XMLHttpRequest();r.open('" + (str3 == null ? "GET" : "POST") + "', '" + str + "', false);r.setRequestHeader('Accept','application/json');r.setRequestHeader('Content-Type','application/json');r.setRequestHeader('Authorization','bearer " + str2 + "');r.send(" + (str3 == null ? "" : "'" + str3 + "'") + ");return r.status + ':::' + r.responseText", new Object[0])).split(":::");
            result = new Result(Integer.parseInt(split[0]), split.length == 2 ? split[1] : null);
        } catch (Throwable th2) {
            th = th2;
        }
        if (th != null) {
            if (z) {
                throw new AssertionError("Cors request failed: " + WebDriverLogDumper.dumpBrowserLogs(this.driver));
            }
            return result;
        }
        if (z) {
            return result;
        }
        throw new AssertionError("Expected CORS request to be rejected, but was successful");
    }
}
