package org.keycloak.testsuite.broker;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import org.junit.Test;
import org.keycloak.admin.client.resource.IdentityProviderResource;
import org.keycloak.models.IdentityProviderMapperSyncMode;
import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;

/* loaded from: input_file:org/keycloak/testsuite/broker/KcSamlAdvancedAttributeToRoleMapperTest.class */
public class KcSamlAdvancedAttributeToRoleMapperTest extends AbstractAdvancedRoleMapperTest {
    private static final String ATTRIBUTES = "[\n  {\n    \"key\": \"user-attribute-friendly\",\n    \"value\": \"value 1\"\n  },\n  {\n    \"key\": \"user-attribute-2\",\n    \"value\": \"value 2\"\n  }\n]";

    @Override // org.keycloak.testsuite.broker.AbstractBaseBrokerTest
    protected BrokerConfiguration getBrokerConfiguration() {
        return new KcSamlBrokerConfiguration();
    }

    @Override // org.keycloak.testsuite.broker.AbstractAdvancedRoleMapperTest
    protected void createMapperInIdp(IdentityProviderRepresentation identityProviderRepresentation, String str, boolean z, IdentityProviderMapperSyncMode identityProviderMapperSyncMode) {
        IdentityProviderMapperRepresentation identityProviderMapperRepresentation = new IdentityProviderMapperRepresentation();
        identityProviderMapperRepresentation.setName("advanced-attribute-to-role-mapper");
        identityProviderMapperRepresentation.setIdentityProviderMapper("saml-advanced-role-idp-mapper");
        identityProviderMapperRepresentation.setConfig(ImmutableMap.builder().put("syncMode", identityProviderMapperSyncMode.toString()).put("attributes", str).put("are.attribute.values.regex", z ? "true" : "false").put("role", AbstractRoleMapperTest.CLIENT_ROLE_MAPPER_REPRESENTATION).build());
        IdentityProviderResource identityProviderResource = this.realm.identityProviders().get(identityProviderRepresentation.getAlias());
        identityProviderMapperRepresentation.setIdentityProviderAlias(this.bc.getIDPAlias());
        identityProviderResource.addMapper(identityProviderMapperRepresentation).close();
    }

    @Test
    public void attributeFriendlyNameGetsConsideredAndMatchedToRole() {
        createAdvancedRoleMapper(ATTRIBUTES, false);
        createUserInProviderRealm(ImmutableMap.builder().put(KcSamlBrokerConfiguration.ATTRIBUTE_TO_MAP_FRIENDLY_NAME, ImmutableList.builder().add("value 1").build()).put("user-attribute-2", ImmutableList.builder().add("value 2").build()).build());
        logInAsUserInIDPForFirstTime();
        assertThatRoleHasBeenAssignedInConsumerRealmTo(findUser(this.bc.consumerRealmName(), this.bc.getUserLogin(), this.bc.getUserEmail()));
    }
}
