package org.keycloak.testsuite.federation.ldap;

import java.lang.invoke.SerializedLambda;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.stream.Collectors;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.keycloak.models.ClientModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.representations.IDToken;
import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.testsuite.oauth.RefreshTokenTest;
import org.keycloak.testsuite.util.LDAPRule;
import org.keycloak.testsuite.util.LDAPTestUtils;
import org.keycloak.testsuite.util.OAuthClient;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest.class */
public class LDAPMultipleAttributesTest extends AbstractLDAPTest {

    @ClassRule
    public static LDAPRule ldapRule = new LDAPRule().assumeTrue(lDAPTestConfiguration -> {
        return !"ad".equals((String) lDAPTestConfiguration.getLDAPConfig().get("vendor"));
    });

    @Override // org.keycloak.testsuite.federation.ldap.AbstractLDAPTest
    protected LDAPRule getLDAPRule() {
        return ldapRule;
    }

    @Override // org.keycloak.testsuite.federation.ldap.AbstractLDAPTest
    protected void afterImportTestRealm() {
        this.testingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            RealmModel realm = init.getRealm();
            LDAPTestUtils.addZipCodeLDAPMapper(realm, init.getLdapModel());
            LDAPTestUtils.addUserAttributeMapper(realm, init.getLdapModel(), "streetMapper", "street", "street");
            LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(keycloakSession, init.getLdapModel());
            LDAPTestUtils.removeAllLDAPUsers(ldapProvider, realm);
            LDAPTestUtils.updateLDAPPassword(ldapProvider, LDAPTestUtils.addLDAPUser(ldapProvider, realm, "jbrown", "James", "Brown", "jbrown@keycloak.org", (String) null, new String[]{"88441"}), "Password1");
            LDAPObject addLDAPUser = LDAPTestUtils.addLDAPUser(ldapProvider, realm, "bwilson", "Bruce", "Wilson", "bwilson@keycloak.org", "Elm 5", new String[]{"88441", "77332"});
            addLDAPUser.setAttribute("sn", new LinkedHashSet(Arrays.asList("Wilson", "Schneider")));
            ldapProvider.getLdapIdentityStore().update(addLDAPUser);
            LDAPTestUtils.updateLDAPPassword(ldapProvider, addLDAPUser, "Password1");
            ClientModel addClient = realm.addClient("ldap-portal");
            addClient.setProtocol("openid-connect");
            addClient.addRedirectUri("/ldap-portal");
            addClient.addRedirectUri("/ldap-portal/*");
            addClient.setManagementUrl("/ldap-portal");
            addClient.addProtocolMapper(UserAttributeMapper.createClaimMapper("postalCode", "postal_code", "postal_code", "String", true, true, true));
            addClient.addProtocolMapper(UserAttributeMapper.createClaimMapper("street", "street", "street", "String", true, true, false));
            addClient.addScopeMapping(realm.getRole("user"));
            addClient.setSecret("password");
        });
    }

    @Test
    public void testUserImport() {
        this.testingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            keycloakSession.userCache().clear();
            RealmModel realm = init.getRealm();
            Assert.assertNotNull(keycloakSession.userLocalStorage().getUserById(realm, keycloakSession.users().getUserByUsername(realm, "jbrown").getId()));
            LDAPTestAsserts.assertUserImported(keycloakSession.userLocalStorage(), realm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
        });
    }

    @Test
    public void testModel() {
        this.testingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            keycloakSession.userCache().clear();
            UserModel userByUsername = keycloakSession.users().getUserByUsername(init.getRealm(), "bwilson");
            Assert.assertEquals("bwilson@keycloak.org", userByUsername.getEmail());
            Assert.assertEquals("Bruce", userByUsername.getFirstName());
            Assert.assertTrue("Wilson".equals(userByUsername.getLastName()) || "Schneider".equals(userByUsername.getLastName()));
            List list = (List) userByUsername.getAttributeStream("postal_code").collect(Collectors.toList());
            assertPostalCodes(list, "88441", "77332");
            LinkedList linkedList = new LinkedList();
            linkedList.addAll(list);
            linkedList.remove("77332");
            userByUsername.setAttribute("postal_code", linkedList);
        });
        this.testingClient.server().run(keycloakSession2 -> {
            UserModel userByUsername = keycloakSession2.users().getUserByUsername(LDAPTestContext.init(keycloakSession2).getRealm(), "bwilson");
            List list = (List) userByUsername.getAttributeStream("postal_code").collect(Collectors.toList());
            assertPostalCodes(list, "88441");
            LinkedList linkedList = new LinkedList();
            linkedList.addAll(list);
            linkedList.add("77332");
            userByUsername.setAttribute("postal_code", linkedList);
        });
        this.testingClient.server().run(keycloakSession3 -> {
            assertPostalCodes((List) keycloakSession3.users().getUserByUsername(LDAPTestContext.init(keycloakSession3).getRealm(), "bwilson").getAttributeStream("postal_code").collect(Collectors.toList()), "88441", "77332");
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void assertPostalCodes(List<String> list, String... strArr) {
        if (strArr == null && list.isEmpty()) {
            return;
        }
        Assert.assertEquals(strArr.length, list.size());
        for (String str : strArr) {
            if (!list.contains(str)) {
                Assert.fail("postalCode '" + str + "' not in postalCodes: " + list);
            }
        }
    }

    @Test
    public void ldapPortalEndToEndTest() {
        this.oauth.clientId("ldap-portal");
        this.oauth.redirectUri(this.suiteContext.getAuthServerInfo().getContextRoot().toString() + "/ldap-portal");
        this.loginPage.open();
        this.loginPage.login("bwilson", "Password1");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest(new OAuthClient.AuthorizationEndpointResponse(this.oauth).getCode(), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        IDToken verifyIDToken = this.oauth.verifyIDToken(doAccessTokenRequest.getIdToken());
        Assert.assertEquals("Bruce Wilson", verifyIDToken.getName());
        Assert.assertEquals("Elm 5", verifyIDToken.getOtherClaims().get("street"));
        Collection collection = (Collection) verifyIDToken.getOtherClaims().get("postal_code");
        Assert.assertEquals(2L, collection.size());
        Assert.assertTrue(collection.contains("88441"));
        Assert.assertTrue(collection.contains("77332"));
        this.oauth.doLogout(doAccessTokenRequest.getRefreshToken(), "password");
        this.loginPage.open();
        this.loginPage.login("jbrown", "Password1");
        OAuthClient.AccessTokenResponse doAccessTokenRequest2 = this.oauth.doAccessTokenRequest(new OAuthClient.AuthorizationEndpointResponse(this.oauth).getCode(), "password");
        org.keycloak.testsuite.Assert.assertEquals(200L, doAccessTokenRequest2.getStatusCode());
        IDToken verifyIDToken2 = this.oauth.verifyIDToken(doAccessTokenRequest2.getIdToken());
        Assert.assertEquals("James Brown", verifyIDToken2.getName());
        Assert.assertNull(verifyIDToken2.getOtherClaims().get("street"));
        Collection collection2 = (Collection) verifyIDToken2.getOtherClaims().get("postal_code");
        Assert.assertEquals(1L, collection2.size());
        Assert.assertTrue(collection2.contains("88441"));
        Assert.assertFalse(collection2.contains("77332"));
        this.oauth.doLogout(doAccessTokenRequest2.getRefreshToken(), "password");
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -856366662:
                if (implMethodName.equals("lambda$afterImportTestRealm$26a8868a$1")) {
                    z = 4;
                    break;
                }
                break;
            case -253901767:
                if (implMethodName.equals("lambda$testModel$26a8868a$1")) {
                    z = false;
                    break;
                }
                break;
            case -253901766:
                if (implMethodName.equals("lambda$testModel$26a8868a$2")) {
                    z = 3;
                    break;
                }
                break;
            case -253901765:
                if (implMethodName.equals("lambda$testModel$26a8868a$3")) {
                    z = true;
                    break;
                }
                break;
            case 1198744628:
                if (implMethodName.equals("lambda$testUserImport$26a8868a$1")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession);
                        keycloakSession.userCache().clear();
                        UserModel userByUsername = keycloakSession.users().getUserByUsername(init.getRealm(), "bwilson");
                        Assert.assertEquals("bwilson@keycloak.org", userByUsername.getEmail());
                        Assert.assertEquals("Bruce", userByUsername.getFirstName());
                        Assert.assertTrue("Wilson".equals(userByUsername.getLastName()) || "Schneider".equals(userByUsername.getLastName()));
                        List list = (List) userByUsername.getAttributeStream("postal_code").collect(Collectors.toList());
                        assertPostalCodes(list, "88441", "77332");
                        LinkedList linkedList = new LinkedList();
                        linkedList.addAll(list);
                        linkedList.remove("77332");
                        userByUsername.setAttribute("postal_code", linkedList);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession3 -> {
                        assertPostalCodes((List) keycloakSession3.users().getUserByUsername(LDAPTestContext.init(keycloakSession3).getRealm(), "bwilson").getAttributeStream("postal_code").collect(Collectors.toList()), "88441", "77332");
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession2 -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession2);
                        keycloakSession2.userCache().clear();
                        RealmModel realm = init.getRealm();
                        Assert.assertNotNull(keycloakSession2.userLocalStorage().getUserById(realm, keycloakSession2.users().getUserByUsername(realm, "jbrown").getId()));
                        LDAPTestAsserts.assertUserImported(keycloakSession2.userLocalStorage(), realm, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
                    };
                }
                break;
            case RefreshTokenTest.ALLOWED_CLOCK_SKEW /* 3 */:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession22 -> {
                        UserModel userByUsername = keycloakSession22.users().getUserByUsername(LDAPTestContext.init(keycloakSession22).getRealm(), "bwilson");
                        List list = (List) userByUsername.getAttributeStream("postal_code").collect(Collectors.toList());
                        assertPostalCodes(list, "88441");
                        LinkedList linkedList = new LinkedList();
                        linkedList.addAll(list);
                        linkedList.add("77332");
                        userByUsername.setAttribute("postal_code", linkedList);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPMultipleAttributesTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession4 -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession4);
                        RealmModel realm = init.getRealm();
                        LDAPTestUtils.addZipCodeLDAPMapper(realm, init.getLdapModel());
                        LDAPTestUtils.addUserAttributeMapper(realm, init.getLdapModel(), "streetMapper", "street", "street");
                        LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(keycloakSession4, init.getLdapModel());
                        LDAPTestUtils.removeAllLDAPUsers(ldapProvider, realm);
                        LDAPTestUtils.updateLDAPPassword(ldapProvider, LDAPTestUtils.addLDAPUser(ldapProvider, realm, "jbrown", "James", "Brown", "jbrown@keycloak.org", (String) null, new String[]{"88441"}), "Password1");
                        LDAPObject addLDAPUser = LDAPTestUtils.addLDAPUser(ldapProvider, realm, "bwilson", "Bruce", "Wilson", "bwilson@keycloak.org", "Elm 5", new String[]{"88441", "77332"});
                        addLDAPUser.setAttribute("sn", new LinkedHashSet(Arrays.asList("Wilson", "Schneider")));
                        ldapProvider.getLdapIdentityStore().update(addLDAPUser);
                        LDAPTestUtils.updateLDAPPassword(ldapProvider, addLDAPUser, "Password1");
                        ClientModel addClient = realm.addClient("ldap-portal");
                        addClient.setProtocol("openid-connect");
                        addClient.addRedirectUri("/ldap-portal");
                        addClient.addRedirectUri("/ldap-portal/*");
                        addClient.setManagementUrl("/ldap-portal");
                        addClient.addProtocolMapper(UserAttributeMapper.createClaimMapper("postalCode", "postal_code", "postal_code", "String", true, true, true));
                        addClient.addProtocolMapper(UserAttributeMapper.createClaimMapper("street", "street", "street", "String", true, true, false));
                        addClient.addScopeMapping(realm.getRole("user"));
                        addClient.setSecret("password");
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
