package org.keycloak.testsuite.admin.client.authorization;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.function.Supplier;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ClientsResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.common.Profile;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.authorization.AbstractPolicyRepresentation;
import org.keycloak.representations.idm.authorization.PolicyRepresentation;
import org.keycloak.representations.idm.authorization.ResourceRepresentation;
import org.keycloak.representations.idm.authorization.ScopeRepresentation;
import org.keycloak.representations.idm.authorization.UserPolicyRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.UserBuilder;

/* loaded from: input_file:org/keycloak/testsuite/admin/client/authorization/AbstractPolicyManagementTest.class */
public abstract class AbstractPolicyManagementTest extends AbstractKeycloakTest {
    @BeforeClass
    public static void enabled() {
        ProfileAssume.assumeFeatureEnabled(Profile.Feature.AUTHORIZATION);
    }

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        list.add(createTestRealm().build());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RealmBuilder createTestRealm() {
        return RealmBuilder.create().name("authz-test").user(UserBuilder.create().username("marta").password("password")).user(UserBuilder.create().username("kolo").password("password")).client(ClientBuilder.create().clientId("resource-server-test").secret("secret").authorizationServicesEnabled(true).redirectUris("http://localhost/resource-server-test").defaultRoles("uma_protection").directAccessGrants());
    }

    @Before
    public void configureAuthorization() throws Exception {
        createResourcesAndScopes();
        RealmResource realm = getRealm();
        createPolicies(realm, getClient(realm));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void assertRepresentation(AbstractPolicyRepresentation abstractPolicyRepresentation, AbstractPolicyRepresentation abstractPolicyRepresentation2, Supplier<List<ResourceRepresentation>> supplier, Supplier<List<ScopeRepresentation>> supplier2, Supplier<List<PolicyRepresentation>> supplier3) {
        Assert.assertNotNull(abstractPolicyRepresentation2);
        Assert.assertNotNull(abstractPolicyRepresentation2.getId());
        Assert.assertEquals(abstractPolicyRepresentation.getName(), abstractPolicyRepresentation2.getName());
        Assert.assertEquals(abstractPolicyRepresentation.getDescription(), abstractPolicyRepresentation2.getDescription());
        Assert.assertEquals(abstractPolicyRepresentation.getDecisionStrategy(), abstractPolicyRepresentation2.getDecisionStrategy());
        Assert.assertEquals(abstractPolicyRepresentation.getLogic(), abstractPolicyRepresentation2.getLogic());
        Assert.assertNull(abstractPolicyRepresentation2.getResources());
        Assert.assertNull(abstractPolicyRepresentation2.getPolicies());
        Assert.assertNull(abstractPolicyRepresentation2.getScopes());
        List<PolicyRepresentation> list = supplier3.get();
        if (abstractPolicyRepresentation.getPolicies() != null) {
            Assert.assertEquals(abstractPolicyRepresentation.getPolicies().size(), list.size());
            Assert.assertEquals(0L, list.stream().map(policyRepresentation -> {
                return policyRepresentation.getName();
            }).filter(str -> {
                return !abstractPolicyRepresentation.getPolicies().contains(str);
            }).count());
        } else {
            Assert.assertTrue(list.isEmpty());
        }
        List<ResourceRepresentation> list2 = supplier.get();
        if (abstractPolicyRepresentation.getResources() != null) {
            Assert.assertEquals(abstractPolicyRepresentation.getResources().size(), list2.size());
            Assert.assertEquals(0L, list2.stream().map(resourceRepresentation -> {
                return resourceRepresentation.getName();
            }).filter(str2 -> {
                return !abstractPolicyRepresentation.getResources().contains(str2);
            }).count());
        } else {
            Assert.assertTrue(list2.isEmpty());
        }
        List<ScopeRepresentation> list3 = supplier2.get();
        if (abstractPolicyRepresentation.getScopes() != null) {
            Assert.assertEquals(abstractPolicyRepresentation.getScopes().size(), list3.size());
            Assert.assertEquals(0L, list3.stream().map(scopeRepresentation -> {
                return scopeRepresentation.getName();
            }).filter(str3 -> {
                return !abstractPolicyRepresentation.getScopes().contains(str3);
            }).count());
        } else {
            Assert.assertTrue(list3.isEmpty());
        }
        abstractPolicyRepresentation.setId(abstractPolicyRepresentation2.getId());
    }

    private void createResourcesAndScopes() throws IOException {
        HashSet hashSet = new HashSet();
        hashSet.add(new ScopeRepresentation("read"));
        hashSet.add(new ScopeRepresentation("write"));
        hashSet.add(new ScopeRepresentation("execute"));
        ArrayList arrayList = new ArrayList();
        arrayList.add(new ResourceRepresentation("Resource A", hashSet));
        arrayList.add(new ResourceRepresentation("Resource B", hashSet));
        arrayList.add(new ResourceRepresentation("Resource C", hashSet));
        arrayList.forEach(resourceRepresentation -> {
            getClient().authorization().resources().create(resourceRepresentation).close();
        });
    }

    private void createPolicies(RealmResource realmResource, ClientResource clientResource) throws IOException {
        createUserPolicy("Only Marta Policy", realmResource, clientResource, "marta");
        createUserPolicy("Only Kolo Policy", realmResource, clientResource, "kolo");
    }

    private void createUserPolicy(String str, RealmResource realmResource, ClientResource clientResource, String str2) throws IOException {
        String str3 = (String) realmResource.users().search(str2).stream().map(userRepresentation -> {
            return userRepresentation.getId();
        }).findFirst().orElseThrow(() -> {
            return new RuntimeException("Expected user [userId]");
        });
        UserPolicyRepresentation userPolicyRepresentation = new UserPolicyRepresentation();
        userPolicyRepresentation.setName(str);
        userPolicyRepresentation.addUser(str3);
        clientResource.authorization().policies().user().create(userPolicyRepresentation).close();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ClientResource getClient() {
        return getClient(getRealm());
    }

    protected ClientResource getClient(RealmResource realmResource) {
        ClientsResource clients = realmResource.clients();
        return (ClientResource) clients.findByClientId("resource-server-test").stream().map(clientRepresentation -> {
            return clients.get(clientRepresentation.getId());
        }).findFirst().orElseThrow(() -> {
            return new RuntimeException("Expected client [resource-server-test]");
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RealmResource getRealm() {
        try {
            return this.adminClient.realm("authz-test");
        } catch (Exception e) {
            throw new RuntimeException("Failed to create admin client", e);
        }
    }
}
