package org.keycloak.testsuite.broker;

import java.util.Iterator;
import java.util.Map;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Test;
import org.keycloak.admin.client.resource.AuthenticationManagementResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.models.AuthenticationExecutionModel;
import org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.pages.ConsentPage;

/* loaded from: input_file:org/keycloak/testsuite/broker/AbstractBrokerTest.class */
public abstract class AbstractBrokerTest extends AbstractInitializedBaseBrokerTest {
    public static final String ROLE_USER = "user";
    public static final String ROLE_MANAGER = "manager";
    public static final String ROLE_FRIENDLY_MANAGER = "friendly-manager";
    public static final String ROLE_USER_DOT_GUIDE = "user.guide";
    public static final String EMPTY_ATTRIBUTE_ROLE = "empty.attribute.role";

    @Page
    ConsentPage consentPage;

    @Test
    public void testLogInAsUserInIDP() {
        loginUser();
        testSingleLogout();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loginUser() {
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        logInWithBroker(this.bc);
        BrokerTestTools.waitForPage(this.driver, "update account information", false);
        this.updateAccountInformationPage.assertCurrent();
        Assert.assertTrue("We must be on correct realm right now", this.driver.getCurrentUrl().contains("/auth/realms/" + this.bc.consumerRealmName() + "/"));
        this.log.debug("Updating info on updateAccount page");
        this.updateAccountInformationPage.updateAccountInformation(this.bc.getUserLogin(), this.bc.getUserEmail(), "Firstname", "Lastname");
        UsersResource users = this.adminClient.realm(this.bc.consumerRealmName()).users();
        int intValue = users.count().intValue();
        Assert.assertTrue("There must be at least one user", intValue > 0);
        boolean z = false;
        Iterator it = users.search("", 0, Integer.valueOf(intValue)).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            UserRepresentation userRepresentation = (UserRepresentation) it.next();
            if (userRepresentation.getUsername().equals(this.bc.getUserLogin()) && userRepresentation.getEmail().equals(this.bc.getUserEmail())) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("There must be user " + this.bc.getUserLogin() + " in realm " + this.bc.consumerRealmName(), z);
    }

    @Test
    public void loginWithExistingUser() {
        testLogInAsUserInIDP();
        Integer count = this.adminClient.realm(this.bc.consumerRealmName()).users().count();
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        logInWithBroker(this.bc);
        org.junit.Assert.assertEquals(this.accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", this.driver.getCurrentUrl());
        org.junit.Assert.assertEquals(count, this.adminClient.realm(this.bc.consumerRealmName()).users().count());
    }

    protected void testSingleLogout() {
        this.log.debug("Testing single log out");
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getProviderRoot(), this.bc.providerRealmName()));
        Assert.assertTrue("Should be logged in the account page", this.driver.getTitle().endsWith("Account Management"));
        logoutFromRealm(BrokerTestTools.getProviderRoot(), this.bc.providerRealmName());
        Assert.assertTrue("Should be on " + this.bc.providerRealmName() + " realm", this.driver.getCurrentUrl().contains("/auth/realms/" + this.bc.providerRealmName()));
        this.driver.navigate().to(getAccountUrl(BrokerTestTools.getConsumerRoot(), this.bc.consumerRealmName()));
        Assert.assertTrue("Should be on " + this.bc.consumerRealmName() + " realm on login page", this.driver.getCurrentUrl().contains("/auth/realms/" + this.bc.consumerRealmName() + "/protocol/openid-connect/"));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createRolesForRealm(String str) {
        RoleRepresentation roleRepresentation = new RoleRepresentation(ROLE_MANAGER, (String) null, false);
        RoleRepresentation roleRepresentation2 = new RoleRepresentation(ROLE_FRIENDLY_MANAGER, (String) null, false);
        RoleRepresentation roleRepresentation3 = new RoleRepresentation("user", (String) null, false);
        RoleRepresentation roleRepresentation4 = new RoleRepresentation(ROLE_USER_DOT_GUIDE, (String) null, false);
        RoleRepresentation roleRepresentation5 = new RoleRepresentation(EMPTY_ATTRIBUTE_ROLE, (String) null, false);
        this.adminClient.realm(str).roles().create(roleRepresentation);
        this.adminClient.realm(str).roles().create(roleRepresentation2);
        this.adminClient.realm(str).roles().create(roleRepresentation3);
        this.adminClient.realm(str).roles().create(roleRepresentation4);
        this.adminClient.realm(str).roles().create(roleRepresentation5);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void enableUpdateProfileOnFirstLogin(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationManagementResource authenticationManagementResource) {
        if (authenticationExecutionInfoRepresentation.getProviderId() != null && authenticationExecutionInfoRepresentation.getProviderId().equals("idp-create-user-if-unique")) {
            authenticationExecutionInfoRepresentation.setRequirement(AuthenticationExecutionModel.Requirement.REQUIRED.name());
            authenticationManagementResource.updateExecutions("first broker login", authenticationExecutionInfoRepresentation);
        } else {
            if (authenticationExecutionInfoRepresentation.getAlias() == null || !authenticationExecutionInfoRepresentation.getAlias().equals("review profile config")) {
                return;
            }
            AuthenticatorConfigRepresentation authenticatorConfig = authenticationManagementResource.getAuthenticatorConfig(authenticationExecutionInfoRepresentation.getAuthenticationConfig());
            authenticatorConfig.getConfig().put("update.profile.on.first.login", "on");
            authenticationManagementResource.updateAuthenticatorConfig(authenticatorConfig.getId(), authenticatorConfig);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setUpMissingUpdateProfileOnFirstLogin(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationManagementResource authenticationManagementResource) {
        if (authenticationExecutionInfoRepresentation.getProviderId() != null && authenticationExecutionInfoRepresentation.getProviderId().equals("idp-create-user-if-unique")) {
            authenticationExecutionInfoRepresentation.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE.name());
            authenticationManagementResource.updateExecutions("first broker login", authenticationExecutionInfoRepresentation);
        } else {
            if (authenticationExecutionInfoRepresentation.getAlias() == null || !authenticationExecutionInfoRepresentation.getAlias().equals("review profile config")) {
                return;
            }
            AuthenticatorConfigRepresentation authenticatorConfig = authenticationManagementResource.getAuthenticatorConfig(authenticationExecutionInfoRepresentation.getAuthenticationConfig());
            authenticatorConfig.getConfig().put("update.profile.on.first.login", "missing");
            authenticationManagementResource.updateAuthenticatorConfig(authenticatorConfig.getId(), authenticatorConfig);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void enableRequirePassword(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationManagementResource authenticationManagementResource) {
        AuthenticatorConfigRepresentation authenticatorConfig;
        String authenticationConfig = authenticationExecutionInfoRepresentation.getAuthenticationConfig();
        if (authenticationConfig == null || (authenticatorConfig = authenticationManagementResource.getAuthenticatorConfig(authenticationConfig)) == null) {
            return;
        }
        Map config = authenticatorConfig.getConfig();
        if (config != null && config.containsKey("require.password.update.after.registration")) {
            config.put("require.password.update.after.registration", Boolean.TRUE.toString());
        }
        authenticationManagementResource.updateAuthenticatorConfig(authenticatorConfig.getId(), authenticatorConfig);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void disableUpdateProfileOnFirstLogin(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationManagementResource authenticationManagementResource) {
        if (authenticationExecutionInfoRepresentation.getProviderId() != null && authenticationExecutionInfoRepresentation.getProviderId().equals("idp-create-user-if-unique")) {
            authenticationExecutionInfoRepresentation.setRequirement(AuthenticationExecutionModel.Requirement.ALTERNATIVE.name());
            authenticationManagementResource.updateExecutions("first broker login", authenticationExecutionInfoRepresentation);
        } else {
            if (authenticationExecutionInfoRepresentation.getAlias() == null || !authenticationExecutionInfoRepresentation.getAlias().equals("review profile config")) {
                return;
            }
            AuthenticatorConfigRepresentation authenticatorConfig = authenticationManagementResource.getAuthenticatorConfig(authenticationExecutionInfoRepresentation.getAuthenticationConfig());
            authenticatorConfig.getConfig().put("update.profile.on.first.login", "off");
            authenticationManagementResource.updateAuthenticatorConfig(authenticatorConfig.getId(), authenticatorConfig);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void disableExistingUser(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationManagementResource authenticationManagementResource) {
        if (authenticationExecutionInfoRepresentation.getProviderId() != null) {
            if (authenticationExecutionInfoRepresentation.getProviderId().equals("idp-create-user-if-unique") || authenticationExecutionInfoRepresentation.getProviderId().equals("idp-confirm-link")) {
                authenticationExecutionInfoRepresentation.setRequirement(AuthenticationExecutionModel.Requirement.DISABLED.name());
                authenticationManagementResource.updateExecutions("first broker login", authenticationExecutionInfoRepresentation);
            }
        }
    }
}
