package org.keycloak.testsuite.admin.realm;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.core.Response;
import org.apache.commons.io.IOUtils;
import org.hamcrest.Matchers;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.common.Profile;
import org.keycloak.common.util.Time;
import org.keycloak.events.EventType;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.OAuth2DeviceConfig;
import org.keycloak.representations.adapters.action.GlobalRequestResult;
import org.keycloak.representations.idm.AdminEventRepresentation;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.EventRepresentation;
import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.ProfileAssume;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.oauth.BackchannelLogoutTest;
import org.keycloak.testsuite.runonserver.RunHelpers;
import org.keycloak.testsuite.updaters.Creator;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.CredentialBuilder;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.ServerURLs;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.testsuite.utils.tls.TLSUtils;
import org.keycloak.util.JsonSerialization;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.REMOTE})
/* loaded from: input_file:org/keycloak/testsuite/admin/realm/RealmTest.class */
public class RealmTest extends AbstractAdminTest {

    @Rule
    public AssertEvents events = new AssertEvents(this);

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void beforeAbstractKeycloakTestRealmImport() {
        if (this.testContext.isInitialized()) {
            return;
        }
        removeAllRealmsDespiteMaster();
        this.testContext.setInitialized(true);
    }

    @Test
    public void getRealms() {
        Assert.assertNames(this.adminClient.realms().findAll(), "master", "test", "admin-client-test");
    }

    @Test
    public void renameRealm() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setId("old");
        realmRepresentation.setRealm("old");
        try {
            this.adminClient.realms().create(realmRepresentation);
            realmRepresentation.setRealm("new");
            this.adminClient.realm("old").update(realmRepresentation);
            Assert.assertEquals(0L, this.adminClient.realm("master").clients().findByClientId("old-realm").size());
            Assert.assertEquals(1L, this.adminClient.realm("master").clients().findByClientId("new-realm").size());
            ClientRepresentation clientRepresentation = (ClientRepresentation) this.adminClient.realm("new").clients().findByClientId("security-admin-console").get(0);
            org.junit.Assert.assertEquals("${authAdminUrl}", clientRepresentation.getRootUrl());
            org.junit.Assert.assertEquals("/admin/new/console/", clientRepresentation.getBaseUrl());
            org.junit.Assert.assertEquals("/admin/new/console/*", clientRepresentation.getRedirectUris().get(0));
            ClientRepresentation clientRepresentation2 = (ClientRepresentation) this.adminClient.realm("new").clients().findByClientId(BackchannelLogoutTest.ACCOUNT_CLIENT_NAME).get(0);
            org.junit.Assert.assertEquals("${authBaseUrl}", clientRepresentation2.getRootUrl());
            org.junit.Assert.assertEquals("/realms/new/account/", clientRepresentation2.getBaseUrl());
            org.junit.Assert.assertEquals("/realms/new/account/*", clientRepresentation2.getRedirectUris().get(0));
            this.adminClient.realms().realm(realmRepresentation.getRealm()).remove();
        } catch (Throwable th) {
            this.adminClient.realms().realm(realmRepresentation.getRealm()).remove();
            throw th;
        }
    }

    @Test
    public void createRealmEmpty() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("new-realm");
        this.adminClient.realms().create(realmRepresentation);
        Assert.assertNames(this.adminClient.realms().findAll(), "master", "test", "admin-client-test", "new-realm");
        org.junit.Assert.assertThat((List) this.adminClient.realms().realm("new-realm").clients().findAll().stream().map((v0) -> {
            return v0.getClientId();
        }).collect(Collectors.toList()), Matchers.containsInAnyOrder(new String[]{BackchannelLogoutTest.ACCOUNT_CLIENT_NAME, "account-console", "admin-cli", "broker", "realm-management", "security-admin-console"}));
        this.adminClient.realms().realm("new-realm").remove();
        Assert.assertNames(this.adminClient.realms().findAll(), "master", "test", "admin-client-test");
    }

    @Test(expected = BadRequestException.class)
    public void createRealmRejectReservedChar() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("new-re;alm");
        this.adminClient.realms().create(realmRepresentation);
    }

    @Test
    public void excludesFieldsFromAttributes() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("attributes");
        this.adminClient.realms().create(realmRepresentation);
        try {
            RealmRepresentation representation = this.adminClient.realm("attributes").toRepresentation();
            if (representation.getAttributes() != null) {
                Arrays.asList("cibaBackchannelTokenDeliveryMode", "cibaExpiresIn", "cibaInterval", "cibaAuthRequestedUserHint").stream().forEach(str -> {
                });
            }
            Map attributes = representation.getAttributes();
            org.junit.Assert.assertTrue("Attributes expected to be present oauth2DeviceCodeLifespan, oauth2DevicePollingInterval, found: " + String.join(", ", attributes.keySet()), attributes.size() == 3 && attributes.containsKey(OAuth2DeviceConfig.OAUTH2_DEVICE_CODE_LIFESPAN) && attributes.containsKey(OAuth2DeviceConfig.OAUTH2_DEVICE_POLLING_INTERVAL) && attributes.containsKey("parRequestUriLifespan"));
            this.adminClient.realm("attributes").remove();
        } catch (Throwable th) {
            this.adminClient.realm("attributes").remove();
            throw th;
        }
    }

    @Test
    public void smtpPasswordSecret() {
        RealmRepresentation build = RealmBuilder.create().testEventListener().testMail().build();
        build.setRealm("realm-with-smtp");
        build.getSmtpServer().put("user", "user");
        build.getSmtpServer().put("password", "secret");
        this.adminClient.realms().create(build);
        org.junit.Assert.assertEquals("**********", this.adminClient.realm("realm-with-smtp").toRepresentation().getSmtpServer().get("password"));
        KeycloakTestingClient.Server server = this.testingClient.server("realm-with-smtp");
        org.junit.Assert.assertEquals("secret", ((RealmRepresentation) server.fetch(RunHelpers.internalRealm())).getSmtpServer().get("password"));
        this.adminClient.realm("realm-with-smtp").update(build);
        AdminEventRepresentation pollAdminEvent = this.testingClient.testing().pollAdminEvent();
        org.junit.Assert.assertFalse(pollAdminEvent.getRepresentation().contains("some secret value!!"));
        org.junit.Assert.assertTrue(pollAdminEvent.getRepresentation().contains("**********"));
        org.junit.Assert.assertEquals("secret", ((RealmRepresentation) server.fetch(RunHelpers.internalRealm())).getSmtpServer().get("password"));
        org.junit.Assert.assertEquals("**********", ((RealmRepresentation) this.adminClient.realms().findAll().stream().filter(realmRepresentation -> {
            return realmRepresentation.getRealm().equals("realm-with-smtp");
        }).findFirst().get()).getSmtpServer().get("password"));
        this.adminClient.realm("realm-with-smtp").remove();
    }

    @Test
    public void createRealmCheckDefaultPasswordPolicy() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("new-realm");
        this.adminClient.realms().create(realmRepresentation);
        org.junit.Assert.assertEquals((Object) null, this.adminClient.realm("new-realm").toRepresentation().getPasswordPolicy());
        this.adminClient.realms().realm("new-realm").remove();
        realmRepresentation.setPasswordPolicy("length(8)");
        this.adminClient.realms().create(realmRepresentation);
        org.junit.Assert.assertEquals("length(8)", this.adminClient.realm("new-realm").toRepresentation().getPasswordPolicy());
        this.adminClient.realms().realm("new-realm").remove();
    }

    @Test
    public void createRealmFromJson() {
        RealmRepresentation realmRepresentation = (RealmRepresentation) loadJson(getClass().getResourceAsStream("/admin-test/testrealm.json"), RealmRepresentation.class);
        try {
            this.adminClient.realms().create(realmRepresentation);
            assertRealm(realmRepresentation, this.adminClient.realms().realm("admin-test-1").toRepresentation());
        } finally {
            this.adminClient.realms().realm("admin-test-1").remove();
        }
    }

    @Test
    public void createRealmWithPasswordPolicyFromJsonWithInvalidPasswords() {
        RealmRepresentation realmRepresentation = (RealmRepresentation) loadJson(getClass().getResourceAsStream("/import/testrealm-keycloak-6146-error.json"), RealmRepresentation.class);
        this.expectedException.expect(NotFoundException.class);
        this.expectedException.expectMessage(String.valueOf(Response.Status.NOT_FOUND.getStatusCode()));
        try {
            this.adminClient.realms().create(realmRepresentation);
        } catch (BadRequestException e) {
            this.log.info("--Caught expected BadRequestException--");
            this.adminClient.realms().realm("secure-app").toRepresentation();
        }
    }

    @Test
    public void createRealmWithPasswordPolicyFromJsonWithValidPasswords() {
        RealmRepresentation realmRepresentation = (RealmRepresentation) loadJson(getClass().getResourceAsStream("/import/testrealm-keycloak-6146.json"), RealmRepresentation.class);
        Creator create = Creator.create(this.adminClient, realmRepresentation);
        Throwable th = null;
        try {
            try {
                assertRealm(realmRepresentation, ((RealmResource) create.resource()).toRepresentation());
                if (create != null) {
                    if (0 == 0) {
                        create.close();
                        return;
                    }
                    try {
                        create.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (create != null) {
                if (th != null) {
                    try {
                        create.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    create.close();
                }
            }
            throw th4;
        }
    }

    @Test
    public void removeRealm() {
        this.realm.remove();
        Assert.assertNames(this.adminClient.realms().findAll(), "master", "test");
        reCreateRealm();
    }

    private void reCreateRealm() {
        this.adminClient.realms().create((RealmRepresentation) this.testContext.getTestRealmReps().stream().filter(realmRepresentation -> {
            return realmRepresentation.getRealm().equals("admin-client-test");
        }).findFirst().get());
    }

    @Test
    public void loginAfterRemoveRealm() {
        this.realm.remove();
        Keycloak keycloak = Keycloak.getInstance(ServerURLs.getAuthServerContextRoot() + "/auth", "master", "admin", "admin", "admin-cli", TLSUtils.initializeTLS());
        Throwable th = null;
        try {
            keycloak.serverInfo().getInfo();
            if (keycloak != null) {
                if (0 != 0) {
                    try {
                        keycloak.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    keycloak.close();
                }
            }
            reCreateRealm();
        } catch (Throwable th3) {
            if (keycloak != null) {
                if (0 != 0) {
                    try {
                        keycloak.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    keycloak.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void renameRealmTest() throws Exception {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("test-immutable");
        this.adminClient.realms().create(realmRepresentation);
        RealmRepresentation representation = this.adminClient.realms().realm("test-immutable").toRepresentation();
        representation.setRealm("test-immutable-old");
        this.adminClient.realms().realm("test-immutable").update(representation);
        org.junit.Assert.assertThat(this.adminClient.realms().realm("test-immutable-old").toRepresentation(), Matchers.notNullValue());
        RealmRepresentation realmRepresentation2 = new RealmRepresentation();
        realmRepresentation2.setRealm("test-immutable");
        this.adminClient.realms().create(realmRepresentation2);
        org.junit.Assert.assertThat(this.adminClient.realms().realm("test-immutable").toRepresentation(), Matchers.notNullValue());
        this.adminClient.realms().realm("test-immutable-old").remove();
        this.adminClient.realms().realm("test-immutable").remove();
    }

    private RealmEventsConfigRepresentation copyRealmEventsConfigRepresentation(RealmEventsConfigRepresentation realmEventsConfigRepresentation) {
        RealmEventsConfigRepresentation realmEventsConfigRepresentation2 = new RealmEventsConfigRepresentation();
        realmEventsConfigRepresentation2.setEnabledEventTypes(realmEventsConfigRepresentation.getEnabledEventTypes());
        realmEventsConfigRepresentation2.setEventsListeners(realmEventsConfigRepresentation.getEventsListeners());
        realmEventsConfigRepresentation2.setEventsExpiration(realmEventsConfigRepresentation.getEventsExpiration());
        realmEventsConfigRepresentation2.setEventsEnabled(realmEventsConfigRepresentation.isEventsEnabled());
        realmEventsConfigRepresentation2.setAdminEventsEnabled(realmEventsConfigRepresentation.isAdminEventsEnabled());
        realmEventsConfigRepresentation2.setAdminEventsDetailsEnabled(realmEventsConfigRepresentation.isAdminEventsDetailsEnabled());
        return realmEventsConfigRepresentation2;
    }

    private void checkRealmEventsConfigRepresentation(RealmEventsConfigRepresentation realmEventsConfigRepresentation, RealmEventsConfigRepresentation realmEventsConfigRepresentation2) {
        org.junit.Assert.assertEquals(realmEventsConfigRepresentation.getEnabledEventTypes().size(), realmEventsConfigRepresentation2.getEnabledEventTypes().size());
        org.junit.Assert.assertTrue(realmEventsConfigRepresentation2.getEnabledEventTypes().containsAll(realmEventsConfigRepresentation.getEnabledEventTypes()));
        org.junit.Assert.assertEquals(realmEventsConfigRepresentation.getEventsListeners().size(), realmEventsConfigRepresentation2.getEventsListeners().size());
        org.junit.Assert.assertTrue(realmEventsConfigRepresentation2.getEventsListeners().containsAll(realmEventsConfigRepresentation.getEventsListeners()));
        org.junit.Assert.assertEquals(realmEventsConfigRepresentation.getEventsExpiration(), realmEventsConfigRepresentation2.getEventsExpiration());
        org.junit.Assert.assertEquals(Boolean.valueOf(realmEventsConfigRepresentation.isEventsEnabled()), Boolean.valueOf(realmEventsConfigRepresentation2.isEventsEnabled()));
        org.junit.Assert.assertEquals(realmEventsConfigRepresentation.isAdminEventsEnabled(), realmEventsConfigRepresentation2.isAdminEventsEnabled());
        org.junit.Assert.assertEquals(realmEventsConfigRepresentation.isAdminEventsDetailsEnabled(), realmEventsConfigRepresentation2.isAdminEventsDetailsEnabled());
    }

    @Test
    public void updateRealmEventsConfig() {
        RealmEventsConfigRepresentation realmEventsConfig = this.realm.getRealmEventsConfig();
        RealmEventsConfigRepresentation copyRealmEventsConfigRepresentation = copyRealmEventsConfigRepresentation(realmEventsConfig);
        org.junit.Assert.assertTrue("event-queue should be enabled initially", realmEventsConfig.getEventsListeners().contains("event-queue"));
        realmEventsConfig.setEnabledEventTypes(Arrays.asList(EventType.LOGIN.name(), EventType.LOGIN_ERROR.name()));
        realmEventsConfig.setEventsListeners(Arrays.asList("jboss-logging"));
        realmEventsConfig.setEventsExpiration(36000L);
        realmEventsConfig.setEventsEnabled(true);
        realmEventsConfig.setAdminEventsEnabled(true);
        realmEventsConfig.setAdminEventsDetailsEnabled(true);
        this.adminClient.realms().realm("admin-client-test").updateRealmEventsConfig(realmEventsConfig);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, "events/config", realmEventsConfig, ResourceType.REALM);
        checkRealmEventsConfigRepresentation(realmEventsConfig, this.realm.getRealmEventsConfig());
        realmEventsConfig.setEnabledEventTypes(Arrays.asList(EventType.LOGIN.name(), EventType.LOGIN_ERROR.name(), EventType.CLIENT_LOGIN.name()));
        this.adminClient.realms().realm("admin-client-test").updateRealmEventsConfig(realmEventsConfig);
        this.assertAdminEvents.assertEmpty();
        checkRealmEventsConfigRepresentation(realmEventsConfig, this.realm.getRealmEventsConfig());
        this.adminClient.realms().realm("admin-client-test").updateRealmEventsConfig(copyRealmEventsConfigRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, "events/config", copyRealmEventsConfigRepresentation, ResourceType.REALM);
        checkRealmEventsConfigRepresentation(copyRealmEventsConfigRepresentation, this.realm.getRealmEventsConfig());
    }

    @Test(expected = BadRequestException.class)
    public void updateRealmWithReservedCharInName() {
        RealmRepresentation representation = this.realm.toRepresentation();
        representation.setRealm("fo#o");
        this.realm.update(representation);
    }

    @Test
    public void updateRealm() {
        RealmRepresentation representation = this.realm.toRepresentation();
        representation.setSsoSessionIdleTimeout(123);
        representation.setSsoSessionMaxLifespan(12);
        representation.setSsoSessionIdleTimeoutRememberMe(33);
        representation.setSsoSessionMaxLifespanRememberMe(34);
        representation.setAccessCodeLifespanLogin(1234);
        representation.setActionTokenGeneratedByAdminLifespan(2345);
        representation.setActionTokenGeneratedByUserLifespan(3456);
        representation.setRegistrationAllowed(true);
        representation.setRegistrationEmailAsUsername(true);
        representation.setEditUsernameAllowed(true);
        representation.setUserManagedAccessAllowed(true);
        this.realm.update(representation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation, ResourceType.REALM);
        RealmRepresentation representation2 = this.realm.toRepresentation();
        org.junit.Assert.assertEquals(123L, representation2.getSsoSessionIdleTimeout().intValue());
        org.junit.Assert.assertEquals(12L, representation2.getSsoSessionMaxLifespan().intValue());
        org.junit.Assert.assertEquals(33L, representation2.getSsoSessionIdleTimeoutRememberMe().intValue());
        org.junit.Assert.assertEquals(34L, representation2.getSsoSessionMaxLifespanRememberMe().intValue());
        org.junit.Assert.assertEquals(1234L, representation2.getAccessCodeLifespanLogin().intValue());
        org.junit.Assert.assertEquals(2345L, representation2.getActionTokenGeneratedByAdminLifespan().intValue());
        org.junit.Assert.assertEquals(3456L, representation2.getActionTokenGeneratedByUserLifespan().intValue());
        org.junit.Assert.assertEquals(Boolean.TRUE, representation2.isRegistrationAllowed());
        org.junit.Assert.assertEquals(Boolean.TRUE, representation2.isRegistrationEmailAsUsername());
        org.junit.Assert.assertEquals(Boolean.TRUE, representation2.isEditUsernameAllowed());
        if (ProfileAssume.isFeatureEnabled(Profile.Feature.AUTHORIZATION)) {
            org.junit.Assert.assertEquals(Boolean.TRUE, representation2.isUserManagedAccessAllowed());
        } else {
            org.junit.Assert.assertEquals(Boolean.FALSE, representation2.isUserManagedAccessAllowed());
        }
        representation2.setRegistrationAllowed(false);
        representation2.setRegistrationEmailAsUsername(false);
        representation2.setEditUsernameAllowed(false);
        representation2.setUserManagedAccessAllowed(false);
        this.realm.update(representation2);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation2, ResourceType.REALM);
        RealmRepresentation representation3 = this.realm.toRepresentation();
        org.junit.Assert.assertEquals(Boolean.FALSE, representation3.isRegistrationAllowed());
        org.junit.Assert.assertEquals(Boolean.FALSE, representation3.isRegistrationEmailAsUsername());
        org.junit.Assert.assertEquals(Boolean.FALSE, representation3.isEditUsernameAllowed());
        org.junit.Assert.assertEquals(Boolean.FALSE, representation3.isUserManagedAccessAllowed());
    }

    @Test
    public void updateRealmWithNewRepresentation() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setEditUsernameAllowed(true);
        realmRepresentation.setSupportedLocales(new HashSet(Arrays.asList("en", "de")));
        this.realm.update(realmRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), realmRepresentation, ResourceType.REALM);
        org.junit.Assert.assertEquals(Boolean.TRUE, this.realm.toRepresentation().isEditUsernameAllowed());
        org.junit.Assert.assertEquals(2L, r0.getSupportedLocales().size());
        RealmRepresentation realmRepresentation2 = new RealmRepresentation();
        realmRepresentation2.setEditUsernameAllowed(false);
        this.realm.update(realmRepresentation2);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), realmRepresentation2, ResourceType.REALM);
        org.junit.Assert.assertEquals(Boolean.FALSE, this.realm.toRepresentation().isEditUsernameAllowed());
        org.junit.Assert.assertEquals(2L, r0.getSupportedLocales().size());
    }

    @Test
    public void updateRealmAttributes() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        ArrayList arrayList = new ArrayList();
        arrayList.add("aaguid1");
        arrayList.add("aaguid2");
        realmRepresentation.setAttributes(new HashMap());
        realmRepresentation.getAttributes().put("foo1", "bar1");
        realmRepresentation.getAttributes().put("foo2", "bar2");
        realmRepresentation.setWebAuthnPolicyAcceptableAaguids(arrayList);
        realmRepresentation.setBruteForceProtected(true);
        realmRepresentation.setDisplayName("dn1");
        this.realm.update(realmRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), realmRepresentation, ResourceType.REALM);
        RealmRepresentation representation = this.realm.toRepresentation();
        org.junit.Assert.assertEquals("bar1", representation.getAttributes().get("foo1"));
        org.junit.Assert.assertEquals("bar2", representation.getAttributes().get("foo2"));
        org.junit.Assert.assertTrue(representation.isBruteForceProtected().booleanValue());
        org.junit.Assert.assertEquals("dn1", representation.getDisplayName());
        org.junit.Assert.assertEquals(arrayList, representation.getWebAuthnPolicyAcceptableAaguids());
        arrayList.clear();
        representation.setBruteForceProtected(false);
        representation.setDisplayName("dn2");
        representation.getAttributes().put("foo1", "bar11");
        representation.getAttributes().remove("foo2");
        representation.setWebAuthnPolicyAcceptableAaguids(arrayList);
        this.realm.update(representation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation, ResourceType.REALM);
        RealmRepresentation representation2 = this.realm.toRepresentation();
        org.junit.Assert.assertFalse(representation2.isBruteForceProtected().booleanValue());
        org.junit.Assert.assertEquals("dn2", representation2.getDisplayName());
        org.junit.Assert.assertEquals("bar11", representation2.getAttributes().get("foo1"));
        org.junit.Assert.assertFalse(representation2.getAttributes().containsKey("foo2"));
        org.junit.Assert.assertTrue(representation2.getWebAuthnPolicyAcceptableAaguids().isEmpty());
    }

    @Test
    public void getRealmRepresentation() {
        RealmRepresentation representation = this.realm.toRepresentation();
        Assert.assertEquals("admin-client-test", representation.getRealm());
        org.junit.Assert.assertTrue(representation.isEnabled().booleanValue());
    }

    @Test
    public void deleteDefaultRole() {
        RoleRepresentation roleRepresentation = new RoleRepresentation("test", "test", false);
        this.realm.roles().create(roleRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.roleResourcePath("test"), roleRepresentation, ResourceType.REALM_ROLE);
        RoleRepresentation representation = this.realm.roles().get("test").toRepresentation();
        org.junit.Assert.assertNotNull(representation);
        this.realm.roles().get("default-roles-admin-client-test").addComposites(Collections.singletonList(representation));
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.roleResourceCompositesPath("default-roles-admin-client-test"), Collections.singletonList(representation), ResourceType.REALM_ROLE);
        this.realm.roles().deleteRole("test");
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.roleResourcePath("test"), ResourceType.REALM_ROLE);
        try {
            this.realm.roles().get("testsadfsadf").toRepresentation();
            org.junit.Assert.fail("Expected NotFoundException");
        } catch (NotFoundException e) {
        }
    }

    @Test
    public void convertKeycloakClientDescription() throws IOException {
        ClientRepresentation clientRepresentation = new ClientRepresentation();
        clientRepresentation.setClientId("client-id");
        clientRepresentation.setRedirectUris(Collections.singletonList("http://localhost"));
        ClientRepresentation convertClientDescription = this.realm.convertClientDescription(JsonSerialization.writeValueAsString(clientRepresentation));
        org.junit.Assert.assertEquals("client-id", convertClientDescription.getClientId());
        org.junit.Assert.assertEquals("http://localhost", convertClientDescription.getRedirectUris().get(0));
    }

    @Test
    public void convertOIDCClientDescription() throws IOException {
        ClientRepresentation convertClientDescription = this.realm.convertClientDescription(IOUtils.toString(getClass().getResourceAsStream("/client-descriptions/client-oidc.json")));
        org.junit.Assert.assertEquals(1L, convertClientDescription.getRedirectUris().size());
        org.junit.Assert.assertEquals("http://localhost", convertClientDescription.getRedirectUris().get(0));
    }

    @Test
    public void convertSAMLClientDescription() throws IOException {
        ClientRepresentation convertClientDescription = this.realm.convertClientDescription(IOUtils.toString(getClass().getResourceAsStream("/client-descriptions/saml-entity-descriptor.xml")));
        org.junit.Assert.assertEquals("loadbalancer-9.siroe.com", convertClientDescription.getClientId());
        org.junit.Assert.assertEquals(2L, convertClientDescription.getRedirectUris().size());
        org.junit.Assert.assertEquals("https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp", convertClientDescription.getRedirectUris().get(0));
        org.junit.Assert.assertEquals("https://LoadBalancer-9.siroe.com:3443/federation/Consumer/metaAlias/sp", convertClientDescription.getRedirectUris().get(1));
    }

    public static void assertRealm(RealmRepresentation realmRepresentation, RealmRepresentation realmRepresentation2) {
        if (realmRepresentation.getId() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getId(), realmRepresentation2.getId());
        }
        if (realmRepresentation.getRealm() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getRealm(), realmRepresentation2.getRealm());
        }
        if (realmRepresentation.isEnabled() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isEnabled(), realmRepresentation2.isEnabled());
        }
        if (realmRepresentation.isBruteForceProtected() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isBruteForceProtected(), realmRepresentation2.isBruteForceProtected());
        }
        if (realmRepresentation.getMaxFailureWaitSeconds() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getMaxFailureWaitSeconds(), realmRepresentation2.getMaxFailureWaitSeconds());
        }
        if (realmRepresentation.getMinimumQuickLoginWaitSeconds() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getMinimumQuickLoginWaitSeconds(), realmRepresentation2.getMinimumQuickLoginWaitSeconds());
        }
        if (realmRepresentation.getWaitIncrementSeconds() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getWaitIncrementSeconds(), realmRepresentation2.getWaitIncrementSeconds());
        }
        if (realmRepresentation.getQuickLoginCheckMilliSeconds() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getQuickLoginCheckMilliSeconds(), realmRepresentation2.getQuickLoginCheckMilliSeconds());
        }
        if (realmRepresentation.getMaxDeltaTimeSeconds() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getMaxDeltaTimeSeconds(), realmRepresentation2.getMaxDeltaTimeSeconds());
        }
        if (realmRepresentation.getFailureFactor() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getFailureFactor(), realmRepresentation2.getFailureFactor());
        }
        if (realmRepresentation.isRegistrationAllowed() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isRegistrationAllowed(), realmRepresentation2.isRegistrationAllowed());
        }
        if (realmRepresentation.isRegistrationEmailAsUsername() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isRegistrationEmailAsUsername(), realmRepresentation2.isRegistrationEmailAsUsername());
        }
        if (realmRepresentation.isRememberMe() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isRememberMe(), realmRepresentation2.isRememberMe());
        }
        if (realmRepresentation.isVerifyEmail() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isVerifyEmail(), realmRepresentation2.isVerifyEmail());
        }
        if (realmRepresentation.isLoginWithEmailAllowed() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isLoginWithEmailAllowed(), realmRepresentation2.isLoginWithEmailAllowed());
        }
        if (realmRepresentation.isDuplicateEmailsAllowed() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isDuplicateEmailsAllowed(), realmRepresentation2.isDuplicateEmailsAllowed());
        }
        if (realmRepresentation.isResetPasswordAllowed() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isResetPasswordAllowed(), realmRepresentation2.isResetPasswordAllowed());
        }
        if (realmRepresentation.isEditUsernameAllowed() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isEditUsernameAllowed(), realmRepresentation2.isEditUsernameAllowed());
        }
        if (realmRepresentation.getSslRequired() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getSslRequired(), realmRepresentation2.getSslRequired());
        }
        if (realmRepresentation.getAccessCodeLifespan() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getAccessCodeLifespan(), realmRepresentation2.getAccessCodeLifespan());
        }
        if (realmRepresentation.getAccessCodeLifespanUserAction() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getAccessCodeLifespanUserAction(), realmRepresentation2.getAccessCodeLifespanUserAction());
        }
        if (realmRepresentation.getActionTokenGeneratedByAdminLifespan() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getActionTokenGeneratedByAdminLifespan(), realmRepresentation2.getActionTokenGeneratedByAdminLifespan());
        }
        if (realmRepresentation.getActionTokenGeneratedByUserLifespan() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getActionTokenGeneratedByUserLifespan(), realmRepresentation2.getActionTokenGeneratedByUserLifespan());
        } else {
            org.junit.Assert.assertEquals(realmRepresentation.getAccessCodeLifespanUserAction(), realmRepresentation2.getActionTokenGeneratedByUserLifespan());
        }
        if (realmRepresentation.getNotBefore() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getNotBefore(), realmRepresentation2.getNotBefore());
        }
        if (realmRepresentation.getAccessTokenLifespan() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getAccessTokenLifespan(), realmRepresentation2.getAccessTokenLifespan());
        }
        if (realmRepresentation.getAccessTokenLifespanForImplicitFlow() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getAccessTokenLifespanForImplicitFlow(), realmRepresentation2.getAccessTokenLifespanForImplicitFlow());
        }
        if (realmRepresentation.getSsoSessionIdleTimeout() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getSsoSessionIdleTimeout(), realmRepresentation2.getSsoSessionIdleTimeout());
        }
        if (realmRepresentation.getSsoSessionMaxLifespan() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getSsoSessionMaxLifespan(), realmRepresentation2.getSsoSessionMaxLifespan());
        }
        if (realmRepresentation.getSsoSessionIdleTimeoutRememberMe() != null) {
            Assert.assertEquals(realmRepresentation.getSsoSessionIdleTimeoutRememberMe(), realmRepresentation2.getSsoSessionIdleTimeoutRememberMe());
        }
        if (realmRepresentation.getSsoSessionMaxLifespanRememberMe() != null) {
            Assert.assertEquals(realmRepresentation.getSsoSessionMaxLifespanRememberMe(), realmRepresentation2.getSsoSessionMaxLifespanRememberMe());
        }
        if (realmRepresentation.getClientSessionIdleTimeout() != null) {
            Assert.assertEquals(realmRepresentation.getClientSessionIdleTimeout(), realmRepresentation2.getClientSessionIdleTimeout());
        }
        if (realmRepresentation.getClientSessionMaxLifespan() != null) {
            Assert.assertEquals(realmRepresentation.getClientSessionMaxLifespan(), realmRepresentation2.getClientSessionMaxLifespan());
        }
        if (realmRepresentation.getClientOfflineSessionIdleTimeout() != null) {
            Assert.assertEquals(realmRepresentation.getClientOfflineSessionIdleTimeout(), realmRepresentation2.getClientOfflineSessionIdleTimeout());
        }
        if (realmRepresentation.getClientOfflineSessionMaxLifespan() != null) {
            Assert.assertEquals(realmRepresentation.getClientOfflineSessionMaxLifespan(), realmRepresentation2.getClientOfflineSessionMaxLifespan());
        }
        if (realmRepresentation.getRequiredCredentials() != null) {
            org.junit.Assert.assertNotNull(realmRepresentation2.getRequiredCredentials());
            Iterator it = realmRepresentation.getRequiredCredentials().iterator();
            while (it.hasNext()) {
                org.junit.Assert.assertTrue(realmRepresentation2.getRequiredCredentials().contains((String) it.next()));
            }
        }
        if (realmRepresentation.getLoginTheme() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getLoginTheme(), realmRepresentation2.getLoginTheme());
        }
        if (realmRepresentation.getAccountTheme() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getAccountTheme(), realmRepresentation2.getAccountTheme());
        }
        if (realmRepresentation.getAdminTheme() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getAdminTheme(), realmRepresentation2.getAdminTheme());
        }
        if (realmRepresentation.getEmailTheme() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getEmailTheme(), realmRepresentation2.getEmailTheme());
        }
        if (realmRepresentation.getPasswordPolicy() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getPasswordPolicy(), realmRepresentation2.getPasswordPolicy());
        }
        if (realmRepresentation.getSmtpServer() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getSmtpServer(), realmRepresentation2.getSmtpServer());
        }
        if (realmRepresentation.getBrowserSecurityHeaders() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.getBrowserSecurityHeaders(), realmRepresentation2.getBrowserSecurityHeaders());
        }
        if (realmRepresentation.getAttributes() != null) {
            HashMap hashMap = new HashMap();
            hashMap.putAll(realmRepresentation2.getAttributes());
            hashMap.entrySet().retainAll(realmRepresentation.getAttributes().entrySet());
            org.junit.Assert.assertEquals(realmRepresentation.getAttributes(), hashMap);
        }
        if (realmRepresentation.isUserManagedAccessAllowed() != null) {
            org.junit.Assert.assertEquals(realmRepresentation.isUserManagedAccessAllowed(), realmRepresentation2.isUserManagedAccessAllowed());
        }
    }

    @Test
    public void clearRealmCache() {
        RealmRepresentation representation = this.realm.toRepresentation();
        org.junit.Assert.assertTrue(this.testingClient.testing().cache("realms").contains(representation.getId()));
        this.realm.clearRealmCache();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, "clear-realm-cache", ResourceType.REALM);
        org.junit.Assert.assertFalse(this.testingClient.testing().cache("realms").contains(representation.getId()));
    }

    @Test
    public void clearUserCache() {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("clearcacheuser");
        Response create = this.realm.users().create(userRepresentation);
        String createdId = ApiUtil.getCreatedId(create);
        create.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userResourcePath(createdId), userRepresentation, ResourceType.USER);
        this.realm.users().get(createdId).toRepresentation();
        org.junit.Assert.assertTrue(this.testingClient.testing().cache("users").contains(createdId));
        this.realm.clearUserCache();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, "clear-user-cache", ResourceType.REALM);
        org.junit.Assert.assertFalse(this.testingClient.testing().cache("users").contains(createdId));
    }

    @Test
    public void pushNotBefore() {
        setupTestAppAndUser();
        int currentTime = Time.currentTime() - 60;
        RealmRepresentation representation = this.realm.toRepresentation();
        representation.setNotBefore(Integer.valueOf(currentTime));
        this.realm.update(representation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation, ResourceType.REALM);
        GlobalRequestResult pushRevocation = this.realm.pushRevocation();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, "push-revocation", pushRevocation, ResourceType.REALM);
        List successRequests = pushRevocation.getSuccessRequests();
        StringBuilder sb = new StringBuilder();
        OAuthClient oAuthClient = this.oauth;
        org.junit.Assert.assertThat(successRequests, Matchers.containsInAnyOrder(new String[]{sb.append(OAuthClient.AUTH_SERVER_ROOT).append("/realms/master/app/admin").toString()}));
        org.junit.Assert.assertNull(pushRevocation.getFailedRequests());
        org.junit.Assert.assertEquals(currentTime, this.testingClient.testApp().getAdminPushNotBefore().getNotBefore());
    }

    @Test
    public void pushNotBeforeWithSamlApp() {
        setupTestAppAndUser();
        setupTestSamlApp();
        int currentTime = Time.currentTime() - 60;
        RealmRepresentation representation = this.realm.toRepresentation();
        representation.setNotBefore(Integer.valueOf(currentTime));
        this.realm.update(representation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation, ResourceType.REALM);
        GlobalRequestResult pushRevocation = this.realm.pushRevocation();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, "push-revocation", pushRevocation, ResourceType.REALM);
        List successRequests = pushRevocation.getSuccessRequests();
        StringBuilder sb = new StringBuilder();
        OAuthClient oAuthClient = this.oauth;
        org.junit.Assert.assertThat(successRequests, Matchers.containsInAnyOrder(new String[]{sb.append(OAuthClient.AUTH_SERVER_ROOT).append("/realms/master/app/admin").toString()}));
        List failedRequests = pushRevocation.getFailedRequests();
        StringBuilder sb2 = new StringBuilder();
        OAuthClient oAuthClient2 = this.oauth;
        org.junit.Assert.assertThat(failedRequests, Matchers.containsInAnyOrder(new String[]{sb2.append(OAuthClient.AUTH_SERVER_ROOT).append("/realms/master/saml-app/saml").toString()}));
        org.junit.Assert.assertEquals(currentTime, this.testingClient.testApp().getAdminPushNotBefore().getNotBefore());
    }

    @Test
    public void logoutAll() {
        setupTestAppAndUser();
        Response create = this.realm.users().create(UserBuilder.create().username("user").build());
        String createdId = ApiUtil.getCreatedId(create);
        create.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userResourcePath(createdId), ResourceType.USER);
        this.realm.users().get(createdId).resetPassword(CredentialBuilder.create().password("password").build());
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userResetPasswordPath(createdId), ResourceType.USER);
        this.oauth.doLogin("user", "password");
        GlobalRequestResult logoutAll = this.realm.logoutAll();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, "logout-all", logoutAll, ResourceType.REALM);
        org.junit.Assert.assertEquals(1L, logoutAll.getSuccessRequests().size());
        StringBuilder sb = new StringBuilder();
        OAuthClient oAuthClient = this.oauth;
        org.junit.Assert.assertEquals(sb.append(OAuthClient.AUTH_SERVER_ROOT).append("/realms/master/app/admin").toString(), logoutAll.getSuccessRequests().get(0));
        org.junit.Assert.assertNull(logoutAll.getFailedRequests());
        org.junit.Assert.assertNotNull(this.testingClient.testApp().getAdminLogoutAction());
    }

    @Test
    public void deleteSession() {
        setupTestAppAndUser();
        this.oauth.doLogin("testuser", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "secret");
        org.junit.Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        EventRepresentation poll = this.events.poll();
        org.junit.Assert.assertNotNull(poll);
        this.realm.deleteSession(poll.getSessionId());
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.deleteSessionPath(poll.getSessionId()), ResourceType.USER_SESSION);
        try {
            this.realm.deleteSession(poll.getSessionId());
            org.junit.Assert.fail("Expected 404");
        } catch (NotFoundException e) {
            this.assertAdminEvents.assertEmpty();
        }
        OAuthClient.AccessTokenResponse doRefreshTokenRequest = this.oauth.doRefreshTokenRequest(doAccessTokenRequest.getRefreshToken(), "secret");
        org.junit.Assert.assertEquals(400L, doRefreshTokenRequest.getStatusCode());
        org.junit.Assert.assertEquals("Session not active", doRefreshTokenRequest.getErrorDescription());
    }

    @Test
    public void clientSessionStats() {
        setupTestAppAndUser();
        List clientSessionStats = this.realm.getClientSessionStats();
        org.junit.Assert.assertTrue(clientSessionStats.isEmpty());
        System.out.println(clientSessionStats.size());
        this.oauth.doLogin("testuser", "password");
        org.junit.Assert.assertEquals(200L, this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "secret").getStatusCode());
        List clientSessionStats2 = this.realm.getClientSessionStats();
        org.junit.Assert.assertEquals(1L, clientSessionStats2.size());
        org.junit.Assert.assertEquals(AssertEvents.DEFAULT_CLIENT_ID, ((Map) clientSessionStats2.get(0)).get("clientId"));
        org.junit.Assert.assertEquals("1", ((Map) clientSessionStats2.get(0)).get("active"));
        this.realm.clients().get((String) ((Map) clientSessionStats2.get(0)).get("id")).remove();
        org.junit.Assert.assertEquals(0L, this.realm.getClientSessionStats().size());
    }

    @Test
    public void testDefaultSignatureAlgorithm() {
        RealmRepresentation realmRepresentation = new RealmRepresentation();
        realmRepresentation.setRealm("new-realm");
        try {
            this.adminClient.realms().create(realmRepresentation);
            org.junit.Assert.assertEquals("RS256", this.adminClient.realm("master").toRepresentation().getDefaultSignatureAlgorithm());
            org.junit.Assert.assertEquals("RS256", this.adminClient.realm("new-realm").toRepresentation().getDefaultSignatureAlgorithm());
        } finally {
            this.adminClient.realms().realm(realmRepresentation.getRealm()).remove();
        }
    }

    private void setupTestAppAndUser() {
        this.testingClient.testApp().clearAdminActions();
        String replace = this.oauth.getRedirectUri().replace("/master/", "/admin-client-test/");
        ClientRepresentation clientRepresentation = new ClientRepresentation();
        clientRepresentation.setClientId(AssertEvents.DEFAULT_CLIENT_ID);
        clientRepresentation.setAdminUrl(this.suiteContext.getAuthServerInfo().getContextRoot() + "/auth/realms/master/app/admin");
        clientRepresentation.setRedirectUris(Collections.singletonList(replace));
        clientRepresentation.setProtocol("openid-connect");
        clientRepresentation.setSecret("secret");
        Response create = this.realm.clients().create(clientRepresentation);
        String createdId = ApiUtil.getCreatedId(create);
        getCleanup().addClientUuid(createdId);
        create.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(createdId), clientRepresentation, ResourceType.CLIENT);
        this.oauth.realm("admin-client-test");
        this.oauth.redirectUri(replace);
        UserRepresentation build = UserBuilder.create().username("testuser").build();
        Response create2 = this.realm.users().create(build);
        String createdId2 = ApiUtil.getCreatedId(create2);
        create2.close();
        getCleanup().addUserId(createdId2);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userResourcePath(createdId2), build, ResourceType.USER);
        this.realm.users().get(createdId2).resetPassword(CredentialBuilder.create().password("password").build());
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userResetPasswordPath(createdId2), ResourceType.USER);
        this.testingClient.testApp().clearAdminActions();
    }

    private void setupTestSamlApp() {
        ClientRepresentation build = ClientBuilder.create().clientId("test-saml-app").protocol("saml").adminUrl(this.suiteContext.getAuthServerInfo().getContextRoot() + "/auth/realms/master/saml-app/saml").addRedirectUri(this.oauth.getRedirectUri().replace("/master/", "/admin-client-test/")).secret("secret").build();
        Response create = this.realm.clients().create(build);
        String createdId = ApiUtil.getCreatedId(create);
        getCleanup().addClientUuid(createdId);
        create.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.clientResourcePath(createdId), build, ResourceType.CLIENT);
    }
}
