package org.keycloak.testsuite.federation.ldap;

import java.io.IOException;
import java.util.Collections;
import java.util.List;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.core.Response;
import org.junit.Assert;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.common.Profile;
import org.keycloak.representations.idm.ComponentRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.UserStorageProvider;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.EnableFeature;
import org.keycloak.testsuite.forms.VerifyProfileTest;
import org.keycloak.testsuite.util.UserBuilder;
import org.keycloak.userprofile.config.UPAttribute;
import org.keycloak.userprofile.config.UPAttributePermissions;
import org.keycloak.userprofile.config.UPConfig;
import org.keycloak.util.JsonSerialization;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@EnableFeature(Profile.Feature.DECLARATIVE_USER_PROFILE)
/* loaded from: input_file:org/keycloak/testsuite/federation/ldap/LDAPAdminRestApiWithUserProfileTest.class */
public class LDAPAdminRestApiWithUserProfileTest extends LDAPAdminRestApiTest {
    @Test
    public void testUpdateReadOnlyAttributeWhenNotSetToUser() throws Exception {
        RealmRepresentation representation = testRealm().toRepresentation();
        enableSyncRegistration(representation, Boolean.FALSE);
        try {
            Response create = testRealm().users().create(UserBuilder.create().username("admintestuser1").password("userpass").addAttribute("foo", "foo-value").enabled(true).build());
            Throwable th = null;
            try {
                try {
                    enableDynamicUserProfile(representation);
                    String createdId = ApiUtil.getCreatedId(create);
                    getCleanup().addUserId(createdId);
                    UserResource userResource = testRealm().users().get(createdId);
                    UserRepresentation representation2 = userResource.toRepresentation();
                    Assert.assertTrue(representation2.getAttributes().containsKey("LDAP_ID"));
                    Assert.assertTrue(((List) representation2.getAttributes().get("LDAP_ID")).isEmpty());
                    representation2.singleAttribute("LDAP_ID", "");
                    userResource.update(representation2);
                    representation2.singleAttribute("LDAP_ID", (String) null);
                    userResource.update(representation2);
                    try {
                        representation2.singleAttribute("LDAP_ID", "should-fail");
                        userResource.update(representation2);
                        Assert.fail("Should fail, attribute is read-only");
                    } catch (BadRequestException e) {
                    }
                    if (create != null) {
                        if (0 != 0) {
                            try {
                                create.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            create.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } finally {
            VerifyProfileTest.disableDynamicUserProfile(testRealm());
            enableSyncRegistration(representation, Boolean.TRUE);
        }
    }

    private void enableDynamicUserProfile(RealmRepresentation realmRepresentation) throws IOException {
        VerifyProfileTest.enableDynamicUserProfile(realmRepresentation);
        testRealm().update(realmRepresentation);
        UPConfig uPConfig = (UPConfig) JsonSerialization.readValue(testRealm().users().userProfile().getConfiguration(), UPConfig.class);
        UPAttribute uPAttribute = new UPAttribute();
        uPAttribute.setName("LDAP_ID");
        UPAttributePermissions uPAttributePermissions = new UPAttributePermissions();
        uPAttributePermissions.setView(Collections.singleton("admin"));
        uPAttribute.setPermissions(uPAttributePermissions);
        uPConfig.addAttribute(uPAttribute);
        VerifyProfileTest.setUserProfileConfiguration(testRealm(), JsonSerialization.writeValueAsString(uPConfig));
    }

    private void enableSyncRegistration(RealmRepresentation realmRepresentation, Boolean bool) {
        ComponentRepresentation componentRepresentation = (ComponentRepresentation) testRealm().components().query(realmRepresentation.getRealm(), UserStorageProvider.class.getName()).get(0);
        componentRepresentation.getConfig().put("syncRegistrations", Collections.singletonList(bool.toString()));
        testRealm().components().component(componentRepresentation.getId()).update(componentRepresentation);
    }
}
