package org.keycloak.testsuite.admin.authentication;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.representations.idm.AuthenticationExecutionExportRepresentation;
import org.keycloak.representations.idm.AuthenticationExecutionInfoRepresentation;
import org.keycloak.representations.idm.AuthenticationFlowRepresentation;
import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;

/* loaded from: input_file:org/keycloak/testsuite/admin/authentication/InitialFlowsTest.class */
public class InitialFlowsTest extends AbstractAuthenticationTest {
    private HashMap<String, AuthenticatorConfigRepresentation> configs = new HashMap<>();
    private HashMap<String, AuthenticatorConfigRepresentation> expectedConfigs = new HashMap<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/keycloak/testsuite/admin/authentication/InitialFlowsTest$FlowExecutions.class */
    public static class FlowExecutions implements Comparable<FlowExecutions> {
        AuthenticationFlowRepresentation flow;
        List<AuthenticationExecutionInfoRepresentation> executions;

        FlowExecutions(AuthenticationFlowRepresentation authenticationFlowRepresentation, List<AuthenticationExecutionInfoRepresentation> list) {
            this.flow = authenticationFlowRepresentation;
            this.executions = list;
        }

        @Override // java.lang.Comparable
        public int compareTo(FlowExecutions flowExecutions) {
            return this.flow.getAlias().compareTo(flowExecutions.flow.getAlias());
        }
    }

    public InitialFlowsTest() {
        this.expectedConfigs.put("idp-review-profile", newConfig("review profile config", new String[]{"update.profile.on.first.login", "missing"}));
        this.expectedConfigs.put("idp-create-user-if-unique", newConfig("create unique user config", new String[]{"require.password.update.after.registration", "false"}));
    }

    @Test
    public void testInitialFlows() {
        LinkedList linkedList = new LinkedList();
        for (AuthenticationFlowRepresentation authenticationFlowRepresentation : this.authMgmtResource.getFlows()) {
            List executions = this.authMgmtResource.getExecutions(authenticationFlowRepresentation.getAlias());
            Iterator it = executions.iterator();
            while (it.hasNext()) {
                String authenticationConfig = ((AuthenticationExecutionInfoRepresentation) it.next()).getAuthenticationConfig();
                if (authenticationConfig != null && !this.configs.containsKey(authenticationConfig)) {
                    this.configs.put(authenticationConfig, this.authMgmtResource.getAuthenticatorConfig(authenticationConfig));
                }
            }
            linkedList.add(new FlowExecutions(authenticationFlowRepresentation, executions));
        }
        compare(expectedFlows(), orderAlphabetically(linkedList));
    }

    private void compare(List<FlowExecutions> list, List<FlowExecutions> list2) {
        Iterator<FlowExecutions> it = list2.iterator();
        for (FlowExecutions flowExecutions : list) {
            FlowExecutions next = it.next();
            compareFlows(flowExecutions.flow, next.flow);
            compareExecutionsInfo(flowExecutions.executions, next.executions);
        }
    }

    private void compareExecutionsInfo(List<AuthenticationExecutionInfoRepresentation> list, List<AuthenticationExecutionInfoRepresentation> list2) {
        Assert.assertEquals("Executions count", list.size(), list2.size());
        Iterator<AuthenticationExecutionInfoRepresentation> it = list.iterator();
        Iterator<AuthenticationExecutionInfoRepresentation> it2 = list2.iterator();
        while (it.hasNext()) {
            compareExecutionWithConfig(it.next(), it2.next());
        }
    }

    private void compareExecutionWithConfig(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation2) {
        super.compareExecution(authenticationExecutionInfoRepresentation, authenticationExecutionInfoRepresentation2);
        compareAuthConfig(authenticationExecutionInfoRepresentation, authenticationExecutionInfoRepresentation2);
    }

    private void compareAuthConfig(AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation, AuthenticationExecutionInfoRepresentation authenticationExecutionInfoRepresentation2) {
        AuthenticatorConfigRepresentation authenticatorConfigRepresentation = this.expectedConfigs.get(authenticationExecutionInfoRepresentation.getProviderId());
        AuthenticatorConfigRepresentation authenticatorConfigRepresentation2 = this.configs.get(authenticationExecutionInfoRepresentation2.getAuthenticationConfig());
        if (authenticatorConfigRepresentation == null && authenticatorConfigRepresentation2 == null) {
            return;
        }
        Assert.assertEquals("Execution configuration alias", authenticatorConfigRepresentation.getAlias(), authenticatorConfigRepresentation2.getAlias());
        Assert.assertEquals("Execution configuration params", authenticatorConfigRepresentation.getConfig(), authenticatorConfigRepresentation2.getConfig());
    }

    private List<FlowExecutions> orderAlphabetically(List<FlowExecutions> list) {
        ArrayList arrayList = new ArrayList(list);
        Collections.sort(arrayList);
        return arrayList;
    }

    private LinkedList<FlowExecutions> expectedFlows() {
        LinkedList<FlowExecutions> linkedList = new LinkedList<>();
        AuthenticationFlowRepresentation newFlow = newFlow("browser", "browser based authentication", "basic-flow", true, true);
        addExecExport(newFlow, null, false, "auth-cookie", false, null, "ALTERNATIVE", 10);
        addExecExport(newFlow, null, false, "auth-spnego", false, null, "DISABLED", 20);
        addExecExport(newFlow, null, false, "identity-provider-redirector", false, null, "ALTERNATIVE", 25);
        addExecExport(newFlow, "forms", false, null, true, null, "ALTERNATIVE", 30);
        LinkedList linkedList2 = new LinkedList();
        addExecInfo(linkedList2, "Cookie", "auth-cookie", false, 0, 0, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList2, "Kerberos", "auth-spnego", false, 0, 1, "DISABLED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList2, "Identity Provider Redirector", "identity-provider-redirector", true, 0, 2, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList2, "forms", null, false, 0, 3, "ALTERNATIVE", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList2, "Username Password Form", "auth-username-password-form", false, 1, 0, "REQUIRED", null, new String[]{"REQUIRED"});
        addExecInfo(linkedList2, "Browser - Conditional OTP", null, false, 1, 1, "CONDITIONAL", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList2, "Condition - user configured", "conditional-user-configured", false, 2, 0, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList2, "OTP Form", "auth-otp-form", false, 2, 1, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow, linkedList2));
        AuthenticationFlowRepresentation newFlow2 = newFlow("clients", "Base authentication for clients", "client-flow", true, true);
        addExecExport(newFlow2, null, false, "client-secret", false, null, "ALTERNATIVE", 10);
        addExecExport(newFlow2, null, false, "client-jwt", false, null, "ALTERNATIVE", 20);
        addExecExport(newFlow2, null, false, "client-secret-jwt", false, null, "ALTERNATIVE", 30);
        addExecExport(newFlow2, null, false, "client-x509", false, null, "ALTERNATIVE", 40);
        LinkedList linkedList3 = new LinkedList();
        addExecInfo(linkedList3, "Client Id and Secret", "client-secret", false, 0, 0, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList3, "Signed Jwt", "client-jwt", false, 0, 1, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList3, "Signed Jwt with Client Secret", "client-secret-jwt", false, 0, 2, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList3, "X509 Certificate", "client-x509", false, 0, 3, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow2, linkedList3));
        AuthenticationFlowRepresentation newFlow3 = newFlow("direct grant", "OpenID Connect Resource Owner Grant", "basic-flow", true, true);
        addExecExport(newFlow3, null, false, "direct-grant-validate-username", false, null, "REQUIRED", 10);
        addExecExport(newFlow3, null, false, "direct-grant-validate-password", false, null, "REQUIRED", 20);
        addExecExport(newFlow3, "Direct Grant - Conditional OTP", false, null, true, null, "CONDITIONAL", 30);
        LinkedList linkedList4 = new LinkedList();
        addExecInfo(linkedList4, "Username Validation", "direct-grant-validate-username", false, 0, 0, "REQUIRED", null, new String[]{"REQUIRED"});
        addExecInfo(linkedList4, "Password", "direct-grant-validate-password", false, 0, 1, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList4, "Direct Grant - Conditional OTP", null, false, 0, 2, "CONDITIONAL", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList4, "Condition - user configured", "conditional-user-configured", false, 1, 0, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList4, "OTP", "direct-grant-validate-otp", false, 1, 1, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow3, linkedList4));
        AuthenticationFlowRepresentation newFlow4 = newFlow("docker auth", "Used by Docker clients to authenticate against the IDP", "basic-flow", true, true);
        addExecExport(newFlow4, null, false, "docker-http-basic-authenticator", false, null, "REQUIRED", 10);
        LinkedList linkedList5 = new LinkedList();
        addExecInfo(linkedList5, "Docker Authenticator", "docker-http-basic-authenticator", false, 0, 0, "REQUIRED", null, new String[]{"REQUIRED"});
        linkedList.add(new FlowExecutions(newFlow4, linkedList5));
        AuthenticationFlowRepresentation newFlow5 = newFlow("first broker login", "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", "basic-flow", true, true);
        addExecExport(newFlow5, null, false, "idp-review-profile", false, "review profile config", "REQUIRED", 10);
        addExecExport(newFlow5, "User creation or linking", false, null, true, null, "REQUIRED", 20);
        LinkedList linkedList6 = new LinkedList();
        addExecInfo(linkedList6, "Review Profile", "idp-review-profile", true, 0, 0, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList6, "User creation or linking", null, false, 0, 1, "REQUIRED", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList6, "Create User If Unique", "idp-create-user-if-unique", true, 1, 0, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList6, "Handle Existing Account", null, false, 1, 1, "ALTERNATIVE", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList6, "Confirm link existing account", "idp-confirm-link", false, 2, 0, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList6, "Account verification options", null, false, 2, 1, "REQUIRED", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList6, "Verify existing account by Email", "idp-email-verification", false, 3, 0, "ALTERNATIVE", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList6, "Verify Existing Account by Re-authentication", null, false, 3, 1, "ALTERNATIVE", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList6, "Username Password Form for identity provider reauthentication", "idp-username-password-form", false, 4, 0, "REQUIRED", null, new String[]{"REQUIRED"});
        addExecInfo(linkedList6, "First broker login - Conditional OTP", null, false, 4, 1, "CONDITIONAL", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList6, "Condition - user configured", "conditional-user-configured", false, 5, 0, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList6, "OTP Form", "auth-otp-form", false, 5, 1, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow5, linkedList6));
        AuthenticationFlowRepresentation newFlow6 = newFlow("http challenge", "An authentication flow based on challenge-response HTTP Authentication Schemes", "basic-flow", true, true);
        addExecExport(newFlow6, null, false, "no-cookie-redirect", false, null, "REQUIRED", 10);
        addExecExport(newFlow6, "Authentication Options", false, null, true, null, "REQUIRED", 20);
        LinkedList linkedList7 = new LinkedList();
        addExecInfo(linkedList7, "Browser Redirect/Refresh", "no-cookie-redirect", false, 0, 0, "REQUIRED", null, new String[]{"REQUIRED"});
        addExecInfo(linkedList7, "Authentication Options", null, false, 0, 1, "REQUIRED", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList7, "Basic Auth Challenge", "basic-auth", false, 1, 0, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList7, "Basic Auth Password+OTP", "basic-auth-otp", false, 1, 1, "DISABLED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList7, "Kerberos", "auth-spnego", false, 1, 2, "DISABLED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow6, linkedList7));
        AuthenticationFlowRepresentation newFlow7 = newFlow("registration", "registration flow", "basic-flow", true, true);
        addExecExport(newFlow7, "registration form", false, "registration-page-form", true, null, "REQUIRED", 10);
        LinkedList linkedList8 = new LinkedList();
        addExecInfo(linkedList8, "registration form", "registration-page-form", false, 0, 0, "REQUIRED", true, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList8, "Registration User Creation", "registration-user-creation", false, 1, 0, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList8, "Profile Validation", "registration-profile-action", false, 1, 1, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList8, "Password Validation", "registration-password-action", false, 1, 2, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList8, "Recaptcha", "registration-recaptcha-action", true, 1, 3, "DISABLED", null, new String[]{"REQUIRED", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow7, linkedList8));
        AuthenticationFlowRepresentation newFlow8 = newFlow("reset credentials", "Reset credentials for a user if they forgot their password or something", "basic-flow", true, true);
        addExecExport(newFlow8, null, false, "reset-credentials-choose-user", false, null, "REQUIRED", 10);
        addExecExport(newFlow8, null, false, "reset-credential-email", false, null, "REQUIRED", 20);
        addExecExport(newFlow8, null, false, "reset-password", false, null, "REQUIRED", 30);
        addExecExport(newFlow8, "Reset - Conditional OTP", false, null, true, null, "CONDITIONAL", 40);
        LinkedList linkedList9 = new LinkedList();
        addExecInfo(linkedList9, "Choose User", "reset-credentials-choose-user", false, 0, 0, "REQUIRED", null, new String[]{"REQUIRED"});
        addExecInfo(linkedList9, "Send Reset Email", "reset-credential-email", false, 0, 1, "REQUIRED", null, new String[]{"REQUIRED"});
        addExecInfo(linkedList9, "Reset Password", "reset-password", false, 0, 2, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        addExecInfo(linkedList9, "Reset - Conditional OTP", null, false, 0, 3, "CONDITIONAL", true, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED", "CONDITIONAL"});
        addExecInfo(linkedList9, "Condition - user configured", "conditional-user-configured", false, 1, 0, "REQUIRED", null, new String[]{"REQUIRED", "DISABLED"});
        addExecInfo(linkedList9, "Reset OTP", "reset-otp", false, 1, 1, "REQUIRED", null, new String[]{"REQUIRED", "ALTERNATIVE", "DISABLED"});
        linkedList.add(new FlowExecutions(newFlow8, linkedList9));
        return linkedList;
    }

    private void addExecExport(AuthenticationFlowRepresentation authenticationFlowRepresentation, String str, boolean z, String str2, boolean z2, String str3, String str4, int i) {
        AuthenticationExecutionExportRepresentation newExecutionExportRepresentation = newExecutionExportRepresentation(str, z, str2, z2, str3, str4, i);
        List authenticationExecutions = authenticationFlowRepresentation.getAuthenticationExecutions();
        if (authenticationExecutions == null) {
            authenticationExecutions = new ArrayList();
            authenticationFlowRepresentation.setAuthenticationExecutions(authenticationExecutions);
        }
        authenticationExecutions.add(newExecutionExportRepresentation);
    }

    private AuthenticationExecutionExportRepresentation newExecutionExportRepresentation(String str, boolean z, String str2, boolean z2, String str3, String str4, int i) {
        AuthenticationExecutionExportRepresentation authenticationExecutionExportRepresentation = new AuthenticationExecutionExportRepresentation();
        authenticationExecutionExportRepresentation.setFlowAlias(str);
        authenticationExecutionExportRepresentation.setUserSetupAllowed(z);
        authenticationExecutionExportRepresentation.setAuthenticator(str2);
        authenticationExecutionExportRepresentation.setAuthenticatorFlow(z2);
        authenticationExecutionExportRepresentation.setAuthenticatorConfig(str3);
        authenticationExecutionExportRepresentation.setRequirement(str4);
        authenticationExecutionExportRepresentation.setPriority(i);
        return authenticationExecutionExportRepresentation;
    }
}
