package org.apache.cxf.systest.jaxrs.security.oauth2.filters;

import java.net.URL;
import javax.ws.rs.core.Response;
import org.apache.cxf.Bus;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.message.Message;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
import org.apache.cxf.rs.security.jose.jws.JwsUtils;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.systest.jaxrs.security.Book;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2JwtFiltersTest.class */
public class OAuth2JwtFiltersTest extends AbstractBusClientServerTestBase {
    public static final String PORT = BookServerOAuth2FiltersJwt.PORT;
    public static final String OAUTH_PORT = BookServerOAuth2ServiceJwt.PORT;

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("server did not launch correctly", launchServer(BookServerOAuth2FiltersJwt.class, true));
        assertTrue("server did not launch correctly", launchServer(BookServerOAuth2ServiceJwt.class, true));
    }

    @Test
    public void testServiceWithJwtToken() throws Exception {
        doTestServiceWithJwtTokenAndScope("https://localhost:" + OAUTH_PORT + "/services/", "https://localhost:" + PORT + "/secured/bookstore/books");
    }

    @Test
    public void testServiceWithJwtTokenStoredAsJoseKey() throws Exception {
        doTestServiceWithJwtTokenAndScope("https://localhost:" + OAUTH_PORT + "/services2/", "https://localhost:" + PORT + "/secured2/bookstore/books");
    }

    @Test
    public void testServiceWithJwtTokenAndLocalValidation() throws Exception {
        doTestServiceWithJwtTokenAndScope("https://localhost:" + OAUTH_PORT + "/services/", "https://localhost:" + PORT + "/securedLocalValidation/bookstore/books");
    }

    private void doTestServiceWithJwtTokenAndScope(String str, String str2) throws Exception {
        URL resource = OAuth2JwtFiltersTest.class.getResource("client.xml");
        WebClient create = WebClient.create(str, OAuth2TestUtils.setupProviders(), "alice", "security", resource.toString());
        WebClient.getConfig(create).getRequestContext().put(Message.MAINTAIN_SESSION, Boolean.TRUE);
        String authorizationCode = OAuth2TestUtils.getAuthorizationCode(create, "create_book");
        assertNotNull(authorizationCode);
        WebClient create2 = WebClient.create(str, OAuth2TestUtils.setupProviders(), "consumer-id", "this-is-a-secret", resource.toString());
        WebClient.getConfig(create2).getRequestContext().put(Message.MAINTAIN_SESSION, Boolean.TRUE);
        ClientAccessToken accessTokenWithAuthorizationCode = OAuth2TestUtils.getAccessTokenWithAuthorizationCode(create2, authorizationCode);
        assertNotNull(accessTokenWithAuthorizationCode.getTokenKey());
        JwsJwtCompactConsumer jwsJwtCompactConsumer = new JwsJwtCompactConsumer(accessTokenWithAuthorizationCode.getTokenKey());
        assertTrue(jwsJwtCompactConsumer.verifySignatureWith(JwsUtils.loadSignatureVerifier("org/apache/cxf/systest/jaxrs/security/alice.rs.properties", (Bus) null)));
        JwtClaims jwtClaims = jwsJwtCompactConsumer.getJwtClaims();
        assertEquals("consumer-id", jwtClaims.getStringProperty("client_id"));
        assertEquals("alice", jwtClaims.getStringProperty("username"));
        WebClient create3 = WebClient.create(str2, OAuth2TestUtils.setupProviders(), resource.toString());
        create3.header("Authorization", new Object[]{"Bearer " + accessTokenWithAuthorizationCode.getTokenKey()});
        Response post = create3.post(new Book("book", 123L));
        assertEquals(200L, post.getStatus());
        Book book = (Book) post.readEntity(Book.class);
        assertEquals(book.getName(), "book");
        assertEquals(book.getId(), 123L);
    }

    @Test
    public void testServiceLocalValidationWithNoToken() throws Exception {
        assertNotEquals(WebClient.create("https://localhost:" + PORT + "/securedLocalValidation/bookstore/books", OAuth2TestUtils.setupProviders(), OAuth2FiltersTest.class.getResource("client.xml").toString()).post(new Book("book", 123L)).getStatus(), 200L);
    }
}
