package org.apache.cxf.systest.jaxrs.security.oidc;

import java.net.URL;
import java.util.Collections;
import javax.ws.rs.core.Response;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.services.ClientRegistration;
import org.apache.cxf.rs.security.oauth2.services.ClientRegistrationResponse;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/oidc/OIDCDynamicRegistrationTest.class */
public class OIDCDynamicRegistrationTest extends AbstractBusClientServerTestBase {
    public static final String PORT = OIDCDynRegistrationServer.PORT;

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("server did not launch correctly", launchServer(OIDCDynRegistrationServer.class, true));
    }

    @Test
    public void testGetClientRegNotAvail() throws Exception {
        assertEquals(401L, WebClient.create("https://localhost:" + PORT + "/services/dynamic/register", Collections.singletonList(new JsonMapObjectProvider()), OIDCDynamicRegistrationTest.class.getResource("client.xml").toString()).accept(new String[]{"application/json"}).path("some-client-id").get().getStatus());
    }

    @Test
    public void testRegisterClient() throws Exception {
        doTestRegisterClient(null);
    }

    @Test
    public void testRegisterClientInitialAccessToken() throws Exception {
        doTestRegisterClient("123456789");
    }

    private void doTestRegisterClient(String str) throws Exception {
        ClientRegistrationResponse clientRegistrationResponse;
        URL resource = OIDCDynamicRegistrationTest.class.getResource("client.xml");
        String str2 = "https://localhost:" + PORT + "/services";
        String str3 = str != null ? str2 + "/dynamicWithAt/register" : str2 + "/dynamic/register";
        WebClient create = WebClient.create(str3, Collections.singletonList(new JsonMapObjectProvider()), resource.toString());
        create.accept(new String[]{"application/json"}).type("application/json");
        ClientRegistration clientRegistration = new ClientRegistration();
        clientRegistration.setApplicationType("web");
        clientRegistration.setScope("openid");
        clientRegistration.setClientName("dynamic_client");
        clientRegistration.setGrantTypes(Collections.singletonList("authorization_code"));
        clientRegistration.setRedirectUris(Collections.singletonList("https://a/b/c"));
        clientRegistration.setProperty("post_logout_redirect_uris", Collections.singletonList("https://rp/logout"));
        Response post = create.post(clientRegistration);
        if (str == null) {
            clientRegistrationResponse = (ClientRegistrationResponse) post.readEntity(ClientRegistrationResponse.class);
        } else {
            assertEquals(401L, create.get().getStatus());
            create.authorization(new ClientAccessToken("Bearer", str));
            clientRegistrationResponse = (ClientRegistrationResponse) create.post(clientRegistration, ClientRegistrationResponse.class);
        }
        assertNotNull(clientRegistrationResponse.getClientId());
        assertNotNull(clientRegistrationResponse.getClientSecret());
        assertEquals(str3 + "/" + clientRegistrationResponse.getClientId(), clientRegistrationResponse.getRegistrationClientUri());
        String registrationAccessToken = clientRegistrationResponse.getRegistrationAccessToken();
        assertNotNull(registrationAccessToken);
        create.reset();
        create.path(clientRegistrationResponse.getClientId());
        assertEquals(401L, create.get().getStatus());
        create.authorization(new ClientAccessToken("Bearer", registrationAccessToken));
        ClientRegistration clientRegistration2 = (ClientRegistration) create.get(ClientRegistration.class);
        assertNotNull(clientRegistration2);
        assertEquals("web", clientRegistration2.getApplicationType());
        assertEquals("dynamic_client", clientRegistration2.getClientName());
        assertEquals("openid", clientRegistration2.getScope());
        assertEquals(Collections.singletonList("authorization_code"), clientRegistration2.getGrantTypes());
        assertEquals(Collections.singletonList("https://a/b/c"), clientRegistration2.getRedirectUris());
        assertEquals(Collections.singletonList("https://rp/logout"), clientRegistration2.getListStringProperty("post_logout_redirect_uris"));
        assertEquals(200L, create.delete().getStatus());
    }
}
