package org.apache.cxf.systest.jaxrs.security.oauth2.common;

import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import javax.ws.rs.core.Form;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.provider.json.JSONProvider;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
import org.apache.cxf.rs.security.jose.jws.JwsUtils;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.junit.Assert;

/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.class */
public final class OAuth2TestUtils {
    private OAuth2TestUtils() {
    }

    public static String getAuthorizationCode(WebClient webClient) {
        return getAuthorizationCode(webClient, null);
    }

    public static String getAuthorizationCode(WebClient webClient, String str) {
        return getAuthorizationCode(webClient, str, "consumer-id");
    }

    public static String getAuthorizationCode(WebClient webClient, String str, String str2) {
        return getAuthorizationCode(webClient, str, str2, null, null);
    }

    public static String getAuthorizationCode(WebClient webClient, String str, String str2, String str3, String str4) {
        webClient.type("application/json").accept(new String[]{"application/json"});
        webClient.query("client_id", new Object[]{str2});
        webClient.query("redirect_uri", new Object[]{"http://www.blah.apache.org"});
        webClient.query("response_type", new Object[]{"code"});
        if (str != null) {
            webClient.query("scope", new Object[]{str});
        }
        if (str3 != null) {
            webClient.query("nonce", new Object[]{str3});
        }
        if (str4 != null) {
            webClient.query("state", new Object[]{str4});
        }
        webClient.path("authorize/");
        OAuthAuthorizationData oAuthAuthorizationData = (OAuthAuthorizationData) webClient.get().readEntity(OAuthAuthorizationData.class);
        webClient.path("decision");
        webClient.type("application/x-www-form-urlencoded");
        Form form = new Form();
        form.param("session_authenticity_token", oAuthAuthorizationData.getAuthenticityToken());
        form.param("client_id", oAuthAuthorizationData.getClientId());
        form.param("redirect_uri", oAuthAuthorizationData.getRedirectUri());
        if (oAuthAuthorizationData.getProposedScope() != null) {
            form.param("scope", oAuthAuthorizationData.getProposedScope());
        }
        if (oAuthAuthorizationData.getState() != null) {
            form.param("state", oAuthAuthorizationData.getState());
        }
        form.param("oauthDecision", "allow");
        String headerString = webClient.post(form).getHeaderString("Location");
        if (str4 != null) {
            Assert.assertTrue(headerString.contains("state=" + str4));
        }
        return getSubstring(headerString, "code");
    }

    public static ClientAccessToken getAccessTokenWithAuthorizationCode(WebClient webClient, String str) {
        return getAccessTokenWithAuthorizationCode(webClient, str, "consumer-id", null);
    }

    public static ClientAccessToken getAccessTokenWithAuthorizationCode(WebClient webClient, String str, String str2, String str3) {
        webClient.type("application/x-www-form-urlencoded").accept(new String[]{"application/json"});
        webClient.path("token");
        Form form = new Form();
        form.param("grant_type", "authorization_code");
        form.param("code", str);
        form.param("client_id", str2);
        if (str3 != null) {
            form.param("audience", str3);
        }
        return (ClientAccessToken) webClient.post(form).readEntity(ClientAccessToken.class);
    }

    public static List<Object> setupProviders() {
        ArrayList arrayList = new ArrayList();
        JSONProvider jSONProvider = new JSONProvider();
        jSONProvider.setNamespaceMap(Collections.singletonMap("http://org.apache.cxf.rs.security.oauth", "ns2"));
        arrayList.add(jSONProvider);
        arrayList.add(new OAuthJSONProvider());
        return arrayList;
    }

    public static String createToken(String str) throws WSSecurityException {
        return createToken(str, true, true);
    }

    public static String createToken(String str, boolean z, boolean z2) throws WSSecurityException {
        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(z2);
        samlCallbackHandler.setAudience(str);
        if (!z) {
            samlCallbackHandler.setSaml2(false);
            samlCallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:bearer");
        }
        SAMLCallback sAMLCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback(samlCallbackHandler, sAMLCallback);
        SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(sAMLCallback);
        if (sAMLCallback.isSignAssertion()) {
            samlAssertionWrapper.signAssertion(sAMLCallback.getIssuerKeyName(), sAMLCallback.getIssuerKeyPassword(), sAMLCallback.getIssuerCrypto(), sAMLCallback.isSendKeyValue(), sAMLCallback.getCanonicalizationAlgorithm(), sAMLCallback.getSignatureAlgorithm());
        }
        return samlAssertionWrapper.assertionToString();
    }

    public static String createToken(String str, String str2, String str3, boolean z, boolean z2) {
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject(str2);
        if (str != null) {
            jwtClaims.setIssuer(str);
        }
        jwtClaims.setIssuedAt(Long.valueOf(new Date().getTime() / 1000));
        if (z) {
            Calendar calendar = Calendar.getInstance();
            calendar.add(13, 60);
            jwtClaims.setExpiryTime(Long.valueOf(calendar.getTimeInMillis() / 1000));
        }
        if (str3 != null) {
            jwtClaims.setAudiences(Collections.singletonList(str3));
        }
        if (!z2) {
            return new JwsJwtCompactProducer(new JwsHeaders(SignatureAlgorithm.NONE), jwtClaims).getSignedEncodedJws();
        }
        Properties properties = new Properties();
        properties.put("rs.security.keystore.type", "jks");
        properties.put("rs.security.keystore.password", "password");
        properties.put("rs.security.keystore.alias", "alice");
        properties.put("rs.security.keystore.file", "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
        properties.put("rs.security.key.password", "password");
        properties.put("rs.security.signature.algorithm", "RS256");
        JwsHeaders jwsHeaders = new JwsHeaders(properties);
        return new JwsJwtCompactProducer(jwsHeaders, jwtClaims).signWith(JwsUtils.loadSignatureProvider(properties, jwsHeaders));
    }

    public static String getSubstring(String str, String str2) {
        String substring = str.substring(str.indexOf(str2 + "=") + (str2 + "=").length());
        int indexOf = substring.indexOf(38);
        if (indexOf < 1) {
            indexOf = substring.length();
        }
        return substring.substring(0, indexOf);
    }
}
