package org.keycloak.testsuite.admin;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import javax.mail.MessagingException;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.hamcrest.Matchers;
import org.jboss.arquillian.drone.api.annotation.Drone;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.keycloak.admin.client.resource.IdentityProviderResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.RoleMappingResource;
import org.keycloak.admin.client.resource.UserResource;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.models.UserModel;
import org.keycloak.representations.idm.ClientMappingsRepresentation;
import org.keycloak.representations.idm.CredentialRepresentation;
import org.keycloak.representations.idm.ErrorRepresentation;
import org.keycloak.representations.idm.FederatedIdentityRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.MappingsRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
import org.keycloak.representations.idm.RoleRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.services.resources.RealmsResource;
import org.keycloak.testsuite.page.LoginPasswordUpdatePage;
import org.keycloak.testsuite.pages.InfoPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.ClientBuilder;
import org.keycloak.testsuite.util.GreenMailRule;
import org.keycloak.testsuite.util.MailUtils;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.RealmBuilder;
import org.keycloak.testsuite.util.RoleBuilder;
import org.keycloak.testsuite.util.UserBuilder;
import org.openqa.selenium.WebDriver;

/* loaded from: input_file:org/keycloak/testsuite/admin/UserTest.class */
public class UserTest extends AbstractAdminTest {

    @Rule
    public GreenMailRule greenMail = new GreenMailRule();

    @Drone
    protected WebDriver driver;

    @Page
    protected LoginPasswordUpdatePage passwordUpdatePage;

    @ArquillianResource
    protected OAuthClient oAuthClient;

    @Page
    protected InfoPage infoPage;

    @Page
    protected LoginPage loginPage;

    public String createUser() {
        return createUser("user1", "user1@localhost");
    }

    public String createUser(String str, String str2) {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername(str);
        userRepresentation.setEmail(str2);
        userRepresentation.setRequiredActions(Collections.emptyList());
        userRepresentation.setEnabled(true);
        return createUser(userRepresentation);
    }

    private String createUser(UserRepresentation userRepresentation) {
        Response create = this.realm.users().create(userRepresentation);
        String createdId = ApiUtil.getCreatedId(create);
        create.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userResourcePath(createdId), userRepresentation, ResourceType.USER);
        return createdId;
    }

    private void updateUser(UserResource userResource, UserRepresentation userRepresentation) {
        userResource.update(userRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, AdminEventPaths.userResourcePath(userRepresentation.getId()), userRepresentation, ResourceType.USER);
    }

    @Test
    public void verifyCreateUser() {
        createUser();
    }

    @Test
    public void createDuplicatedUser1() {
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user1");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        this.assertAdminEvents.assertEmpty();
        Assert.assertEquals("User exists with same username", ((ErrorRepresentation) create.readEntity(ErrorRepresentation.class)).getErrorMessage());
        create.close();
    }

    @Test
    public void createDuplicatedUser2() {
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user2");
        userRepresentation.setEmail("user1@localhost");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        create.close();
    }

    @Test
    public void createDuplicatedUser3() {
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("User1");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        create.close();
    }

    @Test
    public void createDuplicatedUser4() {
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("USER1");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        create.close();
    }

    @Test
    public void createDuplicatedUser5() {
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user2");
        userRepresentation.setEmail("User1@localhost");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        create.close();
    }

    @Test
    public void createDuplicatedUser6() {
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user2");
        userRepresentation.setEmail("user1@LOCALHOST");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        create.close();
    }

    @Test
    public void createDuplicatedUser7() {
        createUser("user1", "USer1@Localhost");
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user2");
        userRepresentation.setEmail("user1@localhost");
        Response create = this.realm.users().create(userRepresentation);
        Assert.assertEquals(409L, create.getStatus());
        create.close();
        this.assertAdminEvents.assertEmpty();
    }

    private void createUsers() {
        for (int i = 1; i < 10; i++) {
            UserRepresentation userRepresentation = new UserRepresentation();
            userRepresentation.setUsername("username" + i);
            userRepresentation.setEmail("user" + i + "@localhost");
            userRepresentation.setFirstName("First" + i);
            userRepresentation.setLastName("Last" + i);
            createUser(userRepresentation);
        }
    }

    @Test
    public void searchByEmail() {
        createUsers();
        Assert.assertEquals(1L, this.realm.users().search((String) null, (String) null, (String) null, "user1@localhost", (Integer) null, (Integer) null).size());
        Assert.assertEquals(9L, this.realm.users().search((String) null, (String) null, (String) null, "@localhost", (Integer) null, (Integer) null).size());
    }

    @Test
    public void searchByUsername() {
        createUsers();
        Assert.assertEquals(1L, this.realm.users().search("username1", (String) null, (String) null, (String) null, (Integer) null, (Integer) null).size());
        Assert.assertEquals(9L, this.realm.users().search("user", (String) null, (String) null, (String) null, (Integer) null, (Integer) null).size());
    }

    @Test
    public void search() {
        createUsers();
        Assert.assertEquals(1L, this.realm.users().search("username1", (Integer) null, (Integer) null).size());
        Assert.assertEquals(1L, this.realm.users().search("first1", (Integer) null, (Integer) null).size());
        Assert.assertEquals(9L, this.realm.users().search("last", (Integer) null, (Integer) null).size());
    }

    @Test
    public void count() {
        createUsers();
        Assert.assertEquals(9L, this.realm.users().count().intValue());
    }

    @Test
    public void delete() {
        String createUser = createUser();
        Response delete = this.realm.users().delete(createUser);
        Assert.assertEquals(204L, delete.getStatus());
        delete.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.userResourcePath(createUser), ResourceType.USER);
    }

    @Test
    public void deleteNonExistent() {
        Response delete = this.realm.users().delete("does-not-exist");
        Assert.assertEquals(404L, delete.getStatus());
        delete.close();
        this.assertAdminEvents.assertEmpty();
    }

    @Test
    public void searchPaginated() {
        createUsers();
        List search = this.realm.users().search("username", 0, 1);
        Assert.assertEquals(1L, search.size());
        Assert.assertEquals("username1", ((UserRepresentation) search.get(0)).getUsername());
        List search2 = this.realm.users().search("username", 5, 2);
        Assert.assertEquals(2L, search2.size());
        Assert.assertEquals("username6", ((UserRepresentation) search2.get(0)).getUsername());
        Assert.assertEquals("username7", ((UserRepresentation) search2.get(1)).getUsername());
        List search3 = this.realm.users().search("username", 7, 20);
        Assert.assertEquals(2L, search3.size());
        Assert.assertEquals("username8", ((UserRepresentation) search3.get(0)).getUsername());
        Assert.assertEquals("username9", ((UserRepresentation) search3.get(1)).getUsername());
        Assert.assertEquals(9L, this.realm.users().search("username", 0, 20).size());
    }

    @Test
    public void getFederatedIdentities() {
        addSampleIdentityProvider();
        String createUser = createUser();
        UserResource userResource = this.realm.users().get(createUser);
        Assert.assertEquals(0L, userResource.getFederatedIdentity().size());
        FederatedIdentityRepresentation federatedIdentityRepresentation = new FederatedIdentityRepresentation();
        federatedIdentityRepresentation.setUserId("social-user-id");
        federatedIdentityRepresentation.setUserName("social-username");
        Assert.assertEquals(204L, userResource.addFederatedIdentity("social-provider-id", federatedIdentityRepresentation).getStatus());
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userFederatedIdentityLink(createUser, "social-provider-id"), federatedIdentityRepresentation, ResourceType.USER);
        UserResource userResource2 = this.realm.users().get(createUser);
        List federatedIdentity = userResource2.getFederatedIdentity();
        Assert.assertEquals(1L, federatedIdentity.size());
        FederatedIdentityRepresentation federatedIdentityRepresentation2 = (FederatedIdentityRepresentation) federatedIdentity.get(0);
        Assert.assertEquals("social-provider-id", federatedIdentityRepresentation2.getIdentityProvider());
        Assert.assertEquals("social-user-id", federatedIdentityRepresentation2.getUserId());
        Assert.assertEquals("social-username", federatedIdentityRepresentation2.getUserName());
        userResource2.removeFederatedIdentity("social-provider-id");
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.userFederatedIdentityLink(createUser, "social-provider-id"), ResourceType.USER);
        Assert.assertEquals(0L, userResource2.getFederatedIdentity().size());
        removeSampleIdentityProvider();
    }

    private void addSampleIdentityProvider() {
        Assert.assertEquals(0L, this.realm.identityProviders().findAll().size());
        IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
        identityProviderRepresentation.setAlias("social-provider-id");
        identityProviderRepresentation.setProviderId("social-provider-type");
        this.realm.identityProviders().create(identityProviderRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.identityProviderPath(identityProviderRepresentation.getAlias()), identityProviderRepresentation, ResourceType.IDENTITY_PROVIDER);
    }

    private void removeSampleIdentityProvider() {
        IdentityProviderResource identityProviderResource = this.realm.identityProviders().get("social-provider-id");
        Assert.assertNotNull(identityProviderResource);
        identityProviderResource.remove();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.identityProviderPath("social-provider-id"), ResourceType.IDENTITY_PROVIDER);
    }

    @Test
    public void addRequiredAction() {
        UserResource userResource = this.realm.users().get(createUser());
        Assert.assertTrue(userResource.toRepresentation().getRequiredActions().isEmpty());
        UserRepresentation representation = userResource.toRepresentation();
        representation.getRequiredActions().add("UPDATE_PASSWORD");
        updateUser(userResource, representation);
        Assert.assertEquals(1L, userResource.toRepresentation().getRequiredActions().size());
        Assert.assertEquals("UPDATE_PASSWORD", userResource.toRepresentation().getRequiredActions().get(0));
    }

    @Test
    public void removeRequiredAction() {
        String createUser = createUser();
        UserResource userResource = this.realm.users().get(createUser);
        Assert.assertTrue(userResource.toRepresentation().getRequiredActions().isEmpty());
        UserRepresentation representation = userResource.toRepresentation();
        representation.getRequiredActions().add("UPDATE_PASSWORD");
        updateUser(userResource, representation);
        UserResource userResource2 = this.realm.users().get(createUser);
        UserRepresentation representation2 = userResource2.toRepresentation();
        representation2.getRequiredActions().clear();
        updateUser(userResource2, representation2);
        Assert.assertTrue(userResource2.toRepresentation().getRequiredActions().isEmpty());
    }

    @Test
    public void attributes() {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user1");
        userRepresentation.singleAttribute("attr1", "value1user1");
        userRepresentation.singleAttribute("attr2", "value2user1");
        String createUser = createUser(userRepresentation);
        UserRepresentation userRepresentation2 = new UserRepresentation();
        userRepresentation2.setUsername("user2");
        userRepresentation2.singleAttribute("attr1", "value1user2");
        ArrayList arrayList = new ArrayList();
        arrayList.add("value2user2");
        arrayList.add("value2user2_2");
        userRepresentation2.getAttributesAsListValues().put("attr2", arrayList);
        String createUser2 = createUser(userRepresentation2);
        UserRepresentation representation = this.realm.users().get(createUser).toRepresentation();
        Assert.assertEquals(2L, representation.getAttributesAsListValues().size());
        assertAttributeValue("value1user1", (List) representation.getAttributesAsListValues().get("attr1"));
        assertAttributeValue("value2user1", (List) representation.getAttributesAsListValues().get("attr2"));
        UserRepresentation representation2 = this.realm.users().get(createUser2).toRepresentation();
        Assert.assertEquals(2L, representation2.getAttributesAsListValues().size());
        assertAttributeValue("value1user2", (List) representation2.getAttributesAsListValues().get("attr1"));
        List list = (List) representation2.getAttributesAsListValues().get("attr2");
        Assert.assertEquals(2L, list.size());
        Assert.assertTrue(list.contains("value2user2") && list.contains("value2user2_2"));
        representation.singleAttribute("attr1", "value3user1");
        representation.singleAttribute("attr3", "value4user1");
        updateUser(this.realm.users().get(createUser), representation);
        UserRepresentation representation3 = this.realm.users().get(createUser).toRepresentation();
        Assert.assertEquals(3L, representation3.getAttributesAsListValues().size());
        assertAttributeValue("value3user1", (List) representation3.getAttributesAsListValues().get("attr1"));
        assertAttributeValue("value2user1", (List) representation3.getAttributesAsListValues().get("attr2"));
        assertAttributeValue("value4user1", (List) representation3.getAttributesAsListValues().get("attr3"));
        representation3.getAttributes().remove("attr1");
        updateUser(this.realm.users().get(createUser), representation3);
        UserRepresentation representation4 = this.realm.users().get(createUser).toRepresentation();
        Assert.assertEquals(2L, representation4.getAttributesAsListValues().size());
        assertAttributeValue("value2user1", (List) representation4.getAttributesAsListValues().get("attr2"));
        assertAttributeValue("value4user1", (List) representation4.getAttributesAsListValues().get("attr3"));
        representation4.getAttributes().clear();
        updateUser(this.realm.users().get(createUser), representation4);
        Assert.assertNull(this.realm.users().get(createUser).toRepresentation().getAttributes());
    }

    private void assertAttributeValue(String str, List<String> list) {
        Assert.assertEquals(1L, list.size());
        Assert.assertEquals(str, list.get(0));
    }

    @Test
    public void sendResetPasswordEmail() {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user1");
        UserResource userResource = this.realm.users().get(createUser(userRepresentation));
        LinkedList linkedList = new LinkedList();
        try {
            userResource.executeActionsEmail(linkedList);
            Assert.fail("Expected failure");
        } catch (ClientErrorException e) {
            Assert.assertEquals(400L, e.getResponse().getStatus());
            Assert.assertEquals("User email missing", ((ErrorRepresentation) e.getResponse().readEntity(ErrorRepresentation.class)).getErrorMessage());
        }
        try {
            userRepresentation = userResource.toRepresentation();
            userRepresentation.setEmail("user1@localhost");
            userRepresentation.setEnabled(false);
            updateUser(userResource, userRepresentation);
            userResource.executeActionsEmail(linkedList);
            Assert.fail("Expected failure");
        } catch (ClientErrorException e2) {
            Assert.assertEquals(400L, e2.getResponse().getStatus());
            Assert.assertEquals("User is disabled", ((ErrorRepresentation) e2.getResponse().readEntity(ErrorRepresentation.class)).getErrorMessage());
        }
        try {
            userRepresentation.setEnabled(true);
            updateUser(userResource, userRepresentation);
            userResource.executeActionsEmail("invalidClientId", linkedList);
            Assert.fail("Expected failure");
        } catch (ClientErrorException e3) {
            Assert.assertEquals(400L, e3.getResponse().getStatus());
            Assert.assertEquals("invalidClientId not enabled", ((ErrorRepresentation) e3.getResponse().readEntity(ErrorRepresentation.class)).getErrorMessage());
        }
    }

    @Test
    public void sendResetPasswordEmailSuccess() throws IOException, MessagingException {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setEnabled(true);
        userRepresentation.setUsername("user1");
        userRepresentation.setEmail("user1@test.com");
        String createUser = createUser(userRepresentation);
        UserResource userResource = this.realm.users().get(createUser);
        LinkedList linkedList = new LinkedList();
        linkedList.add(UserModel.RequiredAction.UPDATE_PASSWORD.name());
        userResource.executeActionsEmail("account", linkedList);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userResourcePath(createUser) + "/execute-actions-email", ResourceType.USER);
        Assert.assertEquals(1L, this.greenMail.getReceivedMessages().length);
        String passwordResetEmailLink = MailUtils.getPasswordResetEmailLink(this.greenMail.getReceivedMessages()[0]);
        this.driver.navigate().to(passwordResetEmailLink);
        Assert.assertTrue(this.passwordUpdatePage.isCurrent());
        this.passwordUpdatePage.changePassword("new-pass", "new-pass");
        Assert.assertEquals("Your account has been updated.", this.driver.getTitle());
        this.driver.navigate().to(passwordResetEmailLink);
        Assert.assertEquals("We're sorry...", this.driver.getTitle());
    }

    @Test
    public void sendVerifyEmail() throws IOException, MessagingException {
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user1");
        String createUser = createUser(userRepresentation);
        UserResource userResource = this.realm.users().get(createUser);
        try {
            userResource.sendVerifyEmail();
            Assert.fail("Expected failure");
        } catch (ClientErrorException e) {
            Assert.assertEquals(400L, e.getResponse().getStatus());
            Assert.assertEquals("User email missing", ((ErrorRepresentation) e.getResponse().readEntity(ErrorRepresentation.class)).getErrorMessage());
        }
        try {
            userRepresentation = userResource.toRepresentation();
            userRepresentation.setEmail("user1@localhost");
            userRepresentation.setEnabled(false);
            updateUser(userResource, userRepresentation);
            userResource.sendVerifyEmail();
            Assert.fail("Expected failure");
        } catch (ClientErrorException e2) {
            Assert.assertEquals(400L, e2.getResponse().getStatus());
            Assert.assertEquals("User is disabled", ((ErrorRepresentation) e2.getResponse().readEntity(ErrorRepresentation.class)).getErrorMessage());
        }
        try {
            userRepresentation.setEnabled(true);
            updateUser(userResource, userRepresentation);
            userResource.sendVerifyEmail("invalidClientId");
            Assert.fail("Expected failure");
        } catch (ClientErrorException e3) {
            Assert.assertEquals(400L, e3.getResponse().getStatus());
            Assert.assertEquals("invalidClientId not enabled", ((ErrorRepresentation) e3.getResponse().readEntity(ErrorRepresentation.class)).getErrorMessage());
        }
        userResource.sendVerifyEmail();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userResourcePath(createUser) + "/send-verify-email", ResourceType.USER);
        Assert.assertEquals(1L, this.greenMail.getReceivedMessages().length);
        this.driver.navigate().to(MailUtils.getPasswordResetEmailLink(this.greenMail.getReceivedMessages()[0]));
        Assert.assertEquals("Your account has been updated.", this.infoPage.getInfo());
    }

    @Test
    public void updateUserWithNewUsername() {
        switchEditUsernameAllowedOn();
        String createUser = createUser();
        UserResource userResource = this.realm.users().get(createUser);
        UserRepresentation representation = userResource.toRepresentation();
        representation.setUsername("user11");
        updateUser(userResource, representation);
        Assert.assertEquals("user11", this.realm.users().get(createUser).toRepresentation().getUsername());
    }

    @Test
    public void updateUserWithoutUsername() {
        switchEditUsernameAllowedOn();
        String createUser = createUser();
        UserResource userResource = this.realm.users().get(createUser);
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setFirstName("Firstname");
        userResource.update(userRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, AdminEventPaths.userResourcePath(createUser), userRepresentation, ResourceType.USER);
        UserRepresentation userRepresentation2 = new UserRepresentation();
        userRepresentation2.setLastName("Lastname");
        userResource.update(userRepresentation2);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, AdminEventPaths.userResourcePath(createUser), userRepresentation2, ResourceType.USER);
        UserRepresentation representation = this.realm.users().get(createUser).toRepresentation();
        Assert.assertEquals("user1", representation.getUsername());
        Assert.assertEquals("user1@localhost", representation.getEmail());
        Assert.assertEquals("Firstname", representation.getFirstName());
        Assert.assertEquals("Lastname", representation.getLastName());
    }

    @Test
    public void updateUserWithNewUsernameNotPossible() {
        String createUser = createUser();
        UserResource userResource = this.realm.users().get(createUser);
        UserRepresentation representation = userResource.toRepresentation();
        representation.setUsername("user11");
        updateUser(userResource, representation);
        Assert.assertEquals("user1", this.realm.users().get(createUser).toRepresentation().getUsername());
    }

    @Test
    public void updateUserWithNewUsernameAccessingViaOldUsername() {
        switchEditUsernameAllowedOn();
        createUser();
        try {
            UserResource userResource = this.realm.users().get("user1");
            UserRepresentation representation = userResource.toRepresentation();
            representation.setUsername("user1");
            updateUser(userResource, representation);
            this.realm.users().get("user11").toRepresentation();
            Assert.fail("Expected failure");
        } catch (ClientErrorException e) {
            Assert.assertEquals(404L, e.getResponse().getStatus());
        }
    }

    @Test
    public void updateUserWithExistingUsername() {
        switchEditUsernameAllowedOn();
        enableBruteForce();
        createUser();
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername("user2");
        try {
            UserResource userResource = this.realm.users().get(createUser(userRepresentation));
            UserRepresentation representation = userResource.toRepresentation();
            representation.setUsername("user1");
            userResource.update(representation);
            Assert.fail("Expected failure");
        } catch (ClientErrorException e) {
            Assert.assertEquals(409L, e.getResponse().getStatus());
            this.assertAdminEvents.poll();
        }
    }

    @Test
    public void resetUserPassword() {
        String createUser = createUser("user1", "user1@localhost");
        CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
        credentialRepresentation.setType("password");
        credentialRepresentation.setValue("password");
        credentialRepresentation.setTemporary(false);
        this.realm.users().get(createUser).resetPassword(credentialRepresentation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userResetPasswordPath(createUser), ResourceType.USER);
        this.driver.navigate().to(RealmsResource.accountUrl(UriBuilder.fromUri(getAuthServerRoot())).build(new Object[]{"admin-client-test"}).toString());
        Assert.assertEquals("Log in to admin-client-test", this.driver.getTitle());
        this.loginPage.login("user1", "password");
        Assert.assertTrue(this.driver.getTitle().contains("Account Management"));
    }

    @Test
    public void resetUserInvalidPassword() {
        String createUser = createUser("user1", "user1@localhost");
        try {
            CredentialRepresentation credentialRepresentation = new CredentialRepresentation();
            credentialRepresentation.setType("password");
            credentialRepresentation.setValue(" ");
            credentialRepresentation.setTemporary(false);
            this.realm.users().get(createUser).resetPassword(credentialRepresentation);
            Assert.fail("Expected failure");
        } catch (ClientErrorException e) {
            Assert.assertEquals(400L, e.getResponse().getStatus());
            e.getResponse().close();
            this.assertAdminEvents.assertEmpty();
        }
    }

    @Test
    public void testDefaultRequiredActionAdded() {
        RequiredActionProviderRepresentation requiredAction = this.realm.flows().getRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString());
        requiredAction.setDefaultAction(true);
        this.realm.flows().updateRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), requiredAction);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, AdminEventPaths.authRequiredActionPath(UserModel.RequiredAction.UPDATE_PASSWORD.toString()), requiredAction, ResourceType.REQUIRED_ACTION);
        UserRepresentation representation = this.realm.users().get(createUser("user1", "user1@localhost")).toRepresentation();
        Assert.assertEquals(1L, representation.getRequiredActions().size());
        Assert.assertEquals(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), representation.getRequiredActions().get(0));
        RequiredActionProviderRepresentation requiredAction2 = this.realm.flows().getRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString());
        requiredAction2.setDefaultAction(true);
        this.realm.flows().updateRequiredAction(UserModel.RequiredAction.UPDATE_PASSWORD.toString(), requiredAction2);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, AdminEventPaths.authRequiredActionPath(UserModel.RequiredAction.UPDATE_PASSWORD.toString()), requiredAction2, ResourceType.REQUIRED_ACTION);
    }

    @Test
    public void roleMappings() {
        RealmResource realm = this.adminClient.realms().realm("test");
        realm.update(RealmBuilder.edit(realm.toRepresentation()).testEventListener().build());
        realm.roles().create(RoleBuilder.create().name("realm-role").build());
        realm.roles().create(RoleBuilder.create().name("realm-composite").build());
        realm.roles().create(RoleBuilder.create().name("realm-child").build());
        realm.roles().get("realm-composite").addComposites(Collections.singletonList(realm.roles().get("realm-child").toRepresentation()));
        Response create = realm.clients().create(ClientBuilder.create().clientId("myclient").build());
        String createdId = ApiUtil.getCreatedId(create);
        create.close();
        realm.clients().get(createdId).roles().create(RoleBuilder.create().name("client-role").build());
        realm.clients().get(createdId).roles().create(RoleBuilder.create().name("client-role2").build());
        realm.clients().get(createdId).roles().create(RoleBuilder.create().name("client-composite").build());
        realm.clients().get(createdId).roles().create(RoleBuilder.create().name("client-child").build());
        realm.clients().get(createdId).roles().get("client-composite").addComposites(Collections.singletonList(realm.clients().get(createdId).roles().get("client-child").toRepresentation()));
        Response create2 = realm.users().create(UserBuilder.create().username("myuser").build());
        String createdId2 = ApiUtil.getCreatedId(create2);
        create2.close();
        this.assertAdminEvents.clear();
        RoleMappingResource roles = realm.users().get(createdId2).roles();
        org.keycloak.testsuite.Assert.assertNames(roles.realmLevel().listAll(), "user", "offline_access", "uma_authorization");
        LinkedList linkedList = new LinkedList();
        linkedList.add(realm.roles().get("realm-role").toRepresentation());
        linkedList.add(realm.roles().get("realm-composite").toRepresentation());
        roles.realmLevel().add(linkedList);
        this.assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userRealmRoleMappingsPath(createdId2), linkedList, ResourceType.REALM_ROLE_MAPPING);
        List singletonList = Collections.singletonList(realm.clients().get(createdId).roles().get("client-role").toRepresentation());
        roles.clientLevel(createdId).add(singletonList);
        this.assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userClientRoleMappingsPath(createdId2, createdId), singletonList, ResourceType.CLIENT_ROLE_MAPPING);
        roles.clientLevel(createdId).add(Collections.singletonList(realm.clients().get(createdId).roles().get("client-composite").toRepresentation()));
        this.assertAdminEvents.assertEvent("test", OperationType.CREATE, AdminEventPaths.userClientRoleMappingsPath(createdId2, createdId), ResourceType.CLIENT_ROLE_MAPPING);
        org.keycloak.testsuite.Assert.assertNames(roles.realmLevel().listAll(), "realm-role", "realm-composite", "user", "offline_access", "uma_authorization");
        org.keycloak.testsuite.Assert.assertNames(roles.realmLevel().listAvailable(), "admin");
        org.keycloak.testsuite.Assert.assertNames(roles.realmLevel().listEffective(), "realm-role", "realm-composite", "realm-child", "user", "offline_access", "uma_authorization");
        org.keycloak.testsuite.Assert.assertNames(roles.clientLevel(createdId).listAll(), "client-role", "client-composite");
        org.keycloak.testsuite.Assert.assertNames(roles.clientLevel(createdId).listAvailable(), "client-role2");
        org.keycloak.testsuite.Assert.assertNames(roles.clientLevel(createdId).listEffective(), "client-role", "client-composite", "client-child");
        MappingsRepresentation all = roles.getAll();
        org.keycloak.testsuite.Assert.assertNames(all.getRealmMappings(), "realm-role", "realm-composite", "user", "offline_access", "uma_authorization");
        Assert.assertEquals(2L, all.getClientMappings().size());
        org.keycloak.testsuite.Assert.assertNames(((ClientMappingsRepresentation) all.getClientMappings().get("myclient")).getMappings(), "client-role", "client-composite");
        org.keycloak.testsuite.Assert.assertNames(((ClientMappingsRepresentation) all.getClientMappings().get("account")).getMappings(), "manage-account", "view-profile");
        RoleRepresentation representation = realm.roles().get("realm-role").toRepresentation();
        roles.realmLevel().remove(Collections.singletonList(representation));
        this.assertAdminEvents.assertEvent("test", OperationType.DELETE, AdminEventPaths.userRealmRoleMappingsPath(createdId2), Collections.singletonList(representation), ResourceType.REALM_ROLE_MAPPING);
        org.keycloak.testsuite.Assert.assertNames(roles.realmLevel().listAll(), "realm-composite", "user", "offline_access", "uma_authorization");
        RoleRepresentation representation2 = realm.clients().get(createdId).roles().get("client-role").toRepresentation();
        roles.clientLevel(createdId).remove(Collections.singletonList(representation2));
        this.assertAdminEvents.assertEvent("test", OperationType.DELETE, AdminEventPaths.userClientRoleMappingsPath(createdId2, createdId), Collections.singletonList(representation2), ResourceType.CLIENT_ROLE_MAPPING);
        org.keycloak.testsuite.Assert.assertNames(roles.clientLevel(createdId).listAll(), "client-composite");
    }

    private void switchEditUsernameAllowedOn() {
        RealmRepresentation representation = this.realm.toRepresentation();
        representation.setEditUsernameAllowed(true);
        this.realm.update(representation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation, ResourceType.REALM);
    }

    private void enableBruteForce() {
        RealmRepresentation representation = this.realm.toRepresentation();
        representation.setBruteForceProtected(true);
        this.realm.update(representation);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, Matchers.nullValue(String.class), representation, ResourceType.REALM);
    }
}
