package org.keycloak.testsuite.admin;

import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.core.Response;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.UserFederationProviderResource;
import org.keycloak.events.admin.OperationType;
import org.keycloak.events.admin.ResourceType;
import org.keycloak.representations.idm.ConfigPropertyRepresentation;
import org.keycloak.representations.idm.UserFederationMapperRepresentation;
import org.keycloak.representations.idm.UserFederationMapperTypeRepresentation;
import org.keycloak.representations.idm.UserFederationProviderRepresentation;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.util.AdminEventPaths;
import org.keycloak.testsuite.util.UserFederationProviderBuilder;

/* loaded from: input_file:org/keycloak/testsuite/admin/UserFederationMapperTest.class */
public class UserFederationMapperTest extends AbstractAdminTest {
    private String ldapProviderId;
    private String dummyProviderId;

    @Before
    public void initFederationProviders() {
        UserFederationProviderRepresentation build = UserFederationProviderBuilder.create().displayName("ldap-1").providerName("ldap").priority(1).build();
        Response create = this.realm.userFederation().create(build);
        this.ldapProviderId = ApiUtil.getCreatedId(create);
        create.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userFederationResourcePath(this.ldapProviderId), build, ResourceType.USER_FEDERATION_PROVIDER);
        UserFederationProviderRepresentation build2 = UserFederationProviderBuilder.create().displayName("dummy-1").providerName("dummy").priority(2).build();
        Response create2 = this.realm.userFederation().create(build2);
        this.dummyProviderId = ApiUtil.getCreatedId(create2);
        create2.close();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userFederationResourcePath(this.dummyProviderId), build2, ResourceType.USER_FEDERATION_PROVIDER);
    }

    @After
    public void cleanFederationProviders() {
        this.realm.userFederation().get(this.ldapProviderId).remove();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.userFederationResourcePath(this.ldapProviderId), ResourceType.USER_FEDERATION_PROVIDER);
        this.realm.userFederation().get(this.dummyProviderId).remove();
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.userFederationResourcePath(this.dummyProviderId), ResourceType.USER_FEDERATION_PROVIDER);
    }

    @Test
    public void testProviderFactories() {
        Map mapperTypes = this.realm.userFederation().get(this.dummyProviderId).getMapperTypes();
        Assert.assertEquals(1L, mapperTypes.size());
        Assert.assertEquals("Dummy", ((UserFederationMapperTypeRepresentation) mapperTypes.get("dummy-mapper")).getName());
        Map mapperTypes2 = ldapProviderResource().getMapperTypes();
        Assert.assertTrue(mapperTypes2.keySet().containsAll(Arrays.asList("user-attribute-ldap-mapper", "full-name-ldap-mapper", "role-ldap-mapper")));
        UserFederationMapperTypeRepresentation userFederationMapperTypeRepresentation = (UserFederationMapperTypeRepresentation) mapperTypes2.get("user-attribute-ldap-mapper");
        Assert.assertEquals("User Attribute", userFederationMapperTypeRepresentation.getName());
        Assert.assertFalse(userFederationMapperTypeRepresentation.getSyncConfig().isFedToKeycloakSyncSupported().booleanValue());
        Assert.assertFalse(userFederationMapperTypeRepresentation.getSyncConfig().isKeycloakToFedSyncSupported().booleanValue());
        Assert.assertTrue(getConfigPropertyNames(userFederationMapperTypeRepresentation).containsAll(Arrays.asList("user.model.attribute", "ldap.attribute", "read.only")));
        Assert.assertEquals("false", userFederationMapperTypeRepresentation.getDefaultConfig().get("always.read.value.from.ldap"));
        UserFederationMapperTypeRepresentation userFederationMapperTypeRepresentation2 = (UserFederationMapperTypeRepresentation) mapperTypes2.get("role-ldap-mapper");
        Assert.assertEquals("Role mappings", userFederationMapperTypeRepresentation2.getName());
        Assert.assertTrue(userFederationMapperTypeRepresentation2.getSyncConfig().isFedToKeycloakSyncSupported().booleanValue());
        Assert.assertTrue(userFederationMapperTypeRepresentation2.getSyncConfig().isKeycloakToFedSyncSupported().booleanValue());
        Assert.assertEquals("sync-ldap-roles-to-keycloak", userFederationMapperTypeRepresentation2.getSyncConfig().getFedToKeycloakSyncMessage());
        Assert.assertEquals("sync-keycloak-roles-to-ldap", userFederationMapperTypeRepresentation2.getSyncConfig().getKeycloakToFedSyncMessage());
        Assert.assertTrue(getConfigPropertyNames(userFederationMapperTypeRepresentation2).containsAll(Arrays.asList("roles.dn", "role.name.ldap.attribute", "role.object.classes")));
        Assert.assertEquals("cn", userFederationMapperTypeRepresentation2.getDefaultConfig().get("role.name.ldap.attribute"));
    }

    private Set<String> getConfigPropertyNames(UserFederationMapperTypeRepresentation userFederationMapperTypeRepresentation) {
        List properties = userFederationMapperTypeRepresentation.getProperties();
        HashSet hashSet = new HashSet();
        Iterator it = properties.iterator();
        while (it.hasNext()) {
            hashSet.add(((ConfigPropertyRepresentation) it.next()).getName());
        }
        return hashSet;
    }

    @Test
    public void testUserAttributeMapperCRUD() {
        UserFederationMapperRepresentation createMapperRep = createMapperRep("email-mapper", "user-attribute-ldap-mapper", new String[0]);
        Response addMapper = ldapProviderResource().addMapper(createMapperRep);
        Assert.assertEquals(400L, addMapper.getStatus());
        addMapper.close();
        createMapperRep.getConfig().put("user.model.attribute", "email");
        Response addMapper2 = ldapProviderResource().addMapper(createMapperRep);
        Assert.assertEquals(400L, addMapper2.getStatus());
        addMapper2.close();
        createMapperRep.getConfig().put("ldap.attribute", "mail");
        String createMapper = createMapper(this.ldapProviderId, createMapperRep);
        UserFederationMapperRepresentation mapperById = ldapProviderResource().getMapperById(createMapper);
        assertMapper(mapperById, createMapper, "email-mapper", "user-attribute-ldap-mapper", "user.model.attribute", "email", "ldap.attribute", "mail");
        mapperById.getConfig().put("ldap.attribute", "mail-updated");
        mapperById.getConfig().remove("user.model.attribute");
        try {
            ldapProviderResource().updateMapper(createMapper, mapperById);
            Assert.fail("Not expected update to success");
        } catch (BadRequestException e) {
        }
        UserFederationMapperRepresentation mapperById2 = ldapProviderResource().getMapperById(createMapper);
        assertMapper(mapperById2, createMapper, "email-mapper", "user-attribute-ldap-mapper", "user.model.attribute", "email", "ldap.attribute", "mail");
        mapperById2.getConfig().put("user.model.attribute", "email-updated");
        mapperById2.getConfig().put("ldap.attribute", "mail-updated");
        ldapProviderResource().updateMapper(createMapper, mapperById2);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.UPDATE, AdminEventPaths.userFederationMapperResourcePath(this.ldapProviderId, createMapper), mapperById2, ResourceType.USER_FEDERATION_MAPPER);
        assertMapper(ldapProviderResource().getMapperById(createMapper), createMapper, "email-mapper", "user-attribute-ldap-mapper", "user.model.attribute", "email-updated", "ldap.attribute", "mail-updated");
        ldapProviderResource().removeMapper(createMapper);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.userFederationMapperResourcePath(this.ldapProviderId, createMapper), ResourceType.USER_FEDERATION_MAPPER);
        try {
            ldapProviderResource().getMapperById(createMapper);
            Assert.fail("Not expected find to success as mapper was removed");
        } catch (NotFoundException e2) {
        }
    }

    private String createMapper(String str, UserFederationMapperRepresentation userFederationMapperRepresentation) {
        Response addMapper = this.realm.userFederation().get(str).addMapper(userFederationMapperRepresentation);
        Assert.assertEquals(201L, addMapper.getStatus());
        addMapper.close();
        String createdId = ApiUtil.getCreatedId(addMapper);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.CREATE, AdminEventPaths.userFederationMapperResourcePath(str, createdId), userFederationMapperRepresentation, ResourceType.USER_FEDERATION_MAPPER);
        return createdId;
    }

    @Test
    public void testRoleMapper() {
        UserFederationMapperRepresentation createMapperRep = createMapperRep("role-mapper", "role-ldap-mapper", "roles.dn", "ou=roles,dc=keycloak,dc=org", "mode", "READ_ONLY");
        Response addMapper = ldapProviderResource().addMapper(createMapperRep);
        Assert.assertEquals(400L, addMapper.getStatus());
        addMapper.close();
        createMapperRep.getConfig().put("use.realm.roles.mapping", "true");
        String createMapper = createMapper(this.ldapProviderId, createMapperRep);
        List<UserFederationMapperRepresentation> mappers = ldapProviderResource().getMappers();
        Assert.assertNotNull(findMapperByName(mappers, "email"));
        Assert.assertNotNull(findMapperByName(mappers, "first name"));
        Assert.assertNull(findMapperByName(mappers, "non-existent"));
        assertMapper(findMapperByName(mappers, "role-mapper"), createMapper, "role-mapper", "role-ldap-mapper", "roles.dn", "ou=roles,dc=keycloak,dc=org", "mode", "READ_ONLY", "use.realm.roles.mapping", "true");
        ldapProviderResource().removeMapper(createMapper);
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.DELETE, AdminEventPaths.userFederationMapperResourcePath(this.ldapProviderId, createMapper), ResourceType.USER_FEDERATION_MAPPER);
        Assert.assertNull(findMapperByName(ldapProviderResource().getMappers(), "role-mapper"));
    }

    @Test
    public void testSyncMapper() {
        UserFederationMapperRepresentation userFederationMapperRepresentation = new UserFederationMapperRepresentation();
        userFederationMapperRepresentation.setName("some-dummy");
        userFederationMapperRepresentation.setFederationMapperType("dummy-mapper");
        userFederationMapperRepresentation.setFederationProviderDisplayName("dummy-1");
        String createMapper = createMapper(this.dummyProviderId, userFederationMapperRepresentation);
        try {
            ldapProviderResource().syncMapperData(createMapper, "unknown");
            Assert.fail("Not expected to pass");
        } catch (NotFoundException e) {
        }
        Assert.assertEquals("dummyFedToKeycloakSuccess mapper=some-dummy", ldapProviderResource().syncMapperData(createMapper, "fedToKeycloak").getStatus());
        HashMap hashMap = new HashMap();
        hashMap.put("action", "fedToKeycloak");
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userFederationMapperResourcePath(this.ldapProviderId, createMapper) + "/sync", hashMap, ResourceType.USER_FEDERATION_PROVIDER);
        Assert.assertEquals("dummyKeycloakToFedSuccess mapper=some-dummy", ldapProviderResource().syncMapperData(createMapper, "keycloakToFed").getStatus());
        hashMap.put("action", "keycloakToFed");
        this.assertAdminEvents.assertEvent(this.realmId, OperationType.ACTION, AdminEventPaths.userFederationMapperResourcePath(this.ldapProviderId, createMapper) + "/sync", ResourceType.USER_FEDERATION_PROVIDER);
    }

    private UserFederationProviderResource ldapProviderResource() {
        return this.realm.userFederation().get(this.ldapProviderId);
    }

    private UserFederationMapperRepresentation createMapperRep(String str, String str2, String... strArr) {
        UserFederationMapperRepresentation userFederationMapperRepresentation = new UserFederationMapperRepresentation();
        userFederationMapperRepresentation.setName(str);
        userFederationMapperRepresentation.setFederationMapperType(str2);
        userFederationMapperRepresentation.setFederationProviderDisplayName("ldap-1");
        HashMap hashMap = new HashMap();
        for (int i = 0; i < strArr.length; i += 2) {
            hashMap.put(strArr[i], strArr[i + 1]);
        }
        userFederationMapperRepresentation.setConfig(hashMap);
        return userFederationMapperRepresentation;
    }

    private void assertMapper(UserFederationMapperRepresentation userFederationMapperRepresentation, String str, String str2, String str3, String... strArr) {
        Assert.assertEquals(str, userFederationMapperRepresentation.getId());
        Assert.assertEquals(str2, userFederationMapperRepresentation.getName());
        Assert.assertEquals("ldap-1", userFederationMapperRepresentation.getFederationProviderDisplayName());
        Assert.assertEquals(str3, userFederationMapperRepresentation.getFederationMapperType());
        Assert.assertMap(userFederationMapperRepresentation.getConfig(), strArr);
    }

    private UserFederationMapperRepresentation findMapperByName(List<UserFederationMapperRepresentation> list, String str) {
        for (UserFederationMapperRepresentation userFederationMapperRepresentation : list) {
            if (userFederationMapperRepresentation.getName().equals(str)) {
                return userFederationMapperRepresentation;
            }
        }
        return null;
    }
}
