package org.keycloak.testsuite.broker;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.List;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.admin.client.resource.UsersResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.IdentityProviderRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.pages.AccountPasswordPage;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.UpdateAccountInformationPage;
import org.keycloak.testsuite.util.RealmBuilder;
import org.openqa.selenium.By;
import org.openqa.selenium.TimeoutException;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.support.ui.ExpectedCondition;
import org.openqa.selenium.support.ui.WebDriverWait;

/* loaded from: input_file:org/keycloak/testsuite/broker/AbstractBrokerTest.class */
public abstract class AbstractBrokerTest extends AbstractKeycloakTest {

    @Page
    protected LoginPage accountLoginPage;

    @Page
    protected UpdateAccountInformationPage updateAccountInformationPage;

    @Page
    protected AccountPasswordPage accountPasswordPage;

    @Page
    protected ErrorPage errorPage;

    protected abstract RealmRepresentation createProviderRealm();

    protected abstract RealmRepresentation createConsumerRealm();

    protected abstract List<ClientRepresentation> createProviderClients();

    protected abstract List<ClientRepresentation> createConsumerClients();

    protected abstract IdentityProviderRepresentation setUpIdentityProvider();

    protected abstract String providerRealmName();

    protected abstract String consumerRealmName();

    protected abstract String getUserLogin();

    protected abstract String getUserPassword();

    protected abstract String getUserEmail();

    protected abstract String getIDPAlias();

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        RealmRepresentation createProviderRealm = createProviderRealm();
        RealmRepresentation createConsumerRealm = createConsumerRealm();
        list.add(createProviderRealm);
        list.add(createConsumerRealm);
    }

    @Before
    public void createUser() {
        this.log.debug("creating user for realm " + providerRealmName());
        UserRepresentation userRepresentation = new UserRepresentation();
        userRepresentation.setUsername(getUserLogin());
        userRepresentation.setEmail(getUserEmail());
        userRepresentation.setEmailVerified(true);
        userRepresentation.setEnabled(true);
        RealmResource realm = this.adminClient.realm(providerRealmName());
        ApiUtil.resetUserPassword(realm.users().get(ApiUtil.createUserWithAdminClient(realm, userRepresentation)), getUserPassword(), false);
    }

    @Before
    public void addIdentityProviderToProviderRealm() {
        this.log.debug("adding identity provider to realm " + consumerRealmName());
        this.adminClient.realm(consumerRealmName()).identityProviders().create(setUpIdentityProvider());
    }

    @Before
    public void addClients() {
        List<ClientRepresentation> createProviderClients = createProviderClients();
        if (createProviderClients != null) {
            RealmResource realm = this.adminClient.realm(providerRealmName());
            for (ClientRepresentation clientRepresentation : createProviderClients) {
                this.log.debug("adding client " + clientRepresentation.getName() + " to realm " + providerRealmName());
                realm.clients().create(clientRepresentation);
            }
        }
        List<ClientRepresentation> createConsumerClients = createConsumerClients();
        if (createConsumerClients != null) {
            RealmResource realm2 = this.adminClient.realm(consumerRealmName());
            for (ClientRepresentation clientRepresentation2 : createConsumerClients) {
                this.log.debug("adding client " + clientRepresentation2.getName() + " to realm " + consumerRealmName());
                realm2.clients().create(clientRepresentation2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAuthRoot() {
        return this.suiteContext.getAuthServerInfo().getContextRoot().toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public IdentityProviderRepresentation createIdentityProvider(String str, String str2) {
        IdentityProviderRepresentation identityProviderRepresentation = new IdentityProviderRepresentation();
        identityProviderRepresentation.setAlias(str);
        identityProviderRepresentation.setProviderId(str2);
        identityProviderRepresentation.setEnabled(true);
        return identityProviderRepresentation;
    }

    @Test
    public void logInAsUserInIDP() {
        this.driver.navigate().to(getAccountUrl(consumerRealmName()));
        this.log.debug("Clicking social " + getIDPAlias());
        this.accountLoginPage.clickSocial(getIDPAlias());
        waitForPage("log in to");
        Assert.assertTrue("Driver should be on the provider realm page right now", this.driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));
        this.log.debug("Logging in");
        this.accountLoginPage.login(getUserLogin(), getUserPassword());
        waitForPage("update account information");
        Assert.assertTrue(this.updateAccountInformationPage.isCurrent());
        Assert.assertTrue("We must be on correct realm right now", this.driver.getCurrentUrl().contains("/auth/realms/" + consumerRealmName() + "/"));
        this.log.debug("Updating info on updateAccount page");
        this.updateAccountInformationPage.updateAccountInformation("Firstname", "Lastname");
        UsersResource users = this.adminClient.realm(consumerRealmName()).users();
        int intValue = users.count().intValue();
        Assert.assertTrue("There must be at least one user", intValue > 0);
        boolean z = false;
        Iterator it = users.search("", 0, Integer.valueOf(intValue)).iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            UserRepresentation userRepresentation = (UserRepresentation) it.next();
            if (userRepresentation.getUsername().equals(getUserLogin()) && userRepresentation.getEmail().equals(getUserEmail())) {
                z = true;
                break;
            }
        }
        Assert.assertTrue("There must be user " + getUserLogin() + " in realm " + consumerRealmName(), z);
        testSingleLogout();
    }

    @Test
    public void loginWithExistingUser() {
        logInAsUserInIDP();
        Integer count = this.adminClient.realm(consumerRealmName()).users().count();
        this.driver.navigate().to(getAccountUrl(consumerRealmName()));
        this.log.debug("Clicking social " + getIDPAlias());
        this.accountLoginPage.clickSocial(getIDPAlias());
        waitForPage("log in to");
        Assert.assertTrue("Driver should be on the provider realm page right now", this.driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));
        this.accountLoginPage.login(getUserLogin(), getUserPassword());
        org.junit.Assert.assertEquals(this.accountPage.buildUri().toASCIIString().replace("master", "consumer") + "/", this.driver.getCurrentUrl());
        org.junit.Assert.assertEquals(count, this.adminClient.realm(consumerRealmName()).users().count());
    }

    @Test
    public void loginWithExistingUserWithBruteForceEnabled() {
        this.adminClient.realm(consumerRealmName()).update(RealmBuilder.create().bruteForceProtected(true).failureFactor(2).build());
        loginWithExistingUser();
        this.driver.navigate().to(getAccountPasswordUrl(consumerRealmName()));
        this.accountPasswordPage.changePassword("password", "password");
        this.driver.navigate().to(getAuthRoot() + "/auth/realms/" + providerRealmName() + "/protocol/openid-connect/logout?redirect_uri=" + encodeUrl(getAccountUrl(providerRealmName())));
        this.driver.navigate().to(getAccountUrl(consumerRealmName()));
        try {
            waitForPage("log in to");
        } catch (TimeoutException e) {
            this.log.debug(this.driver.getTitle());
            this.log.debug(this.driver.getPageSource());
            Assert.fail("Timeout while waiting for login page");
        }
        for (int i = 0; i < 3; i++) {
            try {
                waitForElementEnabled("login");
            } catch (TimeoutException e2) {
                Assert.fail("Timeout while waiting for login element enabled");
            }
            this.accountLoginPage.login(getUserLogin(), "invalid");
        }
        org.junit.Assert.assertEquals("Invalid username or password.", this.accountLoginPage.getError());
        this.accountLoginPage.clickSocial(getIDPAlias());
        try {
            waitForPage("log in to");
        } catch (TimeoutException e3) {
            this.log.debug(this.driver.getTitle());
            this.log.debug(this.driver.getPageSource());
            Assert.fail("Timeout while waiting for login page");
        }
        Assert.assertTrue("Driver should be on the provider realm page right now", this.driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName() + "/"));
        this.accountLoginPage.login(getUserLogin(), getUserPassword());
        org.junit.Assert.assertEquals("Account is disabled, contact admin.", this.errorPage.getError());
    }

    private void testSingleLogout() {
        this.log.debug("Testing single log out");
        this.driver.navigate().to(getAccountUrl(providerRealmName()));
        Assert.assertTrue("Should be logged in the account page", this.driver.getTitle().endsWith("Account Management"));
        this.driver.navigate().to(getAuthRoot() + "/auth/realms/" + providerRealmName() + "/protocol/openid-connect/logout?redirect_uri=" + encodeUrl(getAccountUrl(providerRealmName())));
        waitForPage("log in to " + providerRealmName());
        Assert.assertTrue("Should be on " + providerRealmName() + " realm", this.driver.getCurrentUrl().contains("/auth/realms/" + providerRealmName()));
        this.driver.navigate().to(getAccountUrl(consumerRealmName()));
        Assert.assertTrue("Should be on " + consumerRealmName() + " realm on login page", this.driver.getCurrentUrl().contains("/auth/realms/" + consumerRealmName() + "/protocol/openid-connect/"));
    }

    private String getAccountUrl(String str) {
        return getAuthRoot() + "/auth/realms/" + str + "/account";
    }

    private String getAccountPasswordUrl(String str) {
        return getAuthRoot() + "/auth/realms/" + str + "/account/password";
    }

    private void waitForPage(final String str) {
        new WebDriverWait(this.driver, 5L).until(new ExpectedCondition<Boolean>() { // from class: org.keycloak.testsuite.broker.AbstractBrokerTest.1
            public Boolean apply(WebDriver webDriver) {
                return Boolean.valueOf(webDriver.getTitle().toLowerCase().contains(str));
            }
        });
    }

    private void waitForElementEnabled(final String str) {
        new WebDriverWait(this.driver, 5L).until(new ExpectedCondition<Boolean>() { // from class: org.keycloak.testsuite.broker.AbstractBrokerTest.2
            public Boolean apply(WebDriver webDriver) {
                List findElements = webDriver.findElements(By.name(str));
                if (findElements.size() == 0) {
                    return false;
                }
                return Boolean.valueOf(((WebElement) findElements.get(0)).isEnabled());
            }
        });
    }

    private String encodeUrl(String str) {
        String str2;
        try {
            str2 = URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            str2 = str;
        }
        return str2;
    }
}
