package org.keycloak.testsuite.adapter.example;

import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.adapter.AbstractExampleAdapterTest;
import org.keycloak.testsuite.adapter.page.JSConsoleTestApp;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.auth.page.account.Applications;
import org.keycloak.testsuite.auth.page.login.OAuthGrant;
import org.keycloak.testsuite.console.page.events.Config;
import org.keycloak.testsuite.console.page.events.LoginEvents;
import org.keycloak.testsuite.util.IOUtil;
import org.keycloak.testsuite.util.URLAssert;
import org.keycloak.testsuite.util.WaitUtils;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;

/* loaded from: input_file:org/keycloak/testsuite/adapter/example/AbstractJSConsoleExampleAdapterTest.class */
public abstract class AbstractJSConsoleExampleAdapterTest extends AbstractExampleAdapterTest {

    @Page
    private JSConsoleTestApp jsConsoleTestAppPage;

    @Page
    private Config configPage;

    @Page
    private LoginEvents loginEventsPage;

    @Page
    private OAuthGrant oAuthGrantPage;

    @Page
    private Applications applicationsPage;
    public static int TOKEN_LIFESPAN_LEEWAY = 3;

    @Deployment(name = "js-console-example")
    private static WebArchive jsConsoleTestApp() throws IOException {
        return exampleDeployment("integration-arquillian-test-apps-js-console");
    }

    @Deployment(name = "js-database-example")
    private static WebArchive jsDbApp() throws IOException {
        return exampleDeployment("integration-arquillian-test-apps-js-database");
    }

    @Override // org.keycloak.testsuite.adapter.AbstractAdapterTest
    public void addAdapterTestRealms(List<RealmRepresentation> list) {
        RealmRepresentation loadRealm = IOUtil.loadRealm(new File(TEST_APPS_HOME_DIR + "/js-console/example-realm.json"));
        fixClientUrisUsingDeploymentUrl(loadRealm, "integration-arquillian-test-apps-js-console", this.jsConsoleTestAppPage.buildUri().toASCIIString());
        loadRealm.setAccessTokenLifespan(Integer.valueOf(30 + TOKEN_LIFESPAN_LEEWAY));
        list.add(loadRealm);
    }

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void setDefaultPageUriParameters() {
        super.setDefaultPageUriParameters();
        this.testRealmPage.setAuthRealm("example");
    }

    @Test
    public void testJSConsoleAuth() {
        this.jsConsoleTestAppPage.navigateTo();
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getInitButtonElement()).is().present();
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.logIn();
        this.testRealmLoginPage.form().login("user", "invalid-password");
        URLAssert.assertCurrentUrlDoesntStartWith(this.jsConsoleTestAppPage);
        this.testRealmLoginPage.form().login("invalid-user", "password");
        URLAssert.assertCurrentUrlDoesntStartWith(this.jsConsoleTestAppPage);
        this.testRealmLoginPage.form().login("user", "password");
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Init Success (Authenticated)");
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Auth Success");
        this.jsConsoleTestAppPage.logOut();
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getInitButtonElement()).is().present();
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Init Success (Not Authenticated)");
    }

    @Test
    public void testRefreshToken() {
        this.jsConsoleTestAppPage.navigateTo();
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.refreshToken();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Failed to refresh token");
        this.jsConsoleTestAppPage.logIn();
        this.testRealmLoginPage.form().login("user", "password");
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Auth Success");
        this.jsConsoleTestAppPage.refreshToken();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Auth Refresh Success");
    }

    @Test
    public void testRefreshTokenIfUnder30s() {
        this.jsConsoleTestAppPage.navigateTo();
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.refreshToken();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Failed to refresh token");
        this.jsConsoleTestAppPage.logIn();
        this.testRealmLoginPage.form().login("user", "password");
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Auth Success");
        this.jsConsoleTestAppPage.refreshTokenIfUnder30s();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Token not refreshed, valid for");
        WaitUtils.pause((TOKEN_LIFESPAN_LEEWAY + 2) * 1000);
        this.jsConsoleTestAppPage.refreshTokenIfUnder30s();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Auth Refresh Success");
    }

    @Test
    public void testGetProfile() {
        this.jsConsoleTestAppPage.navigateTo();
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.getProfile();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Failed to load profile");
        this.jsConsoleTestAppPage.logIn();
        this.testRealmLoginPage.form().login("user", "password");
        URLAssert.assertCurrentUrlStartsWith(this.jsConsoleTestAppPage);
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Auth Success");
        this.jsConsoleTestAppPage.getProfile();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("\"username\": \"user\"");
    }

    @Test
    public void grantBrowserBasedApp() {
        this.testRealmPage.setAuthRealm("example");
        this.testRealmLoginPage.setAuthRealm("example");
        this.configPage.setConsoleRealm("example");
        this.loginEventsPage.setConsoleRealm("example");
        this.applicationsPage.setAuthRealm("example");
        this.jsConsoleTestAppPage.navigateTo();
        this.driver.manage().deleteAllCookies();
        ClientResource findClientResourceByClientId = ApiUtil.findClientResourceByClientId(testRealmResource(), "js-console");
        ClientRepresentation representation = findClientResourceByClientId.toRepresentation();
        representation.setConsentRequired(true);
        findClientResourceByClientId.update(representation);
        RealmRepresentation representation2 = testRealmResource().toRepresentation();
        representation2.setEventsEnabled(true);
        representation2.setEnabledEventTypes(Arrays.asList("REVOKE_GRANT", "LOGIN"));
        testRealmResource().update(representation2);
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.logIn();
        this.testRealmLoginPage.form().login("user", "password");
        Assert.assertTrue(this.oAuthGrantPage.isCurrent());
        this.oAuthGrantPage.accept();
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Init Success (Authenticated)");
        this.applicationsPage.navigateTo();
        this.applicationsPage.revokeGrantForApplication("js-console");
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.setOnLoad("login-required");
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(By.tagName("body")).is().visible();
        Assert.assertTrue(this.oAuthGrantPage.isCurrent());
        this.loginEventsPage.navigateTo();
        this.loginPage.form().login(this.adminUser);
        this.loginEventsPage.table().filter();
        this.loginEventsPage.table().filterForm().addEventType("REVOKE_GRANT");
        this.loginEventsPage.table().update();
        List rows = this.loginEventsPage.table().rows();
        Assert.assertEquals(1L, rows.size());
        ((WebElement) rows.get(0)).findElement(By.xpath(".//td[text()='REVOKE_GRANT']"));
        ((WebElement) rows.get(0)).findElement(By.xpath(".//td[text()='Client']/../td[text()='account']"));
        ((WebElement) rows.get(0)).findElement(By.xpath(".//td[text()='IP Address']/../td[text()='127.0.0.1' or text()='0:0:0:0:0:0:0:1']"));
        ((WebElement) rows.get(0)).findElement(By.xpath(".//td[text()='revoked_client']/../td[text()='js-console']"));
        this.loginEventsPage.table().reset();
        this.loginEventsPage.table().filterForm().addEventType("LOGIN");
        this.loginEventsPage.table().update();
        List rows2 = this.loginEventsPage.table().rows();
        Assert.assertEquals(1L, rows2.size());
        ((WebElement) rows2.get(0)).findElement(By.xpath(".//td[text()='LOGIN']"));
        ((WebElement) rows2.get(0)).findElement(By.xpath(".//td[text()='Client']/../td[text()='js-console']"));
        ((WebElement) rows2.get(0)).findElement(By.xpath(".//td[text()='IP Address']/../td[text()='127.0.0.1' or text()='0:0:0:0:0:0:0:1']"));
        ((WebElement) rows2.get(0)).findElement(By.xpath(".//td[text()='username']/../td[text()='user']"));
        ((WebElement) rows2.get(0)).findElement(By.xpath(".//td[text()='consent']/../td[text()='consent_granted']"));
    }

    @Test
    public void implicitFlowTest() {
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.setFlow("implicit");
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.logIn();
        assertResponseError("Implicit flow is disabled for the client");
        setImplicitFlowForClient();
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.logIn();
        assertResponseError("Standard flow is disabled for the client");
        logInAndInit("implicit");
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Init Success (Authenticated)");
    }

    @Test
    public void implicitFlowQueryTest() {
        setImplicitFlowForClient();
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.setFlow("implicit");
        this.jsConsoleTestAppPage.setResponseMode("query");
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.logIn();
        assertResponseError("Response_mode 'query' not allowed");
    }

    @Test
    public void implicitFlowRefreshTokenTest() {
        setImplicitFlowForClient();
        logInAndInit("implicit");
        this.jsConsoleTestAppPage.refreshToken();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Failed to refresh token");
    }

    @Test
    public void implicitFlowOnTokenExpireTest() {
        RealmRepresentation representation = testRealmResource().toRepresentation();
        representation.setAccessTokenLifespanForImplicitFlow(5);
        testRealmResource().update(representation);
        setImplicitFlowForClient();
        logInAndInit("implicit");
        WaitUtils.pause(6000L);
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getEventsElement()).text().contains("Access token expired");
    }

    @Test
    public void testBearerRequest() {
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.createBearerRequest();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Unauthorized");
        logInAndInit("standard", "unauthorized");
        this.jsConsoleTestAppPage.createBearerRequest();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Forbidden");
        this.jsConsoleTestAppPage.logOut();
        logInAndInit("standard");
        this.jsConsoleTestAppPage.createBearerRequest();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("[\"Bill Burke\",\"Stian Thorgersen\",\"Stan Silvert\",\"Gabriel Cardoso\",\"Viliam Rockai\",\"Marek Posolda\",\"Boleslaw Dawidowicz\"]");
    }

    @Test
    public void loginRequiredAction() {
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.setOnLoad("login-required");
        this.jsConsoleTestAppPage.init();
        URLAssert.assertCurrentUrlStartsWith(this.testRealmLoginPage);
        this.testRealmLoginPage.form().login("user", "password");
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getInitButtonElement()).is().present();
        this.jsConsoleTestAppPage.init();
        WaitUtils.waitUntilElement(this.jsConsoleTestAppPage.getOutputElement()).text().contains("Init Success (Authenticated)");
    }

    private void setImplicitFlowForClient() {
        ClientResource findClientResourceByClientId = ApiUtil.findClientResourceByClientId(testRealmResource(), "js-console");
        ClientRepresentation representation = findClientResourceByClientId.toRepresentation();
        representation.setImplicitFlowEnabled(true);
        representation.setStandardFlowEnabled(false);
        findClientResourceByClientId.update(representation);
    }

    private void logInAndInit(String str, String str2) {
        this.jsConsoleTestAppPage.navigateTo();
        this.jsConsoleTestAppPage.setFlow(str);
        this.jsConsoleTestAppPage.init();
        this.jsConsoleTestAppPage.logIn();
        this.testRealmLoginPage.form().login(str2, "password");
        this.jsConsoleTestAppPage.setFlow(str);
        this.jsConsoleTestAppPage.init();
    }

    private void logInAndInit(String str) {
        logInAndInit(str, "user");
    }

    private void assertResponseError(String str) {
        this.jsConsoleTestAppPage.showErrorResponse();
        Assert.assertTrue(this.jsConsoleTestAppPage.getOutputElement().getText().contains(str));
    }
}
