package org.keycloak.testsuite.composites;

import java.util.List;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.admin.AbstractAdminTest;
import org.keycloak.testsuite.admin.realm.RealmTest;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.util.OAuthClient;

/* loaded from: input_file:org/keycloak/testsuite/composites/CompositeImportRoleTest.class */
public class CompositeImportRoleTest extends AbstractCompositeKeycloakTest {

    @Page
    protected LoginPage loginPage;

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        RealmRepresentation realmRepresentation = (RealmRepresentation) AbstractAdminTest.loadJson(getClass().getResourceAsStream("/testcomposite.json"), RealmRepresentation.class);
        realmRepresentation.setId("test");
        realmRepresentation.setPublicKey(RealmTest.PUBLIC_KEY);
        realmRepresentation.setPrivateKey(RealmTest.PRIVATE_KEY);
        list.add(realmRepresentation);
    }

    @Test
    public void testAppCompositeUser() throws Exception {
        this.oauth.realm("test");
        this.oauth.clientId("APP_COMPOSITE_APPLICATION");
        this.oauth.doLogin("APP_COMPOSITE_USER", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        Assert.assertEquals("bearer", doAccessTokenRequest.getTokenType());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(getUserId("APP_COMPOSITE_USER"), verifyToken.getSubject());
        Assert.assertEquals(1L, verifyToken.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
        Assert.assertEquals(1L, verifyToken.getRealmAccess().getRoles().size());
        Assert.assertTrue(verifyToken.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
        Assert.assertTrue(verifyToken.getRealmAccess().isUserInRole("REALM_ROLE_1"));
    }

    @Test
    public void testRealmAppCompositeUser() throws Exception {
        this.oauth.realm("test");
        this.oauth.clientId("APP_ROLE_APPLICATION");
        this.oauth.doLogin("REALM_APP_COMPOSITE_USER", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        Assert.assertEquals("bearer", doAccessTokenRequest.getTokenType());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(getUserId("REALM_APP_COMPOSITE_USER"), verifyToken.getSubject());
        Assert.assertEquals(1L, verifyToken.getResourceAccess("APP_ROLE_APPLICATION").getRoles().size());
        Assert.assertTrue(verifyToken.getResourceAccess("APP_ROLE_APPLICATION").isUserInRole("APP_ROLE_1"));
    }

    @Test
    public void testRealmOnlyWithUserCompositeAppComposite() throws Exception {
        this.oauth.realm("test");
        this.oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
        this.oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        Assert.assertEquals("bearer", doAccessTokenRequest.getTokenType());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(getUserId("REALM_COMPOSITE_1_USER"), verifyToken.getSubject());
        Assert.assertEquals(2L, verifyToken.getRealmAccess().getRoles().size());
        Assert.assertTrue(verifyToken.getRealmAccess().isUserInRole("REALM_COMPOSITE_1"));
        Assert.assertTrue(verifyToken.getRealmAccess().isUserInRole("REALM_ROLE_1"));
    }

    @Test
    public void testRealmOnlyWithUserCompositeAppRole() throws Exception {
        this.oauth.realm("test");
        this.oauth.clientId("REALM_ROLE_1_APPLICATION");
        this.oauth.doLogin("REALM_COMPOSITE_1_USER", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        Assert.assertEquals("bearer", doAccessTokenRequest.getTokenType());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(getUserId("REALM_COMPOSITE_1_USER"), verifyToken.getSubject());
        Assert.assertEquals(1L, verifyToken.getRealmAccess().getRoles().size());
        Assert.assertTrue(verifyToken.getRealmAccess().isUserInRole("REALM_ROLE_1"));
    }

    @Test
    public void testRealmOnlyWithUserRoleAppComposite() throws Exception {
        this.oauth.realm("test");
        this.oauth.clientId("REALM_COMPOSITE_1_APPLICATION");
        this.oauth.doLogin("REALM_ROLE_1_USER", "password");
        OAuthClient.AccessTokenResponse doAccessTokenRequest = this.oauth.doAccessTokenRequest((String) this.oauth.getCurrentQuery().get("code"), "password");
        Assert.assertEquals(200L, doAccessTokenRequest.getStatusCode());
        Assert.assertEquals("bearer", doAccessTokenRequest.getTokenType());
        AccessToken verifyToken = this.oauth.verifyToken(doAccessTokenRequest.getAccessToken());
        Assert.assertEquals(getUserId("REALM_ROLE_1_USER"), verifyToken.getSubject());
        Assert.assertEquals(1L, verifyToken.getRealmAccess().getRoles().size());
        Assert.assertTrue(verifyToken.getRealmAccess().isUserInRole("REALM_ROLE_1"));
    }
}
