package org.keycloak.testsuite.admin.group;

import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.AccessToken;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.ProtocolMapperRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.testsuite.AssertEvents;

/* loaded from: input_file:org/keycloak/testsuite/admin/group/GroupMappersTest.class */
public class GroupMappersTest extends AbstractGroupTest {
    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
        RealmRepresentation loadTestRealm = loadTestRealm(list);
        loadTestRealm.setEventsEnabled(true);
        ClientRepresentation clientByAlias = getClientByAlias(loadTestRealm, AssertEvents.DEFAULT_CLIENT_ID);
        Assert.assertNotNull("test-app client exists", clientByAlias);
        clientByAlias.setDirectAccessGrantsEnabled(true);
        LinkedList linkedList = new LinkedList();
        ProtocolMapperRepresentation protocolMapperRepresentation = new ProtocolMapperRepresentation();
        protocolMapperRepresentation.setName("groups");
        protocolMapperRepresentation.setProtocolMapper("oidc-group-membership-mapper");
        protocolMapperRepresentation.setProtocol("openid-connect");
        protocolMapperRepresentation.setConsentRequired(false);
        HashMap hashMap = new HashMap();
        hashMap.put("claim.name", "groups");
        hashMap.put("access.token.claim", "true");
        hashMap.put("id.token.claim", "true");
        protocolMapperRepresentation.setConfig(hashMap);
        linkedList.add(protocolMapperRepresentation);
        ProtocolMapperRepresentation protocolMapperRepresentation2 = new ProtocolMapperRepresentation();
        protocolMapperRepresentation2.setName("topAttribute");
        protocolMapperRepresentation2.setProtocolMapper("oidc-usermodel-attribute-mapper");
        protocolMapperRepresentation2.setProtocol("openid-connect");
        protocolMapperRepresentation2.setConsentRequired(false);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("user.attribute", "topAttribute");
        hashMap2.put("claim.name", "topAttribute");
        hashMap2.put("jsonType.label", "String");
        hashMap2.put("access.token.claim", "true");
        hashMap2.put("id.token.claim", "true");
        protocolMapperRepresentation2.setConfig(hashMap2);
        linkedList.add(protocolMapperRepresentation2);
        ProtocolMapperRepresentation protocolMapperRepresentation3 = new ProtocolMapperRepresentation();
        protocolMapperRepresentation3.setName("level2Attribute");
        protocolMapperRepresentation3.setProtocolMapper("oidc-usermodel-attribute-mapper");
        protocolMapperRepresentation3.setProtocol("openid-connect");
        protocolMapperRepresentation3.setConsentRequired(false);
        HashMap hashMap3 = new HashMap();
        hashMap3.put("user.attribute", "level2Attribute");
        hashMap3.put("claim.name", "level2Attribute");
        hashMap3.put("jsonType.label", "String");
        hashMap3.put("access.token.claim", "true");
        hashMap3.put("id.token.claim", "true");
        protocolMapperRepresentation3.setConfig(hashMap3);
        linkedList.add(protocolMapperRepresentation3);
        clientByAlias.setProtocolMappers(linkedList);
    }

    private ClientRepresentation getClientByAlias(RealmRepresentation realmRepresentation, String str) {
        for (ClientRepresentation clientRepresentation : realmRepresentation.getClients()) {
            if (str.equals(clientRepresentation.getClientId())) {
                return clientRepresentation;
            }
        }
        return null;
    }

    @Test
    public void testGroupMappers() throws Exception {
        RealmResource realm = this.adminClient.realms().realm("test");
        UserRepresentation userRepresentation = (UserRepresentation) realm.users().search("topGroupUser", -1, -1).get(0);
        AccessToken login = login(userRepresentation.getUsername(), AssertEvents.DEFAULT_CLIENT_ID, "password", userRepresentation.getId());
        Assert.assertTrue(login.getRealmAccess().getRoles().contains("user"));
        List list = (List) login.getOtherClaims().get("groups");
        Assert.assertNotNull(list);
        Assert.assertTrue(list.size() == 1);
        Assert.assertEquals("topGroup", list.get(0));
        Assert.assertEquals("true", login.getOtherClaims().get("topAttribute"));
        UserRepresentation userRepresentation2 = (UserRepresentation) realm.users().search("level2GroupUser", -1, -1).get(0);
        AccessToken login2 = login(userRepresentation2.getUsername(), AssertEvents.DEFAULT_CLIENT_ID, "password", userRepresentation2.getId());
        Assert.assertTrue(login2.getRealmAccess().getRoles().contains("user"));
        Assert.assertTrue(login2.getRealmAccess().getRoles().contains("admin"));
        Assert.assertTrue(login2.getResourceAccess(AssertEvents.DEFAULT_CLIENT_ID).getRoles().contains("customer-user"));
        List list2 = (List) login2.getOtherClaims().get("groups");
        Assert.assertNotNull(list2);
        Assert.assertTrue(list2.size() == 1);
        Assert.assertEquals("level2group", list2.get(0));
        Assert.assertEquals("true", login2.getOtherClaims().get("topAttribute"));
        Assert.assertEquals("true", login2.getOtherClaims().get("level2Attribute"));
    }
}
