package org.kie.kogito.jobs.service.resource;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.restassured.RestAssured;
import io.restassured.http.ContentType;
import io.restassured.response.ValidatableResponse;
import io.restassured.specification.RequestSpecification;
import java.io.IOException;
import java.util.concurrent.TimeUnit;
import javax.inject.Inject;
import org.eclipse.microprofile.config.inject.ConfigProperty;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.keycloak.representations.AccessTokenResponse;
import org.kie.kogito.jobs.api.Job;
import org.kie.kogito.jobs.api.JobBuilder;
import org.kie.kogito.jobs.service.health.HealthCheckUtils;
import org.kie.kogito.jobs.service.model.JobStatus;
import org.kie.kogito.jobs.service.model.ScheduledJob;
import org.kie.kogito.jobs.service.scheduler.BaseTimerJobSchedulerTest;
import org.kie.kogito.jobs.service.utils.DateUtil;

/* loaded from: input_file:org/kie/kogito/jobs/service/resource/BaseKeycloakJobServiceIT.class */
public abstract class BaseKeycloakJobServiceIT {
    public static final int OK_CODE = 200;
    public static final int UNAUTHORIZED_CODE = 403;
    public static final int FORBIDDEN_CODE = 401;

    @ConfigProperty(name = "quarkus.oidc.auth-server-url")
    private String keycloakURL;

    @Inject
    private ObjectMapper objectMapper;

    @BeforeAll
    public static void setup() throws Exception {
        System.setProperty("quarkus.http.auth.policy.role-policy1.roles-allowed", "confidential");
        System.setProperty("quarkus.http.auth.permission.roles1.paths", "/*");
        System.setProperty("quarkus.http.auth.permission.roles1.policy", "role-policy1");
    }

    @BeforeEach
    public void init() throws Exception {
        HealthCheckUtils.awaitReadyHealthCheck(2, TimeUnit.MINUTES);
    }

    @Test
    void create() throws Exception {
        Job job = getJob("1");
        createJob(jobToJson(job), getAccessToken("alice"), UNAUTHORIZED_CODE);
        createJob(jobToJson(job), "", FORBIDDEN_CODE);
        Assertions.assertEquals(job, (ScheduledJob) createJob(jobToJson(job), getAccessToken("jdoe"), OK_CODE).extract().as(ScheduledJob.class));
    }

    private ValidatableResponse createJob(String str, String str2, int i) throws IOException {
        RequestSpecification given = RestAssured.given();
        if (str2 != null && !str2.isEmpty()) {
            given = given.given().auth().oauth2(str2);
        }
        return given.contentType(ContentType.JSON).body(str).when().post("/jobs", new Object[0]).then().statusCode(i);
    }

    private String jobToJson(Job job) throws JsonProcessingException {
        return this.objectMapper.writeValueAsString(job);
    }

    private Job getJob(String str) {
        return JobBuilder.builder().id(str).expirationTime(DateUtil.now().plusSeconds(10L)).callbackEndpoint("http://localhost:8081/callback").processId("processId").processInstanceId("processInstanceId").rootProcessId("rootProcessId").rootProcessInstanceId("rootProcessInstanceId").nodeInstanceId("nodeInstanceId").repeatInterval(0L).repeatLimit(0).priority(1).build();
    }

    @Test
    void deleteAfterCreate() throws Exception {
        Job job = getJob("2");
        createJob(jobToJson(job), getAccessToken("alice"), UNAUTHORIZED_CODE);
        createJob(jobToJson(job), "", FORBIDDEN_CODE);
        createJob(jobToJson(job), getAccessToken("jdoe"), OK_CODE);
        RestAssured.given().pathParam("id", "2").when().delete("/jobs/{id}", new Object[0]).then().statusCode(FORBIDDEN_CODE);
        RestAssured.given().auth().oauth2(getAccessToken("alice")).pathParam("id", "2").when().delete("/jobs/{id}", new Object[0]).then().statusCode(UNAUTHORIZED_CODE);
        Assertions.assertEquals(job, (ScheduledJob) RestAssured.given().auth().oauth2(getAccessToken("jdoe")).pathParam("id", "2").when().delete("/jobs/{id}", new Object[0]).then().statusCode(OK_CODE).contentType(ContentType.JSON).extract().as(ScheduledJob.class));
    }

    @Test
    void getAfterCreate() throws Exception {
        Job job = getJob(BaseTimerJobSchedulerTest.SCHEDULED_ID);
        createJob(jobToJson(job), getAccessToken("jdoe"), OK_CODE);
        RestAssured.given().pathParam("id", BaseTimerJobSchedulerTest.SCHEDULED_ID).when().get("/jobs/{id}", new Object[0]).then().statusCode(FORBIDDEN_CODE);
        RestAssured.given().auth().oauth2(getAccessToken("alice")).pathParam("id", BaseTimerJobSchedulerTest.SCHEDULED_ID).when().get("/jobs/{id}", new Object[0]).then().statusCode(UNAUTHORIZED_CODE);
        Assertions.assertEquals(((ScheduledJob) RestAssured.given().auth().oauth2(getAccessToken("jdoe")).pathParam("id", BaseTimerJobSchedulerTest.SCHEDULED_ID).when().get("/jobs/{id}", new Object[0]).then().statusCode(OK_CODE).contentType(ContentType.JSON).assertThat().extract().as(ScheduledJob.class)).getId(), job.getId());
    }

    @Test
    void executeTest() throws Exception {
        Job job = getJob("4");
        createJob(jobToJson(job), getAccessToken("jdoe"), OK_CODE);
        RestAssured.given().pathParam("id", "4").when().get("/jobs/{id}", new Object[0]).then().statusCode(FORBIDDEN_CODE);
        RestAssured.given().auth().oauth2(getAccessToken("alice")).pathParam("id", "4").when().get("/jobs/{id}", new Object[0]).then().statusCode(UNAUTHORIZED_CODE);
        ScheduledJob scheduledJob = (ScheduledJob) RestAssured.given().auth().oauth2(getAccessToken("jdoe")).pathParam("id", "4").when().get("/jobs/{id}", new Object[0]).then().statusCode(OK_CODE).contentType(ContentType.JSON).assertThat().extract().as(ScheduledJob.class);
        Assertions.assertEquals(scheduledJob.getId(), job.getId());
        Assertions.assertEquals(0, scheduledJob.getRetries());
        Assertions.assertEquals(JobStatus.SCHEDULED, scheduledJob.getStatus());
        Assertions.assertNotNull(scheduledJob.getScheduledId());
    }

    private String getAccessToken(String str) {
        return ((AccessTokenResponse) RestAssured.given().param("grant_type", new Object[]{"password"}).param("username", new Object[]{str}).param("password", new Object[]{str}).param("client_id", new Object[]{"kogito-app"}).param("client_secret", new Object[]{"secret"}).when().post(this.keycloakURL + "/protocol/openid-connect/token", new Object[0]).as(AccessTokenResponse.class)).getToken();
    }
}
