package org.picketlink.test.idm.config;

import java.util.Calendar;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.config.IdentityConfigurationBuilder;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.Password;
import org.picketlink.idm.credential.TOTPCredential;
import org.picketlink.idm.credential.TOTPCredentials;
import org.picketlink.idm.credential.totp.TimeBasedOTP;
import org.picketlink.idm.internal.IdentityManagerFactory;
import org.picketlink.idm.jpa.internal.JPAContextInitializer;
import org.picketlink.idm.jpa.schema.CredentialObject;
import org.picketlink.idm.jpa.schema.CredentialObjectAttribute;
import org.picketlink.idm.jpa.schema.IdentityObject;
import org.picketlink.idm.jpa.schema.IdentityObjectAttribute;
import org.picketlink.idm.jpa.schema.PartitionObject;
import org.picketlink.idm.jpa.schema.RelationshipIdentityObject;
import org.picketlink.idm.jpa.schema.RelationshipObject;
import org.picketlink.idm.jpa.schema.RelationshipObjectAttribute;
import org.picketlink.idm.model.SimpleUser;
import org.picketlink.idm.model.User;

/* loaded from: input_file:org/picketlink/test/idm/config/TOTPCredentialHandlerConfigurationTestCase.class */
public class TOTPCredentialHandlerConfigurationTestCase {
    private static final String USER_TOTP_SECRET = "my_secret";
    private static final String USER_PASSWORD = "passwd";
    private static final String USER_NAME = "user";
    private EntityManagerFactory emf;
    private EntityManager entityManager;

    @Before
    public void onInit() {
        this.emf = Persistence.createEntityManagerFactory("jpa-identity-store-tests-pu");
        this.entityManager = this.emf.createEntityManager();
        this.entityManager.getTransaction().begin();
    }

    @After
    public void onDestroy() {
        this.entityManager.getTransaction().commit();
        this.entityManager.close();
        this.emf.close();
    }

    @Test
    public void testNoDelayWindow() throws Exception {
        IdentityManager createIdentityManager = createIdentityManager("DELAY_WINDOW", 0);
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(USER_NAME);
        tOTPCredentials.setPassword(new Password("passwd"));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP();
        tOTPCredentials.setToken(timeBasedOTP.generate("my_secret"));
        createIdentityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, -30);
        timeBasedOTP.setCalendar(calendar);
        tOTPCredentials.setToken(timeBasedOTP.generate("my_secret"));
        createIdentityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, tOTPCredentials.getStatus());
    }

    @Test
    public void testNumberDigits() throws Exception {
        IdentityManager createIdentityManager = createIdentityManager("NUMBER_DIGITS", 8);
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(USER_NAME);
        tOTPCredentials.setPassword(new Password("passwd"));
        String generate = new TimeBasedOTP("HmacSHA1", 8, 30, 1).generate("my_secret");
        Assert.assertEquals(8, generate.length());
        tOTPCredentials.setToken(generate);
        createIdentityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
    }

    @Test
    public void testInterval() throws Exception {
        IdentityManager createIdentityManager = createIdentityManager("INTERVAL_SECONDS", 10);
        TOTPCredentials tOTPCredentials = new TOTPCredentials();
        tOTPCredentials.setUsername(USER_NAME);
        tOTPCredentials.setPassword(new Password("passwd"));
        TimeBasedOTP timeBasedOTP = new TimeBasedOTP("HmacSHA1", 6, 10, 1);
        tOTPCredentials.setToken(timeBasedOTP.generate("my_secret"));
        createIdentityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, -10);
        timeBasedOTP.setCalendar(calendar);
        tOTPCredentials.setToken(timeBasedOTP.generate("my_secret"));
        createIdentityManager.validateCredentials(tOTPCredentials);
        Assert.assertEquals(Credentials.Status.VALID, tOTPCredentials.getStatus());
    }

    private IdentityManager createIdentityManager(String str, Object obj) {
        IdentityConfigurationBuilder identityConfigurationBuilder = new IdentityConfigurationBuilder();
        identityConfigurationBuilder.stores().jpa().setCredentialHandlerProperty(str, obj).addContextInitializer(new JPAContextInitializer(this.emf) { // from class: org.picketlink.test.idm.config.TOTPCredentialHandlerConfigurationTestCase.1
            public EntityManager getEntityManager() {
                return TOTPCredentialHandlerConfigurationTestCase.this.entityManager;
            }
        }).addRealm(new String[]{"default"}).supportAllFeatures().identityClass(IdentityObject.class).attributeClass(IdentityObjectAttribute.class).relationshipClass(RelationshipObject.class).relationshipIdentityClass(RelationshipIdentityObject.class).relationshipAttributeClass(RelationshipObjectAttribute.class).credentialClass(CredentialObject.class).credentialAttributeClass(CredentialObjectAttribute.class).partitionClass(PartitionObject.class);
        IdentityManager createIdentityManager = new IdentityManagerFactory(identityConfigurationBuilder.build()).createIdentityManager();
        createUser(createIdentityManager);
        return createIdentityManager;
    }

    private void createUser(IdentityManager identityManager) {
        SimpleUser simpleUser = new SimpleUser(USER_NAME);
        identityManager.add(simpleUser);
        User user = identityManager.getUser(simpleUser.getLoginName());
        Assert.assertNotNull(user);
        identityManager.updateCredential(user, new TOTPCredential("passwd", "my_secret"));
    }
}
