package org.wso2.am.integration.tests.server.restart;

import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.testng.Assert;
import org.testng.ITestContext;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.test.utils.APIManagerIntegrationTestException;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;

/* loaded from: input_file:org/wso2/am/integration/tests/server/restart/JWTRevocationServerRestartTestCase.class */
public class JWTRevocationServerRestartTestCase extends APIManagerLifecycleBaseTest {
    private static final String API_RESPONSE_DATA = "<id>123</id><name>John</name></Customer>";
    private String consumerKey;
    private String consumerSecret;
    private Map<String, String> requestHeaders;
    private String apiInvocationUrl;
    private String accessToken;
    private String jwtRevocationAppId;

    @BeforeClass
    public void initialize(ITestContext iTestContext) throws Exception {
        super.init();
        this.jwtRevocationAppId = (String) iTestContext.getAttribute("jwtRevocationAppId");
        ArrayList arrayList = new ArrayList();
        arrayList.add("client_credentials");
        ApplicationKeyDTO generateKeys = this.restAPIStore.generateKeys(this.jwtRevocationAppId, "3600", (String) null, ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, (ArrayList) null, arrayList);
        Assert.assertNotNull(generateKeys.getToken());
        this.accessToken = generateKeys.getToken().getAccessToken();
        this.consumerKey = generateKeys.getConsumerKey();
        this.consumerSecret = generateKeys.getConsumerSecret();
        this.apiInvocationUrl = getAPIInvocationURLHttp("jwtTokenTestAPI/1.0.0/customers/123");
        this.requestHeaders = new HashMap();
        this.requestHeaders.put("accept", "text/xml");
        this.requestHeaders.put("Authorization", "Bearer " + this.accessToken);
    }

    @Test(groups = {"wso2.am"}, description = "testing jwt token revocation")
    public void testJWTTokenRevocation() throws Exception {
        HttpResponse doGet;
        boolean z;
        waitForAPIDeploymentSync(this.user.getUserName(), "JWTTokenTestAPI", "1.0.0", "\"isApiExists\":true");
        HttpResponse doGet2 = HttpRequestUtil.doGet(this.apiInvocationUrl, this.requestHeaders);
        Assert.assertEquals(doGet2.getResponseCode(), HTTP_RESPONSE_CODE_OK, "Response code mismatched when invoke api before Retire");
        Assert.assertTrue(doGet2.getData().contains(API_RESPONSE_DATA), "Response data mismatched when invoke  API  before Retire Response Data:" + doGet2.getData());
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Basic " + new String(Base64.encodeBase64((this.consumerKey + ":" + this.consumerSecret).getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
        try {
            HttpResponse doPost = HTTPSClientUtils.doPost(new URL(this.keyManagerHTTPSURL + "oauth2/revoke"), "token=" + this.accessToken, hashMap);
            Assert.assertEquals(doPost.getResponseCode(), 200);
            Assert.assertEquals((String) doPost.getHeaders().get("RevokedAccessToken"), this.accessToken, "Access token is not revoked correctly");
        } catch (Exception e) {
            org.junit.Assert.fail("Should not throw any exceptions" + e);
        }
        int i = 1;
        do {
            Thread.sleep(1000L);
            doGet = HttpRequestUtil.doGet(this.apiInvocationUrl, this.requestHeaders);
            int responseCode = doGet.getResponseCode();
            if (responseCode == HTTP_RESPONSE_CODE_UNAUTHORIZED) {
                z = false;
            } else {
                if (responseCode != HTTP_RESPONSE_CODE_OK) {
                    throw new APIManagerIntegrationTestException("Unexpected response received when invoking the API. Response received :" + doGet.getData() + ":" + doGet.getResponseMessage());
                }
                z = true;
            }
            i++;
            if (!z) {
                break;
            }
        } while (i < 20);
        Assert.assertFalse(z, "Access token revocation failed. API invocation response code is expected to be : " + HTTP_RESPONSE_CODE_UNAUTHORIZED + ", but got " + doGet.getResponseCode());
    }
}
