package org.wso2.carbon.apimgt.rest.integration.tests.store;

import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.text.ParseException;
import java.util.Arrays;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.carbon.apimgt.rest.integration.tests.store.api.ApplicationIndividualApi;
import org.wso2.carbon.apimgt.rest.integration.tests.store.model.Application;
import org.wso2.carbon.apimgt.rest.integration.tests.store.model.ApplicationKeyGenerateRequest;
import org.wso2.carbon.apimgt.rest.integration.tests.store.model.ApplicationKeys;
import org.wso2.carbon.apimgt.rest.integration.tests.store.model.ApplicationToken;
import org.wso2.carbon.apimgt.rest.integration.tests.store.model.ApplicationTokenGenerateRequest;
import org.wso2.carbon.apimgt.rest.integration.tests.util.TestUtil;

/* loaded from: input_file:org/wso2/carbon/apimgt/rest/integration/tests/store/ApplicationJWTTestCaseIT.class */
public class ApplicationJWTTestCaseIT {
    ApplicationIndividualApi applicationIndividualApi;
    Application application;

    @BeforeClass
    public void setUp() throws Exception {
        this.application = new Application().name("ApplicationJWTTestCaseIT").throttlingTier("Unlimited").description("this is ApplicationJWTTestCaseIT");
        this.applicationIndividualApi = TestUtil.getStoreApiClient("user4", TestUtil.getUser("user4"), "apim:api_view apim:api_create apim:api_update apim:api_delete apim:apidef_update apim:api_publish apim:subscription_view apim:subscription_block apim:dedicated_gateway apim:external_services_discover apim:subscribe").buildClient(ApplicationIndividualApi.class);
        this.application = this.applicationIndividualApi.applicationsPost(this.application);
    }

    @Test
    public void testGenerateApplicationJWTToken() throws ParseException {
        ApplicationKeyGenerateRequest keyType = new ApplicationKeyGenerateRequest().grantTypesToBeSupported(Arrays.asList("client_credentials", "password")).tokenType(ApplicationKeyGenerateRequest.TokenTypeEnum.JWT).keyType(ApplicationKeyGenerateRequest.KeyTypeEnum.PRODUCTION);
        ApplicationKeys applicationsApplicationIdGenerateKeysPost = this.applicationIndividualApi.applicationsApplicationIdGenerateKeysPost(this.application.getApplicationId(), keyType);
        Assert.assertEquals(applicationsApplicationIdGenerateKeysPost.getTokenType().getValue(), keyType.getTokenType().getValue());
        Assert.assertNotNull(applicationsApplicationIdGenerateKeysPost.getConsumerKey());
        Assert.assertNotNull(applicationsApplicationIdGenerateKeysPost.getConsumerSecret());
        ApplicationToken applicationsApplicationIdGenerateTokenPost = this.applicationIndividualApi.applicationsApplicationIdGenerateTokenPost(this.application.getApplicationId(), new ApplicationTokenGenerateRequest().consumerKey(applicationsApplicationIdGenerateKeysPost.getConsumerKey()).consumerSecret(applicationsApplicationIdGenerateKeysPost.getConsumerSecret()).scopes("default").validityPeriod(3600), "", "");
        Assert.assertNotNull(applicationsApplicationIdGenerateTokenPost);
        Assert.assertNotNull(applicationsApplicationIdGenerateTokenPost.getAccessToken());
        Assert.assertNotNull(applicationsApplicationIdGenerateTokenPost.getTokenScopes());
        Assert.assertEquals(applicationsApplicationIdGenerateTokenPost.getTokenScopes(), "default");
        Assert.assertTrue(applicationsApplicationIdGenerateTokenPost.getAccessToken().split("\\.").length > 1);
        ReadOnlyJWTClaimsSet jWTClaimsSet = SignedJWT.parse(applicationsApplicationIdGenerateTokenPost.getAccessToken()).getJWTClaimsSet();
        Assert.assertTrue(jWTClaimsSet.getExpirationTime().after(jWTClaimsSet.getIssueTime()));
        Assert.assertEquals(jWTClaimsSet.getIssuer(), "https://localhost:9443/oauth2/token");
        Assert.assertEquals(jWTClaimsSet.getAudience(), Arrays.asList("http://org.wso2.apimgt/gateway"));
        ApplicationKeys applicationsApplicationIdKeysKeyTypeGet = this.applicationIndividualApi.applicationsApplicationIdKeysKeyTypeGet(this.application.getApplicationId(), ApplicationKeyGenerateRequest.KeyTypeEnum.PRODUCTION.getValue());
        Assert.assertEquals(applicationsApplicationIdKeysKeyTypeGet.getConsumerKey(), applicationsApplicationIdGenerateKeysPost.getConsumerKey());
        Assert.assertEquals(applicationsApplicationIdKeysKeyTypeGet.getConsumerSecret(), applicationsApplicationIdGenerateKeysPost.getConsumerSecret());
        Assert.assertEquals(applicationsApplicationIdKeysKeyTypeGet.getTokenType(), applicationsApplicationIdGenerateKeysPost.getTokenType());
        applicationsApplicationIdKeysKeyTypeGet.setTokenType(ApplicationKeys.TokenTypeEnum.OAUTH);
        ApplicationKeys applicationsApplicationIdKeysKeyTypePut = this.applicationIndividualApi.applicationsApplicationIdKeysKeyTypePut(this.application.getApplicationId(), ApplicationKeyGenerateRequest.KeyTypeEnum.PRODUCTION.getValue(), applicationsApplicationIdKeysKeyTypeGet);
        Assert.assertEquals(applicationsApplicationIdKeysKeyTypePut.getConsumerKey(), applicationsApplicationIdGenerateKeysPost.getConsumerKey());
        Assert.assertEquals(applicationsApplicationIdKeysKeyTypePut.getConsumerSecret(), applicationsApplicationIdGenerateKeysPost.getConsumerSecret());
        Assert.assertEquals(applicationsApplicationIdKeysKeyTypePut.getTokenType().getValue(), "OAUTH");
        Assert.assertTrue(this.applicationIndividualApi.applicationsApplicationIdGenerateTokenPost(this.application.getApplicationId(), new ApplicationTokenGenerateRequest().consumerKey(applicationsApplicationIdGenerateKeysPost.getConsumerKey()).consumerSecret(applicationsApplicationIdGenerateKeysPost.getConsumerSecret()).scopes("default").validityPeriod(3600), "", "").getAccessToken().split("\\.").length <= 1);
    }
}
