package org.wso2.am.integration.tests.operationPolicy;

import com.google.gson.Gson;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.xpath.XPathExpressionException;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.ApiException;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationPoliciesDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationsDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.OperationPolicyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;

/* loaded from: input_file:org/wso2/am/integration/tests/operationPolicy/JWTClaimBasedAccessValidatorPolicyTestCase.class */
public class JWTClaimBasedAccessValidatorPolicyTestCase extends APIManagerLifecycleBaseTest {
    private final String API_NAME = "GatewayPolicyApplicableAPITest";
    private final String API_CONTEXT = "gatewayPolicyApplicableAPITest";
    private final String API_END_POINT_POSTFIX_URL = "xmlapi";
    private String applicationId;
    private String apiId;
    String newGatewayPolicyId;
    private String accessToken;
    private Map<String, String> policyMap;

    @BeforeClass(alwaysRun = true)
    public void initialize() throws Exception {
        super.init();
        this.applicationId = this.restAPIStore.createApplication("ApplicationTest", "Test Application AccessibilityOfBlockAPITestCase", "Unlimited", ApplicationDTO.TokenTypeEnum.JWT).getData();
        this.policyMap = this.restAPIPublisher.getAllCommonOperationPolicies();
        APIRequest aPIRequest = new APIRequest("GatewayPolicyApplicableAPITest", "gatewayPolicyApplicableAPITest", new URL(getAPIInvocationURLHttp("xmlapi", "1.0.0")));
        aPIRequest.setVersion("1.0.0");
        aPIRequest.setTiersCollection("Unlimited");
        aPIRequest.setTier("Unlimited");
        aPIRequest.setTags("testTag1, testTag2, testTag3");
        this.apiId = createPublishAndSubscribeToAPIUsingRest(aPIRequest, this.restAPIPublisher, this.restAPIStore, this.applicationId, "Unlimited");
        ArrayList arrayList = new ArrayList();
        arrayList.add("client_credentials");
        this.accessToken = this.restAPIStore.generateKeys(this.applicationId, "3600", (String) null, ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, (ArrayList) null, arrayList).getToken().getAccessToken();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API before adding the policy")
    public void testAPIInvocationBeforeAddingJWTClaimBasedAccessValidationPolicy() throws Exception {
        HttpResponse invokeAPI = invokeAPI("1.0.0");
        Assert.assertEquals(invokeAPI.getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK, "Invocation fails for GET request");
        Assert.assertEquals(invokeAPI.getHeaders("TestHeader").length, 0);
        Assert.assertEquals(invokeAPI.getHeaders("Content-Type")[0].getValue(), "application/xml; charset=UTF-8");
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the JWT claim based access validation policy", dependsOnMethods = {"testAPIInvocationBeforeAddingJWTClaimBasedAccessValidationPolicy"})
    public void testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicy() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(this.policyMap.get("jwtClaimBasedAccessValidator"), "Unable to find a common policy with name jwtClaimBasedAccessValidator");
        HashMap hashMap = new HashMap();
        hashMap.put("accessVerificationClaim", "aut");
        hashMap.put("accessVerificationClaimValue", "APPLICATION");
        List<OperationPolicyDTO> policyList = getPolicyList("jwtClaimBasedAccessValidator", this.policyMap, hashMap);
        policyList.get(0).setPolicyVersion("v1");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(policyList);
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
        Assert.assertEquals(invokeAPI("1.0.0").getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
        cleanUpArtifactsAndReInitialize();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the JWT claim based access validation policy with invalid claim name", dependsOnMethods = {"testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicy"})
    public void testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvalidClaimName() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(this.policyMap.get("jwtClaimBasedAccessValidator"), "Unable to find a common policy with name jwtClaimBasedAccessValidator");
        HashMap hashMap = new HashMap();
        hashMap.put("accessVerificationClaim", "claim");
        hashMap.put("accessVerificationClaimValue", "APPLICATION");
        List<OperationPolicyDTO> policyList = getPolicyList("jwtClaimBasedAccessValidator", this.policyMap, hashMap);
        policyList.get(0).setPolicyVersion("v1");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(policyList);
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
        Assert.assertEquals(invokeAPI("1.0.0").getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_FORBIDDEN);
        cleanUpArtifactsAndReInitialize();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the JWT claim based access validation policy with invalid claim value", dependsOnMethods = {"testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvalidClaimName"})
    public void testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvalidClaimValue() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(this.policyMap.get("jwtClaimBasedAccessValidator"), "Unable to find a common policy with name jwtClaimBasedAccessValidator");
        HashMap hashMap = new HashMap();
        hashMap.put("accessVerificationClaim", "aut");
        hashMap.put("accessVerificationClaimValue", "INVALID");
        List<OperationPolicyDTO> policyList = getPolicyList("jwtClaimBasedAccessValidator", this.policyMap, hashMap);
        policyList.get(0).setPolicyVersion("v1");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(policyList);
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
        Assert.assertEquals(invokeAPI("1.0.0").getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_FORBIDDEN);
        cleanUpArtifactsAndReInitialize();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the JWT claim based access validation policy with a valid regex", dependsOnMethods = {"testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvalidClaimValue"})
    public void testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithValidRegex() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(this.policyMap.get("jwtClaimBasedAccessValidator"), "Unable to find a common policy with name jwtClaimBasedAccessValidator");
        HashMap hashMap = new HashMap();
        hashMap.put("accessVerificationClaim", "aut");
        hashMap.put("accessVerificationClaimValue", "APPLICATION");
        hashMap.put("accessVerificationClaimValueRegex", "^[A-Z]+$");
        List<OperationPolicyDTO> policyList = getPolicyList("jwtClaimBasedAccessValidator", this.policyMap, hashMap);
        policyList.get(0).setPolicyVersion("v1");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(policyList);
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
        Assert.assertEquals(invokeAPI("1.0.0").getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
        cleanUpArtifactsAndReInitialize();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the JWT claim based access validation policy with an invalid regex", dependsOnMethods = {"testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithValidRegex"})
    public void testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvalidRegex() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(this.policyMap.get("jwtClaimBasedAccessValidator"), "Unable to find a common policy with name jwtClaimBasedAccessValidator");
        HashMap hashMap = new HashMap();
        hashMap.put("accessVerificationClaim", "aut");
        hashMap.put("accessVerificationClaimValue", "APPLICATION");
        hashMap.put("accessVerificationClaimValueRegex", "^[0-9]+$");
        List<OperationPolicyDTO> policyList = getPolicyList("jwtClaimBasedAccessValidator", this.policyMap, hashMap);
        policyList.get(0).setPolicyVersion("v1");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(policyList);
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
        Assert.assertEquals(invokeAPI("1.0.0").getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_FORBIDDEN);
        cleanUpArtifactsAndReInitialize();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the JWT claim based access validation policy with validation inverted", dependsOnMethods = {"testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvalidRegex"})
    public void testAPIInvocationAfterAddingJWTClaimBasedAccessValidationPolicyWithInvertedValidation() throws Exception {
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(this.policyMap.get("jwtClaimBasedAccessValidator"), "Unable to find a common policy with name jwtClaimBasedAccessValidator");
        HashMap hashMap = new HashMap();
        hashMap.put("accessVerificationClaim", "aut");
        hashMap.put("accessVerificationClaimValue", "NON_MATCHING");
        hashMap.put("shouldAllowValidation", "true");
        List<OperationPolicyDTO> policyList = getPolicyList("jwtClaimBasedAccessValidator", this.policyMap, hashMap);
        policyList.get(0).setPolicyVersion("v1");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(policyList);
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
        Assert.assertEquals(invokeAPI("1.0.0").getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
    }

    @AfterClass(alwaysRun = true)
    public void cleanUpArtifacts() throws Exception {
        this.restAPIStore.deleteApplication(this.applicationId);
        undeployAndDeleteAPIRevisionsUsingRest(this.apiId, this.restAPIPublisher);
        this.restAPIPublisher.deleteAPI(this.apiId);
        this.restAPIPublisher.deleteGatewayPolicy(this.newGatewayPolicyId);
    }

    public List<OperationPolicyDTO> getPolicyList(String str, Map<String, String> map, Map<String, Object> map2) {
        ArrayList arrayList = new ArrayList();
        OperationPolicyDTO operationPolicyDTO = new OperationPolicyDTO();
        operationPolicyDTO.setPolicyName(str);
        operationPolicyDTO.setPolicyId(map.get(str));
        operationPolicyDTO.setParameters(map2);
        arrayList.add(operationPolicyDTO);
        return arrayList;
    }

    public HttpResponse invokeAPI(String str) throws XPathExpressionException, IOException {
        CloseableHttpClient build = HttpClientBuilder.create().setHostnameVerifier(new AllowAllHostnameVerifier()).build();
        HttpGet httpGet = new HttpGet(getAPIInvocationURLHttp("gatewayPolicyApplicableAPITest", str));
        httpGet.setHeader("Authorization", "Bearer " + this.accessToken);
        return build.execute(httpGet);
    }

    public int deleteOperationPolicy(String str, String str2) throws ApiException {
        return (str2 == null ? this.restAPIPublisher.deleteCommonOperationPolicy(str) : this.restAPIPublisher.deleteAPISpecificPolicy(str, str2)).getResponseCode();
    }

    public void cleanUpArtifactsAndReInitialize() throws Exception {
        this.restAPIStore.deleteApplication(this.applicationId);
        undeployAndDeleteAPIRevisionsUsingRest(this.apiId, this.restAPIPublisher);
        this.restAPIPublisher.deleteAPI(this.apiId);
        this.restAPIPublisher.deleteGatewayPolicy(this.newGatewayPolicyId);
        initialize();
    }
}
