package org.keycloak.testsuite.broker;

import java.io.IOException;
import java.util.HashSet;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.broker.oidc.OAuth2IdentityProviderConfig;
import org.keycloak.broker.oidc.OIDCIdentityProviderConfig;
import org.keycloak.broker.oidc.OIDCIdentityProviderFactory;
import org.keycloak.broker.saml.SAMLIdentityProviderConfig;
import org.keycloak.broker.saml.SAMLIdentityProviderFactory;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.social.facebook.FacebookIdentityProviderFactory;
import org.keycloak.social.github.GitHubIdentityProviderFactory;
import org.keycloak.social.google.GoogleIdentityProviderFactory;
import org.keycloak.social.linkedin.LinkedInIdentityProviderFactory;
import org.keycloak.social.stackoverflow.StackOverflowIdentityProviderConfig;
import org.keycloak.social.stackoverflow.StackoverflowIdentityProviderFactory;
import org.keycloak.social.twitter.TwitterIdentityProviderFactory;

/* loaded from: input_file:org/keycloak/testsuite/broker/ImportIdentityProviderTest.class */
public class ImportIdentityProviderTest extends AbstractIdentityProviderModelTest {
    @Test
    public void testInstallation() throws Exception {
        RealmModel installTestRealm = installTestRealm();
        assertIdentityProviderConfig(installTestRealm, installTestRealm.getIdentityProviders());
        Assert.assertTrue(installTestRealm.isIdentityFederationEnabled());
        this.realmManager.removeRealm(installTestRealm);
    }

    @Test
    public void testUpdateIdentityProvider() throws Exception {
        RealmModel installTestRealm = installTestRealm();
        List identityProviders = installTestRealm.getIdentityProviders();
        Assert.assertFalse(identityProviders.isEmpty());
        IdentityProviderModel identityProviderModel = (IdentityProviderModel) identityProviders.get(0);
        String alias = identityProviderModel.getAlias();
        identityProviderModel.getConfig().put("config-added", "value-added");
        identityProviderModel.setEnabled(false);
        identityProviderModel.setTrustEmail(true);
        identityProviderModel.setStoreToken(true);
        identityProviderModel.setAuthenticateByDefault(true);
        identityProviderModel.setFirstBrokerLoginFlowId(installTestRealm.getBrowserFlow().getId());
        identityProviderModel.setPostBrokerLoginFlowId(installTestRealm.getDirectGrantFlow().getId());
        installTestRealm.updateIdentityProvider(identityProviderModel);
        commit();
        RealmModel realm = this.realmManager.getRealm(installTestRealm.getId());
        IdentityProviderModel identityProviderByAlias = realm.getIdentityProviderByAlias(alias);
        Assert.assertEquals("value-added", identityProviderByAlias.getConfig().get("config-added"));
        Assert.assertFalse(identityProviderByAlias.isEnabled());
        Assert.assertTrue(identityProviderByAlias.isTrustEmail());
        Assert.assertTrue(identityProviderByAlias.isStoreToken());
        Assert.assertTrue(identityProviderByAlias.isAuthenticateByDefault());
        Assert.assertEquals(identityProviderByAlias.getFirstBrokerLoginFlowId(), realm.getBrowserFlow().getId());
        Assert.assertEquals(identityProviderByAlias.getPostBrokerLoginFlowId(), realm.getDirectGrantFlow().getId());
        identityProviderByAlias.getConfig().remove("config-added");
        identityProviderByAlias.setEnabled(true);
        identityProviderByAlias.setTrustEmail(false);
        identityProviderByAlias.setAuthenticateByDefault(false);
        realm.updateIdentityProvider(identityProviderByAlias);
        commit();
        RealmModel realm2 = this.realmManager.getRealm(realm.getId());
        IdentityProviderModel identityProviderByAlias2 = realm2.getIdentityProviderByAlias(alias);
        Assert.assertFalse(identityProviderByAlias2.getConfig().containsKey("config-added"));
        Assert.assertTrue(identityProviderByAlias2.isEnabled());
        Assert.assertFalse(identityProviderByAlias2.isTrustEmail());
        Assert.assertFalse(identityProviderByAlias2.isAuthenticateByDefault());
        this.realmManager.removeRealm(realm2);
    }

    private void assertIdentityProviderConfig(RealmModel realmModel, List<IdentityProviderModel> list) {
        Assert.assertFalse(list.isEmpty());
        HashSet hashSet = new HashSet(getExpectedProviders());
        for (IdentityProviderModel identityProviderModel : list) {
            if (identityProviderModel.getAlias().startsWith("model-")) {
                String providerId = identityProviderModel.getProviderId();
                if ("saml".equals(providerId)) {
                    assertSamlIdentityProviderConfig(identityProviderModel);
                } else if ("google".equals(providerId)) {
                    assertGoogleIdentityProviderConfig(identityProviderModel);
                } else if ("oidc".equals(providerId)) {
                    assertOidcIdentityProviderConfig(identityProviderModel);
                } else if ("facebook".equals(providerId)) {
                    assertFacebookIdentityProviderConfig(realmModel, identityProviderModel);
                } else if ("github".equals(providerId)) {
                    assertGitHubIdentityProviderConfig(realmModel, identityProviderModel);
                } else if ("twitter".equals(providerId)) {
                    assertTwitterIdentityProviderConfig(identityProviderModel);
                } else if ("linkedin".equals(providerId)) {
                    assertLinkedInIdentityProviderConfig(identityProviderModel);
                } else if ("stackoverflow".equals(providerId)) {
                    assertStackoverflowIdentityProviderConfig(identityProviderModel);
                }
                hashSet.remove(providerId);
            }
        }
        Assert.assertTrue(hashSet.isEmpty());
    }

    private void assertGoogleIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        OIDCIdentityProviderConfig config = new GoogleIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-google", config.getAlias());
        Assert.assertEquals("google", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(true, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(true, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
        Assert.assertEquals("https://accounts.google.com/o/oauth2/auth", config.getAuthorizationUrl());
        Assert.assertEquals("https://www.googleapis.com/oauth2/v3/token", config.getTokenUrl());
        Assert.assertEquals("https://www.googleapis.com/plus/v1/people/me/openIdConnect", config.getUserInfoUrl());
    }

    private void assertSamlIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        SAMLIdentityProviderConfig config = new SAMLIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-saml-signed-idp", config.getAlias());
        Assert.assertEquals("saml", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("http://localhost:8082/auth/realms/realm-with-saml-identity-provider/protocol/saml", config.getSingleSignOnServiceUrl());
        Assert.assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", config.getNameIDPolicyFormat());
        Assert.assertEquals("MIIDdzCCAl+gAwIBAgIEbySuqTANBgkqhkiG9w0BAQsFADBsMRAwDgYDVQQGEwdVbmtub3duMRAwDgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYDVQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTE1MDEyODIyMTYyMFoXDTE3MTAyNDIyMTYyMFowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAII/K9NNvXi9IySl7+l2zY/kKrGTtuR4WdCI0xLW/Jn4dLY7v1/HOnV4CC4ecFOzhdNFPtJkmEhP/q62CpmOYOKApXk3tfmm2rwEz9bWprVxgFGKnbrWlz61Z/cjLAlhD3IUj2ZRBquYgSXQPsYfXo1JmSWF5pZ9uh1FVqu9f4wvRqY20ZhUN+39F+1iaBsoqsrbXypCn1HgZkW1/9D9GZug1c3vB4wg1TwZZWRNGtxwoEhdK6dPrNcZ+6PdanVilWrbQFbBjY4wz8/7IMBzssoQ7Usmo8F1Piv0FGfaVeJqBrcAvbiBMpk8pT+27u6p8VyIX6LhGvnxIwM07NByeSUCAwEAAaMhMB8wHQYDVR0OBBYEFFlcNuTYwI9W0tQ224K1gFJlMam0MA0GCSqGSIb3DQEBCwUAA4IBAQB5snl1KWOJALtAjLqD0mLPg1iElmZP82Lq1htLBt3XagwzU9CaeVeCQ7lTp+DXWzPa9nCLhsC3QyrV3/+oqNli8C6NpeqI8FqN2yQW/QMWN1m5jWDbmrWwtQzRUn/rh5KEb5m3zPB+tOC6e/2bV3QeQebxeW7lVMD0tSCviUg1MQf1l2gzuXQo60411YwqrXwk6GMkDOhFDQKDlMchO3oRbQkGbcP8UeiKAXjMeHfzbiBr+cWz8NYZEtxUEDYDjTpKrYCSMJBXpmgVJCZ00BswbksxJwaGqGMPpUKmCV671pf3m8nq3xyiHMDGuGwtbU+GE8kVx85menmp8+964nin", config.getSigningCertificate());
        Assert.assertEquals(true, Boolean.valueOf(config.isWantAuthnRequestsSigned()));
        Assert.assertEquals(true, Boolean.valueOf(config.isForceAuthn()));
        Assert.assertEquals(true, Boolean.valueOf(config.isPostBindingAuthnRequest()));
        Assert.assertEquals(true, Boolean.valueOf(config.isPostBindingResponse()));
        Assert.assertEquals(true, Boolean.valueOf(config.isValidateSignature()));
    }

    private void assertOidcIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        OIDCIdentityProviderConfig config = new OIDCIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-oidc-idp", config.getAlias());
        Assert.assertEquals("oidc", config.getProviderId());
        Assert.assertEquals(false, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(false, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
    }

    private void assertFacebookIdentityProviderConfig(RealmModel realmModel, IdentityProviderModel identityProviderModel) {
        OAuth2IdentityProviderConfig config = new FacebookIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-facebook", config.getAlias());
        Assert.assertEquals("facebook", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(false, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
        Assert.assertEquals(realmModel.getBrowserFlow().getId(), identityProviderModel.getFirstBrokerLoginFlowId());
        Assert.assertNull(identityProviderModel.getPostBrokerLoginFlowId());
        Assert.assertEquals("https://graph.facebook.com/oauth/authorize", config.getAuthorizationUrl());
        Assert.assertEquals("https://graph.facebook.com/oauth/access_token", config.getTokenUrl());
        Assert.assertEquals("https://graph.facebook.com/me?fields=id,name,email,first_name,last_name", config.getUserInfoUrl());
    }

    private void assertGitHubIdentityProviderConfig(RealmModel realmModel, IdentityProviderModel identityProviderModel) {
        OAuth2IdentityProviderConfig config = new GitHubIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-github", config.getAlias());
        Assert.assertEquals("github", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(false, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
        Assert.assertEquals(realmModel.getFlowByAlias("first broker login").getId(), identityProviderModel.getFirstBrokerLoginFlowId());
        Assert.assertEquals(realmModel.getBrowserFlow().getId(), identityProviderModel.getPostBrokerLoginFlowId());
        Assert.assertEquals("https://github.com/login/oauth/authorize", config.getAuthorizationUrl());
        Assert.assertEquals("https://github.com/login/oauth/access_token", config.getTokenUrl());
        Assert.assertEquals("https://api.github.com/user", config.getUserInfoUrl());
    }

    private void assertLinkedInIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        OAuth2IdentityProviderConfig config = new LinkedInIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-linkedin", config.getAlias());
        Assert.assertEquals("linkedin", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(false, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
        Assert.assertEquals("https://www.linkedin.com/uas/oauth2/authorization", config.getAuthorizationUrl());
        Assert.assertEquals("https://www.linkedin.com/uas/oauth2/accessToken", config.getTokenUrl());
        Assert.assertEquals("https://api.linkedin.com/v1/people/~:(id,formatted-name,email-address,public-profile-url)?format=json", config.getUserInfoUrl());
    }

    private void assertStackoverflowIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        StackOverflowIdentityProviderConfig config = new StackoverflowIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-stackoverflow", config.getAlias());
        Assert.assertEquals("stackoverflow", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(false, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
        Assert.assertEquals("keyValue", config.getKey());
        Assert.assertEquals("https://stackexchange.com/oauth", config.getAuthorizationUrl());
        Assert.assertEquals("https://stackexchange.com/oauth/access_token", config.getTokenUrl());
        Assert.assertEquals("https://api.stackexchange.com/2.2/me?order=desc&sort=name&site=stackoverflow", config.getUserInfoUrl());
    }

    private void assertTwitterIdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        OAuth2IdentityProviderConfig config = new TwitterIdentityProviderFactory().create(identityProviderModel).getConfig();
        Assert.assertEquals("model-twitter", config.getAlias());
        Assert.assertEquals("twitter", config.getProviderId());
        Assert.assertEquals(true, Boolean.valueOf(config.isEnabled()));
        Assert.assertEquals(false, Boolean.valueOf(config.isTrustEmail()));
        Assert.assertEquals(false, Boolean.valueOf(config.isAuthenticateByDefault()));
        Assert.assertEquals(true, Boolean.valueOf(config.isStoreToken()));
        Assert.assertEquals("clientId", config.getClientId());
        Assert.assertEquals("clientSecret", config.getClientSecret());
    }

    private RealmModel installTestRealm() throws IOException {
        RealmRepresentation loadJson = loadJson("broker-test/test-realm-with-broker.json");
        Assert.assertNotNull(loadJson);
        Assert.assertEquals("realm-with-broker", loadJson.getRealm());
        RealmModel realm = this.realmManager.getRealm("realm-with-broker");
        if (realm == null) {
            RealmModel importRealm = this.realmManager.importRealm(loadJson);
            commit();
            realm = this.realmManager.getRealm(importRealm.getId());
            Assert.assertNotNull(realm);
        }
        return realm;
    }
}
