package org.keycloak.testsuite.federation.ldap.base;

import java.util.Arrays;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import javax.ws.rs.core.UriBuilder;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.RuleChain;
import org.junit.rules.TestRule;
import org.junit.runners.MethodSorters;
import org.keycloak.federation.ldap.LDAPFederationProvider;
import org.keycloak.federation.ldap.idm.model.LDAPObject;
import org.keycloak.models.ClientModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
import org.keycloak.protocol.oidc.mappers.UserAttributeMapper;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.federation.ldap.FederationTestUtils;
import org.keycloak.testsuite.federation.ldap.LDAPExampleServlet;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.LDAPRule;
import org.keycloak.testsuite.rule.WebResource;
import org.keycloak.testsuite.rule.WebRule;
import org.openqa.selenium.WebDriver;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/keycloak/testsuite/federation/ldap/base/LDAPMultipleAttributesTest.class */
public class LDAPMultipleAttributesTest {
    private static LDAPRule ldapRule = new LDAPRule();
    private static UserFederationProviderModel ldapModel = null;
    private static KeycloakRule keycloakRule = new KeycloakRule(new KeycloakRule.KeycloakSetup() { // from class: org.keycloak.testsuite.federation.ldap.base.LDAPMultipleAttributesTest.1
        @Override // org.keycloak.testsuite.rule.KeycloakRule.KeycloakSetup
        public void config(RealmManager realmManager, RealmModel realmModel, RealmModel realmModel2) {
            Map<String, String> config = LDAPMultipleAttributesTest.ldapRule.getConfig();
            config.put("editMode", UserFederationProvider.EditMode.WRITABLE.toString());
            UserFederationProviderModel unused = LDAPMultipleAttributesTest.ldapModel = realmModel2.addUserFederationProvider("ldap", config, 0, "test-ldap", -1, -1, 0);
            FederationTestUtils.addZipCodeLDAPMapper(realmModel2, LDAPMultipleAttributesTest.ldapModel);
            FederationTestUtils.addUserAttributeMapper(realmModel2, LDAPMultipleAttributesTest.ldapModel, "streetMapper", "street", "street");
            LDAPFederationProvider ldapProvider = FederationTestUtils.getLdapProvider(this.session, LDAPMultipleAttributesTest.ldapModel);
            FederationTestUtils.removeAllLDAPUsers(ldapProvider, realmModel2);
            FederationTestUtils.updateLDAPPassword(ldapProvider, FederationTestUtils.addLDAPUser(ldapProvider, realmModel2, "jbrown", "James", "Brown", "jbrown@keycloak.org", null, "88441"), "Password1");
            LDAPObject addLDAPUser = FederationTestUtils.addLDAPUser(ldapProvider, realmModel2, "bwilson", "Bruce", "Wilson", "bwilson@keycloak.org", "Elm 5", "88441", "77332");
            addLDAPUser.setAttribute("sn", new LinkedHashSet(Arrays.asList("Wilson", "Schneider")));
            ldapProvider.getLdapIdentityStore().update(addLDAPUser);
            FederationTestUtils.updateLDAPPassword(ldapProvider, addLDAPUser, "Password1");
            ClientModel createClient = KeycloakModelUtils.createClient(realmModel2, "ldap-portal");
            createClient.addRedirectUri("/ldap-portal");
            createClient.addRedirectUri("/ldap-portal/*");
            createClient.setManagementUrl("/ldap-portal");
            createClient.addProtocolMapper(UserAttributeMapper.createClaimMapper("postalCode", "postal_code", "postal_code", "String", true, "", true, true, true));
            createClient.addProtocolMapper(UserAttributeMapper.createClaimMapper("street", "street", "street", "String", true, "", true, true, false));
            createClient.addScopeMapping(realmModel2.getRole("user"));
            createClient.setSecret("password");
            LDAPMultipleAttributesTest.keycloakRule.createApplicationDeployment().name("ldap-portal").contextPath("/ldap-portal").servletClass(LDAPExampleServlet.class).adapterConfigPath(getClass().getResource("/ldap/ldap-app-keycloak.json").getPath()).role("user").deployApplication();
        }
    });

    @ClassRule
    public static TestRule chain = RuleChain.outerRule(ldapRule).around(keycloakRule);

    @WebResource
    protected WebDriver driver;

    @WebResource
    protected OAuthClient oauth;

    @WebResource
    protected LoginPage loginPage;
    protected String APP_SERVER_BASE_URL = "http://localhost:8081";
    protected String LOGIN_URL = OIDCLoginProtocolService.authUrl(UriBuilder.fromUri(this.APP_SERVER_BASE_URL + "/auth")).build(new Object[]{"test"}).toString();

    @Rule
    public WebRule webRule = new WebRule(this);

    @Test
    public void testModel() {
        KeycloakSession startSession = keycloakRule.startSession();
        try {
            RealmModel realmByName = startSession.realms().getRealmByName("test");
            FederationTestUtils.assertUserImported(startSession.users(), realmByName, "jbrown", "James", "Brown", "jbrown@keycloak.org", "88441");
            UserModel userByUsername = startSession.users().getUserByUsername("bwilson", realmByName);
            Assert.assertEquals("bwilson@keycloak.org", userByUsername.getEmail());
            Assert.assertEquals("Bruce", userByUsername.getFirstName());
            Assert.assertTrue("Wilson".equals(userByUsername.getLastName()) || "Schneider".equals(userByUsername.getLastName()));
            List<String> attribute = userByUsername.getAttribute("postal_code");
            assertPostalCodes(attribute, "88441", "77332");
            attribute.remove("77332");
            userByUsername.setAttribute("postal_code", attribute);
            keycloakRule.stopSession(startSession, true);
            startSession = keycloakRule.startSession();
            try {
                UserModel userByUsername2 = startSession.users().getUserByUsername("bwilson", startSession.realms().getRealmByName("test"));
                List<String> attribute2 = userByUsername2.getAttribute("postal_code");
                assertPostalCodes(attribute2, "88441");
                attribute2.add("77332");
                userByUsername2.setAttribute("postal_code", attribute2);
                keycloakRule.stopSession(startSession, true);
                startSession = keycloakRule.startSession();
                try {
                    assertPostalCodes(startSession.users().getUserByUsername("bwilson", startSession.realms().getRealmByName("test")).getAttribute("postal_code"), "88441", "77332");
                    keycloakRule.stopSession(startSession, true);
                } finally {
                    keycloakRule.stopSession(startSession, true);
                }
            } finally {
            }
        } finally {
        }
    }

    private void assertPostalCodes(List<String> list, String... strArr) {
        if (strArr == null && list.isEmpty()) {
            return;
        }
        Assert.assertEquals(strArr.length, list.size());
        for (String str : strArr) {
            if (!list.contains(str)) {
                Assert.fail("postalCode '" + str + "' not in postalCodes: " + list);
            }
        }
    }

    @Test
    public void ldapPortalEndToEndTest() {
        this.driver.navigate().to(this.APP_SERVER_BASE_URL + "/ldap-portal");
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith(this.LOGIN_URL));
        this.loginPage.login("bwilson", "Password1");
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith(this.APP_SERVER_BASE_URL + "/ldap-portal"));
        String pageSource = this.driver.getPageSource();
        System.out.println(pageSource);
        Assert.assertTrue(pageSource.contains("bwilson") && pageSource.contains("Bruce"));
        Assert.assertTrue(pageSource.contains("street") && pageSource.contains("Elm 5"));
        Assert.assertTrue(pageSource.contains("postal_code") && pageSource.contains("88441") && pageSource.contains("77332"));
        String uri = OIDCLoginProtocolService.logoutUrl(UriBuilder.fromUri(this.APP_SERVER_BASE_URL + "/auth")).queryParam("redirect_uri", new Object[]{this.APP_SERVER_BASE_URL + "/ldap-portal"}).build(new Object[]{"test"}).toString();
        this.driver.navigate().to(uri);
        this.driver.navigate().to(this.APP_SERVER_BASE_URL + "/ldap-portal");
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith(this.LOGIN_URL));
        this.loginPage.login("jbrown", "Password1");
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith(this.APP_SERVER_BASE_URL + "/ldap-portal"));
        String pageSource2 = this.driver.getPageSource();
        System.out.println(pageSource2);
        Assert.assertTrue(pageSource2.contains("jbrown") && pageSource2.contains("James Brown"));
        Assert.assertFalse(pageSource2.contains("street"));
        Assert.assertTrue(pageSource2.contains("postal_code") && pageSource2.contains("88441"));
        Assert.assertFalse(pageSource2.contains("77332"));
        this.driver.navigate().to(uri);
    }
}
