package org.keycloak.testsuite.model;

import java.util.List;
import java.util.Map;
import java.util.Set;
import org.junit.Assert;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.keycloak.models.AuthenticationFlowModel;
import org.keycloak.models.ClientModel;
import org.keycloak.models.ClientTemplateModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.ProtocolMapperModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.RequiredCredentialModel;
import org.keycloak.models.RoleModel;
import org.keycloak.models.UserConsentModel;
import org.keycloak.models.UserFederationMapperModel;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.testsuite.DummyUserFederationProviderFactory;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/keycloak/testsuite/model/ImportTest.class */
public class ImportTest extends AbstractModelTest {
    @Test
    public void demoDelete() throws Exception {
        this.realmManager.importRealm(AbstractModelTest.loadJson("model/testrealm2.json"));
        commit();
        this.realmManager.removeRealm(this.realmManager.getRealmByName("demo-delete"));
    }

    @Test
    public void install() throws Exception {
        RealmRepresentation loadJson = AbstractModelTest.loadJson("model/testrealm.json");
        loadJson.setId("demo");
        this.realmManager.importRealm(loadJson);
        commit();
        assertDataImportedInRealm(this.realmManager.getSession(), this.realmManager.getRealm("demo"));
        commit();
        this.realmManager.removeRealm(this.realmManager.getRealm("demo"));
    }

    public static void assertDataImportedInRealm(KeycloakSession keycloakSession, RealmModel realmModel) {
        Assert.assertTrue(realmModel.isVerifyEmail());
        Assert.assertEquals(3600000L, realmModel.getOfflineSessionIdleTimeout());
        Assert.assertEquals(1500L, realmModel.getAccessTokenLifespanForImplicitFlow());
        List requiredCredentials = realmModel.getRequiredCredentials();
        Assert.assertEquals(1L, requiredCredentials.size());
        Assert.assertEquals("password", ((RequiredCredentialModel) requiredCredentials.get(0)).getFormLabel());
        Assert.assertEquals(4L, realmModel.getDefaultRoles().size());
        Assert.assertNotNull(realmModel.getRole("foo"));
        Assert.assertNotNull(realmModel.getRole("bar"));
        Assert.assertNotNull(keycloakSession.users().getUserByUsername("loginclient", realmModel));
        Assert.assertEquals(0L, keycloakSession.users().getFederatedIdentities(r0, realmModel).size());
        Assert.assertEquals(8L, realmModel.getClients().size());
        ClientModel clientByClientId = realmModel.getClientByClientId("Application");
        ClientModel clientByClientId2 = realmModel.getClientByClientId("OtherApp");
        ClientModel clientByClientId3 = realmModel.getClientByClientId("account");
        ClientModel clientByClientId4 = realmModel.getClientByClientId("NonExisting");
        Assert.assertNotNull(clientByClientId);
        Assert.assertNotNull(clientByClientId2);
        Assert.assertNull(clientByClientId4);
        List clients = realmModel.getClients();
        Assert.assertEquals(8L, clients.size());
        Assert.assertTrue(clients.contains(clientByClientId));
        Assert.assertTrue(clients.contains(clientByClientId2));
        Assert.assertTrue(clients.contains(clientByClientId3));
        realmModel.getClients().containsAll(clients);
        Assert.assertEquals("Applicationn", clientByClientId.getName());
        Assert.assertEquals(50L, clientByClientId.getNodeReRegistrationTimeout());
        Map registeredNodes = clientByClientId.getRegisteredNodes();
        Assert.assertEquals(2L, registeredNodes.size());
        Assert.assertTrue(10 == ((Integer) registeredNodes.get("node1")).intValue());
        Assert.assertTrue(20 == ((Integer) registeredNodes.get("172.10.15.20")).intValue());
        Assert.assertEquals(clientByClientId.getClientAuthenticatorType(), "client-secret");
        Assert.assertEquals(clientByClientId2.getClientAuthenticatorType(), "client-jwt");
        Assert.assertNull(realmModel.getClientById("982734"));
        Assert.assertEquals(clientByClientId, realmModel.getClientById(clientByClientId.getId()));
        UserModel userByUsername = keycloakSession.users().getUserByUsername("admin", realmModel);
        Assert.assertNull(userByUsername.getCreatedTimestamp());
        Set roleMappings = userByUsername.getRoleMappings();
        Assert.assertEquals(3L, roleMappings.size());
        Assert.assertTrue(roleMappings.contains(realmModel.getRole("admin")));
        Assert.assertTrue(roleMappings.contains(clientByClientId.getRole("app-admin")));
        Assert.assertTrue(roleMappings.contains(clientByClientId2.getRole("otherapp-admin")));
        Assert.assertTrue(clientByClientId.getRole("app-admin").isScopeParamRequired());
        Assert.assertFalse(clientByClientId2.getRole("otherapp-admin").isScopeParamRequired());
        Assert.assertFalse(clientByClientId2.getRole("otherapp-user").isScopeParamRequired());
        UserModel userByUsername2 = keycloakSession.users().getUserByUsername("wburke", realmModel);
        Assert.assertEquals(new Long(123654L), userByUsername2.getCreatedTimestamp());
        Set roleMappings2 = userByUsername2.getRoleMappings();
        Assert.assertEquals(2L, roleMappings2.size());
        Assert.assertFalse(roleMappings2.contains(realmModel.getRole("admin")));
        Assert.assertTrue(roleMappings2.contains(clientByClientId.getRole("app-user")));
        Assert.assertTrue(roleMappings2.contains(clientByClientId2.getRole("otherapp-user")));
        Assert.assertEquals(0L, userByUsername2.getRealmRoleMappings().size());
        Assert.assertEquals(new Long(123655L), keycloakSession.users().getUserByUsername("loginclient", realmModel).getCreatedTimestamp());
        Set realmRoleMappings = userByUsername.getRealmRoleMappings();
        Assert.assertEquals(1L, realmRoleMappings.size());
        Assert.assertEquals("admin", ((RoleModel) realmRoleMappings.iterator().next()).getName());
        Set clientRoleMappings = userByUsername.getClientRoleMappings(clientByClientId);
        Assert.assertEquals(1L, clientRoleMappings.size());
        Assert.assertEquals("app-admin", ((RoleModel) clientRoleMappings.iterator().next()).getName());
        Map attributes = userByUsername2.getAttributes();
        Assert.assertEquals(1L, attributes.size());
        List list = (List) attributes.get("email");
        Assert.assertEquals(1L, list.size());
        Assert.assertEquals("bburke@redhat.com", list.get(0));
        Map attributes2 = userByUsername.getAttributes();
        Assert.assertEquals(2L, attributes2.size());
        List list2 = (List) attributes2.get("key1");
        Assert.assertEquals(1L, list2.size());
        Assert.assertEquals("val1", list2.get(0));
        List list3 = (List) attributes2.get("key2");
        Assert.assertEquals(2L, list3.size());
        Assert.assertTrue(list3.contains("val21") && list3.contains("val22"));
        ClientModel clientByClientId5 = realmModel.getClientByClientId("oauthclient");
        Assert.assertEquals("clientpassword", clientByClientId5.getSecret());
        Assert.assertEquals(true, Boolean.valueOf(clientByClientId5.isEnabled()));
        Assert.assertNotNull(clientByClientId5);
        Set scopeMappings = clientByClientId5.getScopeMappings();
        Assert.assertEquals(2L, scopeMappings.size());
        Assert.assertTrue(scopeMappings.contains(realmModel.getRole("admin")));
        Assert.assertTrue(scopeMappings.contains(clientByClientId.getRole("app-user")));
        Assert.assertTrue(clientByClientId5.getRealmScopeMappings().contains(realmModel.getRole("admin")));
        Assert.assertTrue(KeycloakModelUtils.getClientScopeMappings(clientByClientId, clientByClientId5).contains(clientByClientId.getRole("app-user")));
        UserModel userByUsername3 = keycloakSession.users().getUserByUsername("mySocialUser", realmModel);
        Set<FederatedIdentityModel> federatedIdentities = keycloakSession.users().getFederatedIdentities(userByUsername3, realmModel);
        Assert.assertEquals(3L, federatedIdentities.size());
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        for (FederatedIdentityModel federatedIdentityModel : federatedIdentities) {
            if ("facebook".equals(federatedIdentityModel.getIdentityProvider())) {
                z = true;
                Assert.assertEquals(federatedIdentityModel.getUserId(), "facebook1");
                Assert.assertEquals(federatedIdentityModel.getUserName(), "fbuser1");
            } else if ("google".equals(federatedIdentityModel.getIdentityProvider())) {
                z2 = true;
                Assert.assertEquals(federatedIdentityModel.getUserId(), "google1");
                Assert.assertEquals(federatedIdentityModel.getUserName(), "mysocialuser@gmail.com");
            } else if ("twitter".equals(federatedIdentityModel.getIdentityProvider())) {
                z3 = true;
                Assert.assertEquals(federatedIdentityModel.getUserId(), "twitter1");
                Assert.assertEquals(federatedIdentityModel.getUserName(), "twuser1");
            }
        }
        Assert.assertTrue(z && z3 && z2);
        Assert.assertEquals(keycloakSession.users().getUserByFederatedIdentity(new FederatedIdentityModel("facebook", "facebook1", "fbuser1"), realmModel).getUsername(), userByUsername3.getUsername());
        Assert.assertNull(keycloakSession.users().getUserByFederatedIdentity(new FederatedIdentityModel("facebook", "not-existing", "not-existing"), realmModel));
        FederatedIdentityModel federatedIdentity = keycloakSession.users().getFederatedIdentity(userByUsername3, "facebook", realmModel);
        Assert.assertEquals("facebook1", federatedIdentity.getUserId());
        Assert.assertEquals("fbuser1", federatedIdentity.getUserName());
        Assert.assertEquals("facebook", federatedIdentity.getIdentityProvider());
        Assert.assertTrue(keycloakSession.users().removeFederatedIdentity(realmModel, userByUsername3, "facebook"));
        Assert.assertNull(keycloakSession.users().getFederatedIdentity(userByUsername3, "facebook", realmModel));
        Assert.assertFalse(keycloakSession.users().removeFederatedIdentity(realmModel, userByUsername3, "facebook"));
        keycloakSession.users().addFederatedIdentity(realmModel, userByUsername3, new FederatedIdentityModel("facebook", "facebook1", "fbuser1"));
        Map smtpConfig = realmModel.getSmtpConfig();
        Assert.assertTrue(smtpConfig.size() == 3);
        Assert.assertEquals("auto@keycloak.org", smtpConfig.get("from"));
        Assert.assertEquals("localhost", smtpConfig.get("host"));
        Assert.assertEquals("3025", smtpConfig.get("port"));
        List identityProviders = realmModel.getIdentityProviders();
        Assert.assertEquals(1L, identityProviders.size());
        IdentityProviderModel identityProviderModel = (IdentityProviderModel) identityProviders.get(0);
        Assert.assertEquals("google1", identityProviderModel.getAlias());
        Assert.assertEquals("google", identityProviderModel.getProviderId());
        Assert.assertTrue(identityProviderModel.isEnabled());
        Assert.assertEquals("googleId", identityProviderModel.getConfig().get("clientId"));
        Assert.assertEquals("googleSecret", identityProviderModel.getConfig().get("clientSecret"));
        List userFederationProviders = realmModel.getUserFederationProviders();
        Assert.assertTrue(userFederationProviders.size() == 2);
        UserFederationProviderModel userFederationProviderModel = (UserFederationProviderModel) userFederationProviders.get(0);
        Assert.assertEquals("MyLDAPProvider1", userFederationProviderModel.getDisplayName());
        Assert.assertEquals("ldap", userFederationProviderModel.getProviderName());
        Assert.assertEquals(1L, userFederationProviderModel.getPriority());
        Assert.assertEquals("ldap://foo", userFederationProviderModel.getConfig().get("connectionUrl"));
        UserFederationProviderModel userFederationProviderModel2 = (UserFederationProviderModel) userFederationProviders.get(1);
        Assert.assertEquals("MyLDAPProvider2", userFederationProviderModel2.getDisplayName());
        Assert.assertEquals("ldap://bar", userFederationProviderModel2.getConfig().get("connectionUrl"));
        Set userFederationMappersByFederationProvider = realmModel.getUserFederationMappersByFederationProvider(userFederationProviderModel.getId());
        Assert.assertTrue(userFederationMappersByFederationProvider.size() == 1);
        UserFederationMapperModel userFederationMapperModel = (UserFederationMapperModel) userFederationMappersByFederationProvider.iterator().next();
        Assert.assertEquals("FullNameMapper", userFederationMapperModel.getName());
        Assert.assertEquals("full-name-ldap-mapper", userFederationMapperModel.getFederationMapperType());
        Assert.assertEquals(userFederationProviderModel.getId(), userFederationMapperModel.getFederationProviderId());
        Assert.assertEquals("cn", userFederationMapperModel.getConfig().get("ldap.full.name.attribute"));
        Assert.assertTrue(realmModel.getUserFederationMappersByFederationProvider(userFederationProviderModel2.getId()).size() > 3);
        Assert.assertEquals(realmModel.getUserFederationMappers().size(), userFederationMappersByFederationProvider.size() + r0.size());
        Assert.assertNull(keycloakSession.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, DummyUserFederationProviderFactory.PROVIDER_NAME).getInstance(keycloakSession, (UserFederationProviderModel) null).getUserByUsername(realmModel, "wburke"));
        AuthenticationFlowModel clientAuthenticationFlow = realmModel.getClientAuthenticationFlow();
        Assert.assertEquals("clients", clientAuthenticationFlow.getAlias());
        Assert.assertNotNull(realmModel.getAuthenticationFlowById(clientAuthenticationFlow.getId()));
        Assert.assertTrue(realmModel.getAuthenticationExecutions(clientAuthenticationFlow.getId()).size() > 0);
        AuthenticationFlowModel resetCredentialsFlow = realmModel.getResetCredentialsFlow();
        Assert.assertEquals("reset credentials", resetCredentialsFlow.getAlias());
        Assert.assertNotNull(realmModel.getAuthenticationFlowById(resetCredentialsFlow.getId()));
        Assert.assertTrue(realmModel.getAuthenticationExecutions(resetCredentialsFlow.getId()).size() > 0);
        Assert.assertNotNull(clientByClientId.getProtocolMapperByName("openid-connect", "username"));
        Assert.assertNotNull(clientByClientId.getProtocolMapperByName("openid-connect", "email"));
        Assert.assertNotNull(clientByClientId.getProtocolMapperByName("openid-connect", "given name"));
        Assert.assertNull(clientByClientId.getProtocolMapperByName("openid-connect", "gss delegation credential"));
        Assert.assertEquals(1L, clientByClientId2.getProtocolMappers().size());
        Assert.assertNull(clientByClientId2.getProtocolMapperByName("openid-connect", "username"));
        ProtocolMapperModel protocolMapperByName = clientByClientId2.getProtocolMapperByName("openid-connect", "gss delegation credential");
        assertGssProtocolMapper(protocolMapperByName);
        List clientTemplates = realmModel.getClientTemplates();
        Assert.assertEquals(1L, clientTemplates.size());
        ClientTemplateModel clientTemplateModel = (ClientTemplateModel) clientTemplates.get(0);
        Assert.assertEquals("foo-template", clientTemplateModel.getName());
        Assert.assertEquals("foo-template-desc", clientTemplateModel.getDescription());
        Assert.assertEquals("openid-connect", clientTemplateModel.getProtocol());
        Assert.assertEquals(1L, clientTemplateModel.getProtocolMappers().size());
        assertGssProtocolMapper(clientTemplateModel.getProtocolMapperByName("openid-connect", "gss delegation credential"));
        Set scopeMappings2 = clientTemplateModel.getScopeMappings();
        Assert.assertEquals(3L, scopeMappings2.size());
        Assert.assertTrue(scopeMappings2.contains(realmModel.getRole("admin")));
        Assert.assertTrue(scopeMappings2.contains(clientByClientId.getRole("app-user")));
        Assert.assertTrue(scopeMappings2.contains(clientByClientId.getRole("app-admin")));
        Assert.assertTrue(clientTemplateModel.getRealmScopeMappings().contains(realmModel.getRole("admin")));
        Set clientScopeMappings = KeycloakModelUtils.getClientScopeMappings(clientByClientId, clientTemplateModel);
        Assert.assertTrue(clientScopeMappings.contains(clientByClientId.getRole("app-user")));
        Assert.assertTrue(clientScopeMappings.contains(clientByClientId.getRole("app-admin")));
        UserModel userByUsername4 = keycloakSession.users().getUserByUsername("admin", realmModel);
        Assert.assertEquals(2L, keycloakSession.users().getConsents(realmModel, userByUsername4).size());
        UserConsentModel consentByClient = keycloakSession.users().getConsentByClient(realmModel, userByUsername4, clientByClientId.getId());
        Assert.assertEquals(2L, consentByClient.getGrantedRoles().size());
        Assert.assertTrue(consentByClient.getGrantedProtocolMappers() == null || consentByClient.getGrantedProtocolMappers().isEmpty());
        Assert.assertTrue(consentByClient.isRoleGranted(realmModel.getRole("admin")));
        Assert.assertTrue(consentByClient.isRoleGranted(clientByClientId.getRole("app-admin")));
        UserConsentModel consentByClient2 = keycloakSession.users().getConsentByClient(realmModel, userByUsername4, clientByClientId2.getId());
        Assert.assertEquals(1L, consentByClient2.getGrantedRoles().size());
        Assert.assertEquals(1L, consentByClient2.getGrantedProtocolMappers().size());
        Assert.assertTrue(consentByClient2.isRoleGranted(realmModel.getRole("admin")));
        Assert.assertFalse(consentByClient2.isRoleGranted(clientByClientId.getRole("app-admin")));
        Assert.assertTrue(consentByClient2.isProtocolMapperGranted(protocolMapperByName));
        Assert.assertTrue(clientByClientId.isStandardFlowEnabled());
        Assert.assertTrue(clientByClientId.isImplicitFlowEnabled());
        Assert.assertTrue(clientByClientId.isDirectAccessGrantsEnabled());
        Assert.assertFalse(clientByClientId2.isStandardFlowEnabled());
        Assert.assertFalse(clientByClientId2.isImplicitFlowEnabled());
        Assert.assertFalse(clientByClientId2.isDirectAccessGrantsEnabled());
        Assert.assertFalse(clientByClientId.isServiceAccountsEnabled());
        Assert.assertTrue(clientByClientId2.isServiceAccountsEnabled());
        Assert.assertNull(keycloakSession.users().getServiceAccount(clientByClientId));
        UserModel serviceAccount = keycloakSession.users().getServiceAccount(clientByClientId2);
        Assert.assertNotNull(serviceAccount);
        Assert.assertEquals("my-service-user", serviceAccount.getUsername());
    }

    @Test
    public void install2() throws Exception {
        RealmManager realmManager = this.realmManager;
        RealmRepresentation loadJson = AbstractModelTest.loadJson("model/testrealm-demo.json");
        loadJson.setId("demo");
        RealmModel importRealm = realmManager.importRealm(loadJson);
        Assert.assertEquals(600L, importRealm.getAccessCodeLifespanUserAction());
        Assert.assertEquals(900L, importRealm.getAccessTokenLifespanForImplicitFlow());
        Assert.assertEquals(2592000L, importRealm.getOfflineSessionIdleTimeout());
        verifyRequiredCredentials(importRealm.getRequiredCredentials(), "password");
    }

    private void verifyRequiredCredentials(List<RequiredCredentialModel> list, String str) {
        Assert.assertEquals(1L, list.size());
        Assert.assertEquals(str, list.get(0).getType());
    }

    private static void assertGssProtocolMapper(ProtocolMapperModel protocolMapperModel) {
        Assert.assertEquals("gss delegation credential", protocolMapperModel.getName());
        Assert.assertEquals("openid-connect", protocolMapperModel.getProtocol());
        Assert.assertEquals("oidc-usersessionmodel-note-mapper", protocolMapperModel.getProtocolMapper());
        String str = (String) protocolMapperModel.getConfig().get("access.token.claim");
        String str2 = (String) protocolMapperModel.getConfig().get("id.token.claim");
        Assert.assertTrue(str.equalsIgnoreCase("true"));
        Assert.assertTrue(str2 == null || !Boolean.parseBoolean(str2));
    }
}
