package org.keycloak.testsuite.broker;

import java.io.IOException;
import java.net.URI;
import java.util.Iterator;
import java.util.Set;
import javax.mail.MessagingException;
import javax.mail.Multipart;
import javax.mail.internet.MimeMessage;
import javax.ws.rs.core.UriBuilder;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Rule;
import org.keycloak.common.util.Time;
import org.keycloak.models.AuthenticatorConfigModel;
import org.keycloak.models.FederatedIdentityModel;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.KeycloakSessionTask;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.IDToken;
import org.keycloak.testsuite.MailUtil;
import org.keycloak.testsuite.OAuthClient;
import org.keycloak.testsuite.broker.util.UserSessionStatusServlet;
import org.keycloak.testsuite.pages.AccountFederatedIdentityPage;
import org.keycloak.testsuite.pages.AccountPasswordPage;
import org.keycloak.testsuite.pages.AccountUpdateProfilePage;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginUpdateProfilePage;
import org.keycloak.testsuite.pages.OAuthGrantPage;
import org.keycloak.testsuite.pages.VerifyEmailPage;
import org.keycloak.testsuite.rule.GreenMailRule;
import org.keycloak.testsuite.rule.LoggingRule;
import org.keycloak.testsuite.rule.WebResource;
import org.keycloak.testsuite.rule.WebRule;
import org.keycloak.util.JsonSerialization;
import org.openqa.selenium.WebDriver;

/* loaded from: input_file:org/keycloak/testsuite/broker/AbstractIdentityProviderTest.class */
public abstract class AbstractIdentityProviderTest {
    protected static final URI BASE_URI = UriBuilder.fromUri(AppPage.AUTH_SERVER_URL).build(new Object[0]);

    @ClassRule
    public static BrokerKeyCloakRule brokerServerRule = new BrokerKeyCloakRule();

    @WebResource
    protected WebDriver driver;

    @WebResource
    protected LoginPage loginPage;

    @WebResource
    protected LoginUpdateProfilePage updateProfilePage;

    @WebResource
    protected VerifyEmailPage verifyEmailPage;

    @WebResource
    protected OAuthClient oauth;

    @WebResource
    protected OAuthGrantPage grantPage;

    @WebResource
    AccountUpdateProfilePage accountUpdateProfilePage;

    @WebResource
    protected AccountPasswordPage changePasswordPage;

    @WebResource
    protected AccountFederatedIdentityPage accountFederatedIdentityPage;

    @WebResource
    protected ErrorPage errorPage;
    protected KeycloakSession session;

    @Rule
    public LoggingRule loggingRule = new LoggingRule(this);

    @Rule
    public WebRule webRule = new WebRule(this);

    @Rule
    public GreenMailRule greenMail = new GreenMailRule();
    protected int logoutTimeOffset = 0;

    @Before
    public void onBefore() {
        this.session = brokerServerRule.startSession();
        removeTestUsers();
        brokerServerRule.stopSession(this.session, true);
        this.session = brokerServerRule.startSession();
        Assert.assertNotNull(getIdentityProviderModel());
    }

    @After
    public void onAfter() {
        revokeGrant();
        brokerServerRule.stopSession(this.session, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserModel assertSuccessfulAuthentication(IdentityProviderModel identityProviderModel, String str, String str2, boolean z) {
        authenticateWithIdentityProvider(identityProviderModel, str, z);
        Assert.assertTrue("Bad current URL " + this.driver.getCurrentUrl() + " and page source: " + this.driver.getPageSource(), this.driver.getCurrentUrl().startsWith("http://localhost:8081/test-app"));
        UserModel federatedUser = getFederatedUser();
        Assert.assertNotNull(federatedUser);
        Assert.assertNotNull(federatedUser.getCreatedTimestamp());
        Assert.assertTrue(System.currentTimeMillis() - federatedUser.getCreatedTimestamp().longValue() < 10000);
        doAssertFederatedUser(federatedUser, identityProviderModel, str2, z);
        brokerServerRule.stopSession(this.session, true);
        this.session = brokerServerRule.startSession();
        Set federatedIdentities = this.session.users().getFederatedIdentities(federatedUser, getRealm());
        Assert.assertEquals(1L, federatedIdentities.size());
        FederatedIdentityModel federatedIdentityModel = (FederatedIdentityModel) federatedIdentities.iterator().next();
        Assert.assertEquals(getProviderId(), federatedIdentityModel.getIdentityProvider());
        Assert.assertEquals(federatedUser.getUsername(), federatedIdentityModel.getUserName());
        if (this.logoutTimeOffset > 0) {
            Time.setOffset(this.logoutTimeOffset);
        }
        try {
            this.driver.navigate().to("http://localhost:8081/test-app/logout");
            Time.setOffset(0);
            this.driver.navigate().to("http://localhost:8081/test-app");
            Assert.assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));
            return federatedUser;
        } catch (Throwable th) {
            Time.setOffset(0);
            throw th;
        }
    }

    protected void doAssertFederatedUserNoEmail(UserModel userModel) {
        Assert.assertEquals("kc-oidc-idp.test-user-noemail", userModel.getUsername());
        Assert.assertEquals((Object) null, userModel.getEmail());
        Assert.assertEquals("Test", userModel.getFirstName());
        Assert.assertEquals("User", userModel.getLastName());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void authenticateWithIdentityProvider(IdentityProviderModel identityProviderModel, String str, boolean z) {
        loginIDP(str);
        if (z) {
            this.updateProfilePage.assertCurrent();
            this.updateProfilePage.update("New first", "New last", "new@email.com");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loginIDP(String str) {
        this.driver.navigate().to("http://localhost:8081/test-app");
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));
        this.loginPage.clickSocial(getProviderId());
        Assert.assertTrue(this.driver.getCurrentUrl().startsWith("http://localhost:8082/auth/"));
        this.loginPage.login(str, "password");
        doAfterProviderAuthentication();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserModel getFederatedUser() {
        IDToken idToken = retrieveSessionStatus().getIdToken();
        KeycloakSession startSession = brokerServerRule.startSession();
        try {
            UserModel userById = startSession.users().getUserById(idToken.getSubject(), startSession.realms().getRealm("realm-with-broker"));
            brokerServerRule.stopSession(startSession, false);
            return userById;
        } catch (Throwable th) {
            brokerServerRule.stopSession(startSession, false);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doAfterProviderAuthentication() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void revokeGrant() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract String getProviderId();

    /* JADX INFO: Access modifiers changed from: protected */
    public IdentityProviderModel getIdentityProviderModel() {
        IdentityProviderModel identityProviderByAlias = getRealm().getIdentityProviderByAlias(getProviderId());
        Assert.assertNotNull(identityProviderByAlias);
        identityProviderByAlias.setEnabled(true);
        return identityProviderByAlias;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RealmModel getRealm() {
        return getRealm(this.session);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static RealmModel getRealm(KeycloakSession keycloakSession) {
        return keycloakSession.realms().getRealm("realm-with-broker");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doAssertFederatedUser(UserModel userModel, IdentityProviderModel identityProviderModel, String str, boolean z) {
        if (z) {
            Assert.assertEquals(str, userModel.getEmail());
            Assert.assertEquals("New first", userModel.getFirstName());
            Assert.assertEquals("New last", userModel.getLastName());
        } else {
            Assert.assertEquals(str, userModel.getEmail());
            Assert.assertEquals("Test", userModel.getFirstName());
            Assert.assertEquals("User", userModel.getLastName());
        }
    }

    private void removeTestUsers() {
        RealmModel realm = getRealm();
        for (UserModel userModel : this.session.users().getUsers(realm, true)) {
            Iterator it = this.session.users().getFederatedIdentities(userModel, realm).iterator();
            while (it.hasNext()) {
                this.session.users().removeFederatedIdentity(realm, userModel, ((FederatedIdentityModel) it.next()).getIdentityProvider());
            }
            if (!"pedroigor".equals(userModel.getUsername())) {
                this.session.users().removeUser(realm, userModel);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setUpdateProfileFirstLogin(final String str) {
        KeycloakModelUtils.runJobInTransaction(this.session.getKeycloakSessionFactory(), new KeycloakSessionTask() { // from class: org.keycloak.testsuite.broker.AbstractIdentityProviderTest.1
            public void run(KeycloakSession keycloakSession) {
                AbstractIdentityProviderTest.setUpdateProfileFirstLogin(AbstractIdentityProviderTest.getRealm(keycloakSession), str);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void setUpdateProfileFirstLogin(RealmModel realmModel, String str) {
        AuthenticatorConfigModel authenticatorConfigByAlias = realmModel.getAuthenticatorConfigByAlias("review profile config");
        authenticatorConfigByAlias.getConfig().put("update.profile.on.first.login", str);
        realmModel.updateAuthenticatorConfig(authenticatorConfigByAlias);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public UserSessionStatusServlet.UserSessionStatus retrieveSessionStatus() {
        UserSessionStatusServlet.UserSessionStatus userSessionStatus = null;
        try {
            userSessionStatus = (UserSessionStatusServlet.UserSessionStatus) JsonSerialization.readValue(this.driver.getPageSource().getBytes(), UserSessionStatusServlet.UserSessionStatus.class);
        } catch (IOException e) {
            e.printStackTrace();
        }
        return userSessionStatus;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getVerificationEmailLink(MimeMessage mimeMessage) throws IOException, MessagingException {
        Multipart multipart = (Multipart) mimeMessage.getContent();
        Assert.assertEquals("text/plain; charset=UTF-8", multipart.getBodyPart(0).getContentType());
        String link = MailUtil.getLink((String) multipart.getBodyPart(0).getContent());
        Assert.assertEquals("text/html; charset=UTF-8", multipart.getBodyPart(1).getContentType());
        String link2 = MailUtil.getLink((String) multipart.getBodyPart(1).getContent());
        Assert.assertEquals(link2, link);
        return link2;
    }
}
