package org.wso2.am.integration.tests.jwt;

import java.io.File;
import java.net.URL;
import java.rmi.RemoteException;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.HashMap;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.staxutils.PropertiesExpandingStreamReader;
import org.json.JSONObject;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;
import org.springframework.util.backoff.ExponentialBackOff;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.am.admin.clients.client.utils.AuthenticateStub;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.am.integration.test.utils.bean.APILifeCycleState;
import org.wso2.am.integration.test.utils.bean.APILifeCycleStateRequest;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.bean.APPKeyRequestGenerator;
import org.wso2.am.integration.test.utils.bean.SubscriptionRequest;
import org.wso2.am.integration.test.utils.clients.APIPublisherRestClient;
import org.wso2.am.integration.test.utils.clients.APIStoreRestClient;
import org.wso2.am.integration.test.utils.monitor.utils.WireMonitorServer;
import org.wso2.am.integration.tests.restapi.RESTAPITestConstants;
import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment;
import org.wso2.carbon.automation.engine.annotations.SetEnvironment;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;
import org.wso2.carbon.integration.common.utils.mgt.ServerConfigurationManager;
import org.wso2.carbon.tenant.mgt.stub.TenantMgtAdminServiceExceptionException;
import org.wso2.carbon.tenant.mgt.stub.TenantMgtAdminServiceStub;
import org.wso2.carbon.tenant.mgt.stub.beans.xsd.TenantInfoBean;

@SetEnvironment(executionEnvironments = {ExecutionEnvironment.STANDALONE})
/* loaded from: input_file:org/wso2/am/integration/tests/jwt/EmailUserNameJWTAssertionTestCase.class */
public class EmailUserNameJWTAssertionTestCase extends APIMIntegrationBaseTest {
    private APIStoreRestClient apiStore;
    private String consumerKey;
    private String consumerSecret;
    private String userName;
    private String password;
    private static final Log log = LogFactory.getLog(EmailUserNameJWTAssertionTestCase.class);

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init();
        this.userName = this.keyManagerContext.getContextTenant().getTenantAdmin().getUserName();
        this.password = this.keyManagerContext.getContextTenant().getTenantAdmin().getPassword();
        String webAppURLHttp = this.publisherUrls.getWebAppURLHttp();
        String webAppURLHttp2 = this.storeUrls.getWebAppURLHttp();
        String str = getAMResourceLocation() + File.separator + "configFiles/emailusernamejwttest/api-manager.xml";
        String str2 = getAMResourceLocation() + File.separator + "configFiles/emailusernamejwttest/user-mgt.xml";
        ServerConfigurationManager serverConfigurationManager = new ServerConfigurationManager(this.gatewayContextWrk);
        serverConfigurationManager.applyConfigurationWithoutRestart(new File(str));
        serverConfigurationManager.applyConfiguration(new File(str2));
        APIPublisherRestClient aPIPublisherRestClient = new APIPublisherRestClient(webAppURLHttp);
        this.apiStore = new APIStoreRestClient(webAppURLHttp2);
        aPIPublisherRestClient.login(this.userName, this.password);
        APIRequest aPIRequest = new APIRequest("test", "test", new URL("http://localhost:6789"));
        aPIRequest.setVisibility("public");
        aPIPublisherRestClient.addAPI(aPIRequest);
        aPIPublisherRestClient.changeAPILifeCycleStatus(new APILifeCycleStateRequest("test", this.userName, APILifeCycleState.PUBLISHED));
        this.apiStore.login(this.userName, this.password);
        this.apiStore.subscribe(new SubscriptionRequest("test", this.userName));
        JSONObject jSONObject = new JSONObject(this.apiStore.generateApplicationKey(new APPKeyRequestGenerator("DefaultApplication")).getData());
        this.consumerKey = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").get(RESTAPITestConstants.CONSUMER_KEY).toString();
        this.consumerSecret = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").get(RESTAPITestConstants.CONSUMER_SECRET).toString();
    }

    @Test(groups = {"wso2.am"}, description = "username JWT-Token Generation test for super tenant")
    public void userNameInSuperTenantJWTTokenTestCase() throws Exception {
        String string = new JSONObject(this.apiStore.generateUserAccessKey(this.consumerKey, this.consumerSecret, "grant_type=password&username=" + this.userName + "&password=" + this.password, new URL(this.gatewayUrlsWrk.getWebAppURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX)).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + string);
        Thread.sleep(ExponentialBackOff.DEFAULT_INITIAL_INTERVAL);
        WireMonitorServer wireMonitorServer = new WireMonitorServer(6789);
        wireMonitorServer.start();
        HttpRequestUtil.doGet(this.gatewayUrlsWrk.getWebAppURLNhttp() + "test/1.0.0/", hashMap);
        String capturedMessage = wireMonitorServer.getCapturedMessage();
        if (capturedMessage.contains("JWT-Assertion: ")) {
            String str = capturedMessage.split("JWT-Assertion: ")[1];
            int indexOf = str.indexOf(46);
            JSONObject jSONObject = new JSONObject(new String(Base64.decodeBase64(str.substring(indexOf + 1, str.indexOf(46, indexOf + 1)).getBytes())));
            Assert.assertEquals(jSONObject.get("iss"), "wso2.org/products/am");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/subscriber"), "admin");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationid"), CustomBooleanEditor.VALUE_1);
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationname"), "DefaultApplication");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationtier"), "Unlimited");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/apicontext"), "/test");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/version"), "1.0.0");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/tier"), "Gold");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/keytype"), "PRODUCTION");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/usertype"), "APPLICATION_USER");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/enduser"), "admin@carbon.super");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/enduserTenantId"), "-1234");
        }
    }

    @Test(groups = {"wso2.am"}, description = "email username JWT-Token Generation test for super tenant", dependsOnMethods = {"userNameInSuperTenantJWTTokenTestCase"})
    public void emailUserNameInSuperTenantJWTTokenTestCase() throws Exception {
        this.userManagementClient.addUser("admin@wso2.com", "admin123", new String[]{"Internal/subscriber"}, "admin2");
        String string = new JSONObject(this.apiStore.generateUserAccessKey(this.consumerKey, this.consumerSecret, "grant_type=password&username=admin@wso2.com" + PropertiesExpandingStreamReader.DELIMITER + "carbon.super&password=admin123", new URL(this.gatewayUrlsWrk.getWebAppURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX)).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + string);
        Thread.sleep(ExponentialBackOff.DEFAULT_INITIAL_INTERVAL);
        WireMonitorServer wireMonitorServer = new WireMonitorServer(6789);
        wireMonitorServer.start();
        HttpRequestUtil.doGet(this.gatewayUrlsWrk.getWebAppURLNhttp() + "test/1.0.0/", hashMap);
        String capturedMessage = wireMonitorServer.getCapturedMessage();
        if (capturedMessage.contains("JWT-Assertion: ")) {
            String str = capturedMessage.split("JWT-Assertion: ")[1];
            int indexOf = str.indexOf(46);
            JSONObject jSONObject = new JSONObject(new String(Base64.decodeBase64(str.substring(indexOf + 1, str.indexOf(46, indexOf + 1)).getBytes())));
            Assert.assertEquals(jSONObject.get("iss"), "wso2.org/products/am");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/subscriber"), "admin@wso2.com");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationid"), CustomBooleanEditor.VALUE_1);
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationname"), "DefaultApplication");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationtier"), "Unlimited");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/apicontext"), "/test");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/version"), "1.0.0");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/tier"), "Gold");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/keytype"), "PRODUCTION");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/usertype"), "APPLICATION_USER");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/enduser"), "admin@wso2.com@carbon.super");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/enduserTenantId"), "-1234");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/role"), "Internal/subscriber,Internal/everyone");
        }
    }

    @Test(groups = {"wso2.am"}, description = "username JWT-Token Generation test for  tenant")
    public void UserNameInTenantJWTTokenTestCase() throws Exception {
        String str = "tenant" + PropertiesExpandingStreamReader.DELIMITER + "adc.com";
        Assert.assertEquals(createTenantWithEmailUserName("tenant", "admin123", "adc.com", this.keyManagerContext.getContextUrls().getBackEndUrl()), true);
        new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), str, "admin123").addRemoveRolesOfUser(str, new String[]{"Internal/subscriber"}, (String[]) null);
        String string = new JSONObject(this.apiStore.generateUserAccessKey(this.consumerKey, this.consumerSecret, "grant_type=password&username=" + str + "&password=admin123", new URL(this.gatewayUrlsWrk.getWebAppURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX)).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + string);
        Thread.sleep(ExponentialBackOff.DEFAULT_INITIAL_INTERVAL);
        WireMonitorServer wireMonitorServer = new WireMonitorServer(6789);
        wireMonitorServer.start();
        HttpRequestUtil.doGet(this.gatewayUrlsWrk.getWebAppURLNhttp() + "test/1.0.0/", hashMap);
        String capturedMessage = wireMonitorServer.getCapturedMessage();
        if (capturedMessage.contains("JWT-Assertion: ")) {
            String str2 = capturedMessage.split("JWT-Assertion: ")[1];
            int indexOf = str2.indexOf(46);
            JSONObject jSONObject = new JSONObject(new String(Base64.decodeBase64(str2.substring(indexOf + 1, str2.indexOf(46, indexOf + 1)).getBytes())));
            Assert.assertEquals(jSONObject.get("iss"), "wso2.org/products/am");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/subscriber"), "admin");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationid"), CustomBooleanEditor.VALUE_1);
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationname"), "DefaultApplication");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationtier"), "Unlimited");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/apicontext"), "/test");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/version"), "1.0.0");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/tier"), "Gold");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/keytype"), "PRODUCTION");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/usertype"), "APPLICATION_USER");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/enduser"), "tenant@adc.com");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/givenname"), "admin");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/lastname"), "adminwso2automation");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/role"), "admin,Internal/subscriber,Internal/everyone");
        }
    }

    @Test(groups = {"wso2.am"}, description = "email username JWT-Token Generation test for  tenant")
    public void emailUserNameInTenantJWTTokenTestCase() throws Exception {
        String str = "tenant@wso2.com" + PropertiesExpandingStreamReader.DELIMITER + "adc.com";
        new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), "tenant@adc.com", "admin123").addUser("tenant@wso2.com", "admin123", new String[]{"Internal/subscriber"}, "abc");
        String string = new JSONObject(this.apiStore.generateUserAccessKey(this.consumerKey, this.consumerSecret, "grant_type=password&username=" + str + "&password=admin123", new URL(this.gatewayUrlsWrk.getWebAppURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX)).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + string);
        Thread.sleep(ExponentialBackOff.DEFAULT_INITIAL_INTERVAL);
        WireMonitorServer wireMonitorServer = new WireMonitorServer(6789);
        wireMonitorServer.start();
        HttpRequestUtil.doGet(this.gatewayUrlsWrk.getWebAppURLNhttp() + "test/1.0.0/", hashMap);
        String capturedMessage = wireMonitorServer.getCapturedMessage();
        if (capturedMessage.contains("JWT-Assertion: ")) {
            String str2 = capturedMessage.split("JWT-Assertion: ")[1];
            int indexOf = str2.indexOf(46);
            JSONObject jSONObject = new JSONObject(new String(Base64.decodeBase64(str2.substring(indexOf + 1, str2.indexOf(46, indexOf + 1)).getBytes())));
            Assert.assertEquals(jSONObject.get("iss"), "wso2.org/products/am");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/subscriber"), "admin");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationid"), CustomBooleanEditor.VALUE_1);
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationname"), "DefaultApplication");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/applicationtier"), "Unlimited");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/apicontext"), "/test");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/version"), "1.0.0");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/tier"), "Gold");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/keytype"), "PRODUCTION");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/usertype"), "APPLICATION_USER");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/enduser"), "tenant@wso2.com@adc.com");
            Assert.assertEquals(jSONObject.get("http://wso2.org/claims/role"), "Internal/subscriber,Internal/everyone");
        }
    }

    private boolean createTenantWithEmailUserName(String str, String str2, String str3, String str4) {
        boolean z = false;
        try {
            TenantMgtAdminServiceStub tenantMgtAdminServiceStub = new TenantMgtAdminServiceStub(str4 + "TenantMgtAdminService");
            AuthenticateStub.authenticateStub("admin", "admin", tenantMgtAdminServiceStub);
            Date date = new Date();
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.setTime(date);
            TenantInfoBean tenantInfoBean = new TenantInfoBean();
            tenantInfoBean.setActive(true);
            tenantInfoBean.setEmail("abc@fds.com");
            tenantInfoBean.setAdminPassword(str2);
            tenantInfoBean.setAdmin(str);
            tenantInfoBean.setTenantDomain(str3);
            tenantInfoBean.setCreatedDate(gregorianCalendar);
            tenantInfoBean.setFirstname("admin");
            tenantInfoBean.setLastname("adminwso2automation");
            tenantInfoBean.setSuccessKey("true");
            tenantInfoBean.setUsagePlan("demo");
            TenantInfoBean tenant = tenantMgtAdminServiceStub.getTenant(str3);
            if (!tenant.getActive() && tenant.getTenantId() != 0) {
                tenantMgtAdminServiceStub.activateTenant(str3);
                log.info("Tenant domain " + str3 + " Activated successfully");
            } else if (tenant.getActive()) {
                log.info("Tenant domain " + str3 + " already registered");
            } else {
                tenantMgtAdminServiceStub.addTenant(tenantInfoBean);
                tenantMgtAdminServiceStub.activateTenant(str3);
                log.info("Tenant domain " + str3 + " created and activated successfully");
                z = true;
            }
        } catch (TenantMgtAdminServiceExceptionException e) {
            log.error("Error connecting to the TenantMgtAdminService : ", e);
        } catch (RemoteException e2) {
            log.error("RemoteException thrown while adding user/tenants : ", e2);
        }
        return z;
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        super.cleanUp();
    }
}
