package org.wso2.am.integration.tests.token;

import java.net.URL;
import java.util.HashMap;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONArray;
import org.json.JSONObject;
import org.springframework.util.backoff.ExponentialBackOff;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.am.integration.test.utils.bean.APILifeCycleState;
import org.wso2.am.integration.test.utils.bean.APILifeCycleStateRequest;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.bean.APPKeyRequestGenerator;
import org.wso2.am.integration.test.utils.bean.SubscriptionRequest;
import org.wso2.am.integration.test.utils.clients.APIPublisherRestClient;
import org.wso2.am.integration.test.utils.clients.APIStoreRestClient;
import org.wso2.am.integration.test.utils.generic.APIMTestCaseUtils;
import org.wso2.am.integration.tests.restapi.RESTAPITestConstants;
import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment;
import org.wso2.carbon.automation.engine.annotations.SetEnvironment;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;

@SetEnvironment(executionEnvironments = {ExecutionEnvironment.STANDALONE})
/* loaded from: input_file:org/wso2/am/integration/tests/token/TokenAPITestCase.class */
public class TokenAPITestCase extends APIMIntegrationBaseTest {
    private APIPublisherRestClient apiPublisher;
    private APIStoreRestClient apiStore;
    private static final Log log = LogFactory.getLog(TokenAPITestCase.class);

    @Factory(dataProvider = "userModeDataProvider")
    public TokenAPITestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}};
    }

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init(this.userMode);
        this.apiPublisher = new APIPublisherRestClient(getPublisherURLHttp());
        this.apiStore = new APIStoreRestClient(getStoreURLHttp());
        this.apiPublisher.login(this.user.getUserName(), this.user.getPassword());
        this.apiStore.login(this.user.getUserName(), this.user.getPassword());
    }

    @Test(groups = {"wso2.am"}, description = "Token API Test other")
    public void testTokenAPITestCase() throws Exception {
        String str = getGatewayURLHttp() + "jaxrs_basic/services/customers/customerservice";
        String userName = this.publisherContext.getContextTenant().getContextUser().getUserName();
        APIRequest aPIRequest = new APIRequest("TokenTestAPI", "tokenTestAPI", new URL(str), new URL(str));
        aPIRequest.setTags("youtube, token, media");
        aPIRequest.setDescription("This is test API create by API manager integration test");
        aPIRequest.setVersion("1.0.0");
        aPIRequest.setSandbox(str);
        aPIRequest.setProvider(this.user.getUserName());
        this.apiPublisher.addAPI(aPIRequest);
        this.apiPublisher.changeAPILifeCycleStatus(new APILifeCycleStateRequest("TokenTestAPI", userName, APILifeCycleState.PUBLISHED));
        String aPIInvocationURLHttp = getAPIInvocationURLHttp("tokenTestAPI/1.0.0/customers/123");
        this.apiStore.addApplication("TokenTestAPI-Application", "Unlimited", "", "this-is-test");
        SubscriptionRequest subscriptionRequest = new SubscriptionRequest("TokenTestAPI", this.storeContext.getContextTenant().getContextUser().getUserName());
        subscriptionRequest.setTier("Gold");
        subscriptionRequest.setApplicationName("TokenTestAPI-Application");
        this.apiStore.subscribe(subscriptionRequest);
        APPKeyRequestGenerator aPPKeyRequestGenerator = new APPKeyRequestGenerator("TokenTestAPI-Application");
        aPPKeyRequestGenerator.setKeyType("SANDBOX");
        String obj = new JSONObject(this.apiStore.generateApplicationKey(aPPKeyRequestGenerator).getData()).getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").get("accessToken").toString();
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + obj);
        log.info("Response " + HttpRequestUtil.doGet(aPIInvocationURLHttp, hashMap));
        JSONObject jSONObject = new JSONObject(this.apiStore.generateApplicationKey(new APPKeyRequestGenerator("TokenTestAPI-Application")).getData());
        String obj2 = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").get("accessToken").toString();
        String string = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").getString(RESTAPITestConstants.CONSUMER_KEY);
        String string2 = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").getString(RESTAPITestConstants.CONSUMER_SECRET);
        Thread.sleep(ExponentialBackOff.DEFAULT_INITIAL_INTERVAL);
        JSONObject jSONObject2 = new JSONObject(this.apiStore.generateUserAccessKey(string, string2, "grant_type=password&username=" + this.user.getUserName() + "&password=admin&scope=PRODUCTION", new URL(getGatewayURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX)).getData());
        String string3 = jSONObject2.getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        log.info(jSONObject2.getString("refresh_token"));
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "Bearer " + string3);
        hashMap2.put("accept", "text/xml");
        Thread.sleep(ExponentialBackOff.DEFAULT_INITIAL_INTERVAL);
        HttpResponse doGet = HttpRequestUtil.doGet(aPIInvocationURLHttp, hashMap2);
        Assert.assertEquals(doGet.getResponseCode(), Response.Status.OK.getStatusCode(), "Response code mismatched");
        Assert.assertTrue(doGet.getData().contains("John"), "Response data mismatched");
        Assert.assertTrue(doGet.getData().contains("<name"), "Response data mismatched");
        Assert.assertTrue(doGet.getData().contains("<Customer>"), "Response data mismatched");
        hashMap2.clear();
        hashMap2.put("Authorization", "Bearer " + obj2);
        hashMap2.put("accept", "text/xml");
        HttpResponse doGet2 = HttpRequestUtil.doGet(aPIInvocationURLHttp, hashMap2);
        Assert.assertEquals(doGet2.getResponseCode(), Response.Status.OK.getStatusCode(), "Response code mismatched");
        Assert.assertTrue(doGet2.getData().contains("John"), "Response data mismatched");
        Assert.assertTrue(doGet2.getData().contains("<name>"), "Response data mismatched");
        Assert.assertTrue(doGet2.getData().contains("<Customer>"), "Response data mismatched");
        HttpResponse doGet3 = HttpRequestUtil.doGet(aPIInvocationURLHttp, hashMap2);
        log.info("Response " + doGet3);
        Assert.assertEquals(doGet3.getResponseCode(), 200, "Response code mismatched");
        log.info("Error response " + HttpRequestUtil.doGet(aPIInvocationURLHttp, hashMap2));
        this.apiPublisher.revokeAccessToken(obj2, string, userName);
        hashMap2.clear();
        hashMap2.put("Authorization", "Bearer this-is-incorrect-token");
        hashMap2.put("accept", "text/xml");
        HttpResponse doGet4 = HttpRequestUtil.doGet(aPIInvocationURLHttp, hashMap2);
        Assert.assertEquals(doGet4.getResponseCode(), 401, "Response code mismatched while token API test case");
        try {
            doGet4 = HttpRequestUtil.doGet(getAPIInvocationURLHttp("tokenTestAPI/1.0.0/most_popular"), hashMap2);
            log.info("Error Response " + doGet4);
        } catch (Exception e) {
        }
        Assert.assertEquals(doGet4.getResponseCode(), 401, "Response code mismatched while token API test case");
    }

    @Test(groups = {"wso2.am"}, description = "Token equality test")
    public void testTokenEqualityBeforeExpiration() throws Exception {
        this.apiStore.login(this.user.getUserName(), this.user.getPassword());
        this.apiStore.addApplication("TokenTestApp", "Unlimited", "", "this-is-test");
        JSONObject jSONObject = new JSONObject(this.apiStore.generateApplicationKey(new APPKeyRequestGenerator("TokenTestApp")).getData());
        String string = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").getString(RESTAPITestConstants.CONSUMER_KEY);
        String string2 = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").getString(RESTAPITestConstants.CONSUMER_SECRET);
        URL url = new URL(this.gatewayUrlsWrk.getWebAppURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX);
        String str = "grant_type=password&username=" + this.user.getUserName() + "&password=" + this.user.getPassword() + "&scope=default";
        Assert.assertEquals(new JSONObject(this.apiStore.generateUserAccessKey(string, string2, str, url).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT), new JSONObject(this.apiStore.generateUserAccessKey(string, string2, str, url).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT), "Token mismatch while generating access token twice.");
    }

    @Test(groups = {"wso2.am"}, description = "JWT Token API Test other")
    public void testJWTTokenAPITestCase() throws Exception {
        String str = getGatewayURLHttp() + "jaxrs_basic/services/customers/customerservice";
        String userName = this.publisherContext.getContextTenant().getContextUser().getUserName();
        APIRequest aPIRequest = new APIRequest("JWTTokenTestAPI", "jwtTokenTestAPI", new URL(str), new URL(str));
        aPIRequest.setTags("jwt, token");
        aPIRequest.setDescription("This is test API create by API manager integration test");
        aPIRequest.setVersion("1.0.0");
        aPIRequest.setSandbox(str);
        aPIRequest.setProvider(this.user.getUserName());
        this.apiPublisher.addAPI(aPIRequest);
        this.apiPublisher.changeAPILifeCycleStatus(new APILifeCycleStateRequest("JWTTokenTestAPI", userName, APILifeCycleState.PUBLISHED));
        Thread.sleep(10000L);
        this.apiStore.addApplicationWithTokenType("JWTTokenTestAPI-Application", "Unlimited", "", "this-is-test", "JWT");
        SubscriptionRequest subscriptionRequest = new SubscriptionRequest("JWTTokenTestAPI", this.storeContext.getContextTenant().getContextUser().getUserName());
        subscriptionRequest.setTier("Gold");
        subscriptionRequest.setApplicationName("JWTTokenTestAPI-Application");
        this.apiStore.subscribe(subscriptionRequest);
        APPKeyRequestGenerator aPPKeyRequestGenerator = new APPKeyRequestGenerator("JWTTokenTestAPI-Application");
        aPPKeyRequestGenerator.setKeyType("SANDBOX");
        JSONObject jSONObject = new JSONObject(APIMTestCaseUtils.getDecodedJWT(new JSONObject(this.apiStore.generateApplicationKey(aPPKeyRequestGenerator).getData()).getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").get("accessToken").toString()));
        JSONObject jSONObject2 = new JSONObject(jSONObject.getString("application"));
        Assert.assertEquals(jSONObject2.get("name"), "JWTTokenTestAPI-Application");
        Assert.assertEquals(jSONObject2.get("tier"), "Unlimited");
        Assert.assertTrue(jSONObject2.get("owner").toString().contains("admin"));
        JSONObject jSONObject3 = (JSONObject) new JSONArray(jSONObject.getString("subscribedAPIs")).get(0);
        Assert.assertEquals(jSONObject3.get("name"), "JWTTokenTestAPI");
        Assert.assertEquals(jSONObject3.get("context"), "/jwtTokenTestAPI/1.0.0");
        Assert.assertEquals(jSONObject3.get("version"), "1.0.0");
        Assert.assertTrue(jSONObject3.get("publisher").toString().contains("admin"));
        Assert.assertEquals(jSONObject3.get("subscriptionTier"), "Gold");
        Assert.assertEquals(jSONObject3.get("subscriberTenantDomain"), "carbon.super");
        Assert.assertEquals("SANDBOX", jSONObject.getString("keytype"));
        Assert.assertEquals("PRODUCTION", new JSONObject(APIMTestCaseUtils.getDecodedJWT(new JSONObject(this.apiStore.generateApplicationKey(new APPKeyRequestGenerator("JWTTokenTestAPI-Application")).getData()).getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").get("accessToken").toString())).getString("keytype"));
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        this.apiStore.removeApplication("TokenTestAPI-Application");
        super.cleanUp();
    }
}
