package org.wso2.am.integration.tests.api.lifecycle;

import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIEndpointSecurityDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.test.utils.bean.APICreationRequestBean;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.carbon.apimgt.api.model.APIIdentifier;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;

/* loaded from: input_file:org/wso2/am/integration/tests/api/lifecycle/ChangeEndPointSecurityOfAPITestCase.class */
public class ChangeEndPointSecurityOfAPITestCase extends APIManagerLifecycleBaseTest {
    private static final Log log = LogFactory.getLog(ChangeEndPointSecurityOfAPITestCase.class);
    private final String API_NAME = "ChangeEndPointSecurityOfAPITest";
    private final String API_CONTEXT = "ChangeEndPointSecurityOfAPI";
    private final String API_TAGS = "security, username, password";
    private final String API_END_POINT_POSTFIX_URL = "jaxrs_basic/services/customers/customerservice/";
    private final String API_DESCRIPTION = "This is test API create by API manager integration test";
    private final String API_VERSION_1_0_0 = "1.0.0";
    private final String APPLICATION_NAME = "ChangeEndPointSecurityOfAPI";
    private HashMap<String, String> requestHeadersGet;
    private String providerName;
    private String apiEndPointUrl;
    private APIIdentifier apiIdentifier;
    private String applicationID;
    private String apiID;

    @Factory(dataProvider = "userModeDataProvider")
    public ChangeEndPointSecurityOfAPITestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    @BeforeClass(alwaysRun = true)
    public void initialize() throws Exception {
        super.init();
        this.apiEndPointUrl = this.backEndServerUrl.getWebAppURLHttp() + "jaxrs_basic/services/customers/customerservice/";
        this.providerName = this.user.getUserName();
        this.requestHeadersGet = new HashMap<>();
        this.requestHeadersGet.put("accept", "text/plain");
        this.requestHeadersGet.put("Content-Type", "text/plain");
        this.apiIdentifier = new APIIdentifier(this.providerName, "ChangeEndPointSecurityOfAPITest", "1.0.0");
        this.applicationID = this.restAPIStore.addApplication("ChangeEndPointSecurityOfAPI", "Unlimited", "", "").getApplicationId();
    }

    @Test(groups = {"wso2.am"}, description = "Test the API with endpoint security enabled with simple password that only has characters and numbers")
    public void testInvokeGETResourceWithSecuredEndPointPasswordOnlyNumbersAndLetters() throws Exception {
        char[] cArr = {'a', 'd', 'm', 'i', 'n', '1', '2', '3'};
        String printBase64Binary = DatatypeConverter.printBase64Binary(("admin1:" + String.valueOf(cArr)).getBytes());
        APICreationRequestBean aPICreationRequestBean = new APICreationRequestBean("ChangeEndPointSecurityOfAPITest", "ChangeEndPointSecurityOfAPI", "1.0.0", this.providerName, new URL(this.apiEndPointUrl));
        aPICreationRequestBean.setTags("security, username, password");
        aPICreationRequestBean.setDescription("This is test API create by API manager integration test");
        aPICreationRequestBean.setEndpointType(APIEndpointSecurityDTO.TypeEnum.BASIC.getValue());
        aPICreationRequestBean.setEpUsername("admin1");
        aPICreationRequestBean.setEpPassword(String.valueOf(cArr));
        aPICreationRequestBean.setTier("Unlimited");
        aPICreationRequestBean.setTiersCollection("Unlimited");
        APIIdentifier aPIIdentifier = new APIIdentifier(this.providerName, "ChangeEndPointSecurityOfAPITest", "1.0.0");
        aPIIdentifier.setTier("Unlimited");
        this.apiID = createPublishAndSubscribeToAPI(aPIIdentifier, aPICreationRequestBean, this.restAPIPublisher, this.restAPIStore, this.applicationID, "Unlimited").getId();
        waitForAPIDeploymentSync(this.user.getUserName(), "ChangeEndPointSecurityOfAPITest", "1.0.0", "\"isApiExists\":true");
        ArrayList arrayList = new ArrayList();
        arrayList.add("client_credentials");
        this.requestHeadersGet.put("Authorization", "Bearer " + this.restAPIStore.generateKeys(this.applicationID, "3600", (String) null, ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, (ArrayList) null, arrayList).getToken().getAccessToken());
        HttpResponse doGet = HTTPSClientUtils.doGet(getAPIInvocationURLHttp("ChangeEndPointSecurityOfAPI", "1.0.0") + "/sec", this.requestHeadersGet);
        Assert.assertEquals(doGet.getResponseCode(), HTTP_RESPONSE_CODE_OK, "Invocation fails for GET request for endpoint type secured. username:admin1 password:" + String.valueOf(cArr));
        Assert.assertTrue(doGet.getData().contains(printBase64Binary), "Response Data not match for GET request for endpoint type secured. Expected value :" + printBase64Binary + " not contains in response data:" + doGet.getData() + "username:admin1 password:" + String.valueOf(cArr));
    }

    @Test(groups = {"wso2.am"}, description = "Test the API with endpoint security enabled with complex password", dependsOnMethods = {"testInvokeGETResourceWithSecuredEndPointPasswordOnlyNumbersAndLetters"})
    public void testInvokeGETResourceWithSecuredEndPointComplexPassword() throws Exception {
        APIDTO aPIByID = this.restAPIPublisher.getAPIByID(this.apiID, this.user.getUserDomain());
        for (char c : new char[]{'!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '_', '-', '+', '=', '{', '[', '}', ']', '|', '\\', ':', ';', '\"', '\'', '<', ',', '>', '.', '?', '/'}) {
            char[] cArr = {'a', 'b', 'c', 'd', c, 'e', 'f', 'g', 'h', 'i', 'j', 'k'};
            String printBase64Binary = DatatypeConverter.printBase64Binary(("user:" + String.valueOf(cArr)).getBytes());
            APIEndpointSecurityDTO endpointSecurity = aPIByID.getEndpointSecurity();
            endpointSecurity.setUsername("user");
            endpointSecurity.setPassword(String.valueOf(cArr));
            aPIByID.setEndpointSecurity(endpointSecurity);
            this.restAPIPublisher.updateAPI(aPIByID);
            waitForAPIDeployment();
            int i = 0;
            while (true) {
                if (i <= 3) {
                    HttpResponse doGet = HTTPSClientUtils.doGet(getAPIInvocationURLHttp("ChangeEndPointSecurityOfAPI", "1.0.0") + "/sec", this.requestHeadersGet);
                    Assert.assertEquals(doGet.getResponseCode(), HTTP_RESPONSE_CODE_OK, "Invocation fails for GET request for endpoint type secured. username:user password:" + String.valueOf(cArr));
                    if (doGet.getData().contains(printBase64Binary)) {
                        Assert.assertTrue(true);
                        break;
                    }
                    if (i == 3) {
                        log.error("Max retry count reached!!!");
                        Assert.fail("Response Data not match for GET request for endpoint type secured. Expected value : " + printBase64Binary + " not contains in response data: " + doGet.getData() + " username:user password:" + String.valueOf(cArr));
                    } else {
                        log.warn("[Warning] Response Data not match for GET request for endpoint type secured. Expected value : " + printBase64Binary + " not contains in response data: " + doGet.getData() + " username:user password:" + String.valueOf(cArr) + " Retrying...");
                        waitForAPIDeployment();
                    }
                    i++;
                }
            }
        }
    }

    @AfterClass(alwaysRun = true)
    public void cleanUpArtifacts() throws Exception {
        this.restAPIStore.removeApplicationById(this.applicationID);
        this.restAPIPublisher.deleteAPIByID(this.apiID);
        super.cleanUp();
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}};
    }
}
