package org.wso2.am.integration.tests.application;

import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.regex.PatternSyntaxException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;
import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationsDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.test.utils.base.APIMIntegrationConstants;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.bean.APIThrottlingTier;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;
import org.wso2.am.integration.tests.restapi.RESTAPITestConstants;
import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment;
import org.wso2.carbon.automation.engine.annotations.SetEnvironment;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;

@SetEnvironment(executionEnvironments = {ExecutionEnvironment.ALL})
/* loaded from: input_file:org/wso2/am/integration/tests/application/GrantTypeTokenGenerateTestCase.class */
public class GrantTypeTokenGenerateTestCase extends APIManagerLifecycleBaseTest {
    private String endpointUrl;
    private String consumerKey;
    private String consumerSecret;
    private String authorizeURL;
    private String tokenURL;
    private String identityLoginURL;
    private String apiId;
    private String applicationId;
    private String applicationIdWithoutCallback;
    private APIRequest apiRequest;
    private final Log log = LogFactory.getLog(GrantTypeTokenGenerateTestCase.class);
    private final String API_NAME = "GrantTypeTokenGenerateAPIName";
    private final String API_CONTEXT = "GrantTypeTokenGenerateContext";
    private final String DESCRIPTION = "This is test API create by API manager integration test";
    private final String API_VERSION = "1.0.0";
    private final String APP_NAME = "GrantTypeTokenGenerateApp";
    private final String CALLBACK_URL_UPDATE_APP_NAME = "GrantTypeTokenGenerateCallbackApp";
    private final String CALLBACK_URL = "https://localhost:9443/store/";
    private final String TAGS = "grantType,implicitly,code";
    private final String APPLICATION_CONTENT_TYPE = "application/x-www-form-urlencoded";
    private final String LOCATION_HEADER = "Location";
    private final String AUTHORIZATION_CODE_GRANT_TYPE = "authorization_code";
    private final String TIER_COLLECTION = "Unlimited";
    private Map<String, String> requestHeaders = new HashMap();
    private List<NameValuePair> urlParameters = new ArrayList();
    private Map<String, String> headers = new HashMap();
    private ArrayList<String> grantTypes = new ArrayList<>();

    @Factory(dataProvider = "userModeDataProvider")
    public GrantTypeTokenGenerateTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init(this.userMode);
        this.storeURLHttp = getStoreURLHttp();
        this.endpointUrl = this.backEndServerUrl.getWebAppURLHttp() + "am/sample/calculator/v1/api";
        this.authorizeURL = this.gatewayUrlsWrk.getWebAppURLNhttps() + "/authorize";
        this.tokenURL = this.gatewayUrlsWrk.getWebAppURLNhttps() + "/token";
        this.identityLoginURL = getKeyManagerURLHttps() + "/oauth2/authorize";
        HttpResponse createApplication = this.restAPIStore.createApplication("GrantTypeTokenGenerateApp", "Test Application", APIThrottlingTier.UNLIMITED.getState(), ApplicationDTO.TokenTypeEnum.JWT);
        Assert.assertEquals(createApplication.getResponseCode(), 200, "Response code is not as expected");
        this.applicationId = createApplication.getData();
        String userName = this.user.getUserName();
        ArrayList arrayList = new ArrayList();
        APIOperationsDTO aPIOperationsDTO = new APIOperationsDTO();
        aPIOperationsDTO.setVerb("GET");
        aPIOperationsDTO.setAuthType(APIMIntegrationConstants.ResourceAuthTypes.APPLICATION_AND_APPLICATION_USER.getAuthType());
        aPIOperationsDTO.setThrottlingPolicy("20KPerMin");
        aPIOperationsDTO.setTarget("/add");
        arrayList.add(aPIOperationsDTO);
        this.apiRequest = new APIRequest("GrantTypeTokenGenerateAPIName", "GrantTypeTokenGenerateContext", new URL(this.endpointUrl));
        this.apiRequest.setVersion("1.0.0");
        this.apiRequest.setProvider(userName);
        this.apiRequest.setTiersCollection("Unlimited");
        this.apiRequest.setTier("Unlimited");
        this.apiRequest.setOperationsDTOS(arrayList);
        this.apiRequest.setTiersCollection("Unlimited");
        this.apiRequest.setTags("grantType,implicitly,code");
        this.apiRequest.setDescription("This is test API create by API manager integration test");
        this.apiId = createPublishAndSubscribeToAPIUsingRest(this.apiRequest, this.restAPIPublisher, this.restAPIStore, this.applicationId, "Unlimited");
        this.grantTypes.add("client_credentials");
        this.grantTypes.add("authorization_code");
        this.grantTypes.add("password");
        this.grantTypes.add("refresh_token");
        this.grantTypes.add("urn:ietf:params:oauth:grant-type:saml2-bearer");
        this.grantTypes.add("iwa:ntlm");
        this.grantTypes.add("urn:ietf:params:oauth:grant-type:jwt-bearer");
        this.grantTypes.add("implicit");
    }

    @Test(groups = {"wso2.am"}, description = "Test Application Creation")
    public void testApplicationCreation() throws Exception {
        ApplicationKeyDTO generateKeys = this.restAPIStore.generateKeys(this.applicationId, "3600", "https://localhost:9443/store/", ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, (ArrayList) null, this.grantTypes);
        Assert.assertNotNull(generateKeys.getToken().getAccessToken());
        this.consumerKey = generateKeys.getConsumerKey();
        this.consumerSecret = generateKeys.getConsumerSecret();
        Assert.assertNotNull(this.consumerKey, "Consumer Key not found");
        Assert.assertNotNull(this.consumerSecret, "Consumer Secret not found ");
    }

    @Test(groups = {"wso2.am"}, description = "Test authorization_code token generation", dependsOnMethods = {"testApplicationCreation"})
    public void testAuthCode() throws Exception {
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        HttpResponse doGet = HTTPSClientUtils.doGet(this.authorizeURL + "?response_type=code&client_id=" + this.consumerKey + "&scope=PRODUCTION&redirect_uri=https://localhost:9443/store/", this.headers);
        Assert.assertEquals(doGet.getResponseCode(), 302, "Response code is not as expected");
        String str = (String) doGet.getHeaders().get("Location");
        Assert.assertNotNull(str, "Couldn't found Location Header");
        String uRLParameter = getURLParameter(str, "sessionDataKey");
        Assert.assertNotNull(uRLParameter, "Couldn't found sessionDataKey from the Location Header");
        this.headers.clear();
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        this.urlParameters.add(new BasicNameValuePair("username", this.user.getUserName()));
        this.urlParameters.add(new BasicNameValuePair("password", this.user.getPassword()));
        this.urlParameters.add(new BasicNameValuePair("tocommonauth", "true"));
        this.urlParameters.add(new BasicNameValuePair("sessionDataKey", uRLParameter));
        HttpResponse doPost = HTTPSClientUtils.doPost(this.identityLoginURL, this.headers, this.urlParameters);
        Assert.assertEquals(doPost.getResponseCode(), 302, "Response code is not as expected");
        String str2 = (String) doPost.getHeaders().get("Location");
        Assert.assertNotNull(str2, "Couldn't found Location Header");
        String uRLParameter2 = getURLParameter(str2, "sessionDataKeyConsent");
        Assert.assertNotNull(uRLParameter, "Couldn't found sessionDataKeyConsent from the Location Header");
        this.headers.clear();
        this.urlParameters.clear();
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        this.urlParameters.add(new BasicNameValuePair("consent", "approve"));
        this.urlParameters.add(new BasicNameValuePair("hasApprovedAlways", "false"));
        this.urlParameters.add(new BasicNameValuePair("sessionDataKeyConsent", uRLParameter2));
        HttpResponse doPost2 = HTTPSClientUtils.doPost(this.identityLoginURL, this.headers, this.urlParameters);
        Assert.assertEquals(doPost2.getResponseCode(), 302, "Response code is not as expected");
        String str3 = (String) doPost2.getHeaders().get("Location");
        Assert.assertNotNull(str3, "Couldn't found Location Header");
        String uRLParameter3 = getURLParameter(str3, "code");
        Assert.assertNotNull(uRLParameter3, "Couldn't found auth code from the Location Header");
        this.headers.clear();
        this.urlParameters.clear();
        this.urlParameters.add(new BasicNameValuePair("grant_type", "authorization_code"));
        this.urlParameters.add(new BasicNameValuePair("code", uRLParameter3));
        this.urlParameters.add(new BasicNameValuePair("redirect_uri", "https://localhost:9443/store/"));
        this.urlParameters.add(new BasicNameValuePair("client_secret", this.consumerSecret));
        this.urlParameters.add(new BasicNameValuePair("client_id", this.consumerKey));
        HttpResponse doPost3 = HTTPSClientUtils.doPost(this.tokenURL, this.headers, this.urlParameters);
        Assert.assertEquals(doPost3.getResponseCode(), 200, "Response code is not as expected");
        String string = new JSONObject(doPost3.getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        Assert.assertNotNull(string, "Couldn't found accessToken");
        this.requestHeaders.clear();
        this.requestHeaders.put("Authorization", "Bearer " + string);
        Assert.assertEquals(HTTPSClientUtils.doGet(getAPIInvocationURLHttp("GrantTypeTokenGenerateContext", "1.0.0") + "/add?x=1&y=1", this.requestHeaders).getResponseCode(), 200, "Response code is not as expected");
    }

    @Test(groups = {"wso2.am"}, description = "Test implicit token generation", dependsOnMethods = {"testAuthCode"})
    public void testImplicit() throws Exception {
        this.headers.clear();
        this.urlParameters.clear();
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        HttpResponse doGet = HTTPSClientUtils.doGet(this.authorizeURL + "?response_type=token&client_id=" + this.consumerKey + "&scope=PRODUCTION&redirect_uri=https://localhost:9443/store/", this.headers);
        Assert.assertEquals(doGet.getResponseCode(), 302, "Response code is not as expected");
        String str = (String) doGet.getHeaders().get("Location");
        Assert.assertNotNull(str, "Couldn't found Location Header");
        String uRLParameter = getURLParameter(str, "sessionDataKey");
        Assert.assertNotNull(uRLParameter, "Couldn't found sessionDataKey from the Location Header");
        this.headers.clear();
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        this.urlParameters.add(new BasicNameValuePair("username", this.user.getUserName()));
        this.urlParameters.add(new BasicNameValuePair("password", this.user.getPassword()));
        this.urlParameters.add(new BasicNameValuePair("tocommonauth", "true"));
        this.urlParameters.add(new BasicNameValuePair("sessionDataKey", uRLParameter));
        HttpResponse doPost = HTTPSClientUtils.doPost(this.identityLoginURL, this.headers, this.urlParameters);
        Assert.assertEquals(doPost.getResponseCode(), 302, "Response code is not as expected");
        String str2 = (String) doPost.getHeaders().get("Location");
        Assert.assertNotNull(str2, "Couldn't found Location Header");
        String uRLParameter2 = getURLParameter(str2, "sessionDataKeyConsent");
        Assert.assertNotNull(uRLParameter, "Couldn't found sessionDataKeyConsent from the Location Header");
        this.headers.clear();
        this.urlParameters.clear();
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        this.urlParameters.add(new BasicNameValuePair("consent", "approve"));
        this.urlParameters.add(new BasicNameValuePair("hasApprovedAlways", "false"));
        this.urlParameters.add(new BasicNameValuePair("sessionDataKeyConsent", uRLParameter2));
        HttpResponse doPost2 = HTTPSClientUtils.doPost(this.identityLoginURL, this.headers, this.urlParameters);
        Assert.assertEquals(doPost2.getResponseCode(), 302, "Response code is not as expected");
        String str3 = (String) doPost2.getHeaders().get("Location");
        Assert.assertNotNull(str3, "Couldn't found Location Header");
        String uRLParameter3 = getURLParameter(str3, RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        Assert.assertNotNull(uRLParameter3, "Couldn't found auth code from the Location Header");
        this.requestHeaders.clear();
        this.requestHeaders.put("Authorization", "Bearer " + uRLParameter3);
        Assert.assertEquals(HTTPSClientUtils.doGet(getAPIInvocationURLHttp("GrantTypeTokenGenerateContext", "1.0.0") + "/add?x=1&y=1", this.requestHeaders).getResponseCode(), 200, "Response code is not as expected");
    }

    @Test(groups = {"wso2.am"}, description = "Test Application Creation without callback URL", dependsOnMethods = {"testImplicit"})
    public void testApplicationCreationWithoutCallBackURL() throws Exception {
        HttpResponse createApplication = this.restAPIStore.createApplication("GrantTypeTokenGenerateCallbackApp", "Test Application", APIThrottlingTier.UNLIMITED.getState(), ApplicationDTO.TokenTypeEnum.JWT);
        Assert.assertEquals(createApplication.getResponseCode(), 200, "Response code is not as expected");
        this.applicationIdWithoutCallback = createApplication.getData();
        HttpResponse subscribeToAPIUsingRest = subscribeToAPIUsingRest(this.apiId, this.applicationIdWithoutCallback, "Unlimited", this.restAPIStore);
        Assert.assertEquals(subscribeToAPIUsingRest.getResponseCode(), HTTP_RESPONSE_CODE_OK, "Subscribe of old API version request not successful " + getAPIIdentifierStringFromAPIRequest(this.apiRequest));
        Assert.assertTrue(StringUtils.isNotEmpty(subscribeToAPIUsingRest.getData()), "Error in subscribe of old API version" + getAPIIdentifierStringFromAPIRequest(this.apiRequest));
        ApplicationKeyDTO generateKeys = this.restAPIStore.generateKeys(this.applicationIdWithoutCallback, "3600", "", ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, (ArrayList) null, this.grantTypes);
        Assert.assertNotNull(generateKeys.getToken().getAccessToken());
        this.consumerKey = generateKeys.getConsumerKey();
        this.consumerSecret = generateKeys.getConsumerSecret();
        Assert.assertNotNull(this.consumerKey, "Consumer Key not found");
        Assert.assertNotNull(this.consumerSecret, "Consumer Secret not found ");
    }

    @Test(groups = {"wso2.am"}, description = "Test authorization_code token generation", dependsOnMethods = {"testApplicationCreationWithoutCallBackURL"})
    public void testAuthRequestWithoutCallbackURL() throws Exception {
        this.headers.clear();
        this.headers.put("Content-Type", "application/x-www-form-urlencoded");
        HttpResponse doGet = HTTPSClientUtils.doGet(this.authorizeURL + "?response_type=code&client_id=" + this.consumerKey + "&scope=PRODUCTION&redirect_uri=", this.headers);
        Assert.assertEquals(doGet.getResponseCode(), 302, "Response code is not as expected");
        String str = (String) doGet.getHeaders().get("Location");
        Assert.assertNotNull(str, "Couldn't found Location Header");
        Assert.assertTrue(str.contains("oauthErrorCode"), "Redirection page should be a error page");
    }

    @Test(groups = {"wso2.am"}, description = "Test authorization_code token generation", dependsOnMethods = {"testAuthRequestWithoutCallbackURL"})
    public void testApplicationUpdateAndTestKeyGeneration() throws Exception {
        ApplicationKeyDTO applicationKeyDTO = new ApplicationKeyDTO();
        applicationKeyDTO.setKeyType(ApplicationKeyDTO.KeyTypeEnum.PRODUCTION);
        applicationKeyDTO.setCallbackUrl("https://localhost:9443/store/");
        applicationKeyDTO.setSupportedGrantTypes(this.grantTypes);
        Assert.assertEquals(this.restAPIStore.updateKeys(this.applicationIdWithoutCallback, ApplicationKeyDTO.KeyTypeEnum.PRODUCTION.toString(), applicationKeyDTO).getStatusCode(), HTTP_RESPONSE_CODE_OK, "Response code mismatched when adding an application");
        testAuthCode();
        testImplicit();
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        this.restAPIStore.deleteApplication(this.applicationId);
        this.restAPIStore.deleteApplication(this.applicationIdWithoutCallback);
        this.restAPIPublisher.deleteAPI(this.apiId);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, new Object[]{TestUserMode.TENANT_ADMIN}};
    }

    private String getURLParameter(String str, String str2) {
        try {
            Matcher matcher = Pattern.compile(str2 + "=([^&]+)").matcher(str);
            if (matcher.find()) {
                return matcher.group(1);
            }
            return null;
        } catch (PatternSyntaxException e) {
            return null;
        }
    }
}
