package org.wso2.am.integration.tests.login;

import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.am.integration.test.utils.clients.APIPublisherRestClient;
import org.wso2.am.integration.test.utils.clients.APIStoreRestClient;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;

/* loaded from: input_file:org/wso2/am/integration/tests/login/LoginValidationTestCase.class */
public class LoginValidationTestCase extends APIMIntegrationBaseTest {
    private final String INTERNAL_ROLE_SUBSCRIBER = "Internal/subscriber";
    private final String ROLE_SUBSCRIBER = "subscriber";
    private String publisherURLHttp;
    private String storeURLHttp;
    private UserManagementClient userManagementClient1;
    private String invalidUserName;
    private String subscriberUser;

    @Factory(dataProvider = "userModeDataProvider")
    public LoginValidationTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, new Object[]{TestUserMode.TENANT_ADMIN}};
    }

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init(this.userMode);
        this.publisherURLHttp = getPublisherURLHttp();
        this.storeURLHttp = getStoreURLHttp();
        this.userManagementClient1 = new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), createSession(this.keyManagerContext));
        if (this.storeContext.getContextTenant().getDomain().equals("carbon.super")) {
            this.invalidUserName = this.storeContext.getContextTenant().getContextUser().getUserName() + "invalid";
            this.subscriberUser = "subscriberUser";
        } else {
            this.invalidUserName = this.storeContext.getContextTenant().getTenantAdmin().getUserName().replace("admin", "admininvalid");
            this.subscriberUser = "subscriberUser@wso2.com";
        }
    }

    @Test(groups = {"wso2.am"}, description = "Login as invalid user to publisher")
    public void testInvalidLoginAsPublisherTestCase() throws Exception {
        JSONObject jSONObject = new JSONObject(new APIPublisherRestClient(this.publisherURLHttp).login(this.invalidUserName, this.publisherContext.getContextTenant().getContextUser().getPassword()).getData());
        Assert.assertTrue(jSONObject.getString("error").toString().equals("true") && jSONObject.getString("message").toString().contains("Please recheck the username and password and try again"), "Invalid user can login to the API publisher");
    }

    @Test(groups = {"wso2.am"}, description = "Login to publisher as subscriber user")
    public void testInvalidLoginAsSubscriberTestCase() throws Exception {
        APIPublisherRestClient aPIPublisherRestClient = new APIPublisherRestClient(this.publisherURLHttp);
        if (!this.userManagementClient1.roleNameExists("Internal/subscriber")) {
            this.userManagementClient1.addInternalRole("subscriber", (String[]) null, new String[]{"/permission/admin/login", "/permission/admin/manage/api/subscribe"});
        }
        if (this.userManagementClient1 != null && !this.userManagementClient1.userNameExists("Internal/subscriber", "subscriberUser")) {
            this.userManagementClient1.addUser("subscriberUser", "password@123", new String[]{"Internal/subscriber"}, (String) null);
        }
        JSONObject jSONObject = new JSONObject(aPIPublisherRestClient.login(this.subscriberUser, "password@123").getData());
        Assert.assertTrue(jSONObject.getString("error").toString().equals("true") && jSONObject.getString("message").toString().contains("Login failed. Insufficient privileges"), "Invalid subscriber can login to the API publisher");
    }

    @Test(groups = {"wso2.am"}, description = "Login to API store test scenario")
    public void testLoginToStoreTestCase() throws Exception {
        APIStoreRestClient aPIStoreRestClient = new APIStoreRestClient(this.storeURLHttp);
        String[] strArr = {"/permission/admin/login", "/permission/admin/manage/api/create"};
        if (!this.userManagementClient1.roleNameExists("APICreatorRole")) {
            this.userManagementClient1.addRole("APICreatorRole", (String[]) null, strArr);
        }
        if (this.userManagementClient1 != null && !this.userManagementClient1.userNameExists("APICreatorRole", "APICreatorUser")) {
            this.userManagementClient1.addUser("APICreatorUser", "password@123", new String[]{"APICreatorRole"}, (String) null);
        }
        String[] strArr2 = {"/permission/admin/login", "/permission/admin/manage/api/publish"};
        if (!this.userManagementClient1.roleNameExists("APIPublisherRole")) {
            this.userManagementClient1.addRole("APIPublisherRole", (String[]) null, strArr2);
        }
        if (this.userManagementClient1 != null && !this.userManagementClient1.userNameExists("APIPublisherRole", "APIPublisherUser")) {
            this.userManagementClient1.addUser("APIPublisherUser", "password@123", new String[]{"APIPublisherRole"}, (String) null);
        }
        JSONObject jSONObject = new JSONObject(aPIStoreRestClient.login("invaliduser", "invaliduser@123").getData());
        Assert.assertTrue(jSONObject.getString("error").toString().equals("true") && jSONObject.getString("message").toString().contains("Login failed. Please recheck the username and password and try again"), "Invalid user can login to the API store");
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        super.cleanUp();
    }
}
