package org.wso2.am.integration.tests.other;

import java.io.File;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashMap;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.jaxrs.model.wadl.DocTarget;
import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.am.integration.test.utils.bean.APICreationRequestBean;
import org.wso2.am.integration.test.utils.bean.APILifeCycleState;
import org.wso2.am.integration.test.utils.bean.APILifeCycleStateRequest;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.bean.APPKeyRequestGenerator;
import org.wso2.am.integration.test.utils.bean.SubscriptionRequest;
import org.wso2.am.integration.test.utils.clients.APIPublisherRestClient;
import org.wso2.am.integration.test.utils.clients.APIStoreRestClient;
import org.wso2.am.integration.tests.restapi.RESTAPITestConstants;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;

/* loaded from: input_file:org/wso2/am/integration/tests/other/APIScopeTestCase.class */
public class APIScopeTestCase extends APIMIntegrationBaseTest {
    private static final Log log = LogFactory.getLog(APIScopeTestCase.class);
    private APIPublisherRestClient apiPublisher;
    private APIStoreRestClient apiStore;
    private static final String API_NAME = "APIScopeTestAPI";
    private static final String API_VERSION = "1.0.0";
    private static final String APP_NAME = "NewApplication";
    private static final String USER_JOHN = "john";
    private static final String SUBSCRIBER_ROLE = "subscriber";
    private String gatewaySessionCookie;
    private UserManagementClient userManagementClient1 = null;
    private final String API_VERSION_WITH_SCOPE = API_VERSION;
    private final String API_VERSION_WITH_SCOPE_COPY = "2.0.0";
    private final String API_NAME_WITH_SCOPE = "APIScopeTestWithScopeName";
    private final String API_CONTEXT_WITH_SCOPE = "APIScopeTestWithScopeContext";
    private final String SCOPE_NAME = "APIScopeUpdateCopyScope";
    private final String ALLOWED_ROLE = "admin";

    @Factory(dataProvider = "userModeDataProvider")
    public APIScopeTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init(this.userMode);
        String publisherURLHttp = getPublisherURLHttp();
        String storeURLHttp = getStoreURLHttp();
        this.apiPublisher = new APIPublisherRestClient(publisherURLHttp);
        this.apiStore = new APIStoreRestClient(storeURLHttp);
        this.gatewaySessionCookie = createSession(this.gatewayContextMgt);
        if (TestUserMode.SUPER_TENANT_ADMIN == this.userMode) {
            loadSynapseConfigurationFromClasspath("artifacts" + File.separator + "AM" + File.separator + "synapseconfigs" + File.separator + "rest" + File.separator + "dummy_api.xml", this.gatewayContextMgt, this.gatewaySessionCookie);
        }
    }

    @Test(groups = {"wso2.am"}, description = "Testing the scopes with admin, subscriber roles")
    public void testSetScopeToResourceTestCase() throws Exception {
        String str;
        String str2;
        this.userManagementClient1 = new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), this.keyManagerContext.getContextTenant().getContextUser().getUserName(), this.keyManagerContext.getContextTenant().getContextUser().getPassword());
        this.userManagementClient1.addRole(SUBSCRIBER_ROLE, new String[0], new String[]{"/permission/admin/login", "/permission/admin/manage/api/subscribe"});
        if (this.keyManagerContext.getContextTenant().getDomain().equals("carbon.super")) {
            str = this.gatewayUrlsWrk.getWebAppURLNhttp();
            str2 = USER_JOHN;
        } else {
            str = this.gatewayUrlsWrk.getWebAppURLNhttp() + "t/" + this.keyManagerContext.getContextTenant().getDomain() + "/";
            str2 = "john@" + this.keyManagerContext.getContextTenant().getDomain();
        }
        this.userManagementClient1.addUser(USER_JOHN, "john123", new String[]{SUBSCRIBER_ROLE}, USER_JOHN);
        String str3 = getGatewayURLNhttp() + DocTarget.RESPONSE;
        this.apiPublisher.login(this.user.getUserName(), this.user.getPassword());
        APIRequest aPIRequest = new APIRequest(API_NAME, "testScopeAPI", new URL(str3));
        aPIRequest.setTags("thomas-bayer, testing, rest-Apis");
        aPIRequest.setDescription("This is a test API created by API manager integration test");
        aPIRequest.setVersion(API_VERSION);
        aPIRequest.setProvider(this.user.getUserName());
        this.apiPublisher.addAPI(aPIRequest);
        this.apiPublisher.changeAPILifeCycleStatus(new APILifeCycleStateRequest(API_NAME, this.user.getUserName(), APILifeCycleState.PUBLISHED));
        waitForAPIDeploymentSync(this.user.getUserName(), API_NAME, API_VERSION, "\"isApiExists\":true");
        this.apiPublisher.updateResourceOfAPI(this.user.getUserName(), API_NAME, API_VERSION, "{\"paths\":{ \"/*\":{\"put\":{ \"responses\":{\"200\":{}},\"x-auth-type\":\"Application User\",\"x-throttling-tier\":\"Unlimited\" },\"post\":{ \"responses\":{\"200\":{}},\"x-auth-type\":\"Application User\",\"x-throttling-tier\":\"Unlimited\",\"x-scope\":\"admin_scope\"},\"get\":{ \"responses\":{\"200\":{}},\"x-auth-type\":\"Application User\",\"x-throttling-tier\":\"Unlimited\",\"x-scope\":\"user_scope\"},\"delete\":{ \"responses\":{\"200\":{}},\"x-auth-type\":\"Application User\",\"x-throttling-tier\":\"Unlimited\"},\"options\":{ \"responses\":{\"200\":{}},\"x-auth-type\":\"None\",\"x-throttling-tier\":\"Unlimited\"}}},\"swagger\":\"2.0\",\"info\":{\"title\":\"APIScopeTestAPI\",\"version\":\"1.0.0\"},\"x-wso2-security\":{\"apim\":{\"x-wso2-scopes\":[{\"name\":\"admin_scope\",\"description\":\"\",\"key\":\"admin_scope\",\"roles\":\"admin\"},{\"name\":\"user_scope\",\"description\":\"\",\"key\":\"user_scope\",\"roles\":\"admin,subscriber\"}]}}}");
        waitForAPIDeployment();
        this.apiStore.login(this.user.getUserName(), this.user.getPassword());
        this.apiStore.addApplication(APP_NAME, "Unlimited", "some_url", "NewApp");
        SubscriptionRequest subscriptionRequest = new SubscriptionRequest(API_NAME, this.user.getUserName());
        subscriptionRequest.setApplicationName(APP_NAME);
        this.apiStore.subscribe(subscriptionRequest);
        JSONObject jSONObject = new JSONObject(this.apiStore.generateApplicationKey(new APPKeyRequestGenerator(APP_NAME)).getData());
        String string = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").getString(RESTAPITestConstants.CONSUMER_KEY);
        String string2 = jSONObject.getJSONObject(RESTAPITestConstants.DATA_SECTION).getJSONObject("key").getString(RESTAPITestConstants.CONSUMER_SECRET);
        URL url = new URL(this.gatewayUrlsWrk.getWebAppURLNhttp() + RESTAPITestConstants.TOKEN_ENDPOINT_SUFFIX);
        String string3 = new JSONObject(this.apiStore.generateUserAccessKey(string, string2, "grant_type=password&username=" + this.user.getUserName() + "&password=" + this.user.getPassword() + "&scope=admin_scope user_scope", url).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + string3);
        Assert.assertEquals(HttpRequestUtil.doGet(str + "testScopeAPI/1.0.0/test", hashMap).getResponseCode(), Response.Status.OK.getStatusCode(), "Admin user cannot access the GET Method");
        Assert.assertEquals(HttpRequestUtil.doPost(new URL(str + "testScopeAPI/1.0.0/test"), "", hashMap).getResponseCode(), Response.Status.OK.getStatusCode(), "Admin user cannot access the POST Method");
        String string4 = new JSONObject(this.apiStore.generateUserAccessKey(string, string2, "grant_type=password&username=" + str2 + "&password=john123&scope=admin_scope user_scope", url).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "Bearer " + string4);
        Assert.assertEquals(HttpRequestUtil.doGet(str + "testScopeAPI/1.0.0/test", hashMap2).getResponseCode(), Response.Status.OK.getStatusCode(), "User John cannot access the GET Method");
        try {
            Assert.assertTrue(HttpRequestUtil.doPost(new URL(new StringBuilder().append(str).append("testScopeAPI/1.0.0/test").toString()), "", hashMap2).getResponseCode() != Response.Status.OK.getStatusCode(), "testRole John can access the POST Method");
        } catch (Exception e) {
            log.error("user john cannot access the resources (expected behaviour)");
            Assert.assertTrue(true, "user john cannot access the resources");
        }
    }

    @Test(groups = {"wso2.am"}, description = "Testing Copy api with scopes assigned", dependsOnMethods = {"testSetScopeToResourceTestCase"})
    public void testCopyApiWithScopes() throws Exception {
        APICreationRequestBean aPICreationRequestBean = new APICreationRequestBean("APIScopeTestWithScopeName", "APIScopeTestWithScopeContext", API_VERSION, this.user.getUserName(), new URL(this.backEndServerUrl.getWebAppURLHttp() + "am/sample/calculator/v1/api"));
        aPICreationRequestBean.setTiersCollection("Unlimited");
        aPICreationRequestBean.setSwagger("{\"paths\": {\"/add\": {\"get\": {\"x-auth-type\": \"" + URLEncoder.encode("Application & Application User", "UTF-8") + "\",\"x-throttling-tier\": \"Unlimited\",\"x-scope\": \"APIScopeUpdateCopyScope\",\"responses\": {\"200\": {}},\"parameters\": [{\"name\": \"x\",\"paramType\": \"query\",\"required\": false,\"type\": \"string\",\"description\": \"First value\",\"in\": \"query\"}, {\"name\": \"y\",\"paramType\": \"query\",\"required\": false,\"type\": \"string\",\"description\": \"Second Value\",\"in\": \"query\"}]}}},\"swagger\": \"2.0\",\"x-wso2-security\": {\"apim\": {\"x-wso2-scopes\": [{\"description\": \"Sample Scope\",\"name\": \"APIScopeUpdateCopyScope\",\"roles\": \"admin\",\"key\": \"APIScopeUpdateCopyScope\"}]}},\"info\": {\"title\": \"APIScopeTestWithScopeName\",\"" + API_VERSION + "\": \"1.0.0\"}}");
        verifyResponse(this.apiPublisher.addAPI(aPICreationRequestBean));
        verifyResponse(this.apiPublisher.changeAPILifeCycleStatus(new APILifeCycleStateRequest("APIScopeTestWithScopeName", this.user.getUserName(), APILifeCycleState.PUBLISHED)));
        Assert.assertEquals(this.apiPublisher.copyAPI(this.user.getUserName(), "APIScopeTestWithScopeName", API_VERSION, "2.0.0", "").getResponseCode(), 200, "Response Code Mismatch");
    }

    @Test(groups = {"wso2.am"}, description = "Testing Update api with scopes assigned", dependsOnMethods = {"testCopyApiWithScopes"})
    public void testUpdateApiWithScopes() throws Exception {
        APICreationRequestBean aPICreationRequestBean = new APICreationRequestBean("APIScopeTestWithScopeName", "APIScopeTestWithScopeContext", API_VERSION, this.user.getUserName(), new URL(this.backEndServerUrl.getWebAppURLHttp() + "am/sample/calculator/v1/api/add"));
        aPICreationRequestBean.setTiersCollection("Gold");
        aPICreationRequestBean.setDescription("test api description");
        verifyResponse(this.apiPublisher.updateAPI(aPICreationRequestBean));
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        if (this.apiStore != null) {
            this.apiStore.removeApplication(APP_NAME);
            this.apiStore.removeApplication("APIScopeTestWithScopeName");
        }
        if (this.apiPublisher != null) {
            this.apiPublisher.deleteAPI(API_NAME, API_VERSION, this.user.getUserName());
            this.apiPublisher.deleteAPI("APIScopeTestWithScopeName", API_VERSION, this.user.getUserName());
            this.apiPublisher.deleteAPI("APIScopeTestWithScopeName", "2.0.0", this.user.getUserName());
        }
        if (this.userManagementClient1 != null) {
            this.userManagementClient1.deleteUser(USER_JOHN);
            this.userManagementClient1.deleteRole(SUBSCRIBER_ROLE);
        }
        super.cleanUp();
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, new Object[]{TestUserMode.TENANT_ADMIN}};
    }
}
