package org.wso2.am.integration.tests.restapi;

import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
import com.google.gson.JsonPrimitive;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.json.JSONException;
import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.test.utils.APIManagerIntegrationTestException;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.am.integration.tests.restapi.utils.RESTAPITestUtil;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.engine.exceptions.AutomationFrameworkException;
import org.wso2.carbon.automation.test.utils.http.client.HttpRequestUtil;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;

/* loaded from: input_file:org/wso2/am/integration/tests/restapi/GIT_1628_OAuthAppUpdateViaRestApiTestCase.class */
public class GIT_1628_OAuthAppUpdateViaRestApiTestCase extends APIMIntegrationBaseTest {
    private String storeRestApiBaseUrl;
    private URL tokenApiUrl;
    private String applicationName = "Application_GIT_1628";
    private String applicationId;
    private String consumerKey;
    private String consumerSecret;
    private Map<String, String> headers;

    @Factory(dataProvider = "userModeDataProvider")
    public GIT_1628_OAuthAppUpdateViaRestApiTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, new Object[]{TestUserMode.TENANT_ADMIN}};
    }

    @BeforeClass(alwaysRun = true)
    public void setEnvironment() throws Exception {
        super.init(this.userMode);
        this.storeRestApiBaseUrl = getStoreURLHttps() + "api/am/store/v0.16/";
        this.tokenApiUrl = new URL(getKeyManagerURLHttps() + "oauth2/token");
        Map<String, String> registerOAuthApplication = RESTAPITestUtil.registerOAuthApplication(getKeyManagerURLHttps());
        String generateOAuthAccessToken = generateOAuthAccessToken(this.user.getUserName(), this.user.getPassword(), registerOAuthApplication.get(RESTAPITestConstants.CONSUMER_KEY), registerOAuthApplication.get(RESTAPITestConstants.CONSUMER_SECRET));
        this.headers = new HashMap();
        this.headers.put("Authorization", "Bearer " + generateOAuthAccessToken);
        this.headers.put("Content-Type", "application/json");
        HttpResponse doPost = HTTPSClientUtils.doPost(this.storeRestApiBaseUrl + "applications", this.headers, "{\n    \"throttlingTier\": \"Unlimited\",\n    \"description\": \"Application for GIT_1628\",\n    \"name\": \"" + this.applicationName + "_" + this.user.getUserDomain() + "\",\n    \"callbackUrl\": \"http://GIT_1628.com/initial\"\n}");
        if (doPost.getResponseCode() != 201) {
            Assert.fail("Application creation failed: Response code is " + doPost.getResponseCode() + " Response message is '" + doPost.getData() + '\'');
        }
        this.applicationId = ((JsonObject) new Gson().fromJson(doPost.getData(), JsonObject.class)).get("applicationId").getAsString();
    }

    @Test(description = "Key generation response should contain grant types and callback url")
    public void testKeyGenerationResponseContainsGrantTypesAndCallback() throws Exception {
        HttpResponse doPost = HTTPSClientUtils.doPost(this.storeRestApiBaseUrl + "applications/generate-keys?applicationId=" + this.applicationId, this.headers, "{\n  \"validityTime\": \"3600\",\n  \"keyType\": \"PRODUCTION\",\n  \"accessAllowDomains\": [\"ALL\" ],\n  \"callbackUrl\": \"http://GIT_1628.com/prod_callback\",\n  \"supportedGrantTypes\":    [\n      \"refresh_token\",\n      \"client_credentials\"\n  ]\n}");
        if (doPost.getResponseCode() != 200) {
            Assert.fail("Key generation failed: Response code is " + doPost.getResponseCode() + " Response message is '" + doPost.getData() + '\'');
        }
        JsonObject jsonObject = (JsonObject) new Gson().fromJson(doPost.getData(), JsonObject.class);
        this.consumerKey = jsonObject.getAsJsonPrimitive(RESTAPITestConstants.CONSUMER_KEY).getAsString();
        Assert.assertNotNull(this.consumerKey, "ConsumerKey is not available in the response:" + doPost.getData());
        this.consumerSecret = jsonObject.getAsJsonPrimitive(RESTAPITestConstants.CONSUMER_SECRET).getAsString();
        Assert.assertNotNull(this.consumerSecret, "ConsumerSecret is not available in the response:" + doPost.getData());
        Assert.assertEquals(jsonObject.getAsJsonPrimitive("callbackUrl").getAsString(), "http://GIT_1628.com/prod_callback");
        JsonArray asJsonArray = jsonObject.getAsJsonArray("supportedGrantTypes");
        Assert.assertNotNull(asJsonArray, "Grant Types are not available in the response:" + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("refresh_token")), "refresh_token is not available in grant type list. Response: " + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("client_credentials")), "client_credentials is not available in grant type list. Response: " + doPost.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("password")), "password is available in grant type list. Response: " + doPost.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("iwa:ntlm")), "iwa:ntlm is available in grant type list. Response: " + doPost.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("urn:ietf:params:oauth:grant-type:saml2-bearer")), "urn:ietf:params:oauth:grant-type:saml2-bearer is available in grant type list. Response: " + doPost.getData());
    }

    @Test(description = "Generate token with password grant type when password grant type is not enabled", dependsOnMethods = {"testKeyGenerationResponseContainsGrantTypesAndCallback"})
    public void testTokenGenerationWithPasswordGrant() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Basic " + new String(Base64.encodeBase64((this.consumerKey + ":" + this.consumerSecret).getBytes("UTF-8")), "UTF-8"));
        HttpResponse doPost = HTTPSClientUtils.doPost(this.tokenApiUrl, "grant_type=password&username=" + this.user.getUserName() + "&password=" + this.user.getPassword(), hashMap);
        Assert.assertEquals(doPost.getResponseCode(), 400, "Password grant type is not disabled properly: Response code is " + doPost.getResponseCode() + " Response message is '" + doPost.getData() + '\'');
        Assert.assertTrue(doPost.getData().contains("The authenticated client is not authorized to use this authorization grant type"), "Wrong error message found.");
    }

    @Test(description = "Generate token with client credentials grant type when client credentials grant type is enabled", dependsOnMethods = {"testKeyGenerationResponseContainsGrantTypesAndCallback"})
    public void testTokenGenerationWithClientCredentialsGrant() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Basic " + new String(Base64.encodeBase64((this.consumerKey + ":" + this.consumerSecret).getBytes("UTF-8")), "UTF-8"));
        HttpResponse doPost = HTTPSClientUtils.doPost(this.tokenApiUrl, "grant_type=client_credentials", hashMap);
        Assert.assertEquals(doPost.getResponseCode(), 200, "Client Credentials token call is not successful: Response code is " + doPost.getResponseCode() + " Response message is '" + doPost.getData() + '\'');
    }

    @Test(description = "Updating grant types and callback url", dependsOnMethods = {"testKeyGenerationResponseContainsGrantTypesAndCallback"})
    public void testUpdateGrantTypesAndCallback() throws Exception {
        HttpResponse doPut = HTTPSClientUtils.doPut(this.storeRestApiBaseUrl + "applications/" + this.applicationId + "/keys/PRODUCTION", this.headers, "{\n  \"callbackUrl\": \"http://GIT_1628.com/prod_updated\",\n  \"supportedGrantTypes\":    [\n      \"password\",\n      \"iwa:ntlm\"\n  ]\n}");
        if (doPut.getResponseCode() != 200) {
            Assert.fail("Grant type/callback update failed: Response code is " + doPut.getResponseCode() + " Response message is '" + doPut.getData() + '\'');
        }
        JsonObject jsonObject = (JsonObject) new Gson().fromJson(doPut.getData(), JsonObject.class);
        Assert.assertEquals(jsonObject.getAsJsonPrimitive("callbackUrl").getAsString(), "http://GIT_1628.com/prod_updated");
        JsonArray asJsonArray = jsonObject.getAsJsonArray("supportedGrantTypes");
        Assert.assertNotNull(asJsonArray, "Grant Types are not available in the response. Response: " + doPut.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("password")), "password is not available in grant type list. Response: " + doPut.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("iwa:ntlm")), "iwa:ntlm is not available in grant type list. Response: " + doPut.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("client_credentials")), "client_credentials is available in grant type list. Response: " + doPut.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("refresh_token")), "refresh_token is available in grant type list. Response: " + doPut.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("urn:ietf:params:oauth:grant-type:saml2-bearer")), "urn:ietf:params:oauth:grant-type:saml2-bearer is available in grant type list. Response: " + doPut.getData());
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Basic " + new String(Base64.encodeBase64((this.consumerKey + ":" + this.consumerSecret).getBytes("UTF-8")), "UTF-8"));
        HttpResponse doPost = HTTPSClientUtils.doPost(this.tokenApiUrl, "grant_type=password&username=" + this.user.getUserName() + "&password=" + this.user.getPassword(), hashMap);
        Assert.assertEquals(doPost.getResponseCode(), 200, "Password grant token call is not successful: Response code is " + doPost.getResponseCode() + " Response message is '" + doPost.getData() + '\'');
        HttpResponse doPost2 = HTTPSClientUtils.doPost(this.tokenApiUrl, "grant_type=client_credentials", hashMap);
        Assert.assertEquals(doPost2.getResponseCode(), 400, "Client Credentials grant type is not disabled properly: Response code is " + doPost2.getResponseCode() + " Response message is '" + doPost2.getData() + '\'');
        Assert.assertTrue(doPost2.getData().contains("The authenticated client is not authorized to use this authorization grant type"), "Wrong error message found.");
    }

    @Test(description = "Retrieving grant types and callback url", dependsOnMethods = {"testUpdateGrantTypesAndCallback"})
    public void testGetGrantTypesAndCallback() throws Exception {
        HttpResponse doGet = HTTPSClientUtils.doGet(this.storeRestApiBaseUrl + "applications/" + this.applicationId + "/keys/PRODUCTION", this.headers);
        if (doGet.getResponseCode() != 200) {
            Assert.fail("Grant type/callback retrieval failed: Response code is " + doGet.getResponseCode() + " Response message is '" + doGet.getData() + '\'');
        }
        JsonObject jsonObject = (JsonObject) new Gson().fromJson(doGet.getData(), JsonObject.class);
        Assert.assertEquals(jsonObject.getAsJsonPrimitive("callbackUrl").getAsString(), "http://GIT_1628.com/prod_updated");
        JsonArray asJsonArray = jsonObject.getAsJsonArray("supportedGrantTypes");
        Assert.assertNotNull(asJsonArray, "Grant Types are not available in the response. Response: " + doGet.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("password")), "password is not available in grant type list. Response: " + doGet.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("iwa:ntlm")), "iwa:ntlm is not available in grant type list. Response: " + doGet.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("refresh_token")), "refresh_token is available in grant type list. Response: " + doGet.getData());
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("client_credentials")), "client_credentials is available in grant type list");
        Assert.assertFalse(asJsonArray.contains(new JsonPrimitive("urn:ietf:params:oauth:grant-type:saml2-bearer")), "urn:ietf:params:oauth:grant-type:saml2-bearer is available in grant type list. Response: " + doGet.getData());
    }

    @Test(description = "Retrieving application and check keys", dependsOnMethods = {"testGetGrantTypesAndCallback"})
    public void testGetApplicationAndCheckKeys() throws Exception {
        HttpResponse doGet = HTTPSClientUtils.doGet(this.storeRestApiBaseUrl + "applications/" + this.applicationId, this.headers);
        if (doGet.getResponseCode() != 200) {
            Assert.fail("Grant type/callback retrieval failed: Response code is " + doGet.getResponseCode() + " Response message is '" + doGet.getData() + '\'');
        }
        JsonArray asJsonArray = ((JsonObject) new Gson().fromJson(doGet.getData(), JsonObject.class)).getAsJsonArray("keys");
        Assert.assertNotNull(asJsonArray, "Keys are not available in the response. Response: " + doGet.getData());
        JsonObject jsonObject = (JsonObject) asJsonArray.get(0);
        Assert.assertEquals(jsonObject.getAsJsonPrimitive("callbackUrl").getAsString(), "http://GIT_1628.com/prod_updated");
        JsonArray asJsonArray2 = jsonObject.getAsJsonArray("supportedGrantTypes");
        Assert.assertNotNull(asJsonArray2, "Grant Types are not available in the response. Response: " + doGet.getData());
        Assert.assertTrue(asJsonArray2.contains(new JsonPrimitive("password")), "password is not available in grant type list. Response: " + doGet.getData());
        Assert.assertTrue(asJsonArray2.contains(new JsonPrimitive("iwa:ntlm")), "iwa:ntlm is not available in grant type list. Response: " + doGet.getData());
        Assert.assertFalse(asJsonArray2.contains(new JsonPrimitive("refresh_token")), "refresh_token is available in grant type list. Response: " + doGet.getData());
        Assert.assertFalse(asJsonArray2.contains(new JsonPrimitive("client_credentials")), "client_credentials is available in grant type list");
        Assert.assertFalse(asJsonArray2.contains(new JsonPrimitive("urn:ietf:params:oauth:grant-type:saml2-bearer")), "urn:ietf:params:oauth:grant-type:saml2-bearer is available in grant type list. Response: " + doGet.getData());
    }

    @Test(description = "Key generation response should contain all grant types even when request does not have grant types. (for backward compatibility)", dependsOnMethods = {"testGetApplicationAndCheckKeys"})
    public void testKeyGenerationWithoutGrantTypesNorCallback() throws Exception {
        HttpResponse doPost = HTTPSClientUtils.doPost(this.storeRestApiBaseUrl + "applications/generate-keys?applicationId=" + this.applicationId, this.headers, "{\n  \"validityTime\": \"3600\",\n  \"keyType\": \"SANDBOX\",\n  \"accessAllowDomains\": [\"ALL\" ]\n}");
        if (doPost.getResponseCode() != 200) {
            Assert.fail("Key generation failed: Response code is " + doPost.getResponseCode() + " Response message is '" + doPost.getData() + '\'');
        }
        JsonArray asJsonArray = ((JsonObject) new Gson().fromJson(doPost.getData(), JsonObject.class)).getAsJsonArray("supportedGrantTypes");
        Assert.assertNotNull(asJsonArray, "Grant Types are not available in the response:" + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("refresh_token")), "refresh_token is not available in grant type list. Response: " + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("client_credentials")), "client_credentials is not available in grant type list. Response: " + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("password")), "password is not available in grant type list. Response: " + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("iwa:ntlm")), "iwa:ntlm is not available in grant type list. Response: " + doPost.getData());
        Assert.assertTrue(asJsonArray.contains(new JsonPrimitive("urn:ietf:params:oauth:grant-type:saml2-bearer")), "urn:ietf:params:oauth:grant-type:saml2-bearer is not available in grant type list. Response: " + doPost.getData());
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        this.apiStore.login(this.user.getUserName(), this.user.getPassword());
        this.apiStore.removeApplication(this.applicationName);
        super.cleanUp();
    }

    private String generateOAuthAccessToken(String str, String str2, String str3, String str4) throws APIManagerIntegrationTestException {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("Authorization", "Basic " + new String(Base64.encodeBase64((str3 + ":" + str4).getBytes("UTF-8")), "UTF-8"));
            String obj = new JSONObject(HttpRequestUtil.doPost(this.tokenApiUrl, "grant_type=password&username=" + str + "&password=" + str2 + "&scope=apim:subscribe", hashMap).getData()).get(RESTAPITestConstants.ACCESS_TOKEN_TEXT).toString();
            if (obj != null) {
                return obj;
            }
            return null;
        } catch (AutomationFrameworkException e) {
            throw new APIManagerIntegrationTestException("Error in sending the request to token endpoint.", e);
        } catch (UnsupportedEncodingException e2) {
            throw new APIManagerIntegrationTestException("Message header encoding was unsuccessful using UTF-8.", e2);
        } catch (JSONException e3) {
            throw new APIManagerIntegrationTestException("Error in parsing JSON content in response from token endpoint.", e3);
        }
    }
}
