package org.wso2.am.integration.tests.other;

import com.google.gson.Gson;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.xpath.XPathExpressionException;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.ssl.AllowAllHostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationPoliciesDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationsDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.OperationPolicyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationKeyGenerateRequestDTO;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.tests.api.lifecycle.APIManagerLifecycleBaseTest;
import org.wso2.am.integration.tests.restapi.RESTAPITestConstants;
import org.wso2.carbon.integration.common.admin.client.UserManagementClient;

/* loaded from: input_file:org/wso2/am/integration/tests/other/RevokeOneTimeTokenFlowTestCase.class */
public class RevokeOneTimeTokenFlowTestCase extends APIManagerLifecycleBaseTest {
    private final String API_CONTEXT = "RevokeOneTimeTokenAPITest";
    private String applicationId;
    private String apiId;
    private String accessToken;
    private String accessTokenWithoutScope;
    private String accessTokenForOutsider;

    @BeforeClass(alwaysRun = true)
    public void initialize() throws Exception {
        super.init();
        this.applicationId = this.restAPIStore.createApplication("ApplicationTest", "Test Application RevokeOneTimeToken", "Unlimited", ApplicationDTO.TokenTypeEnum.JWT).getData();
        Map<String, String> allCommonOperationPolicies = this.restAPIPublisher.getAllCommonOperationPolicies();
        APIRequest aPIRequest = new APIRequest("RevokeOneTimeTokenAPITest", "RevokeOneTimeTokenAPITest", new URL(getAPIInvocationURLHttp("xmlapi", "1.0.0")));
        aPIRequest.setVersion("1.0.0");
        aPIRequest.setTiersCollection("Unlimited");
        aPIRequest.setTier("Unlimited");
        aPIRequest.setTags("testTag1, testTag2, testTag3");
        this.apiId = createPublishAndSubscribeToAPIUsingRest(aPIRequest, this.restAPIPublisher, this.restAPIStore, this.applicationId, "Unlimited");
        ArrayList arrayList = new ArrayList();
        arrayList.add("client_credentials");
        arrayList.add("password");
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("OTT");
        ApplicationKeyDTO generateKeys = this.restAPIStore.generateKeys(this.applicationId, "3600", (String) null, ApplicationKeyGenerateRequestDTO.KeyTypeEnum.PRODUCTION, arrayList2, arrayList);
        if (generateKeys.getToken() == null) {
            throw new AssertionError();
        }
        this.accessToken = generateKeys.getToken().getAccessToken();
        String consumerKey = generateKeys.getConsumerKey();
        String consumerSecret = generateKeys.getConsumerSecret();
        URL url = new URL(this.keyManagerHTTPSURL + "oauth2/token");
        this.accessTokenWithoutScope = new JSONObject(this.restAPIStore.generateUserAccessKey(consumerKey, consumerSecret, "grant_type=client_credentials&username=" + this.user.getUserName() + "&password=" + this.user.getPassword() + "&scope= ", url).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        new UserManagementClient(this.keyManagerContext.getContextUrls().getBackEndUrl(), this.keyManagerContext.getContextTenant().getTenantAdmin().getUserName(), this.keyManagerContext.getContextTenant().getTenantAdmin().getPassword()).addUser("outsideUser", "outsideUserPassword", new String[]{"Internal/everyone"}, "outsideUser");
        this.accessTokenForOutsider = new JSONObject(this.restAPIStore.generateUserAccessKey(consumerKey, consumerSecret, "grant_type=password&username=outsideUser&password=outsideUserPassword&scope=OTT", url).getData()).getString(RESTAPITestConstants.ACCESS_TOKEN_TEXT);
        APIDTO apidto = (APIDTO) new Gson().fromJson(this.restAPIPublisher.getAPI(this.apiId).getData(), APIDTO.class);
        Assert.assertNotNull(allCommonOperationPolicies.get("revokeOneTimeToken"), "Unable to find a common policy with name revokeOneTimeToken");
        HashMap hashMap = new HashMap();
        hashMap.put("scope", "OTT");
        APIOperationPoliciesDTO aPIOperationPoliciesDTO = new APIOperationPoliciesDTO();
        aPIOperationPoliciesDTO.setRequest(getPolicyList("revokeOneTimeToken", allCommonOperationPolicies, hashMap));
        if (apidto.getOperations() == null) {
            throw new AssertionError();
        }
        ((APIOperationsDTO) apidto.getOperations().get(0)).setOperationPolicies(aPIOperationPoliciesDTO);
        this.restAPIPublisher.updateAPI(apidto);
        createAPIRevisionAndDeployUsingRest(this.apiId, this.restAPIPublisher);
        waitForAPIDeployment();
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API with a JWT that is not an One Time Token")
    public void testAPIInvocationWithoutAddingOneTimeTokenScopeToJWT() throws Exception {
        Assert.assertEquals(invokeAPI(this.accessTokenWithoutScope).getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
        Thread.sleep(15000L);
        Assert.assertEquals(invokeAPI(this.accessTokenWithoutScope).getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API after adding the revoke one time policy")
    public void testAPIInvocationOfAttachedRevokeOneTimePolicyUsingOneTimeToken() throws Exception {
        Assert.assertEquals(invokeAPI(this.accessToken).getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
        Thread.sleep(15000L);
        Assert.assertEquals(invokeAPI(this.accessToken).getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_UNAUTHORIZED);
    }

    @Test(groups = {"wso2.am"}, description = "Invoke the API with a user who does not have permission to access APIM portals")
    public void testAPIInvocationWithOutsideUser() throws Exception {
        Assert.assertEquals(invokeAPI(this.accessTokenForOutsider).getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_OK);
        Thread.sleep(15000L);
        Assert.assertEquals(invokeAPI(this.accessTokenForOutsider).getStatusLine().getStatusCode(), HTTP_RESPONSE_CODE_UNAUTHORIZED);
    }

    @AfterClass(alwaysRun = true)
    public void cleanUpArtifacts() throws Exception {
        this.restAPIStore.deleteApplication(this.applicationId);
        undeployAndDeleteAPIRevisionsUsingRest(this.apiId, this.restAPIPublisher);
        this.restAPIPublisher.deleteAPI(this.apiId);
    }

    public List<OperationPolicyDTO> getPolicyList(String str, Map<String, String> map, Map<String, Object> map2) {
        ArrayList arrayList = new ArrayList();
        OperationPolicyDTO operationPolicyDTO = new OperationPolicyDTO();
        operationPolicyDTO.setPolicyName(str);
        operationPolicyDTO.setPolicyId(map.get(str));
        operationPolicyDTO.setParameters(map2);
        arrayList.add(operationPolicyDTO);
        return arrayList;
    }

    public HttpResponse invokeAPI(String str) throws XPathExpressionException, IOException {
        CloseableHttpClient build = HttpClientBuilder.create().setHostnameVerifier(new AllowAllHostnameVerifier()).build();
        HttpGet httpGet = new HttpGet(getAPIInvocationURLHttp("RevokeOneTimeTokenAPITest", "1.0.0"));
        httpGet.setHeader("Authorization", "Bearer " + str);
        return build.execute(httpGet);
    }
}
