package org.wso2.appserver.integration.tests.rest.test.poxsecurity;

import java.io.IOException;
import javax.xml.stream.XMLStreamException;
import javax.xml.xpath.XPathExpressionException;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import org.wso2.appserver.integration.common.utils.ASIntegrationTest;
import org.wso2.appserver.integration.tests.ASTestConstants;
import org.wso2.carbon.authenticator.stub.LoginAuthenticationExceptionException;
import org.wso2.carbon.automation.test.utils.http.client.HttpsURLConnectionClient;

/* loaded from: input_file:org/wso2/appserver/integration/tests/rest/test/poxsecurity/POXSecurityVerifyPostMethod.class */
public class POXSecurityVerifyPostMethod extends ASIntegrationTest {
    private static final String SERVICE_NAME = "Axis2Service";

    @BeforeClass(alwaysRun = true)
    public void init() throws Exception {
        super.init();
        applySecurity("1", SERVICE_NAME, "admin");
    }

    @Test(groups = {"wso2.as"}, description = "POST request by admin")
    public void testPOSTRequestBySuperAdmin() throws IOException, LoginAuthenticationExceptionException, XMLStreamException, XPathExpressionException {
        Assert.assertTrue(HttpsURLConnectionClient.postWithBasicAuth(getSecuredServiceEndpoint(SERVICE_NAME) + "/echoString", "s=TestAutomation", this.asServer.getSuperTenant().getTenantAdmin().getUserName(), this.asServer.getSuperTenant().getTenantAdmin().getPassword()).getData().contains("<ns:echoStringResponse xmlns:ns=\"http://service.carbon.wso2.org\"><ns:return>TestAutomation</ns:return></ns:echoStringResponse>"), "response doesn't contain the expected output");
    }

    @Test(groups = {"wso2.as"}, description = "POST request by user/tenant", dependsOnMethods = {"testPOSTRequestBySuperAdmin"})
    public void testPOSTRequestByUser() throws Exception {
        super.init();
        applySecurity("1", SERVICE_NAME, ASTestConstants.POX_ROLE_NAME);
        Assert.assertTrue(HttpsURLConnectionClient.postWithBasicAuth(getSecuredServiceEndpoint(SERVICE_NAME) + "/echoString", "s=TestAutomation", ASTestConstants.POX_USER, ASTestConstants.POX_USER_PASSWORD).getData().contains("<ns:echoStringResponse xmlns:ns=\"http://service.carbon.wso2.org\"><ns:return>TestAutomation</ns:return></ns:echoStringResponse>"), "response doesn't contain the expected output");
    }

    @Test(groups = {"wso2.as"}, description = "POST request by invalid user", dependsOnMethods = {"testPOSTRequestByUser"}, expectedExceptions = {IOException.class})
    public void testPOSTRequestByInvalidUser() throws Exception {
        super.init();
        applySecurity("1", SERVICE_NAME, "admin");
        Assert.assertFalse(HttpsURLConnectionClient.postWithBasicAuth(getSecuredServiceEndpoint(SERVICE_NAME) + "/echoString", "s=TestAutomation", "invalidUser", "InvalidPassword").getData().contains("<ns:echoStringResponse xmlns:ns=\"http://service.carbon.wso2.org\"><ns:return>TestAutomation</ns:return></ns:echoStringResponse>"), "response doesn't contain the expected output");
    }

    @Test(groups = {"wso2.as"}, description = "Test post request by user belongs to unauthorized group", dependsOnMethods = {"testPOSTRequestByInvalidUser"}, expectedExceptions = {IOException.class})
    public void testPOSTRequestByGroup() throws Exception {
        applySecurity("1", SERVICE_NAME, "admin");
        Assert.assertFalse(HttpsURLConnectionClient.postWithBasicAuth(getSecuredServiceEndpoint(SERVICE_NAME) + "/echoString", "s=TestAutomation", ASTestConstants.POX_USER, ASTestConstants.POX_USER_PASSWORD).getData().contains("<ns:echoStringResponse xmlns:ns=\"http://service.carbon.wso2.org\"><ns:return>TestAutomation</ns:return></ns:echoStringResponse>"), "response doesn't contain the expected output");
    }

    @AfterClass(alwaysRun = true)
    public void destroy() throws Exception {
        this.securityAdminServiceClient.disableSecurity(SERVICE_NAME);
        super.cleanup();
    }
}
