package com.google.auth.oauth2;

import com.google.api.client.http.HttpHeaders;
import com.google.api.client.testing.http.MockLowLevelHttpRequest;
import com.google.api.client.util.GenericData;
import com.google.auth.TestUtils;
import com.google.common.base.Joiner;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:com/google/auth/oauth2/StsRequestHandlerTest.class */
class StsRequestHandlerTest {
    private static final String TOKEN_EXCHANGE_GRANT_TYPE = "urn:ietf:params:oauth:grant-type:token-exchange";
    private static final String CLOUD_PLATFORM_SCOPE = "https://www.googleapis.com/auth/cloud-platform";
    private static final String DEFAULT_REQUESTED_TOKEN_TYPE = "urn:ietf:params:oauth:token-type:access_token";
    private static final String TOKEN_URL = "https://sts.googleapis.com/v1/token";
    private MockStsTransport transport;

    StsRequestHandlerTest() {
    }

    @BeforeEach
    public void setup() {
        this.transport = new MockStsTransport();
    }

    @Test
    void exchangeToken() throws IOException {
        StsTokenExchangeRequest build = StsTokenExchangeRequest.newBuilder("credential", "subjectTokenType").setScopes(Arrays.asList(CLOUD_PLATFORM_SCOPE)).build();
        StsTokenExchangeResponse exchangeToken = StsRequestHandler.newBuilder(TOKEN_URL, build, this.transport.createRequestFactory()).build().exchangeToken();
        Assertions.assertEquals(this.transport.getAccessToken(), exchangeToken.getAccessToken().getTokenValue());
        Assertions.assertEquals(this.transport.getTokenType(), exchangeToken.getTokenType());
        Assertions.assertEquals(this.transport.getIssuedTokenType(), exchangeToken.getIssuedTokenType());
        Assertions.assertEquals(this.transport.getExpiresIn(), exchangeToken.getExpiresInSeconds());
        Assertions.assertEquals(new GenericData().set("grant_type", TOKEN_EXCHANGE_GRANT_TYPE).set("scope", CLOUD_PLATFORM_SCOPE).set("requested_token_type", DEFAULT_REQUESTED_TOKEN_TYPE).set("subject_token_type", build.getSubjectTokenType()).set("subject_token", build.getSubjectToken()).getUnknownKeys(), TestUtils.parseQuery(this.transport.getRequest().getContentAsString()));
    }

    @Test
    void exchangeToken_withOptionalParams() throws IOException {
        this.transport.addScopeSequence(Arrays.asList("scope1", "scope2", "scope3"));
        this.transport.addRefreshTokenSequence("refreshToken");
        StsTokenExchangeRequest build = StsTokenExchangeRequest.newBuilder("credential", "subjectTokenType").setAudience("audience").setResource("resource").setActingParty(new ActingParty("actorToken", "actorTokenType")).setRequestTokenType("requestedTokenType").setScopes(Arrays.asList("scope1", "scope2", "scope3")).build();
        StsTokenExchangeResponse exchangeToken = StsRequestHandler.newBuilder(TOKEN_URL, build, this.transport.createRequestFactory()).setHeaders(new HttpHeaders().setContentType("application/x-www-form-urlencoded").setAcceptEncoding("gzip").set("custom_header_key", "custom_header_value")).setInternalOptions("internalOptions").build().exchangeToken();
        Assertions.assertEquals(this.transport.getAccessToken(), exchangeToken.getAccessToken().getTokenValue());
        Assertions.assertEquals(this.transport.getTokenType(), exchangeToken.getTokenType());
        Assertions.assertEquals(this.transport.getIssuedTokenType(), exchangeToken.getIssuedTokenType());
        Assertions.assertEquals(this.transport.getExpiresIn(), exchangeToken.getExpiresInSeconds());
        Assertions.assertEquals(Arrays.asList("scope1", "scope2", "scope3"), exchangeToken.getScopes());
        Assertions.assertEquals("refreshToken", exchangeToken.getRefreshToken());
        MockLowLevelHttpRequest request = this.transport.getRequest();
        Map headers = request.getHeaders();
        Assertions.assertEquals("application/x-www-form-urlencoded", ((List) headers.get("content-type")).get(0));
        Assertions.assertEquals("gzip", ((List) headers.get("accept-encoding")).get(0));
        Assertions.assertEquals("custom_header_value", ((List) headers.get("custom_header_key")).get(0));
        Assertions.assertEquals(new GenericData().set("grant_type", TOKEN_EXCHANGE_GRANT_TYPE).set("scope", Joiner.on(' ').join(Arrays.asList("scope1", "scope2", "scope3"))).set("options", "internalOptions").set("subject_token_type", build.getSubjectTokenType()).set("subject_token", build.getSubjectToken()).set("requested_token_type", build.getRequestedTokenType()).set("actor_token", build.getActingParty().getActorToken()).set("actor_token_type", build.getActingParty().getActorTokenType()).set("resource", build.getResource()).set("audience", build.getAudience()).getUnknownKeys(), TestUtils.parseQuery(request.getContentAsString()));
    }

    @Test
    void exchangeToken_throwsException() throws IOException {
        StsRequestHandler build = StsRequestHandler.newBuilder(TOKEN_URL, StsTokenExchangeRequest.newBuilder("credential", "subjectTokenType").build(), this.transport.createRequestFactory()).build();
        this.transport.addResponseErrorSequence(TestUtils.buildHttpResponseException("invalidRequest", null, null));
        build.getClass();
        OAuthException assertThrows = Assertions.assertThrows(OAuthException.class, build::exchangeToken);
        Assertions.assertEquals("invalidRequest", assertThrows.getErrorCode());
        Assertions.assertNull(assertThrows.getErrorDescription());
        Assertions.assertNull(assertThrows.getErrorUri());
    }

    @Test
    void exchangeToken_withOptionalParams_throwsException() throws IOException {
        StsRequestHandler build = StsRequestHandler.newBuilder(TOKEN_URL, StsTokenExchangeRequest.newBuilder("credential", "subjectTokenType").build(), this.transport.createRequestFactory()).build();
        this.transport.addResponseErrorSequence(TestUtils.buildHttpResponseException("invalidRequest", "errorDescription", "errorUri"));
        build.getClass();
        OAuthException assertThrows = Assertions.assertThrows(OAuthException.class, build::exchangeToken);
        Assertions.assertEquals("invalidRequest", assertThrows.getErrorCode());
        Assertions.assertEquals("errorDescription", assertThrows.getErrorDescription());
        Assertions.assertEquals("errorUri", assertThrows.getErrorUri());
    }

    @Test
    void exchangeToken_ioException() {
        StsRequestHandler build = StsRequestHandler.newBuilder(TOKEN_URL, StsTokenExchangeRequest.newBuilder("credential", "subjectTokenType").build(), this.transport.createRequestFactory()).build();
        IOException iOException = new IOException();
        this.transport.addResponseErrorSequence(iOException);
        build.getClass();
        Assertions.assertEquals(iOException, (IOException) Assertions.assertThrows(IOException.class, build::exchangeToken));
    }

    @Test
    void exchangeToken_noExpiresInReturned() throws IOException {
        this.transport.setReturnExpiresIn(false);
        StsTokenExchangeResponse exchangeToken = StsRequestHandler.newBuilder(TOKEN_URL, StsTokenExchangeRequest.newBuilder("credential", "subjectTokenType").setScopes(Arrays.asList(CLOUD_PLATFORM_SCOPE)).build(), this.transport.createRequestFactory()).build().exchangeToken();
        Assertions.assertEquals(this.transport.getAccessToken(), exchangeToken.getAccessToken().getTokenValue());
        Assertions.assertNull(exchangeToken.getAccessToken().getExpirationTime());
        Assertions.assertEquals(this.transport.getTokenType(), exchangeToken.getTokenType());
        Assertions.assertEquals(this.transport.getIssuedTokenType(), exchangeToken.getIssuedTokenType());
        Assertions.assertNull(exchangeToken.getExpiresInSeconds());
    }
}
