package io.confluent.security.fixtures;

import io.confluent.security.authentication.credential.HttpBasicCredential;
import io.confluent.security.authentication.http.HttpClient;
import io.confluent.security.authentication.oauthbearer.ProviderMetadata;
import io.confluent.security.fixtures.OpenId.ClientRegistration;
import io.confluent.security.fixtures.OpenId.OpenIdAminException;
import io.confluent.security.fixtures.OpenId.ProviderAdmin;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Map;
import java.util.UUID;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Timeout;

@Disabled("Disabled until TestContainers initialization issues on jenkins can be solved")
/* loaded from: input_file:io/confluent/security/fixtures/OpenIdProviderFixtureTest.class */
public class OpenIdProviderFixtureTest {
    private static final OpenIdProvider OPENID_PROVIDER = new OpenIdProvider();
    private static ProviderAdmin providerAdmin;

    @BeforeAll
    public static void setup() {
        OPENID_PROVIDER.start();
        providerAdmin = OPENID_PROVIDER.adminClient();
    }

    @AfterAll
    public static void tearDown() {
        OPENID_PROVIDER.close();
    }

    @Test
    public void testSuccessfulClientCredentialsGrantNoScope() {
        ClientRegistration registerClient = providerAdmin.registerClient(clientRegistration().build());
        Assertions.assertEquals(registerClient.clientId(), providerAdmin.readClient(registerClient.clientId()).clientId());
    }

    @Test
    public void testSuccessfulClientCredentialsGrantWithScope() {
        ClientRegistration registerClient = providerAdmin.registerClient(clientRegistration().scope(new HashSet(Arrays.asList("test", "test2"))).build());
        ClientRegistration readClient = providerAdmin.readClient(registerClient.clientId());
        Assertions.assertNotNull(registerClient.clientSecret());
        Assertions.assertEquals(registerClient.clientId(), readClient.clientId());
        Assertions.assertEquals(registerClient.scope(), readClient.scope());
    }

    @Test
    public void testSuccessfulClientDelete() {
        ClientRegistration build = clientRegistration().build();
        providerAdmin.registerClient(build);
        ClientRegistration readClient = providerAdmin.readClient(build.clientId());
        providerAdmin.deleteClient(build.clientId());
        Assertions.assertEquals(build.clientId(), readClient.clientId());
        Assertions.assertThrows(OpenIdAminException.class, () -> {
            providerAdmin.readClient(build.clientId());
        });
    }

    @Timeout(5)
    @Test
    public void testSuccessfulClientCredentialsGrant() {
        Response post;
        ClientRegistration registerClient = providerAdmin.registerClient(clientRegistration().build());
        HttpClient httpClient = OPENID_PROVIDER.httpClient();
        ProviderMetadata providerMetadata = (ProviderMetadata) httpClient.target(OPENID_PROVIDER.discoveryUri()).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).get(ProviderMetadata.class);
        Assertions.assertNotNull(providerMetadata);
        HttpBasicCredential httpBasicCredential = new HttpBasicCredential(registerClient.clientId(), registerClient.clientSecret());
        int i = 3;
        do {
            post = httpClient.target(providerMetadata.tokenEndpoint(), httpBasicCredential).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).post(Entity.form(new Form().param("grant_type", "client_credentials")));
            if (post.getStatus() == 200) {
                break;
            } else {
                i--;
            }
        } while (i >= 0);
        Assertions.assertEquals(200, post.getStatus());
        Map map = (Map) post.readEntity(Map.class);
        Assertions.assertNotNull(map.get("access_token"));
        Assertions.assertEquals("bearer", map.get("token_type"));
        Assertions.assertNotNull(map);
    }

    private String clientId() {
        return UUID.randomUUID().toString();
    }

    private ClientRegistration.Builder clientRegistration() {
        return ClientRegistration.builder().clientId(clientId());
    }
}
