package io.jans.as.client.ws.rs;

import io.jans.as.client.AuthorizationRequest;
import io.jans.as.client.AuthorizationResponse;
import io.jans.as.client.BaseTest;
import io.jans.as.client.RegisterClient;
import io.jans.as.client.RegisterRequest;
import io.jans.as.client.RegisterResponse;
import io.jans.as.client.TokenClient;
import io.jans.as.client.TokenRequest;
import io.jans.as.client.TokenResponse;
import io.jans.as.client.client.AssertBuilder;
import io.jans.as.model.authorize.CodeVerifier;
import io.jans.as.model.common.AuthenticationMethod;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.crypto.signature.SignatureAlgorithm;
import io.jans.as.model.register.ApplicationType;
import io.jans.as.model.util.StringUtils;
import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;

/* loaded from: input_file:io/jans/as/client/ws/rs/PkceHttpTest.class */
public class PkceHttpTest extends BaseTest {
    @Parameters({"redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri"})
    @Test
    public void tokenWithPkceCheck(String str, String str2, String str3, String str4, String str5) throws Exception {
        showTitle("tokenWithPkceCheck");
        List asList = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(str));
        registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
        registerRequest.setSectorIdentifierUri(str5);
        registerRequest.setResponseTypes(asList);
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec = registerClient.exec();
        showClient(registerClient);
        AssertBuilder.registerResponse(exec).created().check();
        List asList2 = Arrays.asList("openid", "profile", "address", "email");
        String uuid = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, exec.getClientId(), asList2, str4, UUID.randomUUID().toString());
        authorizationRequest.setState(uuid);
        CodeVerifier generateAndSetCodeChallengeWithMethod = authorizationRequest.generateAndSetCodeChallengeWithMethod();
        AuthorizationResponse authenticateResourceOwnerAndGrantAccess = authenticateResourceOwnerAndGrantAccess(this.authorizationEndpoint, authorizationRequest, str2, str3);
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getLocation(), "The location is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getCode(), "The authorization code is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getIdToken(), "The ID Token is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getState(), "The state is null");
        Assert.assertNotNull(authenticateResourceOwnerAndGrantAccess.getScope(), "The scope is null");
        String code = authenticateResourceOwnerAndGrantAccess.getCode();
        AssertBuilder.jwtParse(authenticateResourceOwnerAndGrantAccess.getIdToken()).validateSignatureRSA(this.jwksUri, SignatureAlgorithm.RS256).notNullAuthenticationTime().claimsPresence("c_hash").check();
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setRedirectUri(str4);
        tokenRequest.setAuthUsername(exec.getClientId());
        tokenRequest.setAuthPassword(exec.getClientSecret());
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
        tokenRequest.setCodeVerifier(generateAndSetCodeChallengeWithMethod.getCodeVerifier());
        TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec2 = tokenClient.exec();
        showClient(tokenClient);
        AssertBuilder.tokenResponse(exec2).notNullRefreshToken().check();
    }

    @Parameters({"redirectUris", "userId", "userSecret", "redirectUri", "sectorIdentifierUri"})
    @Test
    public void invalidCodeVerifier(String str, String str2, String str3, String str4, String str5) throws Exception {
        showTitle("invalidCodeVerifier");
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(str));
        registerRequest.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_POST);
        registerRequest.setSectorIdentifierUri(str5);
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec = registerClient.exec();
        showClient(registerClient);
        AssertBuilder.registerResponse(exec).created().check();
        List asList = Arrays.asList(ResponseType.CODE);
        List asList2 = Arrays.asList("openid", "profile", "address", "email");
        String uuid = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(asList, exec.getClientId(), asList2, str4, (String) null);
        authorizationRequest.setState(uuid);
        authorizationRequest.generateAndSetCodeChallengeWithMethod();
        AuthorizationResponse authenticateResourceOwnerAndGrantAccess = authenticateResourceOwnerAndGrantAccess(this.authorizationEndpoint, authorizationRequest, str2, str3);
        AssertBuilder.authorizationResponse(authenticateResourceOwnerAndGrantAccess).check();
        Assert.assertNull(authenticateResourceOwnerAndGrantAccess.getIdToken(), "The id token is not null");
        String code = authenticateResourceOwnerAndGrantAccess.getCode();
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setRedirectUri(str4);
        tokenRequest.setAuthUsername(exec.getClientId());
        tokenRequest.setAuthPassword(exec.getClientSecret());
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_POST);
        tokenRequest.setCodeVerifier("invalid_code_verifier");
        TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec2 = tokenClient.exec();
        showClient(tokenClient);
        Assert.assertEquals(exec2.getStatus(), 400, "Unexpected response code: " + exec2.getStatus());
        Assert.assertNull(exec2.getAccessToken(), "The access token is null");
        tokenRequest.setCodeVerifier((String) null);
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec3 = tokenClient.exec();
        showClient(tokenClient);
        Assert.assertEquals(exec3.getStatus(), 400, "Unexpected response code: " + exec3.getStatus());
        Assert.assertNull(exec3.getAccessToken(), "The access token is null");
    }
}
