package io.jans.as.server.authorize.ws.rs;

import io.jans.as.common.model.registration.Client;
import io.jans.as.common.model.session.SessionId;
import io.jans.as.common.util.RedirectUri;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.server.service.ClientService;
import io.jans.as.server.service.DeviceAuthorizationService;
import io.jans.as.server.service.RedirectUriResponse;
import io.jans.as.server.service.RedirectionUriService;
import io.jans.as.server.service.external.ExternalAuthzDetailTypeService;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.WebApplicationException;
import java.util.Collections;
import java.util.HashSet;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.Assert;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/authorize/ws/rs/AuthorizeRestWebServiceValidatorTest.class */
public class AuthorizeRestWebServiceValidatorTest {

    @InjectMocks
    private AuthorizeRestWebServiceValidator authorizeRestWebServiceValidator;

    @Mock
    private Logger log;

    @Mock
    private ErrorResponseFactory errorResponseFactory;

    @Mock
    private ClientService clientService;

    @Mock
    private RedirectionUriService redirectionUriService;

    @Mock
    private DeviceAuthorizationService deviceAuthorizationService;

    @Mock
    private AppConfiguration appConfiguration;

    @Mock
    private ExternalAuthzDetailTypeService externalAuthzDetailTypeService;

    @Test
    public void validatePkce_withBlankCodeChallengeAndWithoutRequiredPkce_shouldPass() {
        this.authorizeRestWebServiceValidator.validatePkce("", new RedirectUriResponse((RedirectUri) Mockito.mock(RedirectUri.class), "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)), new Client());
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validatePkce_withBlankCodeChallengeAndWithRequiredPkce_shouldFail() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        RedirectUriResponse redirectUriResponse = new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class));
        Client client = new Client();
        client.getAttributes().setRequirePkce(true);
        this.authorizeRestWebServiceValidator.validatePkce("", redirectUriResponse, client);
    }

    @Test
    public void validateRequestParameterSupported_whenRequestIsEmpty_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setState("state");
        authzRequest.setRequest((String) null);
        this.authorizeRestWebServiceValidator.validateRequestParameterSupported(authzRequest);
        authzRequest.setRequest("");
        this.authorizeRestWebServiceValidator.validateRequestParameterSupported(authzRequest);
    }

    @Test
    public void validateRequestParameterSupported_whenRequestSupportIsSwitchedOn_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setState("state");
        Mockito.when(this.appConfiguration.getRequestParameterSupported()).thenReturn(true);
        authzRequest.setRequest("{\"redirect_uri\":\"https://rp.example.com\"}");
        this.authorizeRestWebServiceValidator.validateRequestParameterSupported(authzRequest);
        authzRequest.setRequest((String) null);
        this.authorizeRestWebServiceValidator.validateRequestParameterSupported(authzRequest);
        authzRequest.setRequest("");
        this.authorizeRestWebServiceValidator.validateRequestParameterSupported(authzRequest);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateRequestParameterSupported_whenRequestSupportIsSwitchedOff_shouldThrowException() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setState("state");
        authzRequest.setRequest("{\"redirect_uri\":\"https://rp.example.com\"}");
        Mockito.when(this.appConfiguration.getRequestParameterSupported()).thenReturn(false);
        this.authorizeRestWebServiceValidator.validateRequestParameterSupported(authzRequest);
    }

    @Test
    public void validateRequestUriParameterSupported_whenRequestUriIsEmpty_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setState("state");
        authzRequest.setRequestUri((String) null);
        this.authorizeRestWebServiceValidator.validateRequestUriParameterSupported(authzRequest);
        authzRequest.setRequestUri("");
        this.authorizeRestWebServiceValidator.validateRequestUriParameterSupported(authzRequest);
    }

    @Test
    public void validateRequestUriParameterSupported_whenRequestUriSupportIsSwitchedOn_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setState("state");
        authzRequest.setRequestUri("https://rp.example.com");
        Mockito.when(this.appConfiguration.getRequestUriParameterSupported()).thenReturn(true);
        this.authorizeRestWebServiceValidator.validateRequestUriParameterSupported(authzRequest);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateRequestUriParameterSupported_whenRequestSupportIsSwitchedOff_shouldThrowException() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setState("state");
        authzRequest.setRequestUri("https://rp.example.com");
        Mockito.when(this.appConfiguration.getRequestUriParameterSupported()).thenReturn(false);
        this.authorizeRestWebServiceValidator.validateRequestUriParameterSupported(authzRequest);
    }

    @Test
    public void isAuthnMaxAgeValid_whenMaxAgeIsZero_shouldReturnTrue() {
        Assert.assertTrue(this.authorizeRestWebServiceValidator.isAuthnMaxAgeValid(0, new SessionId(), new Client()));
    }

    @Test
    public void isAuthnMaxAgeValid_whenMaxAgeIsZeroAndDisableAuthnForMaxAgeZeroIsFalse_shouldReturnTrue() {
        Mockito.when(this.appConfiguration.getDisableAuthnForMaxAgeZero()).thenReturn(false);
        Assert.assertTrue(this.authorizeRestWebServiceValidator.isAuthnMaxAgeValid(0, new SessionId(), new Client()));
    }

    @Test
    public void isAuthnMaxAgeValid_whenMaxAgeIsZeroAndDisableAuthnForMaxAgeZeroIsTrue_shouldReturnFalse() {
        Mockito.when(this.appConfiguration.getDisableAuthnForMaxAgeZero()).thenReturn(true);
        Assert.assertFalse(this.authorizeRestWebServiceValidator.isAuthnMaxAgeValid(0, new SessionId(), new Client()));
    }

    @Test
    public void isAuthnMaxAgeValid_whenMaxAgeIsNull_shouldReturnTrue() {
        Assert.assertTrue(this.authorizeRestWebServiceValidator.isAuthnMaxAgeValid(0, new SessionId(), new Client()));
    }

    @Test
    public void validateNotWebView_blockWebviewDisabled_valid() {
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(this.appConfiguration.getBlockWebviewAuthorizationEnabled()).thenReturn(false);
        this.authorizeRestWebServiceValidator.validateNotWebView(httpServletRequest);
        Mockito.verifyNoInteractions(new Object[]{this.log, httpServletRequest});
    }

    @Test
    public void validateNotWebView_blockWebviewEnabled_valid() {
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(this.appConfiguration.getBlockWebviewAuthorizationEnabled()).thenReturn(true);
        this.authorizeRestWebServiceValidator.validateNotWebView(httpServletRequest);
        Mockito.verifyNoInteractions(new Object[]{this.log});
    }

    @Test
    public void validateNotWebView_withRequestedWithHeader_throwUnauthorized() {
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(this.appConfiguration.getBlockWebviewAuthorizationEnabled()).thenReturn(true);
        Mockito.when(httpServletRequest.getHeader((String) Mockito.any())).thenReturn("test.app.package");
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.authorizeRestWebServiceValidator.validateNotWebView(httpServletRequest);
        });
        ((Logger) Mockito.verify(this.log)).error(Mockito.anyString(), Mockito.eq("test.app.package"));
    }

    @Test
    public void validateAuthorizationDetails_withoutAuthzDetails_shouldPassSuccessfully() {
        this.authorizeRestWebServiceValidator.validateAuthorizationDetails(new AuthzRequest(), new Client());
    }

    @Test
    public void validateAuthorizationDetails_withInvalidAuthzDetails_throwException() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAuthzDetailsString("not_valid_json");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Client client = new Client();
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.authorizeRestWebServiceValidator.validateAuthorizationDetails(authzRequest, client);
        });
    }

    @Test
    public void validateAuthorizationDetails_withNotSupportedScriptType_throwException() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAuthzDetailsString("[{\"type\":\"internal_type\"}]");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Client client = new Client();
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.authorizeRestWebServiceValidator.validateAuthorizationDetails(authzRequest, client);
        });
    }

    @Test
    public void validateAuthorizationDetails_withNotSupportedClientType_throwException() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        Mockito.when(this.externalAuthzDetailTypeService.getSupportedAuthzDetailsTypes()).thenReturn(new HashSet(Collections.singletonList("internal_type")));
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAuthzDetailsString("[{\"type\":\"internal_type\"}]");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Client client = new Client();
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.authorizeRestWebServiceValidator.validateAuthorizationDetails(authzRequest, client);
        });
    }

    @Test
    public void validateAuthorizationDetails_withSupportedClientAndScriptType_shouldPassSuccessfully() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(this.externalAuthzDetailTypeService.getSupportedAuthzDetailsTypes()).thenReturn(new HashSet(Collections.singletonList("internal_type")));
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAuthzDetailsString("[{\"type\":\"internal_type\"}]");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Client client = new Client();
        client.getAttributes().setAuthorizationDetailsTypes(Collections.singletonList("internal_type"));
        this.authorizeRestWebServiceValidator.validateAuthorizationDetails(authzRequest, client);
    }
}
