package com.mulesoft.modules.oauth2.provider.error;

import com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase;
import com.mulesoft.modules.oauth2.provider.api.Constants;
import io.qameta.allure.Description;
import java.util.ArrayList;
import java.util.Collections;
import org.apache.commons.lang3.RandomStringUtils;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;

/* loaded from: input_file:com/mulesoft/modules/oauth2/provider/error/OAuth2ProviderErrorsTestCase.class */
public class OAuth2ProviderErrorsTestCase extends AbstractOAuth2ProviderModuleTestCase {

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase
    public void doSetUp() throws Exception {
        super.doSetUp();
    }

    @Override // com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase
    protected String doGetConfigFile() {
        return "provider-errors-config.xml";
    }

    @Description("Try to revoke a token that does not exist and see that the correct error is raised")
    @Test
    public void revokeMissingToken() throws Exception {
        MatcherAssert.assertThat(flowRunner("revokeMissingToken").withPayload("MISSING_TOKEN").run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("INVALID_TOKEN")));
    }

    @Description("Validate an empty token and see that it's invalid")
    @Test
    public void validateTokenEmptyToken() throws Exception {
        MatcherAssert.assertThat(flowRunner("validateTokenEmptyToken").run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("UNAUTHORIZED_TOKEN")));
    }

    @Description("Validate a token that was never granted by the provider")
    @Test
    public void validateUnexistentToken() throws Exception {
        MatcherAssert.assertThat(flowRunner("validateUnexistentToken").withVariable("ACCESS_TOKEN", RandomStringUtils.randomAlphanumeric(20)).run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("UNAUTHORIZED_TOKEN")));
    }

    @Description("Validate a token with unmatching scopes with the ones registered and see that if fails")
    @Test
    public void validateUnmatchingScopes() throws Exception {
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(20);
        addAccessTokenToStore(randomAlphanumeric);
        MatcherAssert.assertThat(flowRunner("validateUnmatchingScopesToken").withVariable("ACCESS_TOKEN", randomAlphanumeric).withVariable("SCOPES", new ArrayList()).run().getMessage().getPayload().getValue(), Matchers.is("valid scopes"));
        MatcherAssert.assertThat(flowRunner("validateUnmatchingScopesToken").withVariable("ACCESS_TOKEN", randomAlphanumeric).withVariable("SCOPES", Collections.singletonList("USER")).run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("UNAUTHORIZED_TOKEN")));
    }

    @Description("Validate token with unmatching resource owner roles and see that it fails with the expected error")
    @Test
    public void validateUnmatchingRoles() throws Exception {
        String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(20);
        addAccessTokenToStore(randomAlphanumeric);
        MatcherAssert.assertThat(flowRunner("validateUnmatchingRolesToken").withVariable("ACCESS_TOKEN", randomAlphanumeric).withVariable("ROLES", new ArrayList()).run().getMessage().getPayload().getValue(), Matchers.is("valid roles"));
        MatcherAssert.assertThat(flowRunner("validateUnmatchingRolesToken").withVariable("ACCESS_TOKEN", randomAlphanumeric).withVariable("ROLES", Collections.singletonList("RESOURCE_OWNER")).run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("UNAUTHORIZED_TOKEN")));
    }

    @Description("Create client with existent clientId and no override flag and see that it fails with the expected error")
    @Test
    public void createExistentClient() throws Exception {
        MatcherAssert.assertThat(flowRunner("createExistentClient").withVariable("CLIENT_ID", "clientId1").run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("CLIENT_ALREADY_EXISTS")));
    }

    @Description("Create client with authorizationCode or implicit grant type but no redirection uri")
    @Test
    public void createClientNoRedirectUri() throws Exception {
        MatcherAssert.assertThat(flowRunner("createClientNoRedirectionUri").withVariable("GRANT_TYPES", Collections.singletonList(Constants.RequestGrantType.AUTHORIZATION_CODE)).run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("INVALID_CONFIGURATION")));
    }

    @Description("Create client with invalid grant type and see that it fails with the expected error")
    @Test
    public void createClientWrongGrantType() throws Exception {
        this.expectedException.expectMessage("RequestGrantType");
        flowRunner("createClientWrongGrantType").run();
    }

    @Description("Create client with no secret whit CONFIDENTIAL type and see that it fails")
    @Test
    public void createConfidentialClientNoSecret() throws Exception {
        MatcherAssert.assertThat(flowRunner("createConfidentialClientNoSecret").run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("INVALID_CONFIGURATION")));
    }

    @Description("Delete not existent client and see that if fails with the expected exception")
    @Test
    public void deleteNotExistentClient() throws Exception {
        MatcherAssert.assertThat(flowRunner("deleteNotExistentClient").run().getMessage().getPayload().getValue(), Matchers.is(Matchers.equalTo("NO_SUCH_CLIENT")));
    }
}
