package com.mulesoft.modules.oauth2.provider.error;

import com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.util.Collections;
import java.util.HashSet;
import net.smartam.leeloo.client.request.OAuthClientRequest;
import org.apache.commons.httpclient.HttpMethodBase;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Before;
import org.junit.Test;
import org.mule.runtime.http.api.HttpConstants;
import org.mule.runtime.http.api.HttpHeaders;

/* loaded from: input_file:com/mulesoft/modules/oauth2/provider/error/OAuth2ProviderModuleAuthorizationRequestErrorsTestCase.class */
public class OAuth2ProviderModuleAuthorizationRequestErrorsTestCase extends AbstractOAuth2ProviderModuleTestCase {
    private OAuthClientRequest.AuthenticationRequestBuilder authenticationRequestBuilder;

    @Before
    public void resetRequest() throws Exception {
        this.authenticationRequestBuilder = OAuthClientRequest.authorizationLocation(getAuthorizationEndpointUrl()).setResponseType("code").setClientId("clientId1").setRedirectURI(AbstractOAuth2ProviderModuleTestCase.TEST_REDIRECT_URI).setScope("USER").setParameter("username", "rousr").setParameter("password", "ropwd+%");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase
    public void doSetUp() throws Exception {
        super.doSetUp();
        this.client.setScopes(new HashSet(Collections.singletonList("USER")));
        updateClientInOS();
    }

    @Override // com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase
    protected String doGetConfigFile() {
        return "authorization-errors-config.xml";
    }

    private void assertFailingRequest(HttpMethodBase httpMethodBase, String str, int i) throws Exception {
        executeHttpMethodExpectingStatus(httpMethodBase, i);
        MatcherAssert.assertThat(httpMethodBase.getResponseBodyAsString(), Matchers.containsString(String.format("error=%s", str)));
    }

    private void assertInvalidRequest(HttpMethodBase httpMethodBase, String str) throws Exception {
        executeHttpMethodExpectingStatus(httpMethodBase, 302);
        MatcherAssert.assertThat(decodeParameters(httpMethodBase.getResponseHeader("Location").getValue()).get("error").get(0), Matchers.is(Matchers.equalTo(str)));
    }

    private void assertBadRequest(HttpMethodBase httpMethodBase, String str) throws Exception {
        assertFailingRequest(httpMethodBase, str, 400);
    }

    @Test
    public void duplicateGrantTypeWithGET() throws Exception {
        assertDuplicateParameterWithGET("response_type=some_other_response_type");
    }

    @Test
    public void duplicateClientIdTypeWithGET() throws Exception {
        assertDuplicateParameterWithGET("client_id=some_other_client_id");
    }

    @Test
    public void duplicateRedirectUriWithGET() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setParameter("redirect_uri", "http://fake/redirect/otherThing").buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertBadRequest(getMethod, "invalid_redirection_uri");
    }

    @Test
    public void duplicateScopeTypeWithGET() throws Exception {
        assertDuplicateParameterWithGET("scope=some_other_scope");
    }

    @Test
    public void missingResponseTypeWithGET() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setResponseType((String) null).buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "unsupported_response_type");
    }

    @Test
    public void missingClientIdWithGET() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setClientId((String) null).buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "invalid_request");
    }

    @Test
    public void invalidRedirectUriWithGET() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setRedirectURI("__bad__").buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertBadRequest(getMethod, "invalid_redirection_uri");
    }

    @Test
    public void unauthorizedClientMissingClientWithGET() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setClientId("some_unauthorized_client").buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "unauthorized_client");
    }

    @Test
    public void unauthorizedClientWrongScopeWithGET() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setScope("wrong_scope").buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "invalid_scope");
    }

    @Test
    public void unsupportedResponseType() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setResponseType("some_unsupported_response_type").buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "unsupported_response_type");
    }

    @Test
    public void invalidScope() throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.setScope("some_invalid_scope").buildQueryMessage().getLocationUri());
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "invalid_scope");
    }

    @Test
    public void tooManyRequests() throws Exception {
        PostMethod buildPostMethod = buildPostMethod(this.authenticationRequestBuilder.setParameter("password", "__bad_password__").buildBodyMessage());
        assertInvalidRequest(buildPostMethod, "access_denied");
        assertInvalidRequest(buildPostMethod, "access_denied");
        executeHttpMethodExpectingStatus(buildPostMethod, HttpConstants.HttpStatus.TOO_MANY_REQUESTS.getStatusCode());
        executeHttpMethodExpectingStatus(buildPostMethod, HttpConstants.HttpStatus.TOO_MANY_REQUESTS.getStatusCode());
    }

    private void assertDuplicateParameterWithGET(String str) throws Exception {
        GetMethod getMethod = new GetMethod(this.authenticationRequestBuilder.buildQueryMessage().getLocationUri());
        getMethod.setQueryString(getMethod.getQueryString() + "&" + str);
        getMethod.setFollowRedirects(false);
        assertInvalidRequest(getMethod, "invalid_request");
    }

    private PostMethod buildPostMethod(OAuthClientRequest oAuthClientRequest) throws UnsupportedEncodingException {
        PostMethod postMethod = new PostMethod(oAuthClientRequest.getLocationUri());
        postMethod.setRequestEntity(new StringRequestEntity(oAuthClientRequest.getBody(), HttpHeaders.Values.APPLICATION_X_WWW_FORM_URLENCODED.toRfcString(), Charset.defaultCharset().toString()));
        return postMethod;
    }
}
