package com.mulesoft.modules.oauth2.provider;

import java.io.IOException;
import java.util.Collections;
import java.util.Map;
import net.smartam.leeloo.client.request.OAuthClientRequest;
import net.smartam.leeloo.common.exception.OAuthSystemException;
import net.smartam.leeloo.common.message.types.GrantType;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.methods.GetMethod;
import org.junit.Test;
import org.mule.runtime.http.api.HttpConstants;

/* loaded from: input_file:com/mulesoft/modules/oauth2/provider/OAuth2ProviderModuleRevokeTokenTestCase.class */
public class OAuth2ProviderModuleRevokeTokenTestCase extends AbstractOAuth2ProviderModuleTestCase {
    private static final String PROTECTED_RESOURCE_PATH = "/protected";

    @Override // com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase
    protected String doGetConfigFile() {
        return "oauth2-revoke-token-tests-http-config.xml";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.mulesoft.modules.oauth2.provider.AbstractOAuth2ProviderModuleTestCase
    public String buildURL(String str) {
        return getProtocol() + "://localhost:" + this.port.getNumber() + str;
    }

    @Test
    public void revokeAccessTokenAndValidate() throws Exception {
        Map<String, Object> performAuthorizationCodeOAuth2DanceAndAccessProtectedResource = performAuthorizationCodeOAuth2DanceAndAccessProtectedResource();
        String str = (String) performAuthorizationCodeOAuth2DanceAndAccessProtectedResource.get("access_token");
        String str2 = (String) performAuthorizationCodeOAuth2DanceAndAccessProtectedResource.get("refresh_token");
        accessProtectedResource(str);
        flowRunner("revokeToken").withPayload(str).run();
        executeHttpMethodExpectingStatus(new GetMethod(getProtectedResourceURL(PROTECTED_RESOURCE_PATH) + "?access_token=" + str), HttpConstants.HttpStatus.UNAUTHORIZED.getStatusCode());
        useInvalidRefreshToken(str2);
    }

    @Test
    public void revokeRefreshTokenAndValidate() throws Exception {
        Map<String, Object> performAuthorizationCodeOAuth2DanceAndAccessProtectedResource = performAuthorizationCodeOAuth2DanceAndAccessProtectedResource();
        String str = (String) performAuthorizationCodeOAuth2DanceAndAccessProtectedResource.get("access_token");
        String str2 = (String) performAuthorizationCodeOAuth2DanceAndAccessProtectedResource.get("refresh_token");
        flowRunner("revokeToken").withPayload(str2).run();
        executeHttpMethodExpectingStatus(new GetMethod(getProtectedResourceURL(PROTECTED_RESOURCE_PATH) + "?access_token=" + str), HttpConstants.HttpStatus.UNAUTHORIZED.getStatusCode());
        useInvalidRefreshToken(str2);
    }

    private void useInvalidRefreshToken(String str) throws OAuthSystemException, IOException {
        OAuthClientRequest buildBodyMessage = OAuthClientRequest.tokenLocation(getTokenEndpointURL()).setGrantType(GrantType.REFRESH_TOKEN).setRefreshToken(str).buildBodyMessage();
        buildBodyMessage.setHeaders(Collections.singletonMap("Authorization", getValidBasicAuthHeaderValue("clientId1", "clpwd+%")));
        postOAuthClientRequestExpectingStatus(buildBodyMessage, HttpConstants.HttpStatus.BAD_REQUEST.getStatusCode());
    }

    private Map<String, Object> performAuthorizationCodeOAuth2DanceAndAccessProtectedResource() throws Exception {
        Map<String, Object> validateSuccessfulTokenResponseNoScope = validateSuccessfulTokenResponseNoScope(getContentAsMap((HttpMethod) postOAuthClientRequestExpectingStatus(OAuthClientRequest.tokenLocation(getTokenEndpointURL()).setGrantType(GrantType.AUTHORIZATION_CODE).setCode(validateSuccessfulLoginResponse((HttpMethod) postOAuthClientRequestExpectingStatus(OAuthClientRequest.authorizationLocation(getAuthorizationEndpointUrl()).setResponseType("code").setClientId("clientId1").setRedirectURI(AbstractOAuth2ProviderModuleTestCase.TEST_REDIRECT_URI).setParameter("username", "rousr").setParameter("password", "ropwd+%").buildBodyMessage(), HttpConstants.HttpStatus.MOVED_TEMPORARILY.getStatusCode()), "code").get("code").get(0)).setClientId("clientId1").setClientSecret("clientSecret1").setRedirectURI(AbstractOAuth2ProviderModuleTestCase.TEST_REDIRECT_URI).buildBodyMessage(), HttpConstants.HttpStatus.OK.getStatusCode())), true);
        accessProtectedResource((String) validateSuccessfulTokenResponseNoScope.get("access_token"));
        return validateSuccessfulTokenResponseNoScope;
    }
}
