package org.apache.cxf.systest.jaxrs.security.oauth2;

import java.util.HashMap;
import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.rs.security.common.CryptoLoader;
import org.apache.cxf.rs.security.oauth2.auth.saml.Saml2BearerAuthOutInterceptor;
import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
import org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrant;
import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
import org.apache.cxf.rs.security.saml.SAMLUtils;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.class */
public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
    public static final String PORT = BookServerOAuth2.PORT;
    private static final String CRYPTO_RESOURCE_PROPERTIES = "org/apache/cxf/systest/jaxrs/security/alice.properties";

    /* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test$CustomGrant.class */
    private static class CustomGrant implements AccessTokenGrant {
        private static final long serialVersionUID = -4007538779198315873L;

        private CustomGrant() {
        }

        public String getType() {
            return "custom_grant";
        }

        public MultivaluedMap<String, String> toMap() {
            MetadataMap metadataMap = new MetadataMap();
            metadataMap.putSingle("grant_type", "custom_grant");
            return metadataMap;
        }
    }

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("server did not launch correctly", launchServer(BookServerOAuth2.class, true));
    }

    @Test
    public void testSAML2BearerGrant() throws Exception {
        assertNotNull(OAuthClientUtils.getAccessToken(createWebClient("https://localhost:" + PORT + "/oauth2/token"), new OAuthClientUtils.Consumer("alice", "alice"), new Saml2BearerGrant(SAMLUtils.createAssertion(new SamlCallbackHandler(), new SAMLUtils.SelfSignInfo(new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES), "alice", "password")).assertionToString()), false).getTokenKey());
    }

    @Test
    public void testSAML2BearerAuthenticationDirect() throws Exception {
        WebClient createWebClient = createWebClient("https://localhost:" + PORT + "/oauth2-auth/token");
        String encode = Base64UrlUtility.encode(SAMLUtils.createAssertion(new SamlCallbackHandler2(), new SAMLUtils.SelfSignInfo(new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES), "alice", "password")).assertionToString());
        HashMap hashMap = new HashMap();
        hashMap.put("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:saml2-bearer");
        hashMap.put("client_assertion", encode);
        assertNotNull(OAuthClientUtils.getAccessToken(createWebClient, new CustomGrant(), hashMap).getTokenKey());
    }

    @Test
    public void testSAML2BearerAuthenticationInterceptor() throws Exception {
        assertNotNull(OAuthClientUtils.getAccessToken(createWebClientWithProps("https://localhost:" + PORT + "/oauth2-auth/token"), new CustomGrant()).getTokenKey());
    }

    private WebClient createWebClient(String str) {
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSOAuth2Test.class.getResource("client.xml").toString()));
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        createWebClient.type("application/x-www-form-urlencoded").accept(new String[]{"application/json"});
        return createWebClient;
    }

    private WebClient createWebClientWithProps(String str) {
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSOAuth2Test.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("ws-security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("ws-security.saml-callback-handler", "org.apache.cxf.systest.jaxrs.security.oauth2.SamlCallbackHandler2");
        hashMap.put("ws-security.self-sign-saml-assertion", "true");
        hashMap.put("ws-security.signature.username", "alice");
        hashMap.put("ws-security.signature.properties", CRYPTO_RESOURCE_PROPERTIES);
        jAXRSClientFactoryBean.setProperties(hashMap);
        jAXRSClientFactoryBean.getOutInterceptors().add(new Saml2BearerAuthOutInterceptor());
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        createWebClient.type("application/x-www-form-urlencoded").accept(new String[]{"application/json"});
        return createWebClient;
    }
}
