package com.ibm.team.repository.client.tests.oauth;

import com.ibm.team.repository.client.tests.AbstractAutoLoginClientTest;
import com.ibm.team.repository.client.tests.common.RestTestHelper;
import com.ibm.team.repository.client.tests.tools.Helper;
import com.ibm.team.repository.common.UUID;
import com.ibm.team.repository.common.json.JSONArray;
import com.ibm.team.repository.common.json.JSONObject;
import com.ibm.team.repository.common.service.IContributorService;
import java.io.StringReader;
import java.net.URLEncoder;
import java.util.Iterator;
import org.apache.commons.httpclient.HttpMethod;

/* loaded from: input_file:team_core_client_tests.jar:com/ibm/team/repository/client/tests/oauth/OAuthRegistrationRestTest.class */
public class OAuthRegistrationRestTest extends AbstractAutoLoginClientTest {
    public OAuthRegistrationRestTest(String str) {
        super(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.team.repository.client.tests.AbstractAutoLoginClientTest, com.ibm.team.repository.client.tests.AbstractClientTest
    public void setUp() throws Exception {
        super.setUp();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.team.repository.client.tests.AbstractAutoLoginClientTest, com.ibm.team.repository.client.tests.AbstractClientTest
    public void tearDown() throws Exception {
        super.tearDown();
    }

    public void testNonJsonRequest() throws Exception {
        assertBadRequest("<random></random>");
    }

    public void testMissingSecretType() throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("secret", "randomSecret");
        assertBadRequest(jSONObject.toString());
    }

    public void testMissingSecret() throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("secretType", "string");
        assertBadRequest(jSONObject.toString());
    }

    public void testInvalidSecretType() throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("secretType", "bogusSecretType");
        jSONObject.put("secret", "random");
        assertBadRequest(jSONObject.toString());
    }

    private void assertBadRequest(String str) throws Exception {
        HttpMethod attemptRegistration = attemptRegistration(str);
        try {
            assertEquals("response status", 400, attemptRegistration.getStatusCode());
        } finally {
            attemptRegistration.releaseConnection();
        }
    }

    private HttpMethod attemptRegistration(String str) throws Exception {
        return makeRestCall(str, "post", "oauth-request-consumer", "TestJazzUser1");
    }

    private HttpMethod makeRestCall(String str, String str2, String str3, String str4) throws Exception {
        String serverUri = Helper.getServerUri(str4 != null);
        if (!serverUri.endsWith("/")) {
            serverUri = String.valueOf(serverUri) + "/";
        }
        return RestTestHelper.makeRestCall(str, str2, String.valueOf(serverUri) + str3, str4);
    }

    public void testValidRegistration() throws Exception {
        attemptRegistration(false);
    }

    public void testValidRegistrationWithUserId() throws Exception {
        attemptRegistrationWithUserId(false, generateUserId());
    }

    public void testRemoteProvisionKeyRegistration() throws Exception {
        assertCanRequestRemoteProvisionalKey(Helper.getServerUri(true));
    }

    private void assertCanRequestRemoteProvisionalKey(String str) throws Exception {
        HttpMethod makeRestCall = makeRestCall("", "post", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/requestRemoteProvisionalKey" + ("?trusted=false&consumerSecret=random&url=" + URLEncoder.encode(String.valueOf(str) + "oauth-request-consumer", "UTF-8")), "TestJazzAdmin1");
        try {
            assertEquals("response status", 200, makeRestCall.getStatusCode());
            assertNotNull((String) ((JSONObject) findNestedJSONObject(JSONObject.parse(new StringReader(makeRestCall.getResponseBodyAsString())), "soapenv:Body", "response", "returnValue", "value")).get("key"));
        } finally {
            makeRestCall.releaseConnection();
        }
    }

    private String generateConsumerName() {
        return "consumer " + UUID.generate();
    }

    private String generateUserId() {
        return "oauthRegistrationTestUser" + UUID.generate().getUuidValue();
    }

    private String attemptRegistration(boolean z) throws Exception {
        return attemptRegistration(z, generateConsumerName(), null);
    }

    private String attemptRegistrationWithUserId(boolean z, String str) throws Exception {
        return attemptRegistration(z, generateConsumerName(), str);
    }

    private String attemptRegistration(boolean z, String str, String str2) throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("secretType", "string");
        jSONObject.put("secret", "random");
        jSONObject.put("trusted", Boolean.valueOf(z));
        jSONObject.put("name", str);
        if (str2 != null) {
            jSONObject.put("userId", str2);
        }
        HttpMethod attemptRegistration = attemptRegistration(jSONObject.toString());
        try {
            assertEquals("response status", 200, attemptRegistration.getStatusCode());
            String str3 = (String) JSONObject.parse(new StringReader(attemptRegistration.getResponseBodyAsString())).get("key");
            assertNotNull(str3);
            return str3;
        } finally {
            attemptRegistration.releaseConnection();
        }
    }

    public void testGetPendingRegistrations() throws Exception {
        assertRegistrationListed(attemptRegistration(true), getPendingRegistrations(), true);
    }

    public void testGetPendingRegistrationByKey() throws Exception {
        String str = "name " + UUID.generate();
        String attemptRegistration = attemptRegistration(true, str, null);
        HttpMethod makeRestCall = makeRestCall("", "GET", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/provisionalRegistration?consumerKey=" + attemptRegistration, "TestJazzUser1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            JSONObject jSONObject = (JSONObject) findNestedJSONObject(JSONObject.parse(new StringReader(makeRestCall.getResponseBodyAsString())), "soapenv:Body", "response", "returnValue", "value");
            makeRestCall.releaseConnection();
            assertEquals("trusted", Boolean.TRUE, jSONObject.get("trusted"));
            assertEquals("key", attemptRegistration, jSONObject.get("key"));
            assertEquals("name", str, jSONObject.get("name"));
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    private JSONObject assertRegistrationListed(String str, JSONArray jSONArray, boolean z) {
        Iterator it = jSONArray.iterator();
        while (it.hasNext()) {
            JSONObject jSONObject = (JSONObject) it.next();
            if (str.equals(jSONObject.get("key"))) {
                return jSONObject;
            }
        }
        assertEquals("Found registration", z, false);
        return null;
    }

    private JSONArray getConsumerRegistrations() throws Exception {
        return getRegistrations("consumers");
    }

    private JSONArray getPendingRegistrations() throws Exception {
        return getRegistrations("provisionalRegistrations");
    }

    private JSONArray getRegistrations(String str) throws Exception {
        HttpMethod makeRestCall = makeRestCall("", "GET", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/" + str, "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            return (JSONArray) findNestedJSONObject(JSONObject.parse(new StringReader(makeRestCall.getResponseBodyAsString())), "soapenv:Body", "response", "returnValue", "values");
        } finally {
            makeRestCall.releaseConnection();
        }
    }

    public void testAcceptRegistrationsAsNonAdmin() throws Exception {
        String attemptRegistration = attemptRegistration(true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?consumerKey=%s&trusted=%s", attemptRegistration, "true"), "TestJazzUser1");
        try {
            assertEquals("HTTP status", 403, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(attemptRegistration, getPendingRegistrations(), true);
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testAcceptRegistrations() throws Exception {
        String attemptRegistration = attemptRegistration(true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?accept=%s&consumerKey=%s&trusted=%s", true, attemptRegistration, true), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(attemptRegistration, getPendingRegistrations(), false);
            assertEquals("trusted", Boolean.TRUE, assertRegistrationListed(attemptRegistration, getConsumerRegistrations(), true).get("trusted"));
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testAcceptRegistrationChangeName() throws Exception {
        String attemptRegistration = attemptRegistration(true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?accept=%s&consumerKey=%s&trusted=%s&name=%s", true, attemptRegistration, true, "newName"), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(attemptRegistration, getPendingRegistrations(), false);
            JSONObject assertRegistrationListed = assertRegistrationListed(attemptRegistration, getConsumerRegistrations(), true);
            assertEquals("trusted", Boolean.TRUE, assertRegistrationListed.get("trusted"));
            assertEquals("name", "newName", assertRegistrationListed.get("name"));
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testAcceptRegistrationChangeTrusted() throws Exception {
        String attemptRegistration = attemptRegistration(true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?accept=%s&consumerKey=%s&trusted=%s&name=%s", true, attemptRegistration, false, "newName"), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(attemptRegistration, getPendingRegistrations(), false);
            JSONObject assertRegistrationListed = assertRegistrationListed(attemptRegistration, getConsumerRegistrations(), true);
            assertEquals("trusted", Boolean.FALSE, assertRegistrationListed.get("trusted"));
            assertEquals("name", "newName", assertRegistrationListed.get("name"));
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testAcceptRegistrationWithUserId() throws Exception {
        String generateUserId = generateUserId();
        String attemptRegistrationWithUserId = attemptRegistrationWithUserId(true, generateUserId);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?accept=%s&consumerKey=%s&trusted=%s", true, attemptRegistrationWithUserId, true), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(attemptRegistrationWithUserId, getPendingRegistrations(), false);
            JSONObject assertRegistrationListed = assertRegistrationListed(attemptRegistrationWithUserId, getConsumerRegistrations(), true);
            assertEquals("trusted", Boolean.TRUE, assertRegistrationListed.get("trusted"));
            assertEquals("userId", generateUserId, assertRegistrationListed.get("userId"));
            assertNotNull("Could not find new contributor", ((IContributorService) this.repo.getServiceInterface(IContributorService.class)).fetchContributorByUserId(generateUserId));
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testDenyProvisonalRegistrationWithNameChange() throws Exception {
        String attemptRegistration = attemptRegistration(true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?accept=%s&consumerKey=%s&trusted=%s&name=%s", false, attemptRegistration, true, "newName"), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(attemptRegistration, getPendingRegistrations(), false);
            assertRegistrationListed(attemptRegistration, getConsumerRegistrations(), false);
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testRegisterAndListConsumers() throws Exception {
        assertRegistrationListed(registerConsumer("test"), getConsumerRegistrations(), true);
    }

    private String registerConsumer(String str) throws Exception {
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/registerNewConsumer?consumerSecret=" + str, "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            return (String) findNestedJSONObject(JSONObject.parse(new StringReader(makeRestCall.getResponseBodyAsString())), "soapenv:Body", "response", "returnValue", "value");
        } finally {
            makeRestCall.releaseConnection();
        }
    }

    public void testDeleteConsumer() throws Exception {
        String registerConsumer = registerConsumer("test");
        assertRegistrationListed(registerConsumer, getConsumerRegistrations(), true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/deleteConsumer?consumerKey=" + registerConsumer, "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(registerConsumer, getConsumerRegistrations(), false);
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testDeleteConsumerAsNonAdmin() throws Exception {
        String registerConsumer = registerConsumer("test");
        assertRegistrationListed(registerConsumer, getConsumerRegistrations(), true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/deleteConsumer?consumerKey=" + registerConsumer, "TestJazzUser1");
        try {
            assertEquals("HTTP status", 403, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            assertRegistrationListed(registerConsumer, getConsumerRegistrations(), true);
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testSetConsumerSecret() throws Exception {
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/setConsumerSecret?consumerSecret=newSecret&consumerKey=" + registerConsumer("test"), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
        } finally {
            makeRestCall.releaseConnection();
        }
    }

    public void testSetConsumerSecretWithoutAdmin() throws Exception {
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/setConsumerSecret?consumerSecret=newSecret&consumerKey=" + registerConsumer("test"), "TestJazzUser1");
        try {
            assertEquals("HTTP status", 403, makeRestCall.getStatusCode());
        } finally {
            makeRestCall.releaseConnection();
        }
    }

    public void testSetConsumerAttributes() throws Exception {
        String attemptRegistration = attemptRegistration(true);
        HttpMethod makeRestCall = makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/acceptProvisionalRegistration" + String.format("?accept=%s&consumerKey=%s&trusted=%s", true, attemptRegistration, true), "TestJazzAdmin1");
        try {
            assertEquals("HTTP status", 200, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
            String generateUserId = generateUserId();
            makeRestCall("", "POST", "service/com.ibm.team.repository.service.internal.oauth.IOAuthRestService/setConsumerAttributes" + String.format("?consumerKey=%s&trusted=%s&name=%s&userId=%s", attemptRegistration, false, "newName", generateUserId), "TestJazzAdmin1");
            JSONObject assertRegistrationListed = assertRegistrationListed(attemptRegistration, getConsumerRegistrations(), true);
            assertEquals("trusted", Boolean.FALSE, assertRegistrationListed.get("trusted"));
            assertEquals("name", "newName", assertRegistrationListed.get("name"));
            assertEquals("userId", generateUserId, assertRegistrationListed.get("userId"));
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    private Object findNestedJSONObject(JSONObject jSONObject, String... strArr) {
        Object obj = jSONObject;
        for (String str : strArr) {
            obj = ((JSONObject) obj).get(str);
        }
        return obj;
    }
}
