package net.krotscheck.kangaroo.authz.admin.v1.resource;

import java.net.URI;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import javax.ws.rs.core.GenericType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import net.krotscheck.kangaroo.authz.common.database.entity.AbstractAuthzEntity;
import net.krotscheck.kangaroo.authz.common.database.entity.Application;
import net.krotscheck.kangaroo.authz.common.database.entity.Client;
import net.krotscheck.kangaroo.authz.common.database.entity.ClientType;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthToken;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthTokenType;
import net.krotscheck.kangaroo.authz.common.database.entity.User;
import net.krotscheck.kangaroo.authz.common.database.entity.UserIdentity;
import net.krotscheck.kangaroo.common.hibernate.id.IdUtil;
import net.krotscheck.kangaroo.common.response.ListResponseEntity;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:net/krotscheck/kangaroo/authz/admin/v1/resource/OAuthTokenServiceSearchTest.class */
public final class OAuthTokenServiceSearchTest extends AbstractServiceSearchTest<OAuthToken> {
    private static final GenericType<ListResponseEntity<OAuthToken>> LIST_TYPE = new GenericType<ListResponseEntity<OAuthToken>>() { // from class: net.krotscheck.kangaroo.authz.admin.v1.resource.OAuthTokenServiceSearchTest.1
    };

    public OAuthTokenServiceSearchTest(ClientType clientType, String str, Boolean bool) {
        super(OAuthToken.class, clientType, str, bool);
    }

    @Parameterized.Parameters
    public static Collection parameters() {
        return Arrays.asList(new Object[]{ClientType.Implicit, "kangaroo:token_admin", false}, new Object[]{ClientType.Implicit, "kangaroo:token", false}, new Object[]{ClientType.Implicit, "kangaroo:token_admin", true}, new Object[]{ClientType.Implicit, "kangaroo:token", true}, new Object[]{ClientType.ClientCredentials, "kangaroo:token_admin", false}, new Object[]{ClientType.ClientCredentials, "kangaroo:token", false});
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    protected GenericType<ListResponseEntity<OAuthToken>> getListType() {
        return LIST_TYPE;
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractServiceSearchTest
    protected List<OAuthToken> getOwnedEntities(User user) {
        return (List) ((User) getAttached((OAuthTokenServiceSearchTest) user)).getApplications().stream().flatMap(application -> {
            return application.getClients().stream();
        }).flatMap(client -> {
            return client.getTokens().stream();
        }).collect(Collectors.toList());
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractServiceSearchTest
    protected String[] getSearchIndexFields() {
        return new String[]{"identity.remoteId", "identity.claims"};
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    public String getAdminScope() {
        return "kangaroo:token_admin";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    public String getRegularScope() {
        return "kangaroo:token";
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    protected URI getUrlForId(String str) {
        return UriBuilder.fromPath("/token/").path(str).build(new Object[0]);
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    protected URI getUrlForEntity(AbstractAuthzEntity abstractAuthzEntity) {
        return getUrlForId(IdUtil.toString(abstractAuthzEntity.getId()));
    }

    @Test
    public void testSearchByUser() {
        Application application = getSecondaryContext().getApplication();
        List<OAuthToken> searchResults = getSearchResults("many");
        User user = (User) ((List) searchResults.stream().filter(oAuthToken -> {
            return oAuthToken.getClient().getApplication().equals(application);
        }).map((v0) -> {
            return v0.getIdentity();
        }).map((v0) -> {
            return v0.getUser();
        }).collect(Collectors.toList())).get(0);
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("user", IdUtil.toString(user.getId()));
        Response search = search(hashMap, adminToken);
        List<OAuthToken> accessibleEntities = getAccessibleEntities(adminToken);
        Integer valueOf = Integer.valueOf(((List) searchResults.stream().filter(oAuthToken2 -> {
            return accessibleEntities.indexOf(oAuthToken2) > -1;
        }).filter(oAuthToken3 -> {
            return oAuthToken3.getIdentity() != null;
        }).filter(oAuthToken4 -> {
            return oAuthToken4.getIdentity().getUser().equals(user);
        }).collect(Collectors.toList())).size());
        int min = Math.min(10, valueOf.intValue());
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else if (!isAccessible(user, adminToken)) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST);
        } else {
            Assert.assertTrue(valueOf.intValue() > 0);
            assertListResponse(search, Integer.valueOf(min), 0, 10, valueOf);
        }
    }

    @Test
    public void testSearchByInvalidUser() {
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("user", IdUtil.toString(IdUtil.next()));
        Response search = search(hashMap, adminToken);
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else {
            assertErrorResponse(search, Response.Status.BAD_REQUEST);
        }
    }

    @Test
    public void testSearchByMalformedUser() {
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("user", "malformed");
        assertErrorResponse(search(hashMap, getAdminToken()), Response.Status.NOT_FOUND);
    }

    @Test
    public void testSearchByIdentity() {
        Application application = getSecondaryContext().getApplication();
        List<OAuthToken> searchResults = getSearchResults("many");
        UserIdentity userIdentity = (UserIdentity) ((List) searchResults.stream().filter(oAuthToken -> {
            return oAuthToken.getClient().getApplication().equals(application);
        }).map((v0) -> {
            return v0.getIdentity();
        }).collect(Collectors.toList())).get(0);
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("identity", IdUtil.toString(userIdentity.getId()));
        Response search = search(hashMap, adminToken);
        List<OAuthToken> accessibleEntities = getAccessibleEntities(adminToken);
        Integer valueOf = Integer.valueOf(((List) searchResults.stream().filter(oAuthToken2 -> {
            return accessibleEntities.indexOf(oAuthToken2) > -1;
        }).filter(oAuthToken3 -> {
            return oAuthToken3.getIdentity().equals(userIdentity);
        }).collect(Collectors.toList())).size());
        int min = Math.min(10, valueOf.intValue());
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else if (!isAccessible(userIdentity, adminToken)) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST);
        } else {
            Assert.assertTrue(valueOf.intValue() > 0);
            assertListResponse(search, Integer.valueOf(min), 0, 10, valueOf);
        }
    }

    @Test
    public void testSearchByInvalidIdentity() {
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("identity", IdUtil.toString(IdUtil.next()));
        Response search = search(hashMap, adminToken);
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else {
            assertErrorResponse(search, Response.Status.BAD_REQUEST);
        }
    }

    @Test
    public void testSearchByMalformedIdentity() {
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("identity", "malformed");
        assertErrorResponse(search(hashMap, getAdminToken()), Response.Status.NOT_FOUND);
    }

    @Test
    public void testSearchByClient() {
        Client client = getSecondaryContext().getClient();
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("client", IdUtil.toString(client.getId()));
        Response search = search(hashMap, adminToken);
        List<OAuthToken> searchResults = getSearchResults("many");
        List<OAuthToken> accessibleEntities = getAccessibleEntities(adminToken);
        Integer valueOf = Integer.valueOf(((List) searchResults.stream().filter(oAuthToken -> {
            return accessibleEntities.indexOf(oAuthToken) > -1;
        }).filter(oAuthToken2 -> {
            return oAuthToken2.getClient().equals(client);
        }).collect(Collectors.toList())).size());
        int min = Math.min(10, valueOf.intValue());
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else if (!isAccessible(client, adminToken)) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST);
        } else {
            Assert.assertTrue(valueOf.intValue() > 0);
            assertListResponse(search, Integer.valueOf(min), 0, 10, valueOf);
        }
    }

    @Test
    public void testSearchByInvalidClient() {
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("client", IdUtil.toString(IdUtil.next()));
        Response search = search(hashMap, adminToken);
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else {
            assertErrorResponse(search, Response.Status.BAD_REQUEST);
        }
    }

    @Test
    public void testSearchByMalformedClient() {
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("client", "malformed");
        assertErrorResponse(search(hashMap, getAdminToken()), Response.Status.NOT_FOUND);
    }

    @Test
    public void testSearchByType() {
        OAuthTokenType oAuthTokenType = OAuthTokenType.Bearer;
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("type", oAuthTokenType.toString());
        Response search = search(hashMap, adminToken);
        List<OAuthToken> searchResults = getSearchResults("many");
        List<OAuthToken> accessibleEntities = getAccessibleEntities(adminToken);
        Integer valueOf = Integer.valueOf(((List) searchResults.stream().filter(oAuthToken -> {
            return accessibleEntities.indexOf(oAuthToken) > -1;
        }).filter(oAuthToken2 -> {
            return oAuthToken2.getTokenType().equals(oAuthTokenType);
        }).collect(Collectors.toList())).size());
        int min = Math.min(10, valueOf.intValue());
        if (isLimitedByClientCredentials().booleanValue()) {
            assertErrorResponse(search, Response.Status.BAD_REQUEST.getStatusCode(), "invalid_scope");
        } else {
            Assert.assertTrue(valueOf.intValue() > 0);
            assertListResponse(search, Integer.valueOf(min), 0, 10, valueOf);
        }
    }

    @Test
    public void testSearchByInvalidType() {
        OAuthToken adminToken = getAdminToken();
        HashMap hashMap = new HashMap();
        hashMap.put("q", "many");
        hashMap.put("type", "Invalid Type");
        assertErrorResponse(search(hashMap, adminToken), Response.Status.NOT_FOUND);
    }
}
