package net.krotscheck.kangaroo.authz.admin.v1.resource;

import java.net.URI;
import java.util.Arrays;
import java.util.Collection;
import javax.ws.rs.core.GenericType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import net.krotscheck.kangaroo.authz.common.database.entity.AbstractAuthzEntity;
import net.krotscheck.kangaroo.authz.common.database.entity.Application;
import net.krotscheck.kangaroo.authz.common.database.entity.ApplicationScope;
import net.krotscheck.kangaroo.authz.common.database.entity.ClientType;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthToken;
import net.krotscheck.kangaroo.authz.test.ApplicationBuilder;
import net.krotscheck.kangaroo.common.exception.ErrorResponseBuilder;
import net.krotscheck.kangaroo.common.hibernate.id.IdUtil;
import net.krotscheck.kangaroo.common.response.ListResponseEntity;
import org.apache.commons.lang3.RandomStringUtils;
import org.hibernate.Session;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:net/krotscheck/kangaroo/authz/admin/v1/resource/ScopeServiceCRUDTest.class */
public final class ScopeServiceCRUDTest extends AbstractServiceCRUDTest<ApplicationScope> {
    private static final GenericType<ListResponseEntity<ApplicationScope>> LIST_TYPE = new GenericType<ListResponseEntity<ApplicationScope>>() { // from class: net.krotscheck.kangaroo.authz.admin.v1.resource.ScopeServiceCRUDTest.1
    };

    public ScopeServiceCRUDTest(ClientType clientType, String str, Boolean bool, Boolean bool2) {
        super(ApplicationScope.class, clientType, str, bool, bool2);
    }

    @Parameterized.Parameters
    public static Collection parameters() {
        return Arrays.asList(new Object[]{ClientType.Implicit, "kangaroo:scope_admin", false, true}, new Object[]{ClientType.Implicit, "kangaroo:scope", false, true}, new Object[]{ClientType.Implicit, "kangaroo:scope_admin", true, true}, new Object[]{ClientType.Implicit, "kangaroo:scope", true, false}, new Object[]{ClientType.ClientCredentials, "kangaroo:scope_admin", false, true}, new Object[]{ClientType.ClientCredentials, "kangaroo:scope", false, false});
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    protected GenericType<ListResponseEntity<ApplicationScope>> getListType() {
        return LIST_TYPE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    public String getAdminScope() {
        return "kangaroo:scope_admin";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    public String getRegularScope() {
        return "kangaroo:scope";
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    protected URI getUrlForId(String str) {
        UriBuilder fromPath = UriBuilder.fromPath("/scope/");
        if (str != null) {
            fromPath.path(str);
        }
        return fromPath.build(new Object[0]);
    }

    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractResourceTest
    protected URI getUrlForEntity(AbstractAuthzEntity abstractAuthzEntity) {
        return (abstractAuthzEntity == null || abstractAuthzEntity.getId() == null) ? getUrlForId((String) null) : getUrlForId(IdUtil.toString(abstractAuthzEntity.getId()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractServiceCRUDTest
    /* renamed from: getEntity, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public ApplicationScope mo16getEntity(ApplicationBuilder.ApplicationContext applicationContext) {
        return applicationContext.getScope();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractServiceCRUDTest
    /* renamed from: getNewEntity, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public ApplicationScope mo15getNewEntity() {
        return new ApplicationScope();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.krotscheck.kangaroo.authz.admin.v1.resource.AbstractServiceCRUDTest
    public ApplicationScope createValidEntity(ApplicationBuilder.ApplicationContext applicationContext) {
        ApplicationScope applicationScope = new ApplicationScope();
        applicationScope.setName(RandomStringUtils.randomAlphabetic(10));
        applicationScope.setApplication(applicationContext.getApplication());
        return applicationScope;
    }

    @Test
    public void testPostDuplicateScopeName() throws Exception {
        OAuthToken adminToken = getAdminToken();
        Application application = adminToken.getClient().getApplication();
        String name = ((ApplicationScope) application.getScopes().values().iterator().next()).getName();
        ApplicationScope applicationScope = new ApplicationScope();
        applicationScope.setApplication(application);
        applicationScope.setName(name);
        Response postEntity = postEntity((AbstractAuthzEntity) applicationScope, adminToken);
        if (shouldSucceed().booleanValue()) {
            ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) postEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.CONFLICT.getStatusCode(), postEntity.getStatus());
            Assert.assertEquals("conflict", errorResponse.getError());
        } else {
            ErrorResponseBuilder.ErrorResponse errorResponse2 = (ErrorResponseBuilder.ErrorResponse) postEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), postEntity.getStatus());
            Assert.assertEquals("bad_request", errorResponse2.getError());
        }
    }

    @Test
    public void testPostNoParent() throws Exception {
        OAuthToken adminToken = getAdminToken();
        ApplicationScope applicationScope = new ApplicationScope();
        applicationScope.setName(RandomStringUtils.random(20));
        ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) postEntity((AbstractAuthzEntity) applicationScope, adminToken).readEntity(ErrorResponseBuilder.ErrorResponse.class);
        Assert.assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), r0.getStatus());
        Assert.assertEquals("bad_request", errorResponse.getError());
    }

    @Test
    public void testPostOverwrite() throws Exception {
        ApplicationBuilder.ApplicationContext secondaryContext = getSecondaryContext();
        ApplicationScope applicationScope = new ApplicationScope();
        applicationScope.setId(secondaryContext.getScope().getId());
        applicationScope.setName(RandomStringUtils.random(20));
        applicationScope.setApplication(secondaryContext.getScope().getApplication());
        ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) postEntity((AbstractAuthzEntity) applicationScope, getAdminToken()).readEntity(ErrorResponseBuilder.ErrorResponse.class);
        Assert.assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), r0.getStatus());
        Assert.assertEquals("bad_request", errorResponse.getError());
    }

    @Test
    public void testPostTooLongName() throws Exception {
        ApplicationScope createValidEntity = createValidEntity(getAdminContext());
        createValidEntity.setName(RandomStringUtils.randomAlphanumeric(257));
        ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) postEntity((AbstractAuthzEntity) createValidEntity, getAdminToken()).readEntity(ErrorResponseBuilder.ErrorResponse.class);
        Assert.assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), r0.getStatus());
        Assert.assertEquals("bad_request", errorResponse.getError());
    }

    @Test
    public void testPostApplicationAssign() throws Exception {
        OAuthToken adminToken = getAdminToken();
        ApplicationBuilder.ApplicationContext build = ApplicationBuilder.newApplication(getSession()).build();
        ApplicationScope applicationScope = new ApplicationScope();
        applicationScope.setName(RandomStringUtils.randomAlphanumeric(20));
        applicationScope.setApplication(build.getApplication());
        Response postEntity = postEntity((AbstractAuthzEntity) applicationScope, adminToken);
        if (!getTokenScope().equals(getAdminScope())) {
            ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) postEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), postEntity.getStatus());
            Assert.assertEquals("bad_request", errorResponse.getError());
        } else {
            Assert.assertEquals(Response.Status.CREATED.getStatusCode(), postEntity.getStatus());
            Assert.assertNotNull(postEntity.getLocation());
            ApplicationScope applicationScope2 = (ApplicationScope) getEntity(postEntity.getLocation(), adminToken).readEntity(ApplicationScope.class);
            Assert.assertNotNull(applicationScope2.getId());
            Assert.assertEquals(applicationScope.getName(), applicationScope2.getName());
            Assert.assertEquals(build.getApplication(), applicationScope2.getApplication());
        }
    }

    @Test
    public void testPutAdminScope() throws Exception {
        String idUtil = IdUtil.toString(IdUtil.next());
        ApplicationScope scope = getAdminContext().getScope();
        scope.setName(idUtil);
        Response putEntity = putEntity(scope, getAdminToken());
        if (shouldSucceed().booleanValue()) {
            Assert.assertEquals(Response.Status.FORBIDDEN.getStatusCode(), putEntity.getStatus());
            Assert.assertEquals("forbidden", ((ErrorResponseBuilder.ErrorResponse) putEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class)).getError());
        } else {
            ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) putEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.NOT_FOUND.getStatusCode(), putEntity.getStatus());
            Assert.assertEquals("not_found", errorResponse.getError());
        }
    }

    @Test
    public void testPutRegularScope() throws Exception {
        ApplicationScope createValidEntity = createValidEntity(getSecondaryContext());
        Session session = getSession();
        session.getTransaction().begin();
        session.save(createValidEntity);
        session.getTransaction().commit();
        String idUtil = IdUtil.toString(IdUtil.next());
        createValidEntity.setName(idUtil);
        Response putEntity = putEntity(createValidEntity, getAdminToken());
        if (isAccessible(createValidEntity, getAdminToken())) {
            ApplicationScope applicationScope = (ApplicationScope) putEntity.readEntity(ApplicationScope.class);
            Assert.assertEquals(Response.Status.OK.getStatusCode(), putEntity.getStatus());
            Assert.assertEquals(idUtil, applicationScope.getName());
        } else {
            ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) putEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.NOT_FOUND.getStatusCode(), putEntity.getStatus());
            Assert.assertEquals("not_found", errorResponse.getError());
        }
    }

    @Test
    public void testPutChangeOwner() throws Exception {
        Application application = getAdminContext().getApplication();
        ApplicationScope applicationScope = new ApplicationScope();
        applicationScope.setId(getSecondaryContext().getScope().getId());
        applicationScope.setName(getSecondaryContext().getScope().getName());
        applicationScope.setApplication(application);
        Response putEntity = putEntity(applicationScope, getAdminToken());
        if (isAccessible(getSecondaryContext().getScope(), getAdminToken())) {
            ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) putEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), putEntity.getStatus());
            Assert.assertEquals("bad_request", errorResponse.getError());
        } else {
            ErrorResponseBuilder.ErrorResponse errorResponse2 = (ErrorResponseBuilder.ErrorResponse) putEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.NOT_FOUND.getStatusCode(), putEntity.getStatus());
            Assert.assertEquals("not_found", errorResponse2.getError());
        }
    }

    @Test
    public void testDeleteAdminScope() throws Exception {
        Response deleteEntity = deleteEntity((AbstractAuthzEntity) getAdminContext().getScope(), getAdminToken());
        if (shouldSucceed().booleanValue()) {
            ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) deleteEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.FORBIDDEN.getStatusCode(), deleteEntity.getStatus());
            Assert.assertEquals("forbidden", errorResponse.getError());
        } else {
            ErrorResponseBuilder.ErrorResponse errorResponse2 = (ErrorResponseBuilder.ErrorResponse) deleteEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
            Assert.assertEquals(Response.Status.NOT_FOUND.getStatusCode(), deleteEntity.getStatus());
            Assert.assertEquals("not_found", errorResponse2.getError());
        }
    }

    @Test
    public void testDeleteRegularScope() throws Exception {
        ApplicationScope createValidEntity = createValidEntity(getSecondaryContext());
        Session session = getSession();
        session.getTransaction().begin();
        session.save(createValidEntity);
        session.getTransaction().commit();
        Response deleteEntity = deleteEntity((AbstractAuthzEntity) createValidEntity, getAdminToken());
        if (isAccessible(createValidEntity, getAdminToken())) {
            Assert.assertEquals(Response.Status.NO_CONTENT.getStatusCode(), deleteEntity.getStatus());
            return;
        }
        ErrorResponseBuilder.ErrorResponse errorResponse = (ErrorResponseBuilder.ErrorResponse) deleteEntity.readEntity(ErrorResponseBuilder.ErrorResponse.class);
        Assert.assertEquals(Response.Status.NOT_FOUND.getStatusCode(), deleteEntity.getStatus());
        Assert.assertEquals("not_found", errorResponse.getError());
    }
}
