package it.com.atlassian.pats.rest;

import com.atlassian.pats.core.properties.SystemProperty;
import com.atlassian.pats.exception.UserTokenLimitExceededException;
import com.atlassian.pats.helper.TestHelper;
import com.atlassian.pats.rest.RestError;
import com.atlassian.pats.rest.RestNewTokenRequest;
import com.atlassian.pats.rest.RestToken;
import com.atlassian.plugin.testutils.rest.ProductUrl;
import com.atlassian.plugin.testutils.rest.user.AtlassianUser;
import com.atlassian.plugin.testutils.rest.user.UserRestHelper;
import io.restassured.RestAssured;
import io.restassured.http.ContentType;
import it.com.atlassian.pats.IntegrationTestHelper;
import java.time.Duration;
import java.util.Date;
import javax.ws.rs.core.Response;
import org.assertj.core.api.Assertions;
import org.awaitility.Awaitility;
import org.hamcrest.CoreMatchers;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:it/com/atlassian/pats/rest/TokenResourceIntegrationTest.class */
public class TokenResourceIntegrationTest {
    private static final int MAX_TOKEN_NUMBER_PER_USER = 10;
    private static AtlassianUser createdUser;
    private static final Date TEST_START_DATE = new Date();
    private static final RestNewTokenRequest TOKEN = IntegrationTestHelper.simpleToken();
    private static final ProductUrl productUrl = ProductUrl.of(IntegrationTestHelper.productBaseUrl());

    @BeforeClass
    public static void beforeClass() {
        createdUser = UserRestHelper.createUser(productUrl, IntegrationTestHelper.USERNAME);
    }

    @AfterClass
    public static void afterClass() {
        UserRestHelper.deleteUser(productUrl, IntegrationTestHelper.USERNAME);
    }

    @Before
    public void beforeEachTest() {
        IntegrationTestHelper.deleteAllTokens();
    }

    @After
    public void afterEachTest() {
        IntegrationTestHelper.deleteAllTokens();
        setAbilityToCreateEternalTokens(true);
    }

    @Test
    public void onCreateTokenShouldBeAnActiveUser() throws InterruptedException {
        RestToken createNewTokenUsingBasicAuth = IntegrationTestHelper.createNewTokenUsingBasicAuth(createdUser.getName(), createdUser.getPassword(), IntegrationTestHelper.simpleToken());
        UserRestHelper.updateUserStatus(productUrl, IntegrationTestHelper.USERNAME, false);
        Awaitility.await().pollInterval(Duration.ofMillis(100L)).atMost(Duration.ofSeconds(5L)).untilAsserted(() -> {
            RestAssured.given().headers("Authorization", "Bearer " + createNewTokenUsingBasicAuth.getRawToken(), new Object[0]).when().contentType(ContentType.JSON).body(TestHelper.defaultToken()).post(IntegrationTestHelper.restUrl(), new Object[0]).then().log().all().statusCode(Response.Status.UNAUTHORIZED.getStatusCode());
        });
    }

    @Test
    public void onCreateTokenShouldHaveAuditLog() {
        IntegrationTestHelper.assertAuditLogIsPresent("Personal access token created", IntegrationTestHelper.createNewToken().getName());
    }

    @Test
    public void onCreateTokenShouldBeAnAuthenticatedUser() {
        RestAssured.given().when().contentType(ContentType.JSON).body(TestHelper.defaultToken()).post(IntegrationTestHelper.restUrl(), new Object[0]).then().log().all().statusCode(Response.Status.UNAUTHORIZED.getStatusCode());
    }

    @Test
    public void onCreateTokenShouldCreateATokenAndReceiveAPin() {
        RestToken createNewToken = IntegrationTestHelper.createNewToken();
        Assertions.assertThat(createNewToken).isNotNull();
        Assertions.assertThat(createNewToken.getId()).isNotNegative();
        Assertions.assertThat(createNewToken.getCreatedAt()).isAfterOrEqualsTo(TEST_START_DATE);
        Assertions.assertThat(createNewToken.getName()).isEqualTo(TOKEN.getName());
        Assertions.assertThat(createNewToken.getExpiringAt()).isNotNull();
        Assertions.assertThat(createNewToken.getLastAccessedAt()).isNull();
        Assertions.assertThat(createNewToken.getRawToken()).isNotBlank();
    }

    @Test
    public void onCreateTokenShouldNotCreateDueToEmptyDescription() {
        RestError restError = (RestError) IntegrationTestHelper.systemAdminJsonRequest().when().contentType(ContentType.JSON).body(new RestNewTokenRequest("", 90)).post(IntegrationTestHelper.restUrl(), new Object[0]).then().log().ifValidationFails().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).extract().as(RestError.class);
        Assertions.assertThat(restError.getException()).isEqualTo(IllegalArgumentException.class.getCanonicalName());
        Assertions.assertThat(restError.getError()).isEqualTo("Your token must have a name to be created. Give your token a name.");
    }

    @Test
    public void onCreateTokenShouldNotCreateDueToExceedingTokensPerUser() {
        createMaximumNumberOfTokensForUser();
        RestError restError = (RestError) IntegrationTestHelper.systemAdminJsonRequest().when().contentType(ContentType.JSON).body(new RestNewTokenRequest(IntegrationTestHelper.TOKEN_NAME, 90)).post(IntegrationTestHelper.restUrl(), new Object[0]).then().log().all().statusCode(Response.Status.FORBIDDEN.getStatusCode()).extract().as(RestError.class);
        Assertions.assertThat(restError.getException()).isEqualTo(UserTokenLimitExceededException.class.getCanonicalName());
        Assertions.assertThat(restError.getError()).isEqualTo(String.format("You can't create more than %d tokens. Delete one of your existing tokens to create a new one.", Integer.valueOf(MAX_TOKEN_NUMBER_PER_USER)));
    }

    private void createMaximumNumberOfTokensForUser() {
        for (int i = 0; i < MAX_TOKEN_NUMBER_PER_USER; i++) {
            IntegrationTestHelper.createNewToken();
        }
    }

    @Test
    public void onGetTokenShouldReturnTokenInformationForKnownId() {
        RestToken createNewToken = IntegrationTestHelper.createNewToken();
        RestToken restToken = (RestToken) IntegrationTestHelper.systemAdminJsonRequest().when().get(getTokenIdUrl(createNewToken.getId()), new Object[0]).then().log().all().statusCode(Response.Status.OK.getStatusCode()).extract().as(RestToken.class);
        Assertions.assertThat(restToken.getRawToken()).isBlank();
        Assertions.assertThat(restToken).isNotEqualTo(createNewToken);
        restToken.setRawToken(createNewToken.getRawToken());
        Assertions.assertThat(restToken).isEqualTo(createNewToken);
    }

    @Test
    public void onDeleteTokenShouldReturnTokenInformationForKnownId() {
        RestToken createNewToken = IntegrationTestHelper.createNewToken();
        IntegrationTestHelper.systemAdminJsonRequest().when().delete(getTokenIdUrl(createNewToken.getId()), new Object[0]).then().log().ifValidationFails().statusCode(Response.Status.NO_CONTENT.getStatusCode());
        IntegrationTestHelper.systemAdminJsonRequest().when().get(getTokenIdUrl(createNewToken.getId()), new Object[0]).then().log().ifValidationFails().statusCode(Response.Status.NOT_FOUND.getStatusCode());
    }

    private String getTokenIdUrl(Long l) {
        return String.format("%s/%s", IntegrationTestHelper.restUrl(), l);
    }

    @Test
    public void onDeleteTokenShouldHaveAuditLog() {
        RestToken createNewToken = IntegrationTestHelper.createNewToken();
        IntegrationTestHelper.systemAdminJsonRequest().when().delete(getTokenIdUrl(createNewToken.getId()), new Object[0]).then().log().ifValidationFails().statusCode(Response.Status.NO_CONTENT.getStatusCode());
        IntegrationTestHelper.assertAuditLogIsPresent("Personal access token deleted", createNewToken.getName());
    }

    @Test
    public void shouldReturnBadRequestWhenRequestedTokenExpiryPeriodExceedsDefaultLength() {
        RestError restError = (RestError) IntegrationTestHelper.systemAdminJsonRequest().when().contentType(ContentType.JSON).body(new RestNewTokenRequest(TestHelper.TOKEN_NAME, 999999)).post(IntegrationTestHelper.restUrl(), new Object[0]).then().log().all().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).extract().as(RestError.class);
        Assertions.assertThat(restError.getException()).isEqualTo(IllegalArgumentException.class.getCanonicalName());
        Assertions.assertThat(restError.getError()).isEqualTo("Token expiry length cannot exceed 150 days");
    }

    @Test
    public void shouldReturnErrorWhenTryingToCreateEternalToken() {
        setAbilityToCreateEternalTokens(false);
        IntegrationTestHelper.systemAdminJsonRequest().when().contentType(ContentType.JSON).body(new RestNewTokenRequest(TestHelper.TOKEN_NAME, (Integer) null)).post(IntegrationTestHelper.restUrl(), new Object[0]).then().log().ifValidationFails().statusCode(Response.Status.BAD_REQUEST.getStatusCode()).body("error", CoreMatchers.equalTo("Cannot create eternal tokens"), new Object[0]);
        setAbilityToCreateEternalTokens(true);
    }

    private void setAbilityToCreateEternalTokens(Boolean bool) {
        IntegrationTestHelper.setSystemPropertyOnInstance(SystemProperty.ETERNAL_TOKENS_ENABLED.getName(), String.valueOf(bool));
    }
}
