package org.mule.runtime.test.oauth.authorizationcode;

import io.qameta.allure.Description;
import io.qameta.allure.Issue;
import io.qameta.allure.Story;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import java.util.function.Supplier;
import org.apache.commons.io.IOUtils;
import org.hamcrest.Matchers;
import org.hamcrest.core.IsCollectionContaining;
import org.hamcrest.text.IsEqualIgnoringCase;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.mockito.ArgumentCaptor;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;
import org.mule.runtime.api.el.MuleExpressionLanguage;
import org.mule.runtime.api.exception.MuleException;
import org.mule.runtime.api.util.MultiMap;
import org.mule.runtime.api.util.concurrent.Latch;
import org.mule.runtime.core.api.lifecycle.LifecycleUtils;
import org.mule.runtime.http.api.HttpConstants;
import org.mule.runtime.http.api.client.HttpClient;
import org.mule.runtime.http.api.client.HttpRequestOptions;
import org.mule.runtime.http.api.domain.message.request.HttpRequest;
import org.mule.runtime.http.api.domain.request.HttpRequestContext;
import org.mule.runtime.http.api.server.RequestHandler;
import org.mule.runtime.http.api.server.RequestHandlerManager;
import org.mule.runtime.http.api.server.async.HttpResponseReadyCallback;
import org.mule.runtime.oauth.api.AuthorizationCodeOAuthDancer;
import org.mule.runtime.oauth.api.builder.ClientCredentialsLocation;
import org.mule.runtime.oauth.api.builder.OAuthAuthorizationCodeDancerBuilder;
import org.mule.runtime.oauth.api.listener.AuthorizationCodeListener;
import org.mule.runtime.oauth.api.state.ResourceOwnerOAuthContext;
import org.mule.runtime.oauth.api.state.ResourceOwnerOAuthContextWithRefreshState;
import org.mule.runtime.oauth.internal.builder.DefaultOAuthAuthorizationCodeDancerBuilder;
import org.mule.runtime.test.AllureConstants;
import org.mule.runtime.test.oauth.AbstractOAuthTestCase;
import org.mule.runtime.test.oauth.state.CustomResourceOwnerOAuthContext;
import org.mule.tck.SimpleUnitTestSupportSchedulerService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Story(AllureConstants.OAuthClientFeature.OAuthClientStory.AUTHORIZATION_CODE)
@RunWith(Parameterized.class)
/* loaded from: input_file:org/mule/runtime/test/oauth/authorizationcode/AuthorizationCodeTokenTestCase.class */
public class AuthorizationCodeTokenTestCase extends AbstractOAuthTestCase {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthorizationCodeTokenTestCase.class);
    private final ArgumentCaptor<RequestHandler> localCallbackCaptor = ArgumentCaptor.forClass(RequestHandler.class);
    private AuthorizationCodeOAuthDancer minimalDancer;
    private final Supplier<ResourceOwnerOAuthContext> contextSupplier;

    @Parameterized.Parameters
    public static Collection<Object[]> data() {
        return Arrays.asList(new Object[]{() -> {
            CustomResourceOwnerOAuthContext customResourceOwnerOAuthContext = new CustomResourceOwnerOAuthContext(new ReentrantLock(), "default");
            customResourceOwnerOAuthContext.setRefreshToken("refreshToken");
            return customResourceOwnerOAuthContext;
        }}, new Object[]{() -> {
            ResourceOwnerOAuthContextWithRefreshState resourceOwnerOAuthContextWithRefreshState = new ResourceOwnerOAuthContextWithRefreshState("default");
            resourceOwnerOAuthContextWithRefreshState.setRefreshToken("refreshToken");
            return resourceOwnerOAuthContextWithRefreshState;
        }});
    }

    public AuthorizationCodeTokenTestCase(Supplier<ResourceOwnerOAuthContext> supplier) {
        this.contextSupplier = supplier;
    }

    @Before
    public void before() {
        Mockito.when(this.httpServer.addRequestHandler((Collection) ArgumentMatchers.eq(Collections.singleton(HttpConstants.Method.GET.name())), (String) ArgumentMatchers.eq("/localCallback"), (RequestHandler) this.localCallbackCaptor.capture())).thenReturn(Mockito.mock(RequestHandlerManager.class));
        Mockito.when(this.httpServer.addRequestHandler((Collection) ArgumentMatchers.eq(Collections.singleton(HttpConstants.Method.GET.name())), (String) ArgumentMatchers.eq("/auth"), (RequestHandler) ArgumentMatchers.any(RequestHandler.class))).thenReturn(Mockito.mock(RequestHandlerManager.class));
    }

    @After
    public void after() throws MuleException {
        if (this.minimalDancer != null) {
            LifecycleUtils.stopIfNeeded(this.minimalDancer);
            LifecycleUtils.disposeIfNeeded(this.minimalDancer, LOGGER);
        }
    }

    private void assertAuthCodeCredentialsEncodedInHeader(boolean z) throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.localCallback(this.httpServer, "/localCallback");
        baseAuthCodeDancerbuilder.localAuthorizationUrlPath("/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        if (z) {
            baseAuthCodeDancerbuilder.encodeClientCredentialsInBody(false);
        } else {
            baseAuthCodeDancerbuilder.withClientCredentialsIn(ClientCredentialsLocation.BASIC_AUTH_HEADER);
        }
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        ((RequestHandler) this.localCallbackCaptor.getValue()).handleRequest(buildLocalCallbackRequestContext(), (HttpResponseReadyCallback) Mockito.mock(HttpResponseReadyCallback.class));
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderValue("Authorization"), Matchers.is("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_id")));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_secret")));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("code=authCode"));
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=authorization_code"));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=open+sesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeCredentialsEncodedInHeader() throws Exception {
        assertAuthCodeCredentialsEncodedInHeader(false);
    }

    @Test
    public void authCodeCredentialsEncodedInHeaderCompatibility() throws Exception {
        assertAuthCodeCredentialsEncodedInHeader(true);
    }

    @Test
    @Description("Tests the listeners added without an identifying resource owner are correctly called.")
    @Issue("MULE-20019")
    public void authCodeListenersWithNoResourceOwnerCalled() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.localCallback(this.httpServer, "/localCallback");
        baseAuthCodeDancerbuilder.localAuthorizationUrlPath("/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        final Latch latch = new Latch();
        final Latch latch2 = new Latch();
        final Latch latch3 = new Latch();
        this.minimalDancer.addListener(new AuthorizationCodeListener() { // from class: org.mule.runtime.test.oauth.authorizationcode.AuthorizationCodeTokenTestCase.1
            public void onAuthorizationCompleted(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
                latch.release();
            }

            public void onTokenRefreshed(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
                latch2.release();
            }

            public void onTokenInvalidated() {
                latch3.release();
            }
        });
        ((RequestHandler) this.localCallbackCaptor.getValue()).handleRequest(buildLocalCallbackRequestContext(), (HttpResponseReadyCallback) Mockito.mock(HttpResponseReadyCallback.class));
        Assert.assertTrue(latch.await(5000L, TimeUnit.MILLISECONDS));
        this.minimalDancer.refreshToken((String) null);
        Assert.assertTrue(latch2.await(5000L, TimeUnit.MILLISECONDS));
        this.minimalDancer.invalidateContext((String) null);
        Assert.assertTrue(latch3.await(5000L, TimeUnit.MILLISECONDS));
    }

    @Test
    @Description("Tests the listeners added with an identifying resource owner are correctly called.")
    @Issue("MULE-20019")
    public void authCodeListenersWithResourceOwnerCalled() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.localCallback(this.httpServer, "/localCallback");
        baseAuthCodeDancerbuilder.localAuthorizationUrlPath("/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        final CountDownLatch countDownLatch = new CountDownLatch(2);
        final CountDownLatch countDownLatch2 = new CountDownLatch(2);
        final CountDownLatch countDownLatch3 = new CountDownLatch(2);
        this.minimalDancer.addListener("default", new AuthorizationCodeListener() { // from class: org.mule.runtime.test.oauth.authorizationcode.AuthorizationCodeTokenTestCase.2
            public void onAuthorizationCompleted(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
                countDownLatch.countDown();
            }

            public void onTokenRefreshed(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
                countDownLatch2.countDown();
            }

            public void onTokenInvalidated() {
                countDownLatch3.countDown();
            }
        });
        this.minimalDancer.addListener("default", new AuthorizationCodeListener() { // from class: org.mule.runtime.test.oauth.authorizationcode.AuthorizationCodeTokenTestCase.3
            public void onAuthorizationCompleted(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
                countDownLatch.countDown();
            }

            public void onTokenRefreshed(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
                countDownLatch2.countDown();
            }

            public void onTokenInvalidated() {
                countDownLatch3.countDown();
            }
        });
        ((RequestHandler) this.localCallbackCaptor.getValue()).handleRequest(buildLocalCallbackRequestContext(), (HttpResponseReadyCallback) Mockito.mock(HttpResponseReadyCallback.class));
        Assert.assertTrue(countDownLatch.await(5000L, TimeUnit.MILLISECONDS));
        this.minimalDancer.refreshToken("default");
        Assert.assertTrue(countDownLatch2.await(5000L, TimeUnit.MILLISECONDS));
        this.minimalDancer.invalidateContext("default");
        Assert.assertTrue(countDownLatch3.await(5000L, TimeUnit.MILLISECONDS));
    }

    @Test
    public void authCodeCredentialsInBodyByDefault() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.localCallback(this.httpServer, "/localCallback");
        baseAuthCodeDancerbuilder.localAuthorizationUrlPath("/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        ((RequestHandler) this.localCallbackCaptor.getValue()).handleRequest(buildLocalCallbackRequestContext(), (HttpResponseReadyCallback) Mockito.mock(HttpResponseReadyCallback.class));
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderNames(), Matchers.not(IsCollectionContaining.hasItem(IsEqualIgnoringCase.equalToIgnoringCase("Authorization"))));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_id")));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_secret")));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=authorization_code"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_secret=open+sesame"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_id=Aladdin"));
        Assert.assertThat(iOUtils, Matchers.containsString("code=authCode"));
    }

    private void assertAuthCodeCredentialsInBody(boolean z) throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.localCallback(this.httpServer, "/localCallback");
        baseAuthCodeDancerbuilder.localAuthorizationUrlPath("/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        if (z) {
            baseAuthCodeDancerbuilder.encodeClientCredentialsInBody(true);
        } else {
            baseAuthCodeDancerbuilder.withClientCredentialsIn(ClientCredentialsLocation.BODY);
        }
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        ((RequestHandler) this.localCallbackCaptor.getValue()).handleRequest(buildLocalCallbackRequestContext(), (HttpResponseReadyCallback) Mockito.mock(HttpResponseReadyCallback.class));
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderNames(), Matchers.not(IsCollectionContaining.hasItem(IsEqualIgnoringCase.equalToIgnoringCase("Authorization"))));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_id")));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_secret")));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=authorization_code"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_secret=open+sesame"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_id=Aladdin"));
        Assert.assertThat(iOUtils, Matchers.containsString("code=authCode"));
    }

    @Test
    public void authCodeCredentialsInBodyCompatibility() throws Exception {
        assertAuthCodeCredentialsInBody(true);
    }

    @Test
    public void authCodeCredentialsInBody() throws Exception {
        assertAuthCodeCredentialsInBody(false);
    }

    protected HttpRequestContext buildLocalCallbackRequestContext() {
        HttpRequest httpRequest = (HttpRequest) Mockito.mock(HttpRequest.class);
        MultiMap multiMap = new MultiMap();
        multiMap.put("code", "authCode");
        Mockito.when(httpRequest.getQueryParams()).thenReturn(multiMap);
        HttpRequestContext httpRequestContext = (HttpRequestContext) Mockito.mock(HttpRequestContext.class);
        Mockito.when(httpRequestContext.getRequest()).thenReturn(httpRequest);
        return httpRequestContext;
    }

    private void assertAuthCodeCredentialsEncodedInHeaderRefresh(boolean z) throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        if (z) {
            baseAuthCodeDancerbuilder.encodeClientCredentialsInBody(false);
        } else {
            baseAuthCodeDancerbuilder.withClientCredentialsIn(ClientCredentialsLocation.BASIC_AUTH_HEADER);
        }
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderValue("Authorization"), Matchers.is("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_id")));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_secret")));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=refresh_token"));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=open+sesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeCredentialsEncodedInHeaderRefreshCompatibility() throws Exception {
        assertAuthCodeCredentialsEncodedInHeaderRefresh(true);
    }

    @Test
    public void authCodeCredentialsEncodedInHeaderRefresh() throws Exception {
        assertAuthCodeCredentialsEncodedInHeaderRefresh(false);
    }

    @Test
    public void authCodeCredentialsInBodyRefreshByDefault() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderNames(), Matchers.not(IsCollectionContaining.hasItem(IsEqualIgnoringCase.equalToIgnoringCase("Authorization"))));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_id")));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_secret")));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=refresh_token"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_secret=open+sesame"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_id=Aladdin"));
    }

    private void assertAuthCodeCredentialsInBodyRefresh(boolean z) throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "open sesame");
        if (z) {
            baseAuthCodeDancerbuilder.encodeClientCredentialsInBody(true);
        } else {
            baseAuthCodeDancerbuilder.withClientCredentialsIn(ClientCredentialsLocation.BODY);
        }
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderNames(), Matchers.not(IsCollectionContaining.hasItem(IsEqualIgnoringCase.equalToIgnoringCase("Authorization"))));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_id")));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams(), Matchers.not(Matchers.hasKey("client_secret")));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=refresh_token"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_secret=open+sesame"));
        Assert.assertThat(iOUtils, Matchers.containsString("client_id=Aladdin"));
    }

    @Test
    public void authCodeCredentialsInBodyRefreshCompatibility() throws Exception {
        assertAuthCodeCredentialsInBodyRefresh(true);
    }

    @Test
    public void authCodeCredentialsInBodyRefresh() throws Exception {
        assertAuthCodeCredentialsInBodyRefresh(false);
    }

    @Test
    public void authCodeRefreshTokenWithQueryParamsIncludingRedirectUriParameter() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "openSesame");
        baseAuthCodeDancerbuilder.externalCallbackUrl("http://localhost:8081/callback");
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null, true);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_id"), Matchers.is("Aladdin"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_secret"), Matchers.is("openSesame"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("grant_type"), Matchers.is("refresh_token"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("refresh_token"), Matchers.is("refreshToken"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("redirect_uri"), Matchers.is("http://localhost:8081/callback"));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("grant_type=refresh_token")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("refresh_token=")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=openSesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeRefreshTokenWithQueryParamsAndAdditionalParameters() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "openSesame");
        baseAuthCodeDancerbuilder.externalCallbackUrl("http://localhost:8081/callback");
        MultiMap multiMap = new MultiMap();
        multiMap.put("additional_parameter", "additionalParam");
        baseAuthCodeDancerbuilder.addAdditionalRefreshTokenRequestParameters(multiMap);
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null, true);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_id"), Matchers.is("Aladdin"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_secret"), Matchers.is("openSesame"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("grant_type"), Matchers.is("refresh_token"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("refresh_token"), Matchers.is("refreshToken"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("additional_parameter"), Matchers.is("additionalParam"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("redirect_uri"), Matchers.is("http://localhost:8081/callback"));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("grant_type=refresh_token")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("refresh_token=")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=openSesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeRefreshTokenWithQueryParamsAndAdditionalHeaders() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "openSesame");
        baseAuthCodeDancerbuilder.externalCallbackUrl("http://localhost:8081/callback");
        MultiMap multiMap = new MultiMap();
        multiMap.put("additional_header", "header");
        baseAuthCodeDancerbuilder.addAdditionalRefreshTokenRequestHeaders(multiMap);
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null, true);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_id"), Matchers.is("Aladdin"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_secret"), Matchers.is("openSesame"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("grant_type"), Matchers.is("refresh_token"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("refresh_token"), Matchers.is("refreshToken"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("redirect_uri"), Matchers.is("http://localhost:8081/callback"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderValue("additional_header"), Matchers.is("header"));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("grant_type=refresh_token")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("refresh_token=")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=openSesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeRefreshTokenWithQueryParamsAndSeveralAdditionalHeadersAndParameters() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "openSesame");
        baseAuthCodeDancerbuilder.externalCallbackUrl("http://localhost:8081/callback");
        MultiMap multiMap = new MultiMap();
        multiMap.put("additional_header", "header");
        multiMap.put("additional_header", "header2");
        baseAuthCodeDancerbuilder.addAdditionalRefreshTokenRequestHeaders(multiMap);
        MultiMap multiMap2 = new MultiMap();
        multiMap2.put("additional_parameter", "additionalParam");
        multiMap2.put("additional_parameter", "additionalParam2");
        baseAuthCodeDancerbuilder.addAdditionalRefreshTokenRequestParameters(multiMap2);
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null, true);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_id"), Matchers.is("Aladdin"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_secret"), Matchers.is("openSesame"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("grant_type"), Matchers.is("refresh_token"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("refresh_token"), Matchers.is("refreshToken"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("redirect_uri"), Matchers.is("http://localhost:8081/callback"));
        Assert.assertThat(Integer.valueOf(((HttpRequest) forClass.getValue()).getQueryParams().getAll("additional_parameter").size()), Matchers.is(2));
        Assert.assertThat(Boolean.valueOf(((HttpRequest) forClass.getValue()).getQueryParams().getAll("additional_parameter").contains("additionalParam")), Matchers.is(true));
        Assert.assertThat(Boolean.valueOf(((HttpRequest) forClass.getValue()).getQueryParams().getAll("additional_parameter").contains("additionalParam2")), Matchers.is(true));
        Assert.assertThat(Integer.valueOf(((HttpRequest) forClass.getValue()).getHeaders().getAll("additional_header").size()), Matchers.is(2));
        Assert.assertThat(Boolean.valueOf(((HttpRequest) forClass.getValue()).getHeaders().getAll("additional_header").contains("header")), Matchers.is(true));
        Assert.assertThat(Boolean.valueOf(((HttpRequest) forClass.getValue()).getHeaders().getAll("additional_header").contains("header2")), Matchers.is(true));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("grant_type=refresh_token")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("refresh_token=")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=openSesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeRefreshTokenWithQueryParamsAndNoRedirectUriParameter() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "openSesame");
        baseAuthCodeDancerbuilder.includeRedirectUriInRefreshTokenRequest(false);
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        this.minimalDancer.refreshToken((String) null, true);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_id"), Matchers.is("Aladdin"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_secret"), Matchers.is("openSesame"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("grant_type"), Matchers.is("refresh_token"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("refresh_token"), Matchers.is("refreshToken"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("redirect_uri"), Matchers.nullValue());
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("grant_type=refresh_token")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("refresh_token=")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=openSesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    @Test
    public void authCodeCredentialsAsQueryParams() throws Exception {
        OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder = baseAuthCodeDancerbuilder();
        baseAuthCodeDancerbuilder.tokenUrl("http://host/token");
        baseAuthCodeDancerbuilder.authorizationUrl("http://host/auth");
        baseAuthCodeDancerbuilder.localCallback(this.httpServer, "/localCallback");
        baseAuthCodeDancerbuilder.localAuthorizationUrlPath("/auth");
        baseAuthCodeDancerbuilder.clientCredentials("Aladdin", "openSesame");
        baseAuthCodeDancerbuilder.withClientCredentialsIn(ClientCredentialsLocation.QUERY_PARAMS);
        this.minimalDancer = (AuthorizationCodeOAuthDancer) startDancer(baseAuthCodeDancerbuilder);
        ((RequestHandler) this.localCallbackCaptor.getValue()).handleRequest(buildLocalCallbackRequestContext(), (HttpResponseReadyCallback) Mockito.mock(HttpResponseReadyCallback.class));
        ArgumentCaptor forClass = ArgumentCaptor.forClass(HttpRequest.class);
        ((HttpClient) Mockito.verify(this.httpClient)).sendAsync((HttpRequest) forClass.capture(), (HttpRequestOptions) ArgumentMatchers.any(HttpRequestOptions.class));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_id"), Matchers.is("Aladdin"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getQueryParams().get("client_secret"), Matchers.is("openSesame"));
        Assert.assertThat(((HttpRequest) forClass.getValue()).getHeaderNames(), Matchers.not(IsCollectionContaining.hasItem(IsEqualIgnoringCase.equalToIgnoringCase("Authorization"))));
        String iOUtils = IOUtils.toString(((HttpRequest) forClass.getValue()).getEntity().getContent(), StandardCharsets.UTF_8);
        Assert.assertThat(iOUtils, Matchers.containsString("code=authCode"));
        Assert.assertThat(iOUtils, Matchers.containsString("grant_type=authorization_code"));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_secret=openSesame")));
        Assert.assertThat(iOUtils, Matchers.not(Matchers.containsString("client_id=Aladdin")));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.mule.runtime.test.oauth.AbstractOAuthTestCase
    public OAuthAuthorizationCodeDancerBuilder baseAuthCodeDancerbuilder() {
        ResourceOwnerOAuthContext resourceOwnerOAuthContext = this.contextSupplier.get();
        HashMap hashMap = new HashMap();
        hashMap.put("default", resourceOwnerOAuthContext);
        DefaultOAuthAuthorizationCodeDancerBuilder defaultOAuthAuthorizationCodeDancerBuilder = new DefaultOAuthAuthorizationCodeDancerBuilder(new SimpleUnitTestSupportSchedulerService(), this.lockFactory, hashMap, this.httpService, this.oAuthHttpClientFactory, (MuleExpressionLanguage) Mockito.mock(MuleExpressionLanguage.class));
        defaultOAuthAuthorizationCodeDancerBuilder.clientCredentials("clientId", "clientSecret");
        return defaultOAuthAuthorizationCodeDancerBuilder;
    }
}
