package org.eclipse.microprofile.jwt.tck.config.jwe;

import jakarta.json.Json;
import jakarta.json.JsonObject;
import jakarta.ws.rs.client.ClientBuilder;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.net.URL;
import java.util.Properties;
import org.eclipse.microprofile.jwt.tck.TCKConstants;
import org.eclipse.microprofile.jwt.tck.config.JwksApplication;
import org.eclipse.microprofile.jwt.tck.config.SimpleTokenUtils;
import org.eclipse.microprofile.jwt.tck.util.MpJwtTestVersion;
import org.eclipse.microprofile.jwt.tck.util.TokenUtils;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.RunAsClient;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.arquillian.testng.Arquillian;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.StringAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.testng.Assert;
import org.testng.Reporter;
import org.testng.annotations.Test;

/* loaded from: input_file:org/eclipse/microprofile/jwt/tck/config/jwe/PrivateKeyAsJWKSClasspathTest.class */
public class PrivateKeyAsJWKSClasspathTest extends Arquillian {

    @ArquillianResource
    private URL baseURL;

    @Deployment
    public static WebArchive createLocationDeployment() throws IOException {
        URL resource = PrivateKeyAsPEMClasspathTest.class.getResource("/publicKey4k.pem");
        URL resource2 = PrivateKeyAsJWKSClasspathTest.class.getResource("/decryptorPrivateKeySet.jwk");
        Properties properties = new Properties();
        properties.setProperty("mp.jwt.verify.publickey.location", "/publicKey4k.pem");
        properties.setProperty("mp.jwt.decrypt.key.location", "/decryptorPrivateKeySet.jwk");
        properties.setProperty("mp.jwt.verify.issuer", TCKConstants.TEST_ISSUER);
        StringWriter stringWriter = new StringWriter();
        properties.store(stringWriter, "PrivateKeyAsJWKSClasspathTest microprofile-config.properties");
        return ShrinkWrap.create(WebArchive.class, "PrivateKeyAsJWKSClasspathTest.war").addAsManifestResource(new StringAsset(MpJwtTestVersion.MPJWT_V_1_2.name()), "MPJWTTESTVERSION").addAsResource(resource, "/publicKey4k.pem").addAsResource(resource2, "/decryptorPrivateKeySet.jwk").addClass(PrivateKeyEndpoint.class).addClass(JwksApplication.class).addClass(SimpleTokenUtils.class).addAsWebInfResource("beans.xml", "beans.xml").addAsManifestResource(new StringAsset(stringWriter.toString()), "microprofile-config.properties");
    }

    @RunAsClient
    @Test(groups = {TCKConstants.TEST_GROUP_CONFIG}, description = "Validate specifying the mp.jwt.decrypt.key.location as resource path to a JWKS key")
    public void testKeyAsLocation() throws Exception {
        Reporter.log("testKeyAsLocation, expect HTTP_OK");
        Response response = ClientBuilder.newClient().target(this.baseURL.toExternalForm() + "jwks/endp/verifyKeyLocationAsJWKSResource").queryParam("kid", new Object[]{"mp-jwt-set"}).request(new String[]{"application/json"}).header("Authorization", "Bearer " + TokenUtils.signEncryptClaims(TokenUtils.readPrivateKey("/privateKey4k.pem"), (String) null, TokenUtils.readJwkPublicKey("/encryptorPublicKey.jwk"), "mp-jwt-set", "/Token1.json", true)).get();
        Assert.assertEquals(response.getStatus(), 200);
        JsonObject readObject = Json.createReader(new StringReader((String) response.readEntity(String.class))).readObject();
        Reporter.log(readObject.toString());
        Assert.assertTrue(readObject.getBoolean("pass"), readObject.getString("msg"));
    }
}
