package org.apereo.cas.services;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.io.FileUtils;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.support.TriStateBoolean;
import org.apereo.cas.services.consent.DefaultRegisteredServiceConsentPolicy;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.context.ConfigurableApplicationContext;

@Tag("Attributes")
@EnableConfigurationProperties({CasConfigurationProperties.class})
@SpringBootTest(classes = {RefreshAutoConfiguration.class})
/* loaded from: input_file:org/apereo/cas/services/ReturnAllAttributeReleasePolicyTests.class */
class ReturnAllAttributeReleasePolicyTests {
    private static final File JSON_FILE = new File(FileUtils.getTempDirectoryPath(), "returnAllAttributeReleasePolicy.json");
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(true).build().toObjectMapper();

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    ReturnAllAttributeReleasePolicyTests() {
    }

    @Test
    void verifySerializeAReturnAllAttributeReleasePolicyToJson() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        returnAllAttributeReleasePolicy.setExcludedAttributes(CollectionUtils.wrapSet(new String[]{"Hello", "World"}));
        MAPPER.writeValue(JSON_FILE, returnAllAttributeReleasePolicy);
        Assertions.assertEquals(returnAllAttributeReleasePolicy, (ReturnAllAttributeReleasePolicy) MAPPER.readValue(JSON_FILE, ReturnAllAttributeReleasePolicy.class));
    }

    @Test
    void verifyExclusionRules() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        returnAllAttributeReleasePolicy.setExcludedAttributes(CollectionUtils.wrapSet("cn"));
        Principal principal = CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", List.of("CommonName"), "uid", List.of("casuser")));
        CasModelRegisteredService registeredService = CoreAuthenticationTestUtils.getRegisteredService();
        Mockito.when(registeredService.getAttributeReleasePolicy()).thenReturn(returnAllAttributeReleasePolicy);
        Map attributes = returnAllAttributeReleasePolicy.getAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(principal).applicationContext(this.applicationContext).build());
        Assertions.assertEquals(1, attributes.size());
        Assertions.assertFalse(attributes.containsKey("cn"));
        Assertions.assertTrue(attributes.containsKey("uid"));
    }

    @Test
    void verifyConsentForServiceInDisabled() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        Principal principal = CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", List.of("CommonName")));
        DefaultRegisteredServiceConsentPolicy defaultRegisteredServiceConsentPolicy = new DefaultRegisteredServiceConsentPolicy();
        defaultRegisteredServiceConsentPolicy.setIncludeOnlyAttributes(Set.of("cn"));
        defaultRegisteredServiceConsentPolicy.setStatus(TriStateBoolean.FALSE);
        returnAllAttributeReleasePolicy.setConsentPolicy(defaultRegisteredServiceConsentPolicy);
        CasModelRegisteredService registeredService = CoreAuthenticationTestUtils.getRegisteredService();
        Mockito.when(registeredService.getAttributeReleasePolicy()).thenReturn(returnAllAttributeReleasePolicy);
        Assertions.assertTrue(returnAllAttributeReleasePolicy.getConsentableAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(principal).applicationContext(this.applicationContext).build()).isEmpty());
    }

    @Test
    void verifyConsentForServiceInUndefined() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        Principal principal = CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", List.of("CommonName")));
        DefaultRegisteredServiceConsentPolicy defaultRegisteredServiceConsentPolicy = new DefaultRegisteredServiceConsentPolicy();
        defaultRegisteredServiceConsentPolicy.setIncludeOnlyAttributes(Set.of("cn"));
        defaultRegisteredServiceConsentPolicy.setStatus(TriStateBoolean.UNDEFINED);
        returnAllAttributeReleasePolicy.setConsentPolicy(defaultRegisteredServiceConsentPolicy);
        returnAllAttributeReleasePolicy.postLoad();
        CasModelRegisteredService registeredService = CoreAuthenticationTestUtils.getRegisteredService();
        Mockito.when(registeredService.getAttributeReleasePolicy()).thenReturn(returnAllAttributeReleasePolicy);
        Map consentableAttributes = returnAllAttributeReleasePolicy.getConsentableAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(principal).applicationContext(this.applicationContext).build());
        Assertions.assertEquals(1, consentableAttributes.size());
        Assertions.assertTrue(consentableAttributes.containsKey("cn"));
    }

    @Test
    void verifyExcludedServicesFromConsent() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        Principal principal = CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", List.of("CommonName"), "uid", List.of("casuser")));
        DefaultRegisteredServiceConsentPolicy defaultRegisteredServiceConsentPolicy = new DefaultRegisteredServiceConsentPolicy();
        defaultRegisteredServiceConsentPolicy.setIncludeOnlyAttributes(Set.of("cn"));
        defaultRegisteredServiceConsentPolicy.setStatus(TriStateBoolean.TRUE);
        defaultRegisteredServiceConsentPolicy.setExcludedServices(Set.of("https://.+"));
        returnAllAttributeReleasePolicy.setConsentPolicy(defaultRegisteredServiceConsentPolicy);
        CasModelRegisteredService registeredService = CoreAuthenticationTestUtils.getRegisteredService();
        Mockito.when(registeredService.getAttributeReleasePolicy()).thenReturn(returnAllAttributeReleasePolicy);
        RegisteredServiceAttributeReleasePolicyContext build = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(principal).applicationContext(this.applicationContext).build();
        Map attributes = returnAllAttributeReleasePolicy.getAttributes(build);
        Assertions.assertTrue(attributes.containsKey("cn"));
        Assertions.assertTrue(attributes.containsKey("uid"));
        Assertions.assertTrue(returnAllAttributeReleasePolicy.getConsentableAttributes(build).isEmpty());
    }

    @Test
    void verifyNoConsentPolicy() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        Principal principal = CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", List.of("CommonName"), "uid", List.of("casuser")));
        returnAllAttributeReleasePolicy.setConsentPolicy((RegisteredServiceConsentPolicy) null);
        CasModelRegisteredService registeredService = CoreAuthenticationTestUtils.getRegisteredService();
        Mockito.when(registeredService.getAttributeReleasePolicy()).thenReturn(returnAllAttributeReleasePolicy);
        RegisteredServiceAttributeReleasePolicyContext build = RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(principal).applicationContext(this.applicationContext).build();
        Map attributes = returnAllAttributeReleasePolicy.getAttributes(build);
        Assertions.assertTrue(attributes.containsKey("cn"));
        Assertions.assertTrue(attributes.containsKey("uid"));
        Assertions.assertEquals(attributes, returnAllAttributeReleasePolicy.getConsentableAttributes(build));
    }

    @Test
    void verifyConsentPolicyActive() throws Throwable {
        ReturnAllAttributeReleasePolicy returnAllAttributeReleasePolicy = new ReturnAllAttributeReleasePolicy();
        Principal principal = CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", List.of("CommonName"), "uid", List.of("casuser")));
        DefaultRegisteredServiceConsentPolicy defaultRegisteredServiceConsentPolicy = new DefaultRegisteredServiceConsentPolicy();
        defaultRegisteredServiceConsentPolicy.setIncludeOnlyAttributes(Set.of("cn"));
        defaultRegisteredServiceConsentPolicy.setExcludedAttributes(Set.of("uid"));
        defaultRegisteredServiceConsentPolicy.setStatus(TriStateBoolean.TRUE);
        returnAllAttributeReleasePolicy.setConsentPolicy(defaultRegisteredServiceConsentPolicy);
        CasModelRegisteredService registeredService = CoreAuthenticationTestUtils.getRegisteredService();
        Mockito.when(registeredService.getAttributeReleasePolicy()).thenReturn(returnAllAttributeReleasePolicy);
        Map consentableAttributes = returnAllAttributeReleasePolicy.getConsentableAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(principal).applicationContext(this.applicationContext).build());
        Assertions.assertEquals(1, consentableAttributes.size());
        Assertions.assertTrue(consentableAttributes.containsKey("cn"));
    }
}
