package org.apereo.cas.authentication;

import java.util.UUID;
import okhttp3.HttpUrl;
import okhttp3.mockwebserver.MockResponse;
import org.apereo.cas.authentication.bypass.RestMultifactorAuthenticationProviderBypassEvaluator;
import org.apereo.cas.authentication.mfa.MultifactorAuthenticationTestUtils;
import org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider;
import org.apereo.cas.configuration.model.support.mfa.MultifactorAuthenticationProviderBypassProperties;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.util.MockWebServer;
import org.apereo.cas.util.spring.ApplicationContextProvider;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.context.support.StaticApplicationContext;
import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest;

@Tag("RestfulApiAuthentication")
/* loaded from: input_file:org/apereo/cas/authentication/RestMultifactorAuthenticationProviderBypassEvaluatorTests.class */
class RestMultifactorAuthenticationProviderBypassEvaluatorTests {
    RestMultifactorAuthenticationProviderBypassEvaluatorTests() {
    }

    @BeforeAll
    public static void setup() {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext();
        staticApplicationContext.refresh();
        ApplicationContextProvider.holdApplicationContext(staticApplicationContext);
        ApplicationContextProvider.registerBeanIntoApplicationContext(staticApplicationContext, MultifactorAuthenticationPrincipalResolver.identical(), UUID.randomUUID().toString());
    }

    @Test
    void verifyOperationShouldProceed() {
        MockWebServer mockWebServer = new MockWebServer("Y", HttpStatus.ACCEPTED);
        try {
            mockWebServer.start();
            MultifactorAuthenticationProviderBypassProperties multifactorAuthenticationProviderBypassProperties = new MultifactorAuthenticationProviderBypassProperties();
            multifactorAuthenticationProviderBypassProperties.getRest().setUrl("http://localhost:%s".formatted(Integer.valueOf(mockWebServer.getPort())));
            TestMultifactorAuthenticationProvider testMultifactorAuthenticationProvider = new TestMultifactorAuthenticationProvider();
            Assertions.assertTrue(new RestMultifactorAuthenticationProviderBypassEvaluator(multifactorAuthenticationProviderBypassProperties, testMultifactorAuthenticationProvider.getId()).shouldMultifactorAuthenticationProviderExecute(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), MultifactorAuthenticationTestUtils.getRegisteredService(), testMultifactorAuthenticationProvider, new MockHttpServletRequest(), MultifactorAuthenticationTestUtils.getService("service")));
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    void verifyOperationFailsWithNoProvider() throws Throwable {
        MockWebServer mockWebServer = new MockWebServer("Y", HttpStatus.ACCEPTED);
        try {
            mockWebServer.start();
            MultifactorAuthenticationProviderBypassProperties multifactorAuthenticationProviderBypassProperties = new MultifactorAuthenticationProviderBypassProperties();
            multifactorAuthenticationProviderBypassProperties.getRest().setUrl("http://localhost:%s".formatted(Integer.valueOf(mockWebServer.getPort())));
            Assertions.assertTrue(new RestMultifactorAuthenticationProviderBypassEvaluator(multifactorAuthenticationProviderBypassProperties, new TestMultifactorAuthenticationProvider().getId()).shouldMultifactorAuthenticationProviderExecute(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), MultifactorAuthenticationTestUtils.getRegisteredService(), (MultifactorAuthenticationProvider) null, new MockHttpServletRequest(), MultifactorAuthenticationTestUtils.getService("service")));
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    void verifyRestSendsQueryParameters() throws Throwable {
        okhttp3.mockwebserver.MockWebServer mockWebServer = new okhttp3.mockwebserver.MockWebServer();
        try {
            int port = mockWebServer.getPort();
            mockWebServer.enqueue(new MockResponse().setResponseCode(HttpStatus.ACCEPTED.value()));
            MultifactorAuthenticationProviderBypassProperties multifactorAuthenticationProviderBypassProperties = new MultifactorAuthenticationProviderBypassProperties();
            multifactorAuthenticationProviderBypassProperties.getRest().setUrl("http://localhost:" + port);
            TestMultifactorAuthenticationProvider testMultifactorAuthenticationProvider = new TestMultifactorAuthenticationProvider();
            RestMultifactorAuthenticationProviderBypassEvaluator restMultifactorAuthenticationProviderBypassEvaluator = new RestMultifactorAuthenticationProviderBypassEvaluator(multifactorAuthenticationProviderBypassProperties, testMultifactorAuthenticationProvider.getId());
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            RegisteredService registeredService = MultifactorAuthenticationTestUtils.getRegisteredService();
            boolean shouldMultifactorAuthenticationProviderExecute = restMultifactorAuthenticationProviderBypassEvaluator.shouldMultifactorAuthenticationProviderExecute(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), registeredService, testMultifactorAuthenticationProvider, mockHttpServletRequest, MultifactorAuthenticationTestUtils.getService("service"));
            HttpUrl requestUrl = mockWebServer.takeRequest().getRequestUrl();
            Assertions.assertEquals("casuser", requestUrl.queryParameter("principal"));
            Assertions.assertEquals(requestUrl.queryParameter("service"), registeredService.getServiceId());
            Assertions.assertEquals(requestUrl.queryParameter("provider"), testMultifactorAuthenticationProvider.getId());
            Assertions.assertTrue(shouldMultifactorAuthenticationProviderExecute);
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
