package org.apereo.cas.authentication.mfa;

import java.util.List;
import java.util.Optional;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.DefaultChainingMultifactorAuthenticationProvider;
import org.apereo.cas.authentication.DefaultMultifactorAuthenticationContextValidator;
import org.apereo.cas.authentication.DefaultMultifactorAuthenticationFailureModeEvaluator;
import org.apereo.cas.authentication.MultifactorAuthenticationProvider;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mfa.BaseMultifactorAuthenticationProviderProperties;
import org.apereo.cas.util.CollectionUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.support.StaticApplicationContext;

@Tag("MFA")
/* loaded from: input_file:org/apereo/cas/authentication/mfa/DefaultMultifactorAuthenticationContextValidatorTests.class */
class DefaultMultifactorAuthenticationContextValidatorTests {
    DefaultMultifactorAuthenticationContextValidatorTests() {
    }

    private static ConfigurableApplicationContext getStaticApplicationContext() {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext();
        staticApplicationContext.refresh();
        TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(staticApplicationContext);
        return staticApplicationContext;
    }

    @Test
    void verifyContextFailsValidationWithNoProviders() throws Throwable {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext();
        staticApplicationContext.refresh();
        Assertions.assertFalse(new DefaultMultifactorAuthenticationContextValidator("authn_method", "trusted_authn", staticApplicationContext).validate(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), "invalid-context", Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
    }

    @Test
    void verifyContextFailsValidationWithMissingProvider() throws Throwable {
        Assertions.assertFalse(new DefaultMultifactorAuthenticationContextValidator("authn_method", "trusted_authn", getStaticApplicationContext()).validate(MultifactorAuthenticationTestUtils.getAuthentication("casuser"), "invalid-context", Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
    }

    @Test
    void verifyContextPassesValidationWithProvider() throws Throwable {
        Assertions.assertTrue(new DefaultMultifactorAuthenticationContextValidator("authn_method", "trusted_authn", getStaticApplicationContext()).validate(MultifactorAuthenticationTestUtils.getAuthentication(MultifactorAuthenticationTestUtils.getPrincipal("casuser"), CollectionUtils.wrap("authn_method", List.of(TestMultifactorAuthenticationProvider.ID))), TestMultifactorAuthenticationProvider.ID, Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
    }

    @Test
    void verifyContextPassesValidationWithChainProvider() throws Throwable {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext();
        staticApplicationContext.refresh();
        CasConfigurationProperties casConfigurationProperties = new CasConfigurationProperties();
        casConfigurationProperties.getAuthn().getMfa().getCore().setGlobalFailureMode(BaseMultifactorAuthenticationProviderProperties.MultifactorAuthenticationProviderFailureModes.OPEN);
        DefaultChainingMultifactorAuthenticationProvider defaultChainingMultifactorAuthenticationProvider = new DefaultChainingMultifactorAuthenticationProvider(new DefaultMultifactorAuthenticationFailureModeEvaluator(casConfigurationProperties));
        TestMultifactorAuthenticationProvider testMultifactorAuthenticationProvider = new TestMultifactorAuthenticationProvider("mfa-first");
        testMultifactorAuthenticationProvider.setOrder(10);
        TestMultifactorAuthenticationProvider testMultifactorAuthenticationProvider2 = new TestMultifactorAuthenticationProvider("mfa-second");
        testMultifactorAuthenticationProvider2.setOrder(20);
        defaultChainingMultifactorAuthenticationProvider.addMultifactorAuthenticationProvider(testMultifactorAuthenticationProvider);
        defaultChainingMultifactorAuthenticationProvider.addMultifactorAuthenticationProvider(testMultifactorAuthenticationProvider2);
        TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext((ConfigurableApplicationContext) staticApplicationContext, (MultifactorAuthenticationProvider) defaultChainingMultifactorAuthenticationProvider);
        TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext((ConfigurableApplicationContext) staticApplicationContext, (MultifactorAuthenticationProvider) testMultifactorAuthenticationProvider);
        TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext((ConfigurableApplicationContext) staticApplicationContext, (MultifactorAuthenticationProvider) testMultifactorAuthenticationProvider2);
        Assertions.assertTrue(new DefaultMultifactorAuthenticationContextValidator("authn_method", "trusted_authn", staticApplicationContext).validate(MultifactorAuthenticationTestUtils.getAuthentication(MultifactorAuthenticationTestUtils.getPrincipal("casuser"), CollectionUtils.wrap("authn_method", List.of(testMultifactorAuthenticationProvider2.getId()))), testMultifactorAuthenticationProvider2.getId(), Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
    }

    @Test
    void verifyTrustedAuthnFoundInContext() throws Throwable {
        Assertions.assertTrue(new DefaultMultifactorAuthenticationContextValidator("authn_method", "trusted_authn", getStaticApplicationContext()).validate(MultifactorAuthenticationTestUtils.getAuthentication(MultifactorAuthenticationTestUtils.getPrincipal("casuser"), CollectionUtils.wrap("authn_method", List.of("mfa-other"), "trusted_authn", List.of(TestMultifactorAuthenticationProvider.ID))), TestMultifactorAuthenticationProvider.ID, Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
    }

    @Test
    void verifyTrustedAuthnFoundFromContext() throws Throwable {
        ConfigurableApplicationContext staticApplicationContext = getStaticApplicationContext();
        DefaultMultifactorAuthenticationContextValidator defaultMultifactorAuthenticationContextValidator = new DefaultMultifactorAuthenticationContextValidator("authn_method", "trusted_authn", staticApplicationContext);
        Authentication authentication = MultifactorAuthenticationTestUtils.getAuthentication(MultifactorAuthenticationTestUtils.getPrincipal("casuser"), CollectionUtils.wrap("authn_method", List.of("mfa-other")));
        Assertions.assertFalse(defaultMultifactorAuthenticationContextValidator.validate(authentication, TestMultifactorAuthenticationProvider.ID, Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
        TestMultifactorAuthenticationProvider testMultifactorAuthenticationProvider = new TestMultifactorAuthenticationProvider();
        testMultifactorAuthenticationProvider.setId("mfa-other");
        TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(staticApplicationContext, (MultifactorAuthenticationProvider) testMultifactorAuthenticationProvider);
        Assertions.assertTrue(defaultMultifactorAuthenticationContextValidator.validate(authentication, TestMultifactorAuthenticationProvider.ID, Optional.of(MultifactorAuthenticationTestUtils.getRegisteredService())).isSuccess());
    }
}
