package org.apereo.cas.authentication.policy;

import java.util.Map;
import java.util.UUID;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationPolicy;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.exceptions.UniquePrincipalRequiredException;
import org.apereo.cas.config.CasCoreHttpConfiguration;
import org.apereo.cas.config.CasCoreNotificationsConfiguration;
import org.apereo.cas.config.CasCoreServicesConfiguration;
import org.apereo.cas.config.CasCoreTicketCatalogConfiguration;
import org.apereo.cas.config.CasCoreTicketIdGeneratorsConfiguration;
import org.apereo.cas.config.CasCoreTicketsConfiguration;
import org.apereo.cas.config.CasCoreTicketsSerializationConfiguration;
import org.apereo.cas.config.CasCoreUtilConfiguration;
import org.apereo.cas.config.CasCoreWebConfiguration;
import org.apereo.cas.config.CasDefaultServiceTicketIdGeneratorsConfiguration;
import org.apereo.cas.config.CasWebApplicationServiceFactoryConfiguration;
import org.apereo.cas.ticket.TicketGrantingTicketImpl;
import org.apereo.cas.ticket.expiration.NeverExpiresExpirationPolicy;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.spring.DirectObjectProvider;
import org.apereo.cas.validation.Assertion;
import org.apereo.cas.web.flow.SingleSignOnParticipationStrategy;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;

@Tag("AuthenticationPolicy")
@SpringBootTest(classes = {RefreshAutoConfiguration.class, WebMvcAutoConfiguration.class, AuthenticationPolicyTestConfiguration.class, CasCoreTicketIdGeneratorsConfiguration.class, CasDefaultServiceTicketIdGeneratorsConfiguration.class, CasCoreTicketsConfiguration.class, CasCoreWebConfiguration.class, CasCoreUtilConfiguration.class, CasCoreNotificationsConfiguration.class, CasCoreHttpConfiguration.class, CasWebApplicationServiceFactoryConfiguration.class, CasCoreTicketCatalogConfiguration.class, CasCoreTicketsSerializationConfiguration.class, CasCoreServicesConfiguration.class})
/* loaded from: input_file:org/apereo/cas/authentication/policy/UniquePrincipalAuthenticationPolicyTests.class */
class UniquePrincipalAuthenticationPolicyTests {

    @Autowired
    @Qualifier("ticketRegistry")
    private TicketRegistry ticketRegistry;

    @Autowired
    @Qualifier("singleSignOnParticipationStrategy")
    private SingleSignOnParticipationStrategy singleSignOnParticipationStrategy;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @TestConfiguration(value = "AuthenticationPolicyTestConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/authentication/policy/UniquePrincipalAuthenticationPolicyTests$AuthenticationPolicyTestConfiguration.class */
    static class AuthenticationPolicyTestConfiguration {
        AuthenticationPolicyTestConfiguration() {
        }

        @Bean
        public SingleSignOnParticipationStrategy singleSignOnParticipationStrategy() {
            return SingleSignOnParticipationStrategy.alwaysParticipating();
        }
    }

    UniquePrincipalAuthenticationPolicyTests() {
    }

    @Test
    void verifyPolicyIsGoodUserNotFound() throws Throwable {
        Assertions.assertTrue(getPolicy().isSatisfiedBy(CoreAuthenticationTestUtils.getAuthentication(UUID.randomUUID().toString()), this.applicationContext).isSuccess());
    }

    @Test
    void verifyPolicyWithAssertion() throws Throwable {
        Assertions.assertTrue(getPolicy().isSatisfiedBy(CoreAuthenticationTestUtils.getAuthentication(UUID.randomUUID().toString()), this.applicationContext, Map.of(Assertion.class.getName(), (Assertion) Mockito.mock(Assertion.class))).isSuccess());
    }

    @Test
    void verifyPolicyFailsUserFoundOnce() throws Throwable {
        Authentication authentication = CoreAuthenticationTestUtils.getAuthentication(UUID.randomUUID().toString());
        this.ticketRegistry.addTicket(new TicketGrantingTicketImpl(UUID.randomUUID().toString(), authentication, NeverExpiresExpirationPolicy.INSTANCE));
        Assertions.assertThrows(UniquePrincipalRequiredException.class, () -> {
            getPolicy().isSatisfiedBy(authentication, this.applicationContext);
        });
    }

    private AuthenticationPolicy getPolicy() {
        return new UniquePrincipalAuthenticationPolicy(this.ticketRegistry, new DirectObjectProvider(this.singleSignOnParticipationStrategy));
    }
}
