package org.apereo.cas.oidc.web.controllers;

import java.nio.charset.StandardCharsets;
import java.util.Set;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.oidc.web.controllers.introspection.OidcIntrospectionEndpointController;
import org.apereo.cas.support.oauth.web.response.introspection.OAuth20IntrospectionAccessTokenResponse;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.apereo.cas.util.EncodingUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.ResponseEntity;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/web/controllers/OidcIntrospectionEndpointControllerTests.class */
public class OidcIntrospectionEndpointControllerTests extends AbstractOidcTests {

    @Autowired
    @Qualifier("oidcIntrospectionEndpointController")
    protected OidcIntrospectionEndpointController oidcIntrospectionEndpointController;

    @Test
    public void verifyOperationWithValidTicket() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + EncodingUtils.encodeBase64("clientid:secret".getBytes(StandardCharsets.UTF_8)));
        OAuth20AccessToken accessToken = getAccessToken();
        this.ticketRegistry.addTicket(accessToken);
        mockHttpServletRequest.addParameter("token", accessToken.getId());
        ResponseEntity handleRequest = this.oidcIntrospectionEndpointController.handleRequest(mockHttpServletRequest, mockHttpServletResponse);
        Assertions.assertNotNull(handleRequest.getBody());
        Assertions.assertTrue(((OAuth20IntrospectionAccessTokenResponse) handleRequest.getBody()).isActive());
        Assertions.assertEquals(accessToken.getScopes(), Set.of((Object[]) ((OAuth20IntrospectionAccessTokenResponse) handleRequest.getBody()).getScope().split(" ")));
    }

    @Test
    public void verifyOperationWithInvalidTicket() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + EncodingUtils.encodeBase64("clientid:secret".getBytes(StandardCharsets.UTF_8)));
        mockHttpServletRequest.addParameter("token", getAccessToken().getId());
        ResponseEntity handleRequest = this.oidcIntrospectionEndpointController.handleRequest(mockHttpServletRequest, mockHttpServletResponse);
        Assertions.assertNotNull(handleRequest.getBody());
        Assertions.assertFalse(((OAuth20IntrospectionAccessTokenResponse) handleRequest.getBody()).isActive());
    }
}
