package org.apereo.cas.oidc.web;

import java.time.Clock;
import java.time.ZonedDateTime;
import java.util.List;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.pac4j.core.profile.BasicUserProfile;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.jee.context.session.JEESessionStore;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/web/OidcAuthenticationAuthorizeSecurityLogicTests.class */
public class OidcAuthenticationAuthorizeSecurityLogicTests extends AbstractOidcTests {
    private TicketGrantingTicket ticketGrantingTicket;

    @Override // org.apereo.cas.oidc.AbstractOidcTests
    @BeforeEach
    public void initialize() throws Exception {
        super.initialize();
        this.ticketGrantingTicketCookieGenerator = (CasCookieBuilder) Mockito.mock(CasCookieBuilder.class);
        this.ticketGrantingTicket = new MockTicketGrantingTicket("casuser");
        this.ticketRegistry.addTicket(this.ticketGrantingTicket);
    }

    @Test
    public void verifyOperation() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Mockito.when(this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(mockHttpServletRequest)).thenReturn(this.ticketGrantingTicket.getId());
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, mockHttpServletResponse);
        ProfileManager profileManager = new ProfileManager(jEEContext, JEESessionStore.INSTANCE);
        profileManager.save(true, new BasicUserProfile(), false);
        OidcAuthenticationAuthorizeSecurityLogic oidcAuthenticationAuthorizeSecurityLogic = new OidcAuthenticationAuthorizeSecurityLogic(this.ticketGrantingTicketCookieGenerator, this.ticketRegistry, this.oauthRequestParameterResolver);
        Assertions.assertFalse(oidcAuthenticationAuthorizeSecurityLogic.loadProfiles(profileManager, jEEContext, JEESessionStore.INSTANCE, List.of()).isEmpty());
        mockHttpServletRequest.setQueryString("prompt=login");
        Assertions.assertTrue(oidcAuthenticationAuthorizeSecurityLogic.loadProfiles(profileManager, jEEContext, JEESessionStore.INSTANCE, List.of()).isEmpty());
    }

    @Test
    public void verifyMaxAgeOperation() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("max_age", "5");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Mockito.when(this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(mockHttpServletRequest)).thenReturn(this.ticketGrantingTicket.getId());
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, mockHttpServletResponse);
        ProfileManager profileManager = new ProfileManager(jEEContext, JEESessionStore.INSTANCE);
        BasicUserProfile basicUserProfile = new BasicUserProfile();
        basicUserProfile.addAuthenticationAttribute("authenticationDate", ZonedDateTime.now(Clock.systemUTC()).minusSeconds(30L));
        profileManager.save(true, basicUserProfile, false);
        Assertions.assertTrue(new OidcAuthenticationAuthorizeSecurityLogic(this.ticketGrantingTicketCookieGenerator, this.ticketRegistry, this.oauthRequestParameterResolver).loadProfiles(profileManager, jEEContext, JEESessionStore.INSTANCE, List.of()).isEmpty());
    }

    @Test
    public void verifyLoadNoProfileWhenNoTgtAvailable() {
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse());
        ProfileManager profileManager = new ProfileManager(jEEContext, JEESessionStore.INSTANCE);
        profileManager.save(true, new BasicUserProfile(), false);
        Assertions.assertTrue(new OidcAuthenticationAuthorizeSecurityLogic(this.ticketGrantingTicketCookieGenerator, this.ticketRegistry, this.oauthRequestParameterResolver).loadProfiles(profileManager, jEEContext, JEESessionStore.INSTANCE, List.of()).isEmpty());
    }
}
