package org.apereo.cas.oidc.authn;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.Curve;
import com.nimbusds.jose.jwk.gen.ECKeyGenerator;
import com.nimbusds.oauth2.sdk.dpop.DefaultDPoPProofFactory;
import java.net.URI;
import java.util.UUID;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.services.OidcRegisteredService;
import org.apereo.cas.support.oauth.authenticator.OAuth20AuthenticationClientProvider;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.credentials.TokenCredentials;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.http.client.direct.HeaderClient;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.jee.context.session.JEESessionStore;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/authn/OidcDPoPAuthenticatorTests.class */
public class OidcDPoPAuthenticatorTests extends AbstractOidcTests {

    @Autowired
    @Qualifier("oidcDPoPClientProvider")
    private OAuth20AuthenticationClientProvider oidcDPoPClientProvider;

    @Test
    public void verifyOperation() throws Exception {
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(UUID.randomUUID().toString());
        this.servicesManager.save(oidcRegisteredService);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", oidcRegisteredService.getClientId());
        mockHttpServletRequest.setRequestURI("/cas/oidc");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        new ProfileManager(jEEContext, JEESessionStore.INSTANCE).removeProfiles();
        mockHttpServletRequest.addHeader("DPoP", new DefaultDPoPProofFactory(new ECKeyGenerator(Curve.P_256).keyID("1").generate(), JWSAlgorithm.ES256).createDPoPJWT("POST", new URI(mockHttpServletRequest.getRequestURL().toString())).serialize());
        HeaderClient createClient = this.oidcDPoPClientProvider.createClient();
        TokenCredentials tokenCredentials = new TokenCredentials("DPoP");
        createClient.getAuthenticator().validate(tokenCredentials, jEEContext, JEESessionStore.INSTANCE);
        UserProfile userProfile = tokenCredentials.getUserProfile();
        Assertions.assertNotNull(userProfile);
        Assertions.assertNotNull(userProfile.getAttribute("DPoP"));
        Assertions.assertNotNull(userProfile.getAttribute("DPoPConfirmation"));
    }
}
