package org.apereo.cas.oidc.jwks.generator;

import java.io.File;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.attribute.FileAttribute;
import java.util.Date;
import java.util.Optional;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apereo.cas.configuration.model.support.oidc.OidcProperties;
import org.apereo.cas.configuration.support.CasConfigurationJasyptCipherExecutor;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.util.RandomUtils;
import org.jose4j.jwk.JsonWebKeySet;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.test.context.TestPropertySource;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/jwks/generator/OidcDefaultJsonWebKeystoreGeneratorServiceTests.class */
class OidcDefaultJsonWebKeystoreGeneratorServiceTests {

    @TestPropertySource(properties = {"cas.authn.oidc.jwks.file-system.jwks-file=file:${#systemProperties['java.io.tmpdir']}/something.jwks"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/oidc/jwks/generator/OidcDefaultJsonWebKeystoreGeneratorServiceTests$DefaultTests.class */
    class DefaultTests extends AbstractOidcTests {
        private File keystore;

        DefaultTests(OidcDefaultJsonWebKeystoreGeneratorServiceTests oidcDefaultJsonWebKeystoreGeneratorServiceTests) {
        }

        @BeforeEach
        public void setup() {
            this.keystore = new File(FileUtils.getTempDirectoryPath(), "something.jwks");
            if (this.keystore.exists()) {
                Assertions.assertTrue(this.keystore.delete());
            }
        }

        @Test
        void verifyOperation() throws Throwable {
            Resource generate = this.oidcJsonWebKeystoreGeneratorService.generate();
            Assertions.assertTrue(generate.exists());
            Assertions.assertTrue(this.keystore.setLastModified(new Date().getTime()));
            Thread.sleep(2000L);
            this.oidcJsonWebKeystoreGeneratorService.store(OidcJsonWebKeystoreGeneratorService.toJsonWebKeyStore(generate));
            Assertions.assertTrue(this.oidcJsonWebKeystoreGeneratorService.find().isPresent());
            this.oidcJsonWebKeystoreGeneratorService.destroy();
        }

        @Test
        void verifyRegeneration() throws Throwable {
            Assertions.assertTrue(this.oidcJsonWebKeystoreGeneratorService.generate().exists());
            Assertions.assertTrue(this.oidcJsonWebKeystoreGeneratorService.generate().exists());
        }

        @Test
        void verifyCurve256() throws Throwable {
            OidcProperties oidcProperties = new OidcProperties();
            oidcProperties.getJwks().getCore().setJwksType("ec");
            oidcProperties.getJwks().getCore().setJwksKeySize(256);
            verifyGeneration(oidcProperties);
        }

        @Test
        void verifyCurve384() throws Throwable {
            OidcProperties oidcProperties = new OidcProperties();
            oidcProperties.getJwks().getCore().setJwksType("ec");
            oidcProperties.getJwks().getCore().setJwksKeySize(384);
            verifyGeneration(oidcProperties);
        }

        @Test
        void verifyCurve521() throws Throwable {
            OidcProperties oidcProperties = new OidcProperties();
            oidcProperties.getJwks().getCore().setJwksType("ec");
            oidcProperties.getJwks().getCore().setJwksKeySize(521);
            verifyGeneration(oidcProperties);
        }

        private void verifyGeneration(OidcProperties oidcProperties) throws Throwable {
            File file = Files.createTempFile(RandomUtils.randomAlphabetic(6), ".jwks", new FileAttribute[0]).toFile();
            oidcProperties.getJwks().getFileSystem().setJwksFile(file.getAbsolutePath());
            OidcDefaultJsonWebKeystoreGeneratorService oidcDefaultJsonWebKeystoreGeneratorService = new OidcDefaultJsonWebKeystoreGeneratorService(oidcProperties, this.applicationContext);
            oidcDefaultJsonWebKeystoreGeneratorService.generate(new FileSystemResource(file));
            Assertions.assertTrue(file.exists());
            oidcDefaultJsonWebKeystoreGeneratorService.destroy();
        }
    }

    @TestPropertySource(properties = {"cas.authn.oidc.jwks.file-system.jwks-file={\"keys\": []}"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/oidc/jwks/generator/OidcDefaultJsonWebKeystoreGeneratorServiceTests$EmbeddedKeystoreTests.class */
    class EmbeddedKeystoreTests extends AbstractOidcTests {
        EmbeddedKeystoreTests(OidcDefaultJsonWebKeystoreGeneratorServiceTests oidcDefaultJsonWebKeystoreGeneratorServiceTests) {
        }

        @Test
        void verifyOperation() throws Throwable {
            Optional find = this.oidcJsonWebKeystoreGeneratorService.find();
            Assertions.assertTrue(find.isPresent());
            Assertions.assertTrue(new JsonWebKeySet(IOUtils.toString(((Resource) find.get()).getInputStream(), StandardCharsets.UTF_8)).getJsonWebKeys().isEmpty());
        }
    }

    @TestPropertySource(properties = {"cas.authn.oidc.jwks.file-system.jwks-file=classpath:/encrypted.jwks"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/oidc/jwks/generator/OidcDefaultJsonWebKeystoreGeneratorServiceTests$EncryptedKeystoreTests.class */
    class EncryptedKeystoreTests extends AbstractOidcTests {
        EncryptedKeystoreTests(OidcDefaultJsonWebKeystoreGeneratorServiceTests oidcDefaultJsonWebKeystoreGeneratorServiceTests) {
        }

        @Test
        void verifyOperation() throws Throwable {
            Optional find = this.oidcJsonWebKeystoreGeneratorService.find();
            Assertions.assertTrue(find.isPresent());
            Assertions.assertFalse(new JsonWebKeySet(IOUtils.toString(((Resource) find.get()).getInputStream(), StandardCharsets.UTF_8)).getJsonWebKeys().isEmpty());
        }
    }

    OidcDefaultJsonWebKeystoreGeneratorServiceTests() {
    }

    static {
        System.setProperty(CasConfigurationJasyptCipherExecutor.JasyptEncryptionParameters.PASSWORD.getPropertyName(), "P@$$w0rd");
    }
}
