package org.apereo.cas.oidc.authn;

import java.util.List;
import java.util.UUID;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlanConfigurer;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.services.OidcRegisteredService;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.context.CallContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.jee.context.session.JEESessionStore;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.context.annotation.Import;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OIDC")
@Import({AuthenticationTestConfiguration.class})
/* loaded from: input_file:org/apereo/cas/oidc/authn/OidcUsernamePasswordAuthenticatorTests.class */
class OidcUsernamePasswordAuthenticatorTests extends AbstractOidcTests {

    @Autowired
    @Qualifier("oauthUserAuthenticator")
    private Authenticator authenticator;

    @Tag("OAuth")
    @TestConfiguration(value = "AuthenticationTestConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/oidc/authn/OidcUsernamePasswordAuthenticatorTests$AuthenticationTestConfiguration.class */
    static class AuthenticationTestConfiguration implements AuthenticationEventExecutionPlanConfigurer {
        AuthenticationTestConfiguration() {
        }

        public void configureAuthenticationExecutionPlan(AuthenticationEventExecutionPlan authenticationEventExecutionPlan) {
            SimpleTestUsernamePasswordAuthenticationHandler simpleTestUsernamePasswordAuthenticationHandler = new SimpleTestUsernamePasswordAuthenticationHandler();
            simpleTestUsernamePasswordAuthenticationHandler.putAttributes(CoreAuthenticationTestUtils.getAttributes());
            simpleTestUsernamePasswordAuthenticationHandler.putAttribute("family_name", List.of("Apereo")).putAttribute("given_name", List.of("CAS")).putAttribute("email", List.of("cas@apereo.org"));
            authenticationEventExecutionPlan.registerAuthenticationHandler(simpleTestUsernamePasswordAuthenticationHandler);
        }
    }

    OidcUsernamePasswordAuthenticatorTests() {
    }

    @Test
    void verifyClientIdWithoutAnyAttributes() throws Throwable {
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(UUID.randomUUID().toString());
        this.servicesManager.save(oidcRegisteredService);
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("oidctest", "oidctest");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", oidcRegisteredService.getClientId());
        mockHttpServletRequest.addParameter("client_secret", oidcRegisteredService.getClientSecret());
        this.authenticator.validate(new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), new JEESessionStore()), usernamePasswordCredentials);
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(1, usernamePasswordCredentials.getUserProfile().getAttributes().size());
        Assertions.assertTrue(usernamePasswordCredentials.getUserProfile().getAttributes().containsKey("client_id"));
    }

    @Test
    void verifyClientIdWithScopesRequest() throws Throwable {
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(UUID.randomUUID().toString());
        this.servicesManager.save(oidcRegisteredService);
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("oidctest", "oidctest");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", oidcRegisteredService.getClientId());
        mockHttpServletRequest.addParameter("client_secret", oidcRegisteredService.getClientSecret());
        mockHttpServletRequest.addParameter("scope", "openid profile email");
        this.authenticator.validate(new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), new JEESessionStore()), usernamePasswordCredentials);
        UserProfile userProfile = usernamePasswordCredentials.getUserProfile();
        Assertions.assertNotNull(userProfile);
        Assertions.assertTrue(userProfile.getAttributes().containsKey("email"));
        Assertions.assertTrue(userProfile.getAttributes().containsKey("family_name"));
        Assertions.assertTrue(userProfile.getAttributes().containsKey("given_name"));
    }

    @Test
    void verifyClientIdWithoutScopesRequest() throws Throwable {
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(UUID.randomUUID().toString());
        this.servicesManager.save(oidcRegisteredService);
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("oidctest", "oidctest");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", oidcRegisteredService.getClientId());
        mockHttpServletRequest.addParameter("client_secret", oidcRegisteredService.getClientSecret());
        mockHttpServletRequest.addParameter("scope", "openid");
        this.authenticator.validate(new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), new JEESessionStore()), usernamePasswordCredentials);
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(1, usernamePasswordCredentials.getUserProfile().getAttributes().size());
        Assertions.assertTrue(usernamePasswordCredentials.getUserProfile().getAttributes().containsKey("client_id"));
    }
}
