package org.apereo.cas.impl.account;

import com.unboundid.ldap.sdk.LDAPConnection;
import java.util.Collections;
import java.util.Optional;
import org.apereo.cas.adaptors.ldap.LdapIntegrationTestsOperations;
import org.apereo.cas.api.PasswordlessAuthenticationRequest;
import org.apereo.cas.api.PasswordlessUserAccount;
import org.apereo.cas.api.PasswordlessUserAccountStore;
import org.apereo.cas.config.CasLdapPasswordlessAuthenticationAutoConfiguration;
import org.apereo.cas.impl.BasePasswordlessUserAccountStoreTests;
import org.apereo.cas.util.junit.EnabledIfListeningOnPort;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junitpioneer.jupiter.RetryingTest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Import;
import org.springframework.core.io.ClassPathResource;
import org.springframework.test.context.TestPropertySource;

@Tag("LdapRepository")
@EnabledIfListeningOnPort(port = {10389})
/* loaded from: input_file:org/apereo/cas/impl/account/LdapPasswordlessUserAccountStoreTests.class */
class LdapPasswordlessUserAccountStoreTests {

    @TestPropertySource(properties = {"cas.authn.passwordless.accounts.ldap.ldap-url=ldap://localhost:10389", "cas.authn.passwordless.accounts.ldap.base-dn=ou=people,dc=example,dc=org", "cas.authn.passwordless.accounts.ldap.search-filter=cn={0}", "cas.authn.passwordless.accounts.ldap.bind-dn=cn=Directory Manager", "cas.authn.passwordless.accounts.ldap.bind-credential=password", "cas.authn.passwordless.accounts.ldap.email-attribute=mail", "cas.authn.passwordless.accounts.ldap.phone-attribute=telephoneNumber", "cas.authn.passwordless.accounts.ldap.username-attribute=mail", "cas.authn.passwordless.accounts.ldap.request-password-attribute=description"})
    @Import({CasLdapPasswordlessAuthenticationAutoConfiguration.class})
    /* loaded from: input_file:org/apereo/cas/impl/account/LdapPasswordlessUserAccountStoreTests$BaseLdapTests.class */
    static abstract class BaseLdapTests extends BasePasswordlessUserAccountStoreTests {

        @Autowired
        @Qualifier("passwordlessUserAccountStore")
        protected PasswordlessUserAccountStore passwordlessUserAccountStore;

        BaseLdapTests() {
        }

        @BeforeEach
        void setup() throws Exception {
            LDAPConnection lDAPConnection = new LDAPConnection("localhost", 10389, "cn=Directory Manager", "password");
            try {
                LdapIntegrationTestsOperations.populateEntries(lDAPConnection, new ClassPathResource("ldif/ldap-passwordless.ldif").getInputStream(), "ou=people,dc=example,dc=org");
            } finally {
                if (Collections.singletonList(lDAPConnection).get(0) != null) {
                    lDAPConnection.close();
                }
            }
        }
    }

    @Nested
    /* loaded from: input_file:org/apereo/cas/impl/account/LdapPasswordlessUserAccountStoreTests$DefaultTests.class */
    class DefaultTests extends BaseLdapTests {
        DefaultTests(LdapPasswordlessUserAccountStoreTests ldapPasswordlessUserAccountStoreTests) {
        }

        @RetryingTest(3)
        void verifyAction() throws Throwable {
            Optional findUser = this.passwordlessUserAccountStore.findUser(PasswordlessAuthenticationRequest.builder().username("passwordlessUser").build());
            Assertions.assertTrue(findUser.isPresent());
            Assertions.assertEquals("passwordlessuser@example.org", ((PasswordlessUserAccount) findUser.get()).getEmail());
            Assertions.assertEquals("123456789", ((PasswordlessUserAccount) findUser.get()).getPhone());
            Assertions.assertEquals("passwordlessuser@example.org", ((PasswordlessUserAccount) findUser.get()).getUsername());
            Assertions.assertTrue(((PasswordlessUserAccount) findUser.get()).isRequestPassword());
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.passwordless.accounts.ldap.required-attribute=description", "cas.authn.passwordless.accounts.ldap.required-attribute-value=.*this.+is.+missing.*"})
    /* loaded from: input_file:org/apereo/cas/impl/account/LdapPasswordlessUserAccountStoreTests$MissingRequiredAttributesTests.class */
    class MissingRequiredAttributesTests extends BaseLdapTests {
        MissingRequiredAttributesTests(LdapPasswordlessUserAccountStoreTests ldapPasswordlessUserAccountStoreTests) {
        }

        @RetryingTest(3)
        void verifyAction() throws Throwable {
            Assertions.assertFalse(this.passwordlessUserAccountStore.findUser(PasswordlessAuthenticationRequest.builder().username("passwordlessUser").build()).isPresent());
        }
    }

    LdapPasswordlessUserAccountStoreTests() {
    }
}
