package org.apereo.cas;

import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Optional;
import org.apereo.cas.BasePrincipalAttributeRepositoryTests;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.CoreAuthenticationUtils;
import org.apereo.cas.authentication.attribute.AttributeDefinitionStore;
import org.apereo.cas.authentication.attribute.AttributeRepositoryResolver;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.DefaultPrincipalElectionStrategy;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.PrincipalResolver;
import org.apereo.cas.authentication.principal.resolvers.ChainingPrincipalResolver;
import org.apereo.cas.authentication.principal.resolvers.EchoingPrincipalResolver;
import org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.authentication.PersonDirectoryPrincipalResolverProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.junit.EnabledIfListeningOnPort;
import org.apereo.services.persondir.IPersonAttributeDao;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.ConfigurableApplicationContext;

@Tag("LdapAttributes")
@EnabledIfListeningOnPort(port = {10389})
@SpringBootTest(classes = {BasePrincipalAttributeRepositoryTests.SharedTestConfiguration.class}, properties = {"cas.authn.attribute-repository.ldap[0].base-dn=dc=example,dc=org", "cas.authn.attribute-repository.ldap[0].ldap-url=ldap://localhost:10389", "cas.authn.attribute-repository.ldap[0].search-filter=cn={cnuser}", "cas.authn.attribute-repository.ldap[0].attributes.cn=cn", "cas.authn.attribute-repository.ldap[0].attributes.description=description", "cas.authn.attribute-repository.ldap[0].attributes.entryDN=entryDN", "cas.authn.attribute-repository.ldap[0].bind-dn=cn=Directory Manager", "cas.authn.attribute-repository.ldap[0].bind-credential=password", "cas.authn.attribute-repository.ldap[0].use-all-query-attributes=false", "cas.authn.attribute-repository.ldap[0].query-attributes.principal=cnuser", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[0].type=DN_ATTRIBUTE_ENTRY", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[1].type=MERGE_ENTRIES", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[2].type=FOLLOW_SEARCH_REFERRAL", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[3].type=FOLLOW_SEARCH_RESULT_REFERENCE", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[4].type=ACTIVE_DIRECTORY", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[5].type=MERGE_ENTRIES", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[6].type=RECURSIVE_ENTRY", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[7].type=RANGE_ENTRY", "cas.authn.attribute-repository.ldap[0].search-entry-handlers[8].type=PRIMARY_GROUP"})
/* loaded from: input_file:org/apereo/cas/PersonDirectoryPrincipalResolverLdapTests.class */
class PersonDirectoryPrincipalResolverLdapTests {

    @Autowired
    @Qualifier("attributeRepository")
    private IPersonAttributeDao attributeRepository;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("attributeDefinitionStore")
    private AttributeDefinitionStore attributeDefinitionStore;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("attributeRepositoryResolver")
    private AttributeRepositoryResolver attributeRepositoryResolver;

    PersonDirectoryPrincipalResolverLdapTests() {
    }

    @Test
    void verifyResolver() throws Throwable {
        Principal resolve = PersonDirectoryPrincipalResolver.newPersonDirectoryPrincipalResolver(this.applicationContext, PrincipalFactoryUtils.newPrincipalFactory(), this.attributeRepository, CoreAuthenticationUtils.getAttributeMerger(this.casProperties.getAuthn().getAttributeRepository().getCore().getMerger()), this.servicesManager, this.attributeDefinitionStore, this.attributeRepositoryResolver, new PersonDirectoryPrincipalResolverProperties[]{this.casProperties.getPersonDirectory()}).resolve(new UsernamePasswordCredential("admin", "password"), Optional.of(CoreAuthenticationTestUtils.getPrincipal("admin")), Optional.of(new SimpleTestUsernamePasswordAuthenticationHandler()), Optional.of(CoreAuthenticationTestUtils.getService()));
        Assertions.assertNotNull(resolve);
        Assertions.assertTrue(resolve.getAttributes().containsKey("description"));
        Assertions.assertTrue(resolve.getAttributes().containsKey("entryDN"));
    }

    @Test
    void verifyChainedResolver() throws Throwable {
        PrincipalResolver newPersonDirectoryPrincipalResolver = PersonDirectoryPrincipalResolver.newPersonDirectoryPrincipalResolver(this.applicationContext, PrincipalFactoryUtils.newPrincipalFactory(), this.attributeRepository, CoreAuthenticationUtils.getAttributeMerger(this.casProperties.getAuthn().getAttributeRepository().getCore().getMerger()), this.servicesManager, this.attributeDefinitionStore, this.attributeRepositoryResolver, new PersonDirectoryPrincipalResolverProperties[]{this.casProperties.getPersonDirectory()});
        ChainingPrincipalResolver chainingPrincipalResolver = new ChainingPrincipalResolver(new DefaultPrincipalElectionStrategy(), this.casProperties);
        chainingPrincipalResolver.setChain(Arrays.asList(new EchoingPrincipalResolver(), newPersonDirectoryPrincipalResolver));
        HashMap hashMap = new HashMap(2);
        hashMap.put("a1", List.of("v1"));
        hashMap.put("a2", List.of("v2"));
        Principal resolve = chainingPrincipalResolver.resolve(new UsernamePasswordCredential("admin", "password"), Optional.of(CoreAuthenticationTestUtils.getPrincipal("admin", hashMap)), Optional.of(new SimpleTestUsernamePasswordAuthenticationHandler()), Optional.of(CoreAuthenticationTestUtils.getService()));
        Assertions.assertNotNull(resolve);
        Assertions.assertTrue(resolve.getAttributes().containsKey("cn"));
        Assertions.assertTrue(resolve.getAttributes().containsKey("a1"));
        Assertions.assertTrue(resolve.getAttributes().containsKey("a2"));
    }
}
