package org.apereo.cas.authentication;

import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.AccountLockedException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.soap.generated.GetSoapAuthenticationRequest;
import org.apereo.cas.authentication.soap.generated.GetSoapAuthenticationResponse;
import org.apereo.cas.config.CasCoreNotificationsConfiguration;
import org.apereo.cas.config.CasCoreServicesConfiguration;
import org.apereo.cas.config.CasCoreUtilConfiguration;
import org.apereo.cas.config.CasRegisteredServicesTestConfiguration;
import org.apereo.cas.config.SoapAuthenticationConfiguration;
import org.apereo.cas.config.SoapAuthenticationServerTestConfiguration;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.mail.MailSenderAutoConfiguration;
import org.springframework.boot.autoconfigure.web.servlet.ServletWebServerFactoryAutoConfiguration;
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.http.HttpStatus;

@Tag("AuthenticationHandler")
@EnableConfigurationProperties({CasConfigurationProperties.class})
@SpringBootTest(classes = {RefreshAutoConfiguration.class, MailSenderAutoConfiguration.class, WebMvcAutoConfiguration.class, ServletWebServerFactoryAutoConfiguration.class, SoapAuthenticationServerTestConfiguration.class, CasCoreServicesConfiguration.class, CasRegisteredServicesTestConfiguration.class, CasCoreUtilConfiguration.class, CasCoreNotificationsConfiguration.class, SoapAuthenticationConfiguration.class}, properties = {"server.port=8080", "cas.authn.soap.url=http://localhost:8080/ws/users"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
/* loaded from: input_file:org/apereo/cas/authentication/SoapAuthenticationHandlerTests.class */
class SoapAuthenticationHandlerTests {

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Qualifier("soapAuthenticationAuthenticationHandler")
    private AuthenticationHandler soapAuthenticationAuthenticationHandler;

    SoapAuthenticationHandlerTests() {
    }

    @Test
    void verifyAction() throws Throwable {
        AuthenticationHandlerExecutionResult authenticate = this.soapAuthenticationAuthenticationHandler.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("casuser", "Mellon"), (Service) Mockito.mock(Service.class));
        Assertions.assertNotNull(authenticate);
        Assertions.assertEquals("CAS", authenticate.getPrincipal().getId());
        Assertions.assertEquals(1, authenticate.getPrincipal().getAttributes().size());
        Assertions.assertTrue(authenticate.getPrincipal().getAttributes().containsKey("givenName"));
    }

    @Test
    void verifyFailures() throws Throwable {
        UsernamePasswordCredential credentialsWithDifferentUsernameAndPassword = CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("casuser", "Mellon");
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.FORBIDDEN, AccountDisabledException.class);
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.UNAUTHORIZED, FailedLoginException.class);
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.NOT_FOUND, AccountNotFoundException.class);
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.LOCKED, AccountLockedException.class);
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.PRECONDITION_FAILED, AccountExpiredException.class);
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.PRECONDITION_REQUIRED, AccountPasswordMustChangeException.class);
        runTest(credentialsWithDifferentUsernameAndPassword, HttpStatus.NOT_ACCEPTABLE, FailedLoginException.class);
    }

    private void runTest(UsernamePasswordCredential usernamePasswordCredential, HttpStatus httpStatus, Class cls) {
        GetSoapAuthenticationResponse getSoapAuthenticationResponse = new GetSoapAuthenticationResponse();
        SoapAuthenticationClient soapAuthenticationClient = (SoapAuthenticationClient) Mockito.mock(SoapAuthenticationClient.class);
        getSoapAuthenticationResponse.setStatus(httpStatus.value());
        Mockito.when(soapAuthenticationClient.sendRequest((GetSoapAuthenticationRequest) Mockito.any())).thenReturn(getSoapAuthenticationResponse);
        SoapAuthenticationHandler soapAuthenticationHandler = new SoapAuthenticationHandler("Handler", this.servicesManager, PrincipalFactoryUtils.newPrincipalFactory(), 0, soapAuthenticationClient);
        Assertions.assertThrows(cls, () -> {
            soapAuthenticationHandler.authenticate(usernamePasswordCredential, (Service) Mockito.mock(Service.class));
        });
    }
}
