package org.apereo.cas.trusted.authentication.storage;

import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import java.io.Serializable;
import java.nio.charset.StandardCharsets;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.time.temporal.ChronoUnit;
import org.apereo.cas.config.CasCoreAuditConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationPrincipalConfiguration;
import org.apereo.cas.config.CasCoreConfiguration;
import org.apereo.cas.config.CasCoreNotificationsConfiguration;
import org.apereo.cas.config.CasCoreServicesConfiguration;
import org.apereo.cas.config.CasCoreTicketsConfiguration;
import org.apereo.cas.config.CasCoreTicketsSerializationConfiguration;
import org.apereo.cas.config.CasCoreUtilConfiguration;
import org.apereo.cas.config.CasCoreWebConfiguration;
import org.apereo.cas.config.MultifactorAuthnTrustConfiguration;
import org.apereo.cas.config.MultifactorAuthnTrustedDeviceFingerprintConfiguration;
import org.apereo.cas.config.RestMultifactorAuthenticationTrustConfiguration;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecord;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage;
import org.apereo.cas.trusted.authentication.keys.DefaultMultifactorAuthenticationTrustRecordKeyGenerator;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.MockWebServer;
import org.apereo.cas.util.crypto.CipherExecutor;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.web.client.RestTemplate;

@Tag("RestfulApiAuthentication")
@SpringBootTest(classes = {RestMultifactorAuthenticationTrustConfiguration.class, MultifactorAuthnTrustedDeviceFingerprintConfiguration.class, MultifactorAuthnTrustConfiguration.class, CasCoreAuditConfiguration.class, CasCoreUtilConfiguration.class, CasCoreConfiguration.class, CasCoreServicesConfiguration.class, CasCoreTicketsConfiguration.class, CasCoreTicketsSerializationConfiguration.class, CasCoreAuthenticationPrincipalConfiguration.class, CasCoreWebConfiguration.class, CasCoreNotificationsConfiguration.class, WebMvcAutoConfiguration.class, RefreshAutoConfiguration.class}, properties = {"cas.authn.mfa.trusted.device-fingerprint.cookie.crypto.encryption.key=3RXtt06xYUAli7uU-Z915ZGe0MRBFw3uDjWgOEf1GT8", "cas.authn.mfa.trusted.device-fingerprint.cookie.crypto.signing.key=jIFR-fojN0vOIUcT0hDRXHLVp07CV-YeU8GnjICsXpu65lfkJbiKP028pT74Iurkor38xDGXNcXk_Y1V4rNDqw", "cas.authn.mfa.trusted.crypto.encryption.key=zAaKugaeAUSEfS8MCAdQbj4rxgHRLpNvgjLs4Mr6iiM", "cas.authn.mfa.trusted.crypto.signing.key=dU33-XjGeq8WhaAWCs1r1pPvgiLh_rQTgfANUq4hZcktvvhwOe6RXaeddMc446afK3emoOO4ZQpX85IBfAAQYA", "cas.authn.mfa.trusted.rest.url=http://localhost:9297"})
/* loaded from: input_file:org/apereo/cas/trusted/authentication/storage/RestMultifactorAuthenticationTrustStorageTests.class */
class RestMultifactorAuthenticationTrustStorageTests {
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(false).build().toObjectMapper();

    @Autowired
    @Qualifier("mfaTrustEngine")
    private MultifactorAuthenticationTrustStorage mfaTrustEngine;

    @Autowired
    @Qualifier("mfaTrustCipherExecutor")
    private CipherExecutor<Serializable, String> mfaTrustCipherExecutor;

    RestMultifactorAuthenticationTrustStorageTests() {
    }

    @BeforeAll
    public static void setup() {
        MAPPER.configure(DeserializationFeature.ADJUST_DATES_TO_CONTEXT_TIME_ZONE, false);
        MAPPER.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false);
    }

    @Test
    void verifyRemovalByKey() throws Throwable {
        MultifactorAuthenticationTrustRecord newInstance = MultifactorAuthenticationTrustRecord.newInstance("casuser", "geography", "fingerprint");
        MockWebServer mockWebServer = new MockWebServer(9297, new ByteArrayResource(MAPPER.writeValueAsString(CollectionUtils.wrap(newInstance)).getBytes(StandardCharsets.UTF_8), "REST Output"), "application/json");
        try {
            mockWebServer.start();
            Assertions.assertDoesNotThrow(() -> {
                this.mfaTrustEngine.remove(newInstance.getRecordKey());
            });
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    void verifyRemovalByDate() throws Throwable {
        MockWebServer mockWebServer = new MockWebServer(9297, new ByteArrayResource("".getBytes(StandardCharsets.UTF_8), "REST Output"), "application/json");
        try {
            mockWebServer.start();
            Assertions.assertDoesNotThrow(() -> {
                this.mfaTrustEngine.remove(ZonedDateTime.now(ZoneOffset.UTC));
            });
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    void verifyFetchRecords() throws Throwable {
        MultifactorAuthenticationTrustRecord newInstance = MultifactorAuthenticationTrustRecord.newInstance("casuser", "geography", "fingerprint");
        MockWebServer mockWebServer = new MockWebServer(9297, new ByteArrayResource(MAPPER.writeValueAsString(CollectionUtils.wrap(newInstance)).getBytes(StandardCharsets.UTF_8), "REST Output"), "application/json");
        try {
            mockWebServer.start();
            this.mfaTrustEngine.save(newInstance);
            Assertions.assertNotNull(this.mfaTrustEngine.get(newInstance.getId()));
            Assertions.assertNotNull(this.mfaTrustEngine.getAll());
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    void verifySetAnExpireByKey() throws Throwable {
        MultifactorAuthenticationTrustRecord newInstance = MultifactorAuthenticationTrustRecord.newInstance("casuser", "geography", "fingerprint");
        MockWebServer mockWebServer = new MockWebServer(9297, new ByteArrayResource(MAPPER.writeValueAsString(CollectionUtils.wrap(newInstance)).getBytes(StandardCharsets.UTF_8), "REST Output"), "application/json");
        try {
            mockWebServer.start();
            this.mfaTrustEngine.save(newInstance);
            Assertions.assertNotNull(this.mfaTrustEngine.get("casuser"));
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    void verifyExpireByDate() throws Throwable {
        MultifactorAuthenticationTrustRecord newInstance = MultifactorAuthenticationTrustRecord.newInstance("castest", "geography", "fingerprint");
        newInstance.setRecordDate(ZonedDateTime.now(ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS).minusDays(2L));
        MockWebServer mockWebServer = new MockWebServer(9311, new ByteArrayResource(MAPPER.writeValueAsString(CollectionUtils.wrap(newInstance)).getBytes(StandardCharsets.UTF_8), "REST Output"), "application/json");
        try {
            mockWebServer.start();
            CasConfigurationProperties casConfigurationProperties = new CasConfigurationProperties();
            casConfigurationProperties.getAuthn().getMfa().getTrusted().getRest().setUrl("http://localhost:9311");
            RestMultifactorAuthenticationTrustStorage restMultifactorAuthenticationTrustStorage = new RestMultifactorAuthenticationTrustStorage(casConfigurationProperties.getAuthn().getMfa().getTrusted(), this.mfaTrustCipherExecutor, new DefaultMultifactorAuthenticationTrustRecordKeyGenerator(), new RestTemplate());
            restMultifactorAuthenticationTrustStorage.save(newInstance);
            Assertions.assertNotNull(restMultifactorAuthenticationTrustStorage.get(newInstance.getPrincipal()));
            mockWebServer.close();
        } catch (Throwable th) {
            try {
                mockWebServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
