package org.apereo.cas.web.flow;

import java.nio.charset.StandardCharsets;
import java.time.Clock;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import org.apache.commons.io.IOUtils;
import org.apereo.cas.services.CasRegisteredService;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.wsfederation.WsFederationConfiguration;
import org.apereo.cas.support.wsfederation.WsFederationHelper;
import org.apereo.cas.support.wsfederation.web.WsFederationNavigationController;
import org.apereo.cas.util.MockRequestContext;
import org.apereo.cas.util.spring.beans.BeanContainer;
import org.apereo.cas.web.flow.BaseWsFederationWebflowTests;
import org.apereo.inspektr.common.web.ClientInfo;
import org.apereo.inspektr.common.web.ClientInfoHolder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.MethodOrderer;
import org.junit.jupiter.api.Order;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.TestMethodOrder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.core.io.ClassPathResource;
import org.springframework.webflow.execution.RequestContext;

@Tag("WSFederation")
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
@SpringBootTest(classes = {BaseWsFederationWebflowTests.SharedTestConfiguration.class}, properties = {"cas.authn.wsfed[0].identity-provider-url=https://example.com/adfs/ls/", "cas.authn.wsfed[0].identity-provider-identifier=http://adfs.example.com/adfs/services/trust", "cas.authn.wsfed[0].relying-party-identifier=urn:federation:cas", "cas.authn.wsfed[0].signing-certificate-resources=classpath:adfs-signing.crt", "cas.authn.wsfed[0].identity-attribute=upn"})
/* loaded from: input_file:org/apereo/cas/web/flow/WsFederationResponseValidatorTests.class */
class WsFederationResponseValidatorTests {

    @Autowired
    @Qualifier("wsFederationResponseValidator")
    private WsFederationResponseValidator wsFederationResponseValidator;

    @Autowired
    @Qualifier("wsFederationNavigationController")
    private WsFederationNavigationController wsFederationNavigationController;

    @Autowired
    @Qualifier("wsFederationConfigurations")
    private BeanContainer<WsFederationConfiguration> wsFederationConfigurations;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Qualifier("wsFederationHelper")
    private WsFederationHelper wsFederationHelper;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    WsFederationResponseValidatorTests() {
    }

    @Test
    @Order(2)
    void verifyOperation() throws Throwable {
        this.wsFederationHelper.setClock(Clock.fixed(ZonedDateTime.of(2014, 2, 26, 22, 51, 10, 0, ZoneOffset.UTC).toInstant(), ZoneOffset.UTC));
        RequestContext prepareContext = prepareContext();
        Assertions.assertDoesNotThrow(() -> {
            this.wsFederationResponseValidator.validateWsFederationAuthenticationRequest(prepareContext);
        });
    }

    @Test
    @Order(1)
    void verifyFailedOperation() throws Throwable {
        RequestContext prepareContext = prepareContext();
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            this.wsFederationResponseValidator.validateWsFederationAuthenticationRequest(prepareContext);
        });
    }

    private RequestContext prepareContext() throws Exception {
        MockRequestContext create = MockRequestContext.create(this.applicationContext);
        create.getHttpServletRequest().setRemoteAddr("185.86.151.11");
        create.getHttpServletRequest().setLocalAddr("185.88.151.11");
        create.getHttpServletRequest().addHeader("user-agent", "Mozilla/5.0 (Windows NT 10.0; WOW64)");
        ClientInfoHolder.setClientInfo(ClientInfo.from(create.getHttpServletRequest()));
        CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("https://wsfedservice-validate");
        this.servicesManager.save(registeredService);
        create.setParameter("service", RegisteredServiceTestUtils.getService(registeredService.getServiceId()).getId());
        String id = ((WsFederationConfiguration) this.wsFederationConfigurations.toList().getFirst()).getId();
        create.setParameter("wsfedclientid", id);
        this.wsFederationNavigationController.redirectToProvider(create.getHttpServletRequest(), create.getHttpServletResponse());
        create.setRequestCookiesFromResponse();
        create.setParameter("wresult", IOUtils.toString(new ClassPathResource("goodTokenResponse.txt").getInputStream(), StandardCharsets.UTF_8));
        create.setParameter("wctx", id);
        return create;
    }
}
