package pl.edu.icm.unity.engine.authn;

import java.util.List;
import java.util.Map;
import java.util.Set;
import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import pl.edu.icm.unity.engine.api.authn.AuthenticatedEntity;
import pl.edu.icm.unity.engine.api.authn.AuthenticationFlow;
import pl.edu.icm.unity.engine.api.authn.AuthenticationSubject;
import pl.edu.icm.unity.engine.api.authn.CredentialVerificator;
import pl.edu.icm.unity.engine.api.authn.LocalAuthenticationResult;
import pl.edu.icm.unity.engine.api.authn.local.LocalCredentialsRegistry;
import pl.edu.icm.unity.engine.credential.CredentialRepository;
import pl.edu.icm.unity.engine.identity.SecondFactorOptInService;
import pl.edu.icm.unity.engine.mock.MockPasswordRetrieval;
import pl.edu.icm.unity.types.authn.AuthenticationFlowDefinition;
import pl.edu.icm.unity.types.authn.AuthenticationOptionKey;
import pl.edu.icm.unity.types.authn.AuthenticatorInstanceMetadata;
import pl.edu.icm.unity.types.authn.AuthenticatorTypeDescription;
import pl.edu.icm.unity.types.authn.DynamicExpressionPolicyConfiguration;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:pl/edu/icm/unity/engine/authn/AuthenticationProcessorTest.class */
public class AuthenticationProcessorTest {

    @Mock
    private SecondFactorOptInService secondFactorOptInService;

    @Mock
    private LocalCredentialsRegistry localCred;

    @Mock
    private CredentialRepository credRepo;

    @Mock
    private AuthenticationFlowPolicyConfigMVELContextBuilder policyConfigMVELContextBuilder;

    @InjectMocks
    AuthenticationProcessorImpl processor;

    @Test
    public void shouldGoToSecondFactorWhenDynamicPolicyEvalToTrue() throws Exception {
        AuthenticatorInstanceMetadata authenticatorInstanceMetadata = new AuthenticatorInstanceMetadata();
        authenticatorInstanceMetadata.setLocalCredentialName((String) null);
        authenticatorInstanceMetadata.setTypeDescription(new AuthenticatorTypeDescription((String) null, (String) null, false));
        AuthenticatorImpl authenticatorImpl = new AuthenticatorImpl(new MockPasswordRetrieval(), (CredentialVerificator) null, authenticatorInstanceMetadata);
        AuthenticationOptionKey authenticationOptionKey = new AuthenticationOptionKey("1", "1");
        LocalAuthenticationResult successful = LocalAuthenticationResult.successful(new AuthenticatedEntity(1L, AuthenticationSubject.entityBased(1L), (String) null));
        AuthenticationFlow authenticationFlow = new AuthenticationFlow("flow", AuthenticationFlowDefinition.Policy.DYNAMIC_EXPRESSION, Set.of(), List.of(authenticatorImpl), new DynamicExpressionPolicyConfiguration("hasValid2FCredential == true"), 1L);
        Mockito.when(this.policyConfigMVELContextBuilder.createMvelContext(authenticationOptionKey, successful, false, authenticationFlow)).thenReturn(Map.of("hasValid2FCredential", true));
        Assertions.assertThat(this.processor.processPrimaryAuthnResult(successful, authenticationFlow, authenticationOptionKey).getSecondaryAuthenticator()).isNotNull();
    }

    @Test
    public void shouldSkipSecondFactorWhenDynamicPolicyEvalToFalse() throws Exception {
        AuthenticatorInstanceMetadata authenticatorInstanceMetadata = new AuthenticatorInstanceMetadata();
        authenticatorInstanceMetadata.setLocalCredentialName((String) null);
        authenticatorInstanceMetadata.setTypeDescription(new AuthenticatorTypeDescription((String) null, (String) null, false));
        AuthenticatorImpl authenticatorImpl = new AuthenticatorImpl(new MockPasswordRetrieval(), (CredentialVerificator) null, authenticatorInstanceMetadata);
        AuthenticationOptionKey authenticationOptionKey = new AuthenticationOptionKey("1", "1");
        LocalAuthenticationResult successful = LocalAuthenticationResult.successful(new AuthenticatedEntity(1L, AuthenticationSubject.entityBased(1L), (String) null));
        AuthenticationFlow authenticationFlow = new AuthenticationFlow("flow", AuthenticationFlowDefinition.Policy.DYNAMIC_EXPRESSION, Set.of(), List.of(authenticatorImpl), new DynamicExpressionPolicyConfiguration("hasValid2FCredential == true"), 1L);
        Mockito.when(this.policyConfigMVELContextBuilder.createMvelContext(authenticationOptionKey, successful, false, authenticationFlow)).thenReturn(Map.of("hasValid2FCredential", false));
        Assertions.assertThat(this.processor.processPrimaryAuthnResult(successful, authenticationFlow, authenticationOptionKey).getSecondaryAuthenticator()).isNull();
    }
}
