package org.apereo.cas;

import java.util.Map;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.authentication.AuthenticationResult;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.MixedPrincipalException;
import org.apereo.cas.authentication.PrincipalException;
import org.apereo.cas.authentication.TestUtils;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationServiceFactory;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.services.UnauthorizedSsoServiceException;
import org.apereo.cas.ticket.AbstractTicketException;
import org.apereo.cas.ticket.ExpirationPolicy;
import org.apereo.cas.ticket.ServiceTicket;
import org.apereo.cas.ticket.TicketFactory;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.ticket.TicketGrantingTicketImpl;
import org.apereo.cas.validation.Cas20WithoutProxyingValidationSpecification;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.mock.web.MockHttpServletRequest;

/* loaded from: input_file:org/apereo/cas/CentralAuthenticationServiceImplTests.class */
public class CentralAuthenticationServiceImplTests extends AbstractCentralAuthenticationServiceTests {
    @Test(expected = AuthenticationException.class)
    public void verifyBadCredentialsOnTicketGrantingTicketCreation() throws Exception {
        getCentralAuthenticationService().createTicketGrantingTicket(TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[]{TestUtils.getCredentialsWithDifferentUsernameAndPassword()}));
    }

    @Test
    public void verifyGoodCredentialsOnTicketGrantingTicketCreation() throws Exception {
        try {
            Assert.assertNotNull(getCentralAuthenticationService().createTicketGrantingTicket(TestUtils.getAuthenticationResult(getAuthenticationSystemSupport())));
        } catch (AbstractTicketException unused) {
            Assert.fail("Exception expected");
        }
    }

    @Test
    public void verifyDestroyTicketGrantingTicketWithNonExistantTicket() {
        getCentralAuthenticationService().destroyTicketGrantingTicket("test");
    }

    @Test
    public void verifyDestroyTicketGrantingTicketWithValidTicket() throws Exception {
        getCentralAuthenticationService().destroyTicketGrantingTicket(getCentralAuthenticationService().createTicketGrantingTicket(TestUtils.getAuthenticationResult(getAuthenticationSystemSupport())).getId());
    }

    @Test(expected = RuntimeException.class)
    public void disallowNullCredentionalsWhenCreatingTicketGrantingTicket() throws Exception {
        getCentralAuthenticationService().createTicketGrantingTicket(TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[1]));
    }

    @Test(expected = RuntimeException.class)
    public void disallowNullCredentialsArrayWhenCreatingTicketGrantingTicket() throws Exception {
        getCentralAuthenticationService().createTicketGrantingTicket(TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[2]));
    }

    @Test(expected = ClassCastException.class)
    public void verifyDestroyTicketGrantingTicketWithInvalidTicket() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport());
        getCentralAuthenticationService().destroyTicketGrantingTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult).getId());
    }

    @Test
    public void checkGrantingOfServiceTicketUsingDefaultTicketIdGen() throws Exception {
        Service service = (Service) Mockito.mock(Service.class);
        Mockito.when(service.getId()).thenReturn("testDefault");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertNotNull(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult));
    }

    @Test
    public void verifyGrantServiceTicketWithValidTicketGrantingTicket() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport());
        getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult);
    }

    @Test(expected = PrincipalException.class)
    public void verifyGrantServiceTicketFailsAuthzRule() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService("TestServiceAttributeForAuthzFails"));
        getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService("TestServiceAttributeForAuthzFails"), authenticationResult);
    }

    @Test
    public void verifyGrantServiceTicketPassesAuthzRule() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService("TestServiceAttributeForAuthzPasses"));
        getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService("TestServiceAttributeForAuthzPasses"), authenticationResult);
    }

    @Test
    public void verifyGrantProxyTicketWithValidTicketGrantingTicket() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport());
        Assert.assertTrue(getCentralAuthenticationService().grantProxyTicket(getCentralAuthenticationService().createProxyGrantingTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult).getId(), TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[]{org.apereo.cas.services.TestUtils.getHttpBasedServiceCredentials()})).getId(), getService()).getId().startsWith("PT"));
    }

    @Test(expected = AbstractTicketException.class)
    public void verifyGrantServiceTicketWithInvalidTicketGrantingTicket() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport());
        TicketGrantingTicket createTicketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult);
        getCentralAuthenticationService().destroyTicketGrantingTicket(createTicketGrantingTicket.getId());
        getCentralAuthenticationService().grantServiceTicket(createTicketGrantingTicket.getId(), getService(), authenticationResult);
    }

    @Test
    public void verifyDelegateTicketGrantingTicketWithProperParams() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
        Assert.assertTrue(getCentralAuthenticationService().createProxyGrantingTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult).getId(), TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[]{org.apereo.cas.services.TestUtils.getHttpBasedServiceCredentials()})).getId().startsWith("PGT"));
    }

    @Test(expected = AbstractTicketException.class)
    public void verifyDelegateTicketGrantingTicketWithBadServiceTicket() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
        TicketGrantingTicket createTicketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult);
        ServiceTicket grantServiceTicket = getCentralAuthenticationService().grantServiceTicket(createTicketGrantingTicket.getId(), getService(), authenticationResult);
        getCentralAuthenticationService().destroyTicketGrantingTicket(createTicketGrantingTicket.getId());
        getCentralAuthenticationService().createProxyGrantingTicket(grantServiceTicket.getId(), TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[]{org.apereo.cas.services.TestUtils.getHttpBasedServiceCredentials()}));
    }

    @Test
    public void verifyGrantServiceTicketWithValidCredentials() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
        getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult);
    }

    @Test(expected = MixedPrincipalException.class)
    public void verifyGrantServiceTicketWithDifferentCredentials() throws Exception {
        getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[]{TestUtils.getCredentialsWithSameUsernameAndPassword("testA")})).getId(), getService(), TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), new Credential[]{TestUtils.getCredentialsWithSameUsernameAndPassword("testB")}));
    }

    @Test
    public void verifyValidateServiceTicketWithValidService() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport());
        getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult).getId(), getService());
    }

    @Test(expected = UnauthorizedServiceException.class)
    public void verifyValidateServiceTicketWithInvalidService() throws Exception {
        Service service = getService("badtestservice");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult).getId(), service);
    }

    @Test(expected = AbstractTicketException.class)
    public void verifyValidateServiceTicketWithInvalidServiceTicket() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
        TicketGrantingTicket createTicketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult);
        ServiceTicket grantServiceTicket = getCentralAuthenticationService().grantServiceTicket(createTicketGrantingTicket.getId(), getService(), authenticationResult);
        getCentralAuthenticationService().destroyTicketGrantingTicket(createTicketGrantingTicket.getId());
        getCentralAuthenticationService().validateServiceTicket(grantServiceTicket.getId(), getService());
    }

    @Test(expected = AbstractTicketException.class)
    public void verifyValidateServiceTicketNonExistantTicket() throws Exception {
        getCentralAuthenticationService().validateServiceTicket("google", getService());
    }

    @Test
    public void verifyValidateServiceTicketWithoutUsernameAttribute() throws Exception {
        UsernamePasswordCredential credentialsWithSameUsernameAndPassword = TestUtils.getCredentialsWithSameUsernameAndPassword();
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
        Assert.assertEquals(getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), getService(), authenticationResult).getId(), getService()).getPrimaryAuthentication().getPrincipal().getId(), credentialsWithSameUsernameAndPassword.getUsername());
    }

    @Test
    public void verifyValidateServiceTicketWithDefaultUsernameAttribute() throws Exception {
        Service service = getService("testDefault");
        UsernamePasswordCredential credentialsWithSameUsernameAndPassword = TestUtils.getCredentialsWithSameUsernameAndPassword();
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertEquals(getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult).getId(), service).getPrimaryAuthentication().getPrincipal().getId(), credentialsWithSameUsernameAndPassword.getUsername());
    }

    @Test
    public void verifyValidateServiceTicketWithUsernameAttribute() throws Exception {
        Service service = getService("eduPersonTest");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertEquals("developer", getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult).getId(), service).getPrimaryAuthentication().getPrincipal().getId());
    }

    @Test
    public void verifyGrantServiceTicketWithCredsAndSsoFalse() throws Exception {
        Service service = getService("TestSsoFalse");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertNotNull(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult));
    }

    @Test
    public void verifyGrantServiceTicketWithNoCredsAndSsoFalse() throws Exception {
        Service service = getService("TestSsoFalse");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertNotNull(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult));
    }

    @Test(expected = UnauthorizedSsoServiceException.class)
    public void verifyGrantServiceTicketWithNoCredsAndSsoFalseAndSsoFalse() throws Exception {
        Service service = getService("TestSsoFalse");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        TicketGrantingTicket createTicketGrantingTicket = getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult);
        getCentralAuthenticationService().grantServiceTicket(createTicketGrantingTicket.getId(), getService("eduPersonTest"), authenticationResult);
        getCentralAuthenticationService().grantServiceTicket(createTicketGrantingTicket.getId(), service, authenticationResult);
    }

    @Test
    public void verifyValidateServiceTicketNoAttributesReturned() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService());
        Assert.assertEquals(0L, getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), r0, authenticationResult).getId(), r0).getPrimaryAuthentication().getPrincipal().getAttributes().size());
    }

    @Test
    public void verifyValidateServiceTicketReturnAllAttributes() throws Exception {
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), getService("eduPersonTest"));
        Assert.assertEquals(4L, getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), r0, authenticationResult).getId(), r0).getPrimaryAuthentication().getPrincipal().getAttributes().size());
    }

    @Test
    public void verifyValidateServiceTicketReturnOnlyAllowedAttribute() throws Exception {
        Service service = getService("eduPersonTestInvalid");
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Map attributes = getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult).getId(), service).getPrimaryAuthentication().getPrincipal().getAttributes();
        Assert.assertEquals(1L, attributes.size());
        Assert.assertEquals("adopters", attributes.get("groupMembership"));
    }

    @Test
    public void verifyValidateServiceTicketAnonymous() throws Exception {
        Service service = getService("testAnonymous");
        UsernamePasswordCredential credentialsWithSameUsernameAndPassword = TestUtils.getCredentialsWithSameUsernameAndPassword();
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertNotEquals(credentialsWithSameUsernameAndPassword.getUsername(), getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult).getId(), service).getPrimaryAuthentication().getPrincipal().getId());
    }

    @Test
    public void verifyValidateServiceTicketWithInvalidUsernameAttribute() throws Exception {
        Service service = getService("eduPersonTestInvalid");
        UsernamePasswordCredential credentialsWithSameUsernameAndPassword = TestUtils.getCredentialsWithSameUsernameAndPassword();
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        Assert.assertEquals(getCentralAuthenticationService().validateServiceTicket(getCentralAuthenticationService().grantServiceTicket(getCentralAuthenticationService().createTicketGrantingTicket(authenticationResult).getId(), service, authenticationResult).getId(), service).getPrimaryAuthentication().getPrincipal().getId(), credentialsWithSameUsernameAndPassword.getUsername());
    }

    @Test
    public void authenticateTwiceWithRenew() throws AbstractTicketException, AuthenticationException {
        CentralAuthenticationService centralAuthenticationService = getCentralAuthenticationService();
        Service service = getService("testDefault");
        TestUtils.getCredentialsWithSameUsernameAndPassword();
        AuthenticationResult authenticationResult = TestUtils.getAuthenticationResult(getAuthenticationSystemSupport(), service);
        TicketGrantingTicket createTicketGrantingTicket = centralAuthenticationService.createTicketGrantingTicket(authenticationResult);
        centralAuthenticationService.grantServiceTicket(createTicketGrantingTicket.getId(), service, authenticationResult);
        Assert.assertTrue(new Cas20WithoutProxyingValidationSpecification().isSatisfiedBy(centralAuthenticationService.validateServiceTicket(centralAuthenticationService.grantServiceTicket(createTicketGrantingTicket.getId(), service, authenticationResult).getId(), service), new MockHttpServletRequest()));
    }

    @Test
    public void verifyDestroyRemoteRegistry() throws AbstractTicketException, AuthenticationException {
        MockOnlyOneTicketRegistry mockOnlyOneTicketRegistry = new MockOnlyOneTicketRegistry();
        TicketGrantingTicketImpl ticketGrantingTicketImpl = new TicketGrantingTicketImpl("TGT-1", (Authentication) Mockito.mock(Authentication.class), (ExpirationPolicy) Mockito.mock(ExpirationPolicy.class));
        MockExpireUpdateTicketLogoutManager mockExpireUpdateTicketLogoutManager = new MockExpireUpdateTicketLogoutManager(mockOnlyOneTicketRegistry);
        mockOnlyOneTicketRegistry.addTicket(ticketGrantingTicketImpl);
        CentralAuthenticationServiceImpl centralAuthenticationServiceImpl = new CentralAuthenticationServiceImpl(mockOnlyOneTicketRegistry, (TicketFactory) null, (ServicesManager) null, mockExpireUpdateTicketLogoutManager);
        centralAuthenticationServiceImpl.setApplicationEventPublisher((ApplicationEventPublisher) Mockito.mock(ApplicationEventPublisher.class));
        centralAuthenticationServiceImpl.destroyTicketGrantingTicket(ticketGrantingTicketImpl.getId());
    }

    private static Service getService(String str) {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", str);
        return new WebApplicationServiceFactory().createService(mockHttpServletRequest);
    }

    private static Service getService() {
        return getService("https://google.com");
    }
}
