package org.apereo.cas.web.flow;

import com.google.common.collect.Lists;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.util.Collections;
import java.util.List;
import java.util.zip.Inflater;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationServiceFactory;
import org.apereo.cas.logout.DefaultLogoutRequest;
import org.apereo.cas.logout.DefaultSingleLogoutServiceLogoutUrlBuilder;
import org.apereo.cas.logout.DefaultSingleLogoutServiceMessageHandler;
import org.apereo.cas.logout.LogoutManagerImpl;
import org.apereo.cas.logout.LogoutRequest;
import org.apereo.cas.logout.LogoutRequestStatus;
import org.apereo.cas.logout.SamlCompliantLogoutMessageCreator;
import org.apereo.cas.logout.SingleLogoutService;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy;
import org.apereo.cas.services.LogoutType;
import org.apereo.cas.services.RegexRegisteredService;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.EncodingUtils;
import org.apereo.cas.web.support.WebUtils;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Matchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.webflow.context.servlet.ServletExternalContext;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;
import org.springframework.webflow.test.MockFlowExecutionContext;
import org.springframework.webflow.test.MockFlowExecutionKey;

/* loaded from: input_file:org/apereo/cas/web/flow/FrontChannelLogoutActionTests.class */
public class FrontChannelLogoutActionTests {
    private static final String FLOW_EXECUTION_KEY = "12234";
    private static final String TICKET_ID = "ST-XXX";
    private static final String TEST_URL = "https://www.apereo.org";
    private FrontChannelLogoutAction frontChannelLogoutAction;
    private MockHttpServletRequest request;
    private MockHttpServletResponse response;
    private RequestContext requestContext;

    @Mock
    private ServicesManager servicesManager;
    private LogoutManagerImpl logoutManager;

    public FrontChannelLogoutActionTests() {
        MockitoAnnotations.initMocks(this);
    }

    @Before
    public void onSetUp() throws Exception {
        this.logoutManager = new LogoutManagerImpl(new SamlCompliantLogoutMessageCreator());
        DefaultSingleLogoutServiceMessageHandler defaultSingleLogoutServiceMessageHandler = new DefaultSingleLogoutServiceMessageHandler();
        defaultSingleLogoutServiceMessageHandler.setLogoutMessageBuilder(new SamlCompliantLogoutMessageCreator());
        defaultSingleLogoutServiceMessageHandler.setServicesManager(this.servicesManager);
        defaultSingleLogoutServiceMessageHandler.setSingleLogoutServiceLogoutUrlBuilder(new DefaultSingleLogoutServiceLogoutUrlBuilder());
        this.logoutManager.setSingleLogoutServiceMessageHandler(defaultSingleLogoutServiceMessageHandler);
        this.frontChannelLogoutAction = new FrontChannelLogoutAction(this.logoutManager);
        this.request = new MockHttpServletRequest();
        this.response = new MockHttpServletResponse();
        this.requestContext = (RequestContext) Mockito.mock(RequestContext.class);
        ServletExternalContext servletExternalContext = (ServletExternalContext) Mockito.mock(ServletExternalContext.class);
        Mockito.when(this.requestContext.getExternalContext()).thenReturn(servletExternalContext);
        Mockito.when(servletExternalContext.getNativeRequest()).thenReturn(this.request);
        Mockito.when(servletExternalContext.getNativeResponse()).thenReturn(this.response);
        Mockito.when(this.requestContext.getFlowScope()).thenReturn(new LocalAttributeMap());
        MockFlowExecutionKey mockFlowExecutionKey = new MockFlowExecutionKey(FLOW_EXECUTION_KEY);
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext();
        mockFlowExecutionContext.setKey(mockFlowExecutionKey);
        Mockito.when(this.requestContext.getFlowExecutionContext()).thenReturn(mockFlowExecutionContext);
    }

    @Test
    public void verifyLogoutNoRequest() throws Exception {
        this.requestContext.getFlowScope().put("logoutIndex", 0);
        Assert.assertEquals("finish", this.frontChannelLogoutAction.doExecute(this.requestContext).getId());
    }

    @Test
    public void verifyLogoutNoIndex() throws Exception {
        WebUtils.putLogoutRequests(this.requestContext, Collections.emptyList());
        Assert.assertEquals("finish", this.frontChannelLogoutAction.doExecute(this.requestContext).getId());
    }

    @Test
    public void verifyLogoutOneLogoutRequestSuccess() throws Exception {
        new DefaultLogoutRequest("", (SingleLogoutService) null, (URL) null).setStatus(LogoutRequestStatus.SUCCESS);
        WebUtils.putLogoutRequests(this.requestContext, Collections.emptyList());
        this.requestContext.getFlowScope().put("logoutIndex", 0);
        Assert.assertEquals("finish", this.frontChannelLogoutAction.doExecute(this.requestContext).getId());
    }

    @Test
    public void verifyLogoutOneLogoutRequestNotAttempted() throws Exception {
        Event logoutEvent = getLogoutEvent(Lists.newArrayList(new LogoutRequest[]{new DefaultLogoutRequest(TICKET_ID, new WebApplicationServiceFactory().createService(TEST_URL, SingleLogoutService.class), new URL(TEST_URL))}));
        Assert.assertEquals("redirectApp", logoutEvent.getId());
        Assert.assertEquals(1L, WebUtils.getLogoutRequests(this.requestContext).size());
        String str = (String) logoutEvent.getAttributes().get("logoutUrl");
        Assert.assertTrue(str.startsWith("https://www.apereo.org?SAMLRequest="));
        byte[] decodeBase64 = EncodingUtils.decodeBase64(URLDecoder.decode(StringUtils.substringAfter(str, "?SAMLRequest="), "UTF-8"));
        Inflater inflater = new Inflater();
        inflater.setInput(decodeBase64);
        byte[] bArr = new byte[1000];
        inflater.inflate(bArr);
        inflater.end();
        String str2 = new String(bArr);
        Assert.assertTrue(str2.startsWith("<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\""));
        Assert.assertTrue(str2.contains("<samlp:SessionIndex>ST-XXX</samlp:SessionIndex>"));
    }

    @Test
    public void verifyLogoutUrlForServiceIsUsed() throws Exception {
        RegisteredService registeredService = getRegisteredService();
        Mockito.when(this.servicesManager.findServiceBy((Service) Matchers.any(SingleLogoutService.class))).thenReturn(registeredService);
        SingleLogoutService singleLogoutService = (SingleLogoutService) Mockito.mock(SingleLogoutService.class);
        Mockito.when(singleLogoutService.getId()).thenReturn(registeredService.getServiceId());
        Mockito.when(singleLogoutService.getOriginalUrl()).thenReturn(registeredService.getServiceId());
        MockTicketGrantingTicket mockTicketGrantingTicket = new MockTicketGrantingTicket("test");
        mockTicketGrantingTicket.getServices().put("service", singleLogoutService);
        Event logoutEvent = getLogoutEvent(this.logoutManager.performLogout(mockTicketGrantingTicket));
        Assert.assertEquals("redirectApp", logoutEvent.getId());
        Assert.assertEquals(1L, WebUtils.getLogoutRequests(this.requestContext).size());
        Assert.assertTrue(((String) logoutEvent.getAttributes().get("logoutUrl")).startsWith(registeredService.getLogoutUrl().toExternalForm()));
    }

    private RegisteredService getRegisteredService() throws MalformedURLException {
        RegexRegisteredService regexRegisteredService = new RegexRegisteredService();
        regexRegisteredService.setServiceId("https://www.github.com");
        regexRegisteredService.setLogoutUrl(new URL("https://www.google.com"));
        regexRegisteredService.setName("Service logout test");
        regexRegisteredService.setLogoutType(LogoutType.FRONT_CHANNEL);
        regexRegisteredService.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(true, true));
        return regexRegisteredService;
    }

    private Event getLogoutEvent(List<LogoutRequest> list) throws Exception {
        WebUtils.putLogoutRequests(this.requestContext, list);
        this.requestContext.getFlowScope().put("logoutIndex", 0);
        return this.frontChannelLogoutAction.doExecute(this.requestContext);
    }
}
