package org.apereo.cas.web.flow;

import java.net.URI;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
import org.apereo.cas.authentication.AuthenticationEventExecutionPlan;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationServiceFactory;
import org.apereo.cas.configuration.model.core.sso.SingleSignOnProperties;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.services.CasRegisteredService;
import org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy;
import org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.MockRequestContext;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.apereo.cas.web.cookie.CookieGenerationContext;
import org.apereo.cas.web.flow.login.InitialFlowSetupAction;
import org.apereo.cas.web.support.CookieUtils;
import org.apereo.cas.web.support.DefaultArgumentExtractor;
import org.apereo.cas.web.support.WebUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.test.context.TestPropertySource;
import org.springframework.webflow.execution.Action;
import org.springframework.webflow.execution.Event;

@Tag("WebflowActions")
/* loaded from: input_file:org/apereo/cas/web/flow/InitialFlowSetupActionTests.class */
class InitialFlowSetupActionTests {

    @Nested
    /* loaded from: input_file:org/apereo/cas/web/flow/InitialFlowSetupActionTests$DefaultTests.class */
    class DefaultTests extends AbstractWebflowActionsTests {
        private static final String CONST_CONTEXT_PATH = "/test";
        private static final String CONST_CONTEXT_PATH_2 = "/test1";

        @Autowired
        @Qualifier("authenticationServiceSelectionPlan")
        private AuthenticationServiceSelectionPlan authenticationRequestServiceSelectionStrategies;

        @Autowired
        @Qualifier("authenticationEventExecutionPlan")
        private AuthenticationEventExecutionPlan authenticationEventExecutionPlan;
        private InitialFlowSetupAction action;
        private CasCookieBuilder warnCookieGenerator;
        private CasCookieBuilder tgtCookieGenerator;

        DefaultTests(InitialFlowSetupActionTests initialFlowSetupActionTests) {
        }

        @BeforeEach
        public void initialize() throws Exception {
            CookieGenerationContext build = CookieGenerationContext.builder().name("warn").path("").maxAge(2).domain((String) null).secure(false).httpOnly(false).build();
            CookieGenerationContext build2 = CookieGenerationContext.builder().name("tgt").path("").maxAge(2).domain((String) null).secure(false).httpOnly(false).build();
            this.warnCookieGenerator = CookieUtils.buildCookieRetrievingGenerator(build);
            this.warnCookieGenerator.setCookiePath("");
            this.tgtCookieGenerator = CookieUtils.buildCookieRetrievingGenerator(build2);
            this.tgtCookieGenerator.setCookiePath("");
            List singletonList = Collections.singletonList(new DefaultArgumentExtractor(new WebApplicationServiceFactory()));
            ServicesManager servicesManager = (ServicesManager) Mockito.mock(ServicesManager.class);
            Mockito.when(servicesManager.findServiceBy((Service) Mockito.any(Service.class))).thenReturn(RegisteredServiceTestUtils.getRegisteredService("test"));
            this.action = new InitialFlowSetupAction(singletonList, servicesManager, this.authenticationRequestServiceSelectionStrategies, this.tgtCookieGenerator, this.warnCookieGenerator, this.casProperties, this.authenticationEventExecutionPlan, new DefaultSingleSignOnParticipationStrategy(servicesManager, new SingleSignOnProperties().setCreateSsoCookieOnRenewAuthn(true).setRenewAuthnEnabled(true), (TicketRegistrySupport) Mockito.mock(TicketRegistrySupport.class), (AuthenticationServiceSelectionPlan) Mockito.mock(AuthenticationServiceSelectionPlan.class)), (TicketRegistrySupport) Mockito.mock(TicketRegistrySupport.class));
            this.action.afterPropertiesSet();
        }

        @Test
        void verifySettingContextPath() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setContextPath(CONST_CONTEXT_PATH);
            this.action.execute(create);
            Assertions.assertEquals("/test/", this.warnCookieGenerator.getCookiePath());
            Assertions.assertEquals("/test/", this.tgtCookieGenerator.getCookiePath());
        }

        @Test
        void verifyResettingContextPath() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setContextPath(CONST_CONTEXT_PATH);
            this.action.execute(create);
            Assertions.assertEquals("/test/", this.warnCookieGenerator.getCookiePath());
            Assertions.assertEquals("/test/", this.tgtCookieGenerator.getCookiePath());
            create.setContextPath(CONST_CONTEXT_PATH_2);
            this.action.execute(create);
            Assertions.assertNotSame("/test1/", this.warnCookieGenerator.getCookiePath());
            Assertions.assertNotSame("/test1/", this.tgtCookieGenerator.getCookiePath());
            Assertions.assertEquals("/test/", this.warnCookieGenerator.getCookiePath());
            Assertions.assertEquals("/test/", this.tgtCookieGenerator.getCookiePath());
        }
    }

    @TestPropertySource(properties = {"cas.authn.policy.source-selection-enabled=true", "cas.sso.sso-enabled=false", "cas.tgc.crypto.enabled=false"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/web/flow/InitialFlowSetupActionTests$SsoDisabledTests.class */
    class SsoDisabledTests extends AbstractWebflowActionsTests {

        @Autowired
        @Qualifier("initialFlowSetupAction")
        private Action action;

        SsoDisabledTests(InitialFlowSetupActionTests initialFlowSetupActionTests) {
        }

        @Test
        void verifyResponseStatusAsError() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.getHttpServletResponse().setStatus(HttpStatus.UNAUTHORIZED.value());
            Assertions.assertThrows(UnauthorizedServiceException.class, () -> {
                this.action.execute(create);
            });
        }

        @Test
        void verifyNoServiceFound() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            Event execute = this.action.execute(create);
            Assertions.assertNull(WebUtils.getService(create));
            Assertions.assertEquals("success", execute.getId());
        }

        @Test
        void verifyServiceFound() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setParameter("service", "test");
            Event execute = this.action.execute(create);
            Assertions.assertEquals("test", WebUtils.getService(create).getId());
            Assertions.assertNotNull(WebUtils.getRegisteredService(create));
            Assertions.assertEquals("success", execute.getId());
        }

        @Test
        void verifyServiceStrategy() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setMethod(HttpMethod.POST);
            String uuid = UUID.randomUUID().toString();
            CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(uuid);
            DefaultRegisteredServiceAccessStrategy defaultRegisteredServiceAccessStrategy = new DefaultRegisteredServiceAccessStrategy();
            defaultRegisteredServiceAccessStrategy.setUnauthorizedRedirectUrl(new URI("https://apereo.org/cas"));
            registeredService.setAccessStrategy(defaultRegisteredServiceAccessStrategy);
            create.setParameter("service", uuid);
            getServicesManager().save(registeredService);
            Assertions.assertEquals("success", this.action.execute(create).getId());
        }

        @Test
        void verifyTgtNoSso() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            MockTicketGrantingTicket mockTicketGrantingTicket = new MockTicketGrantingTicket("casuser");
            getTicketRegistry().addTicket(mockTicketGrantingTicket);
            getTicketGrantingTicketCookieGenerator().addCookie(create.getHttpServletResponse(), mockTicketGrantingTicket.getId());
            create.setRequestCookiesFromResponse();
            Assertions.assertEquals("success", this.action.execute(create).getId());
            Assertions.assertTrue(WebUtils.isExistingSingleSignOnSessionAvailable(create).booleanValue());
            Assertions.assertNotNull(getTicketRegistry().getTicket(mockTicketGrantingTicket.getId()));
        }

        @Test
        void verifyAuthHandlersSelected() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            String uuid = UUID.randomUUID().toString();
            CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(uuid);
            registeredService.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy());
            registeredService.setAuthenticationPolicy(new DefaultRegisteredServiceAuthenticationPolicy().setRequiredAuthenticationHandlers(CollectionUtils.wrapHashSet(new String[]{"handler1", "handler2"})));
            getServicesManager().save(registeredService);
            create.setParameter("service", uuid);
            Assertions.assertEquals("success", this.action.execute(create).getId());
            Assertions.assertTrue(WebUtils.getAvailableAuthenticationHandleNames(create).isEmpty());
        }
    }

    InitialFlowSetupActionTests() {
    }
}
