package org.apereo.cas.authentication;

import java.util.Arrays;
import java.util.Map;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.util.junit.EnabledIfPortOpen;
import org.jooq.lambda.Unchecked;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.test.context.TestPropertySource;

@Tag("Ldap")
@TestPropertySource(properties = {"cas.authn.ldap[0].type=AUTHENTICATED", "cas.authn.ldap[0].bind-dn=Administrator@cas.example.org", "cas.authn.ldap[0].bind-credential=M3110nM3110n#1", "cas.authn.ldap[0].ldap-url=ldap://localhost:10390", "cas.authn.ldap[0].use-start-tls=true", "cas.authn.ldap[0].subtree-search=true", "cas.authn.ldap[0].base-dn=dc=cas,dc=example,dc=org", "cas.authn.ldap[0].follow-referrals=false", "cas.authn.ldap[0].principal-attribute-list=sAMAccountName,cn", "cas.authn.ldap[0].enhance-with-entry-resolver=true", "cas.authn.ldap[0].search-filter=(sAMAccountName={user})", "cas.authn.ldap[0].min-pool-size=0", "cas.authn.ldap[0].trust-store=file:/tmp/adcacerts.jks", "cas.authn.ldap[0].trust-store-type=JKS", "cas.authn.ldap[0].trust-store-password=changeit", "cas.authn.ldap[0].hostname-verifier=DEFAULT", "cas.authn.ldap[0].password-policy.type=AD", "cas.authn.ldap[0].password-policy.enabled=true"})
@EnabledIfPortOpen(port = {10390})
/* loaded from: input_file:org/apereo/cas/authentication/ActiveDirectoryLdapAuthenticationHandlerPasswordPolicyTests.class */
public class ActiveDirectoryLdapAuthenticationHandlerPasswordPolicyTests extends BaseActiveDirectoryLdapAuthenticationHandlerTests {
    @Override // org.apereo.cas.authentication.BaseLdapAuthenticationHandlerTests
    protected String getUsername() {
        return "expirestomorrow";
    }

    @Test
    public void verifyAuthenticateWarnings() {
        Assertions.assertNotEquals(this.ldapAuthenticationHandlers.size(), 0);
        this.ldapAuthenticationHandlers.toList().forEach(Unchecked.consumer(authenticationHandler -> {
            UsernamePasswordCredential usernamePasswordCredential = new UsernamePasswordCredential(getUsername(), getSuccessPassword());
            AuthenticationHandlerExecutionResult authenticate = authenticationHandler.authenticate(usernamePasswordCredential);
            Assertions.assertTrue((authenticate.getWarnings() == null || authenticate.getWarnings().isEmpty()) ? false : true);
            Assertions.assertTrue(authenticate.getWarnings().stream().anyMatch(messageDescriptor -> {
                return messageDescriptor.getCode().equals("password.expiration.warning");
            }));
            Assertions.assertNotNull(authenticate.getPrincipal());
            Assertions.assertEquals(usernamePasswordCredential.getUsername(), authenticate.getPrincipal().getId());
            Map attributes = authenticate.getPrincipal().getAttributes();
            Arrays.stream(getPrincipalAttributes()).forEach(str -> {
                Assertions.assertTrue(attributes.containsKey(str));
            });
        }));
    }
}
