package org.apereo.cas.authentication;

import java.util.Optional;
import org.apereo.cas.authentication.BaseLdapAuthenticationHandlerTests;
import org.apereo.cas.authentication.attribute.AttributeDefinitionStore;
import org.apereo.cas.authentication.attribute.AttributeRepositoryResolver;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.attribute.PersonAttributeDao;
import org.apereo.cas.authentication.principal.resolvers.PersonDirectoryPrincipalResolver;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.core.authentication.PersonDirectoryPrincipalResolverProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.EncodingUtils;
import org.apereo.cas.util.junit.EnabledIfListeningOnPort;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.context.ConfigurableApplicationContext;

@Tag("ActiveDirectory")
@EnabledIfListeningOnPort(port = {10390})
@SpringBootTest(classes = {BaseLdapAuthenticationHandlerTests.SharedTestConfiguration.class}, properties = {"cas.authn.attribute-repository.ldap[0].bind-dn=Administrator@cas.example.org", "cas.authn.attribute-repository.ldap[0].bind-credential=M3110nM3110n#1", "cas.authn.attribute-repository.ldap[0].ldap-url=ldap://localhost:10390", "cas.authn.attribute-repository.ldap[0].use-start-tls=true", "cas.authn.attribute-repository.ldap[0].base-dn=dc=cas,dc=example,dc=org", "cas.authn.attribute-repository.ldap[0].search-filter=(sAMAccountName={username})", "cas.authn.attribute-repository.ldap[0].trust-store=file:/tmp/adcacerts.jks", "cas.authn.attribute-repository.ldap[0].trust-store-type=JKS", "cas.authn.attribute-repository.ldap[0].trust-manager=ANY", "cas.authn.attribute-repository.ldap[0].trust-store-password=changeit", "cas.authn.attribute-repository.ldap[0].attributes.displayName=description", "cas.authn.attribute-repository.ldap[0].attributes.objectGUID=objectGUID", "cas.authn.attribute-repository.ldap[0].attributes.objectSid=objectSid"})
/* loaded from: input_file:org/apereo/cas/authentication/PersonDirectoryPrincipalResolverActiveDirectoryTests.class */
class PersonDirectoryPrincipalResolverActiveDirectoryTests {
    public static final String AD_TRUST_STORE = "file:/tmp/adcacerts.jks";
    public static final String AD_ADMIN_PASSWORD = "M3110nM3110n#1";
    public static final String AD_LDAP_URL = "ldap://localhost:10390";

    @Autowired
    @Qualifier("attributeRepository")
    private PersonAttributeDao attributeRepository;

    @Autowired
    private CasConfigurationProperties casProperties;

    @Autowired
    @Qualifier("attributeDefinitionStore")
    private AttributeDefinitionStore attributeDefinitionStore;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("attributeRepositoryResolver")
    private AttributeRepositoryResolver attributeRepositoryResolver;

    PersonDirectoryPrincipalResolverActiveDirectoryTests() {
    }

    @Test
    void verifyResolver() throws Throwable {
        Principal resolve = PersonDirectoryPrincipalResolver.newPersonDirectoryPrincipalResolver(this.applicationContext, PrincipalFactoryUtils.newPrincipalFactory(), this.attributeRepository, CoreAuthenticationUtils.getAttributeMerger(this.casProperties.getAuthn().getAttributeRepository().getCore().getMerger()), this.servicesManager, this.attributeDefinitionStore, this.attributeRepositoryResolver, new PersonDirectoryPrincipalResolverProperties[]{this.casProperties.getPersonDirectory()}).resolve(new UsernamePasswordCredential("admin", "P@ssw0rd"), Optional.of(CoreAuthenticationTestUtils.getPrincipal()), Optional.of(new SimpleTestUsernamePasswordAuthenticationHandler()), Optional.of(CoreAuthenticationTestUtils.getService()));
        Assertions.assertNotNull(resolve);
        Assertions.assertTrue(resolve.getAttributes().containsKey("description"));
        Assertions.assertTrue(resolve.getAttributes().containsKey("objectGUID"));
        Assertions.assertTrue(resolve.getAttributes().containsKey("objectSid"));
        CollectionUtils.firstElement(resolve.getAttributes().get("objectGUID")).ifPresent(obj -> {
            Assertions.assertNotNull(EncodingUtils.decodeBase64(obj.toString()));
        });
        CollectionUtils.firstElement(resolve.getAttributes().get("objectSid")).ifPresent(obj2 -> {
            Assertions.assertNotNull(EncodingUtils.decodeBase64(obj2.toString()));
        });
    }
}
