package org.apereo.cas.authentication;

import com.mongodb.client.MongoClient;
import com.mongodb.client.MongoCollection;
import com.mongodb.client.MongoDatabase;
import java.util.Map;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.config.CasMongoAuthenticationConfiguration;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.config.CasCoreAuthenticationConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationHandlersConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationMetadataConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationPolicyConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationPrincipalConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationServiceSelectionStrategyConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationSupportConfiguration;
import org.apereo.cas.config.CasCoreConfiguration;
import org.apereo.cas.config.CasCoreHttpConfiguration;
import org.apereo.cas.config.CasCoreNotificationsConfiguration;
import org.apereo.cas.config.CasCoreServicesAuthenticationConfiguration;
import org.apereo.cas.config.CasCoreServicesConfiguration;
import org.apereo.cas.config.CasCoreTicketCatalogConfiguration;
import org.apereo.cas.config.CasCoreTicketIdGeneratorsConfiguration;
import org.apereo.cas.config.CasCoreTicketsConfiguration;
import org.apereo.cas.config.CasCoreTicketsSerializationConfiguration;
import org.apereo.cas.config.CasCoreUtilConfiguration;
import org.apereo.cas.config.CasCoreWebConfiguration;
import org.apereo.cas.config.CasPersonDirectoryConfiguration;
import org.apereo.cas.config.support.CasWebApplicationServiceFactoryConfiguration;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.model.support.mongo.MongoDbAuthenticationProperties;
import org.apereo.cas.logout.config.CasCoreLogoutConfiguration;
import org.apereo.cas.mongo.MongoDbConnectionFactory;
import org.apereo.cas.util.junit.EnabledIfListeningOnPort;
import org.bson.Document;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.scheduling.annotation.EnableScheduling;

@Tag("MongoDb")
@EnableScheduling
@EnableConfigurationProperties({CasConfigurationProperties.class})
@SpringBootTest(classes = {CasMongoAuthenticationConfiguration.class, CasCoreAuthenticationConfiguration.class, CasCoreServicesAuthenticationConfiguration.class, CasCoreUtilConfiguration.class, CasCoreAuthenticationPrincipalConfiguration.class, CasCoreAuthenticationPolicyConfiguration.class, CasCoreAuthenticationMetadataConfiguration.class, CasCoreAuthenticationSupportConfiguration.class, CasCoreAuthenticationHandlersConfiguration.class, CasCoreAuthenticationServiceSelectionStrategyConfiguration.class, CasCoreHttpConfiguration.class, CasCoreTicketCatalogConfiguration.class, CasCoreTicketIdGeneratorsConfiguration.class, CasCoreTicketsConfiguration.class, CasCoreTicketsSerializationConfiguration.class, CasCoreNotificationsConfiguration.class, CasCoreServicesConfiguration.class, CasWebApplicationServiceFactoryConfiguration.class, CasPersonDirectoryConfiguration.class, CasCoreWebConfiguration.class, CasCoreLogoutConfiguration.class, CasCoreConfiguration.class, RefreshAutoConfiguration.class}, properties = {"cas.authn.mongo.client-uri=mongodb://root:secret@localhost:27017/admin", "cas.authn.mongo.collection=users", "cas.authn.mongo.database-name=cas", "cas.authn.mongo.attributes=loc,state", "cas.authn.mongo.username-attribute=username", "cas.authn.mongo.password-attribute=password"})
@EnabledIfListeningOnPort(port = {27017})
/* loaded from: input_file:org/apereo/cas/authentication/MongoDbAuthenticationHandlerTests.class */
public class MongoDbAuthenticationHandlerTests {

    @Autowired
    @Qualifier("mongoAuthenticationHandler")
    private AuthenticationHandler authenticationHandler;

    @Autowired
    private CasConfigurationProperties casProperties;

    @BeforeEach
    public void initialize() {
        MongoDbAuthenticationProperties mongo = this.casProperties.getAuthn().getMongo();
        MongoClient buildMongoDbClient = new MongoDbConnectionFactory().buildMongoDbClient(mongo);
        try {
            MongoDatabase database = buildMongoDbClient.getDatabase(mongo.getDatabaseName());
            database.drop();
            MongoCollection collection = database.getCollection(mongo.getCollection());
            Document document = new Document();
            document.append(mongo.getUsernameAttribute(), "u1");
            document.append(mongo.getPasswordAttribute(), "p1");
            document.append("loc", "Apereo");
            document.append("state", "California");
            collection.insertOne(document);
            Document document2 = new Document();
            document2.append(mongo.getUsernameAttribute(), "userPlain");
            collection.insertOne(document2);
            if (buildMongoDbClient != null) {
                buildMongoDbClient.close();
            }
        } catch (Throwable th) {
            if (buildMongoDbClient != null) {
                try {
                    buildMongoDbClient.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void verifyAuthentication() throws Exception {
        AuthenticationHandlerExecutionResult authenticate = this.authenticationHandler.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("u1", "p1"), (Service) Mockito.mock(Service.class));
        Assertions.assertEquals("u1", authenticate.getPrincipal().getId());
        Map attributes = authenticate.getPrincipal().getAttributes();
        Assertions.assertTrue(attributes.containsKey("loc"));
        Assertions.assertTrue(attributes.containsKey("state"));
    }

    @Test
    public void verifyAuthenticationFails() {
        UsernamePasswordCredential credentialsWithDifferentUsernameAndPassword = CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("unknown", "p1");
        Assertions.assertThrows(AccountNotFoundException.class, () -> {
            this.authenticationHandler.authenticate(credentialsWithDifferentUsernameAndPassword, (Service) Mockito.mock(Service.class));
        });
    }

    @Test
    public void verifyNoPsw() {
        UsernamePasswordCredential credentialsWithDifferentUsernameAndPassword = CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("userPlain", "p1");
        Assertions.assertThrows(FailedLoginException.class, () -> {
            this.authenticationHandler.authenticate(credentialsWithDifferentUsernameAndPassword, (Service) Mockito.mock(Service.class));
        });
    }

    @Test
    public void verifyBadPsw() {
        UsernamePasswordCredential credentialsWithDifferentUsernameAndPassword = CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("u1", "other");
        Assertions.assertThrows(FailedLoginException.class, () -> {
            this.authenticationHandler.authenticate(credentialsWithDifferentUsernameAndPassword, (Service) Mockito.mock(Service.class));
        });
    }
}
