package org.apereo.cas.uma.web.controllers;

import java.util.Collection;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.lang3.tuple.Triple;
import org.apereo.cas.config.CasOAuthUmaComponentSerializationConfiguration;
import org.apereo.cas.config.CasOAuthUmaConfiguration;
import org.apereo.cas.support.oauth.web.AbstractOAuth20Tests;
import org.apereo.cas.uma.ticket.resource.ResourceSetPolicy;
import org.apereo.cas.uma.ticket.resource.ResourceSetPolicyPermission;
import org.apereo.cas.uma.web.controllers.authz.UmaAuthorizationRequestEndpointController;
import org.apereo.cas.uma.web.controllers.permission.UmaPermissionRegistrationEndpointController;
import org.apereo.cas.uma.web.controllers.permission.UmaPermissionRegistrationRequest;
import org.apereo.cas.uma.web.controllers.policy.UmaCreatePolicyForResourceSetEndpointController;
import org.apereo.cas.uma.web.controllers.policy.UmaDeletePolicyForResourceSetEndpointController;
import org.apereo.cas.uma.web.controllers.policy.UmaFindPolicyForResourceSetEndpointController;
import org.apereo.cas.uma.web.controllers.policy.UmaUpdatePolicyForResourceSetEndpointController;
import org.apereo.cas.uma.web.controllers.resource.UmaCreateResourceSetRegistrationEndpointController;
import org.apereo.cas.uma.web.controllers.resource.UmaDeleteResourceSetRegistrationEndpointController;
import org.apereo.cas.uma.web.controllers.resource.UmaFindResourceSetRegistrationEndpointController;
import org.apereo.cas.uma.web.controllers.resource.UmaResourceRegistrationRequest;
import org.apereo.cas.uma.web.controllers.resource.UmaUpdateResourceSetRegistrationEndpointController;
import org.apereo.cas.util.CollectionUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.springframework.web.SecurityInterceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpMethod;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.TestPropertySource;

@Tag("UMA")
@Import({CasOAuthUmaConfiguration.class, CasOAuthUmaComponentSerializationConfiguration.class})
@TestPropertySource(properties = {"cas.authn.uma.requestingPartyToken.jwksFile=classpath:uma-keystore.jwks"})
/* loaded from: input_file:org/apereo/cas/uma/web/controllers/BaseUmaEndpointControllerTests.class */
public abstract class BaseUmaEndpointControllerTests extends AbstractOAuth20Tests {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(BaseUmaEndpointControllerTests.class);

    @Autowired
    @Qualifier("umaPermissionRegistrationEndpointController")
    protected UmaPermissionRegistrationEndpointController umaPermissionRegistrationEndpointController;

    @Autowired
    @Qualifier("umaCreateResourceSetRegistrationEndpointController")
    protected UmaCreateResourceSetRegistrationEndpointController umaCreateResourceSetRegistrationEndpointController;

    @Autowired
    @Qualifier("umaDeleteResourceSetRegistrationEndpointController")
    protected UmaDeleteResourceSetRegistrationEndpointController umaDeleteResourceSetRegistrationEndpointController;

    @Autowired
    @Qualifier("umaUpdateResourceSetRegistrationEndpointController")
    protected UmaUpdateResourceSetRegistrationEndpointController umaUpdateResourceSetRegistrationEndpointController;

    @Autowired
    @Qualifier("umaFindResourceSetRegistrationEndpointController")
    protected UmaFindResourceSetRegistrationEndpointController umaFindResourceSetRegistrationEndpointController;

    @Autowired
    @Qualifier("umaCreatePolicyForResourceSetEndpointController")
    protected UmaCreatePolicyForResourceSetEndpointController umaCreatePolicyForResourceSetEndpointController;

    @Autowired
    @Qualifier("umaFindPolicyForResourceSetEndpointController")
    protected UmaFindPolicyForResourceSetEndpointController umaFindPolicyForResourceSetEndpointController;

    @Autowired
    @Qualifier("oauthDistributedSessionStore")
    protected SessionStore oauthDistributedSessionStore;

    @Autowired
    @Qualifier("umaDeletePolicyForResourceSetEndpointController")
    protected UmaDeletePolicyForResourceSetEndpointController umaDeletePolicyForResourceSetEndpointController;

    @Autowired
    @Qualifier("umaUpdatePolicyForResourceSetEndpointController")
    protected UmaUpdatePolicyForResourceSetEndpointController umaUpdatePolicyForResourceSetEndpointController;

    @Autowired
    @Qualifier("umaAuthorizationRequestEndpointController")
    protected UmaAuthorizationRequestEndpointController umaAuthorizationRequestEndpointController;

    @Autowired
    @Qualifier("umaRequestingPartyTokenSecurityInterceptor")
    protected SecurityInterceptor umaRequestingPartyTokenSecurityInterceptor;

    @Autowired
    @Qualifier("umaAuthorizationApiTokenSecurityInterceptor")
    protected SecurityInterceptor umaAuthorizationApiTokenSecurityInterceptor;

    /* JADX INFO: Access modifiers changed from: protected */
    public Triple<HttpServletRequest, HttpServletResponse, String> authenticateUmaRequestWithProtectionScope() throws Exception {
        return authenticateUmaRequestWithScope("uma_protection", this.umaRequestingPartyTokenSecurityInterceptor);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Triple<HttpServletRequest, HttpServletResponse, String> authenticateUmaRequestWithAuthorizationScope() throws Exception {
        return authenticateUmaRequestWithScope("uma_authorization", this.umaAuthorizationApiTokenSecurityInterceptor);
    }

    private Triple<HttpServletRequest, HttpServletResponse, String> authenticateUmaRequestWithScope(String str, SecurityInterceptor securityInterceptor) throws Exception {
        Pair assertClientOK = assertClientOK(addRegisteredService(), false, str);
        Assertions.assertNotNull(assertClientOK.getKey());
        String str2 = (String) assertClientOK.getKey();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(HttpMethod.POST.name(), "/oauth2.0/register");
        mockHttpServletRequest.addHeader("Authorization", String.format("%s %s", "bearer", str2));
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        securityInterceptor.preHandle(mockHttpServletRequest, mockHttpServletResponse, (Object) null);
        return Triple.of(mockHttpServletRequest, mockHttpServletResponse, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static UmaResourceRegistrationRequest createUmaResourceRegistrationRequest() {
        return createUmaResourceRegistrationRequest(-1L);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static UmaResourceRegistrationRequest createUmaResourceRegistrationRequest(long j) {
        UmaResourceRegistrationRequest umaResourceRegistrationRequest = new UmaResourceRegistrationRequest();
        umaResourceRegistrationRequest.setUri("http://rs.example.com/alice/myresource");
        umaResourceRegistrationRequest.setName("my-resource");
        umaResourceRegistrationRequest.setType("my-resource-type");
        if (j >= 0) {
            umaResourceRegistrationRequest.setId(j);
        }
        umaResourceRegistrationRequest.setScopes(CollectionUtils.wrapList(new String[]{"read", "write"}));
        return umaResourceRegistrationRequest;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static ResourceSetPolicy createUmaPolicyRegistrationRequest(CommonProfile commonProfile) {
        return createUmaPolicyRegistrationRequest(commonProfile, CollectionUtils.wrapHashSet(new String[]{"read", "write"}));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static ResourceSetPolicy createUmaPolicyRegistrationRequest(CommonProfile commonProfile, Collection<String> collection) {
        ResourceSetPolicy resourceSetPolicy = new ResourceSetPolicy();
        ResourceSetPolicyPermission resourceSetPolicyPermission = new ResourceSetPolicyPermission();
        resourceSetPolicyPermission.setScopes(new HashSet(collection));
        resourceSetPolicyPermission.setClaims(new LinkedHashMap(CollectionUtils.wrap("givenName", "CAS")));
        resourceSetPolicyPermission.setSubject(commonProfile.getId());
        resourceSetPolicy.setPermissions(CollectionUtils.wrapHashSet(new ResourceSetPolicyPermission[]{resourceSetPolicyPermission}));
        return resourceSetPolicy;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static UmaPermissionRegistrationRequest createUmaPermissionRegistrationRequest(long j) {
        UmaPermissionRegistrationRequest umaPermissionRegistrationRequest = new UmaPermissionRegistrationRequest();
        umaPermissionRegistrationRequest.setResourceId(j);
        umaPermissionRegistrationRequest.setScopes(CollectionUtils.wrapList(new String[]{"read"}));
        umaPermissionRegistrationRequest.setClaims(new LinkedHashMap(CollectionUtils.wrap("givenName", "CAS")));
        return umaPermissionRegistrationRequest;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CommonProfile getCurrentProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        JEEContext jEEContext = new JEEContext(httpServletRequest, httpServletResponse, this.oauthDistributedSessionStore);
        Optional optional = new ProfileManager(jEEContext, jEEContext.getSessionStore()).get(true);
        if (!optional.isEmpty()) {
            return (CommonProfile) optional.get();
        }
        LOGGER.info("Unable to determine the user profile from the context");
        return null;
    }
}
