package org.apereo.cas.support.oauth.authenticator;

import java.util.List;
import org.apereo.cas.AbstractOAuth20Tests;
import org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy;
import org.apereo.cas.support.oauth.services.OAuth20RegisteredServiceCipherExecutor;
import org.apereo.cas.util.HttpUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.exception.CredentialsException;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OAuth")
/* loaded from: input_file:org/apereo/cas/support/oauth/authenticator/OAuth20UsernamePasswordAuthenticatorTests.class */
public class OAuth20UsernamePasswordAuthenticatorTests extends BaseOAuth20AuthenticatorTests {
    protected OAuth20UsernamePasswordAuthenticator authenticator;

    @BeforeEach
    public void init() {
        this.authenticator = new OAuth20UsernamePasswordAuthenticator(this.authenticationSystemSupport, this.servicesManager, this.serviceFactory, new OAuth20RegisteredServiceCipherExecutor());
    }

    @Test
    public void verifyAcceptedCredentialsWithClientId() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "clientWithoutSecret");
        this.authenticator.validate(usernamePasswordCredentials, new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()));
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(AbstractOAuth20Tests.ID, usernamePasswordCredentials.getUserProfile().getId());
    }

    @Test
    public void verifyAcceptedCredentialsWithClientSecret() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        mockHttpServletRequest.addParameter("client_secret", "secret");
        this.authenticator.validate(usernamePasswordCredentials, new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()));
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(AbstractOAuth20Tests.ID, usernamePasswordCredentials.getUserProfile().getId());
    }

    @Test
    public void verifyAcceptedCredentialsWithBadClientSecret() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        mockHttpServletRequest.addParameter("client_secret", "secretnotfound");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(usernamePasswordCredentials, jEEContext);
        });
    }

    @Test
    public void verifyAcceptedCredentialsWithServiceDisabled() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        this.service.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(false, false));
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(usernamePasswordCredentials, jEEContext);
        });
    }

    @Test
    public void verifyAcceptedCredentialsWithBadCredentials() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("casuser-something", AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(usernamePasswordCredentials, jEEContext);
        });
    }

    @Test
    public void verifyAcceptedCredentialsWithoutClientSecret() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(usernamePasswordCredentials, jEEContext);
        });
    }

    @Test
    public void verifyAcceptedCredentialsWithoutClientId() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(usernamePasswordCredentials, jEEContext);
        });
    }

    @Test
    public void verifyAcceptedCredentialsWithClientSecretWithBasicAuth() {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        List list = HttpUtils.createBasicAuthHeaders("client", "secret").get("Authorization");
        Assertions.assertNotNull(list);
        mockHttpServletRequest.addHeader("Authorization", list);
        this.authenticator.validate(usernamePasswordCredentials, new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()));
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(AbstractOAuth20Tests.ID, usernamePasswordCredentials.getUserProfile().getId());
    }
}
