package org.apereo.cas.support.oauth.validator.token;

import java.util.Objects;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.oauth.OAuth20GrantTypes;
import org.apereo.cas.ticket.refreshtoken.OAuth20RefreshToken;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.HttpUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.pac4j.core.context.JEEContext;
import org.springframework.http.HttpHeaders;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OAuth")
/* loaded from: input_file:org/apereo/cas/support/oauth/validator/token/OAuth20RevocationRequestValidatorTests.class */
public class OAuth20RevocationRequestValidatorTests {
    private static final String SUPPORTING_SERVICE_TICKET = "RT-SUPPORTING";
    private TicketRegistry ticketRegistry;
    private OAuth20TokenRequestValidator validator;

    private void registerTicket(String str) {
        OAuth20RefreshToken oAuth20RefreshToken = (OAuth20RefreshToken) Mockito.mock(OAuth20RefreshToken.class);
        Mockito.when(oAuth20RefreshToken.getId()).thenReturn(str);
        Mockito.when(Boolean.valueOf(oAuth20RefreshToken.isExpired())).thenReturn(false);
        Mockito.when(oAuth20RefreshToken.getAuthentication()).thenReturn(RegisteredServiceTestUtils.getAuthentication());
        Mockito.when(this.ticketRegistry.getTicket((String) Mockito.eq(str))).thenReturn(oAuth20RefreshToken);
    }

    @BeforeEach
    public void before() {
        ServicesManager servicesManager = (ServicesManager) Mockito.mock(ServicesManager.class);
        RegisteredService service = RequestValidatorTestUtils.getService("https://google.com", RequestValidatorTestUtils.SUPPORTING_CLIENT_ID, RequestValidatorTestUtils.SUPPORTING_CLIENT_ID, "secret", CollectionUtils.wrapSet(OAuth20GrantTypes.REFRESH_TOKEN));
        Mockito.when(servicesManager.getAllServices()).thenReturn(CollectionUtils.wrapList(new RegisteredService[]{service}));
        Mockito.when(servicesManager.getAllServicesOfType((Class) Mockito.any())).thenReturn(CollectionUtils.wrapList(new RegisteredService[]{service}));
        this.ticketRegistry = (TicketRegistry) Mockito.mock(TicketRegistry.class);
        registerTicket(SUPPORTING_SERVICE_TICKET);
        this.validator = new OAuth20RevocationRequestValidator(servicesManager);
    }

    @Test
    public void verifyOperationClientSecretPost() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletRequest.setParameter("client_id", RequestValidatorTestUtils.SUPPORTING_CLIENT_ID);
        mockHttpServletRequest.setParameter("client_secret", "secret");
        mockHttpServletRequest.setParameter("token", SUPPORTING_SERVICE_TICKET);
        Assertions.assertTrue(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        mockHttpServletRequest.removeAllParameters();
        mockHttpServletRequest.setParameter("client_id", RequestValidatorTestUtils.SUPPORTING_CLIENT_ID);
        mockHttpServletRequest.setParameter("client_secret", "secret");
        Assertions.assertFalse(this.validator.supports(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        mockHttpServletRequest.removeAllParameters();
        mockHttpServletRequest.setParameter("client_id", RequestValidatorTestUtils.NON_SUPPORTING_CLIENT_ID);
        mockHttpServletRequest.setParameter("client_secret", "secret");
        mockHttpServletRequest.setParameter("token", SUPPORTING_SERVICE_TICKET);
        Assertions.assertFalse(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
    }

    @Test
    public void verifyOperationClientSecretBasic() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        HttpHeaders createBasicAuthHeaders = HttpUtils.createBasicAuthHeaders(RequestValidatorTestUtils.SUPPORTING_CLIENT_ID, "secret");
        Objects.requireNonNull(mockHttpServletRequest);
        createBasicAuthHeaders.forEach((v1, v2) -> {
            r1.addHeader(v1, v2);
        });
        mockHttpServletRequest.setParameter("token", SUPPORTING_SERVICE_TICKET);
        Assertions.assertTrue(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        mockHttpServletRequest.removeHeader("Authorization");
        mockHttpServletRequest.removeAllParameters();
        HttpHeaders createBasicAuthHeaders2 = HttpUtils.createBasicAuthHeaders(RequestValidatorTestUtils.SUPPORTING_CLIENT_ID, "secret");
        Objects.requireNonNull(mockHttpServletRequest);
        createBasicAuthHeaders2.forEach((v1, v2) -> {
            r1.addHeader(v1, v2);
        });
        Assertions.assertFalse(this.validator.supports(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        mockHttpServletRequest.removeHeader("Authorization");
        mockHttpServletRequest.removeAllParameters();
        HttpHeaders createBasicAuthHeaders3 = HttpUtils.createBasicAuthHeaders(RequestValidatorTestUtils.NON_SUPPORTING_CLIENT_ID, "secret");
        Objects.requireNonNull(mockHttpServletRequest);
        createBasicAuthHeaders3.forEach((v1, v2) -> {
            r1.addHeader(v1, v2);
        });
        mockHttpServletRequest.setParameter("token", SUPPORTING_SERVICE_TICKET);
        Assertions.assertFalse(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
    }
}
