package org.apereo.cas.support.oauth.validator;

import java.util.Map;
import java.util.Optional;
import org.apereo.cas.AbstractOAuth20Tests;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.services.CasRegisteredService;
import org.apereo.cas.services.LiteralRegisteredServiceMatchingStrategy;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.ReturnAllAttributeReleasePolicy;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.ticket.ServiceTicket;
import org.apereo.cas.ticket.ServiceTicketSessionTrackingPolicy;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.context.CallContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.profile.BasicUserProfile;
import org.pac4j.core.profile.factory.ProfileManagerFactory;
import org.pac4j.jee.context.JEEContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpMethod;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OAuth")
/* loaded from: input_file:org/apereo/cas/support/oauth/validator/CASOAuth20TicketValidatorTests.class */
public class CASOAuth20TicketValidatorTests extends AbstractOAuth20Tests {

    @Autowired
    @Qualifier("serviceTicketSessionTrackingPolicy")
    protected ServiceTicketSessionTrackingPolicy serviceTicketSessionTrackingPolicy;

    @Override // org.apereo.cas.AbstractOAuth20Tests
    @BeforeEach
    public void setup() {
        super.setup();
        clearAllServices();
    }

    @Test
    public void verifyOperation() throws Exception {
        String str = OAuth20Utils.casOAuthCallbackUrl(this.casProperties.getServer().getPrefix()) + "?client_name=" + this.oauthCasClient.getName();
        MockTicketGrantingTicket mockTicketGrantingTicket = new MockTicketGrantingTicket(AbstractOAuth20Tests.ID, RegisteredServiceTestUtils.getTestAttributes());
        this.ticketRegistry.addTicket(mockTicketGrantingTicket);
        ServiceTicket grantServiceTicket = mockTicketGrantingTicket.grantServiceTicket(RegisteredServiceTestUtils.getService(str), this.serviceTicketSessionTrackingPolicy);
        this.ticketRegistry.addTicket(grantServiceTicket);
        this.ticketRegistry.updateTicket(mockTicketGrantingTicket);
        CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(str, Map.of());
        registeredService.setAttributeReleasePolicy(new ReturnAllAttributeReleasePolicy());
        registeredService.setMatchingStrategy(new LiteralRegisteredServiceMatchingStrategy());
        this.servicesManager.save(registeredService);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(HttpMethod.GET.name(), "/oauth2.0/authorize");
        mockHttpServletRequest.setParameter("ticket", grantServiceTicket.getId());
        mockHttpServletRequest.setParameter("service", grantServiceTicket.getService().getId());
        mockHttpServletRequest.addHeader("user-agent", "MSIE");
        CallContext callContext = new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), this.oauthDistributedSessionStore, ProfileManagerFactory.DEFAULT);
        Optional credentials = this.oauthCasClient.getCredentials(callContext);
        Assertions.assertTrue(credentials.isPresent());
        Optional validateCredentials = this.oauthCasClient.validateCredentials(callContext, (Credentials) credentials.orElseThrow());
        Assertions.assertTrue(validateCredentials.isPresent());
        Optional userProfile = this.oauthCasClient.getUserProfile(callContext, (Credentials) validateCredentials.orElseThrow());
        Assertions.assertTrue(userProfile.isPresent());
        BasicUserProfile basicUserProfile = (BasicUserProfile) userProfile.get();
        Assertions.assertTrue(basicUserProfile.containsAttribute(TicketGrantingTicket.class.getName()));
        Assertions.assertTrue(basicUserProfile.containsAttribute("uid"));
        Assertions.assertTrue(basicUserProfile.containsAttribute("givenName"));
        Assertions.assertTrue(basicUserProfile.containsAttribute("memberOf"));
        Assertions.assertTrue(basicUserProfile.containsAuthenticationAttribute("isFromNewLogin"));
        Assertions.assertTrue(basicUserProfile.containsAuthenticationAttribute("authenticationDate"));
        Assertions.assertTrue(basicUserProfile.containsAuthenticationAttribute("longTermAuthenticationRequestTokenUsed"));
        Assertions.assertTrue(basicUserProfile.containsAuthenticationAttribute("successfulAuthenticationHandlers"));
    }
}
