package org.apereo.cas.support.oauth.validator.token;

import jakarta.servlet.http.HttpSession;
import java.util.UUID;
import org.apereo.cas.AbstractOAuth20Tests;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.support.oauth.OAuth20GrantTypes;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.util.CollectionUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.jee.context.JEEContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.TestPropertySource;

@Tag("OAuth")
@TestPropertySource(properties = {"cas.authn.oauth.session-replication.replicate-sessions=false"})
/* loaded from: input_file:org/apereo/cas/support/oauth/validator/token/OAuth20PasswordGrantTypeTokenRequestValidatorTests.class */
class OAuth20PasswordGrantTypeTokenRequestValidatorTests extends AbstractOAuth20Tests {

    @Autowired
    @Qualifier("oauthPasswordGrantTypeTokenRequestValidator")
    private OAuth20TokenRequestValidator validator;
    private OAuthRegisteredService supportingService;
    private OAuthRegisteredService nonSupportingService;
    private OAuthRegisteredService promiscuousService;

    @BeforeEach
    public void before() {
        this.supportingService = RequestValidatorTestUtils.getService("https://google.com", UUID.randomUUID().toString(), UUID.randomUUID().toString(), "secret", CollectionUtils.wrapSet(getGrantType()));
        this.nonSupportingService = RequestValidatorTestUtils.getService("https://example.com", UUID.randomUUID().toString(), UUID.randomUUID().toString(), "secret", CollectionUtils.wrapSet(getWrongGrantType()));
        this.promiscuousService = RequestValidatorTestUtils.getPromiscuousService("https://another.example.com", UUID.randomUUID().toString(), UUID.randomUUID().toString(), "secret");
        this.servicesManager.deleteAll();
        this.servicesManager.save(new RegisteredService[]{this.supportingService, this.nonSupportingService, this.promiscuousService});
    }

    @Test
    void verifyOperation() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletRequest.setParameter("grant_type", "unsupported");
        Assertions.assertFalse(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        CommonProfile commonProfile = new CommonProfile();
        commonProfile.setClientName("clientBasicAuth");
        commonProfile.setId(this.supportingService.getClientId());
        HttpSession session = mockHttpServletRequest.getSession(true);
        Assertions.assertNotNull(session);
        session.setAttribute("pac4jUserProfiles", CollectionUtils.wrapLinkedHashMap(commonProfile.getClientName(), commonProfile));
        mockHttpServletRequest.setParameter("grant_type", getGrantType().getType());
        mockHttpServletRequest.setParameter("client_id", this.supportingService.getClientId());
        Assertions.assertTrue(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        mockHttpServletRequest.setParameter("client_id", this.nonSupportingService.getClientId());
        commonProfile.setId(this.nonSupportingService.getClientId());
        session.setAttribute("pac4jUserProfiles", CollectionUtils.wrapLinkedHashMap(commonProfile.getClientName(), commonProfile));
        Assertions.assertFalse(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
        mockHttpServletRequest.setParameter("client_id", this.promiscuousService.getClientId());
        commonProfile.setId(this.promiscuousService.getClientId());
        session.setAttribute("pac4jUserProfiles", CollectionUtils.wrapLinkedHashMap(commonProfile.getClientName(), commonProfile));
        Assertions.assertTrue(this.validator.validate(new JEEContext(mockHttpServletRequest, mockHttpServletResponse)));
    }

    protected OAuth20GrantTypes getGrantType() {
        return OAuth20GrantTypes.PASSWORD;
    }

    protected OAuth20GrantTypes getWrongGrantType() {
        return OAuth20GrantTypes.AUTHORIZATION_CODE;
    }
}
