package org.apereo.cas.support.oauth.authenticator;

import java.util.List;
import java.util.UUID;
import org.apereo.cas.AbstractOAuth20Tests;
import org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.util.RandomUtils;
import org.apereo.cas.util.http.HttpUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.context.CallContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.CredentialsException;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.jee.context.session.JEESessionStore;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OAuth")
/* loaded from: input_file:org/apereo/cas/support/oauth/authenticator/OAuth20UsernamePasswordAuthenticatorTests.class */
class OAuth20UsernamePasswordAuthenticatorTests extends BaseOAuth20AuthenticatorTests {

    @Autowired
    @Qualifier("oauthUserAuthenticator")
    private Authenticator authenticator;

    OAuth20UsernamePasswordAuthenticatorTests() {
    }

    @Test
    void verifyAcceptedCredentialsWithClientId() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "clientWithoutSecret");
        this.authenticator.validate(new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), new JEESessionStore()), usernamePasswordCredentials);
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(AbstractOAuth20Tests.ID, usernamePasswordCredentials.getUserProfile().getId());
        Assertions.assertFalse(usernamePasswordCredentials.getUserProfile().getAuthenticationAttributes().isEmpty());
    }

    @Test
    void verifyAcceptedCredentialsWithClientSecret() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        mockHttpServletRequest.addParameter("client_secret", "secret");
        this.authenticator.validate(new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), new JEESessionStore()), usernamePasswordCredentials);
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(AbstractOAuth20Tests.ID, usernamePasswordCredentials.getUserProfile().getId());
        Assertions.assertFalse(usernamePasswordCredentials.getUserProfile().getAuthenticationAttributes().isEmpty());
    }

    @Test
    void verifyAcceptedCredentialsWithBadClientSecret() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        mockHttpServletRequest.addParameter("client_secret", "secretnotfound");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(new CallContext(jEEContext, new JEESessionStore()), usernamePasswordCredentials);
        });
    }

    @Test
    void verifyAcceptedCredentialsWithServiceDisabled() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setName("OAuth");
        oAuthRegisteredService.setId(RandomUtils.nextLong());
        oAuthRegisteredService.setServiceId("https://www.example.org");
        oAuthRegisteredService.setClientSecret(UUID.randomUUID().toString());
        oAuthRegisteredService.setClientId(UUID.randomUUID().toString());
        oAuthRegisteredService.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(false, false));
        this.servicesManager.save(oAuthRegisteredService);
        mockHttpServletRequest.addParameter("client_id", oAuthRegisteredService.getClientId());
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(new CallContext(jEEContext, new JEESessionStore()), usernamePasswordCredentials);
        });
    }

    @Test
    void verifyAcceptedCredentialsWithBadCredentials() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("casuser-something", AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(new CallContext(jEEContext, new JEESessionStore()), usernamePasswordCredentials);
        });
    }

    @Test
    void verifyAcceptedCredentialsWithoutClientSecret() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("client_id", "client");
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(new CallContext(jEEContext, new JEESessionStore()), usernamePasswordCredentials);
        });
    }

    @Test
    void verifyAcceptedCredentialsWithoutClientId() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse());
        Assertions.assertThrows(CredentialsException.class, () -> {
            this.authenticator.validate(new CallContext(jEEContext, new JEESessionStore()), usernamePasswordCredentials);
        });
    }

    @Test
    void verifyAcceptedCredentialsWithClientSecretWithBasicAuth() throws Throwable {
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials(AbstractOAuth20Tests.ID, AbstractOAuth20Tests.ID);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        List list = HttpUtils.createBasicAuthHeaders("client", "secret").get("Authorization");
        Assertions.assertNotNull(list);
        mockHttpServletRequest.addHeader("Authorization", list);
        this.authenticator.validate(new CallContext(new JEEContext(mockHttpServletRequest, new MockHttpServletResponse()), new JEESessionStore()), usernamePasswordCredentials);
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
        Assertions.assertEquals(AbstractOAuth20Tests.ID, usernamePasswordCredentials.getUserProfile().getId());
        Assertions.assertFalse(usernamePasswordCredentials.getUserProfile().getAuthenticationAttributes().isEmpty());
    }
}
