package org.apereo.cas.support.oauth.validator;

import org.apereo.cas.AbstractOAuth20Tests;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.util.EncodingUtils;
import org.apereo.cas.util.RandomUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.test.context.TestPropertySource;

@Tag("OAuth")
@TestPropertySource(properties = {"app.custom.secret=T0ps3cr3t#"})
/* loaded from: input_file:org/apereo/cas/support/oauth/validator/DefaultOAuth20ClientSecretValidatorTests.class */
class DefaultOAuth20ClientSecretValidatorTests extends AbstractOAuth20Tests {
    DefaultOAuth20ClientSecretValidatorTests() {
    }

    @Test
    void verifyClientSecretCheck() throws Throwable {
        String randomAlphanumeric = RandomUtils.randomAlphanumeric(12);
        String str = (String) this.oauth20ClientSecretValidator.getCipherExecutor().encode(randomAlphanumeric);
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        oAuthRegisteredService.setClientSecret(str);
        Assertions.assertTrue(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, randomAlphanumeric));
        Assertions.assertFalse(this.oauth20ClientSecretValidator.isClientSecretExpired(oAuthRegisteredService));
    }

    @Test
    void verifyClientSecretIsWrong() throws Throwable {
        String str = (String) this.oauth20ClientSecretValidator.getCipherExecutor().encode(RandomUtils.randomAlphanumeric(12));
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        oAuthRegisteredService.setClientSecret(str);
        Assertions.assertFalse(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, "badSecret"));
    }

    @Test
    void verifyClientSecretCheckWithoutCipher() throws Throwable {
        String randomAlphanumeric = RandomUtils.randomAlphanumeric(12);
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        oAuthRegisteredService.setClientSecret(randomAlphanumeric);
        Assertions.assertTrue(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, randomAlphanumeric));
    }

    @Test
    void verifyClientSecretFromEnvironment() throws Throwable {
        String property = this.applicationContext.getEnvironment().getProperty("app.custom.secret");
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        oAuthRegisteredService.setClientSecret("${#applicationContext.get().environment.getProperty('app.custom.secret')}");
        Assertions.assertTrue(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, property));
    }

    @Test
    void verifyClientSecretUndefined() throws Throwable {
        String randomAlphanumeric = RandomUtils.randomAlphanumeric(12);
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        Assertions.assertTrue(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, randomAlphanumeric));
    }

    @Test
    void verifyClientSecretUrlEncoded() throws Throwable {
        String urlEncode = EncodingUtils.urlEncode("!@#$%^&^&*()");
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        oAuthRegisteredService.setClientSecret("!@#$%^&^&*()");
        Assertions.assertTrue(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, urlEncode));
    }

    @Test
    void verifyNullClientSecretUrlEncoded() throws Throwable {
        OAuthRegisteredService oAuthRegisteredService = new OAuthRegisteredService();
        oAuthRegisteredService.setClientId("clientid");
        oAuthRegisteredService.setClientSecret("!@#$%^&^&*()");
        Assertions.assertFalse(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, (String) null));
        Assertions.assertFalse(this.oauth20ClientSecretValidator.validate(oAuthRegisteredService, ""));
    }
}
