package org.apereo.cas.oidc.authn;

import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.services.OidcRegisteredService;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.ticket.code.OAuth20Code;
import org.apereo.cas.util.EncodingUtils;
import org.jose4j.jwk.PublicJsonWebKey;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.TestPropertySource;

@Tag("OIDC")
@TestPropertySource(properties = {"cas.authn.oauth.code.timeToKillInSeconds=60"})
/* loaded from: input_file:org/apereo/cas/oidc/authn/OidcPrivateKeyJwtAuthenticatorTests.class */
public class OidcPrivateKeyJwtAuthenticatorTests extends AbstractOidcTests {
    @Test
    public void verifyAction() {
        OidcPrivateKeyJwtAuthenticator oidcPrivateKeyJwtAuthenticator = new OidcPrivateKeyJwtAuthenticator(this.servicesManager, this.registeredServiceAccessStrategyEnforcer, this.ticketRegistry, this.webApplicationServiceFactory, this.casProperties);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        JEEContext jEEContext = new JEEContext(mockHttpServletRequest, new MockHttpServletResponse());
        String concat = this.casProperties.getServer().getPrefix().concat("/oidc/accessToken");
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService();
        UsernamePasswordCredentials usernamePasswordCredentials = new UsernamePasswordCredentials("urn:ietf:params:oauth:client-assertion-type:jwt-bearer", new String(EncodingUtils.signJwsRSASha512(((PublicJsonWebKey) ((Optional) this.oidcServiceJsonWebKeystoreCache.get(oidcRegisteredService)).get()).getPrivateKey(), getClaims(oidcRegisteredService.getClientId(), oidcRegisteredService.getClientId(), oidcRegisteredService.getClientId(), concat).toJson().getBytes(StandardCharsets.UTF_8), Map.of()), StandardCharsets.UTF_8));
        OAuth20Code create = this.defaultOAuthCodeFactory.create(RegisteredServiceTestUtils.getService(), RegisteredServiceTestUtils.getAuthentication(), new MockTicketGrantingTicket("casuser"), new ArrayList(), "", "", oidcRegisteredService.getClientId(), new HashMap());
        this.ticketRegistry.addTicket(create);
        mockHttpServletRequest.addParameter("code", create.getId());
        oidcPrivateKeyJwtAuthenticator.validate(usernamePasswordCredentials, jEEContext);
        Assertions.assertNotNull(usernamePasswordCredentials.getUserProfile());
    }
}
