package org.apereo.cas.oidc.authn;

import java.util.Set;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.credentials.TokenCredentials;
import org.pac4j.core.profile.CommonProfile;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/authn/OidcClientConfigurationAccessTokenAuthenticatorTests.class */
public class OidcClientConfigurationAccessTokenAuthenticatorTests extends AbstractOidcTests {
    @Test
    public void verifyOperation() {
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse());
        OidcClientConfigurationAccessTokenAuthenticator oidcClientConfigurationAccessTokenAuthenticator = new OidcClientConfigurationAccessTokenAuthenticator(this.ticketRegistry, this.oidcAccessTokenJwtBuilder);
        OAuth20AccessToken accessToken = getAccessToken();
        Mockito.when(accessToken.getScopes()).thenReturn(Set.of("ClientRegistrationScope"));
        this.ticketRegistry.addTicket(accessToken);
        TokenCredentials tokenCredentials = new TokenCredentials(accessToken.getId());
        oidcClientConfigurationAccessTokenAuthenticator.validate(tokenCredentials, jEEContext);
        CommonProfile userProfile = tokenCredentials.getUserProfile();
        Assertions.assertNotNull(userProfile);
        Assertions.assertEquals("casuser", userProfile.getId());
    }

    @Test
    public void verifyFailsOperation() {
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse());
        OidcClientConfigurationAccessTokenAuthenticator oidcClientConfigurationAccessTokenAuthenticator = new OidcClientConfigurationAccessTokenAuthenticator(this.ticketRegistry, this.oidcAccessTokenJwtBuilder);
        OAuth20AccessToken accessToken = getAccessToken();
        Mockito.when(accessToken.getScopes()).thenThrow(new Throwable[]{new IllegalArgumentException()});
        this.ticketRegistry.addTicket(accessToken);
        TokenCredentials tokenCredentials = new TokenCredentials(accessToken.getId());
        oidcClientConfigurationAccessTokenAuthenticator.validate(tokenCredentials, jEEContext);
        Assertions.assertNull(tokenCredentials.getUserProfile());
    }
}
