package org.apereo.cas.oidc.jwks;

import java.io.File;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import org.apache.commons.io.FileUtils;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.util.ResourceUtils;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.PublicJsonWebKey;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.test.context.TestPropertySource;

@Tag("OIDC")
@TestPropertySource(properties = {"cas.authn.oidc.jwks.jwks-type=ec", "cas.authn.oidc.jwks.jwks-key-size=384", "cas.authn.oidc.jwks.jwks-file=file:${#systemProperties['java.io.tmpdir']}/keystore.jwks"})
/* loaded from: input_file:org/apereo/cas/oidc/jwks/OidcDefaultJsonWebKeystoreCacheLoaderTests.class */
public class OidcDefaultJsonWebKeystoreCacheLoaderTests extends AbstractOidcTests {
    @BeforeAll
    public static void setup() {
        new File(FileUtils.getTempDirectory(), "keystore.jwks").delete();
    }

    @Test
    public void verifyNoWebKeys() {
        JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(new JsonWebKey[0]);
        OidcDefaultJsonWebKeystoreCacheLoader oidcDefaultJsonWebKeystoreCacheLoader = (OidcDefaultJsonWebKeystoreCacheLoader) Mockito.mock(OidcDefaultJsonWebKeystoreCacheLoader.class);
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.buildJsonWebKeySet()).thenReturn(Optional.of(jsonWebKeySet));
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.load(Mockito.anyString())).thenCallRealMethod();
        Assertions.assertTrue(oidcDefaultJsonWebKeystoreCacheLoader.load(UUID.randomUUID().toString()).isEmpty());
        jsonWebKeySet.getJsonWebKeys().add((JsonWebKey) Mockito.mock(JsonWebKey.class));
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.getJsonSigningWebKeyFromJwks((JsonWebKeySet) Mockito.any())).thenReturn((Object) null);
        Assertions.assertTrue(oidcDefaultJsonWebKeystoreCacheLoader.load(UUID.randomUUID().toString()).isEmpty());
    }

    @Test
    public void verifyBadKeyCount() throws Exception {
        JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(new JsonWebKey[0]);
        PublicJsonWebKey publicJsonWebKey = (PublicJsonWebKey) Mockito.mock(PublicJsonWebKey.class);
        jsonWebKeySet.getJsonWebKeys().add(publicJsonWebKey);
        OidcDefaultJsonWebKeystoreCacheLoader oidcDefaultJsonWebKeystoreCacheLoader = (OidcDefaultJsonWebKeystoreCacheLoader) Mockito.mock(OidcDefaultJsonWebKeystoreCacheLoader.class);
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.buildJsonWebKeySet()).thenCallRealMethod();
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.load(Mockito.anyString())).thenCallRealMethod();
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.generateJwksResource()).thenReturn(new ByteArrayResource("jwks".getBytes(StandardCharsets.UTF_8)));
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.buildJsonWebKeySet((Resource) Mockito.any(Resource.class))).thenReturn(jsonWebKeySet);
        Assertions.assertTrue(oidcDefaultJsonWebKeystoreCacheLoader.load(UUID.randomUUID().toString()).isEmpty());
        Mockito.when(publicJsonWebKey.getAlgorithm()).thenReturn("some-alg");
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.getJsonSigningWebKeyFromJwks((JsonWebKeySet) Mockito.any())).thenReturn(publicJsonWebKey);
        Assertions.assertTrue(oidcDefaultJsonWebKeystoreCacheLoader.load(UUID.randomUUID().toString()).isEmpty());
    }

    @Test
    public void verifyOperation() {
        Optional optional = (Optional) this.oidcDefaultJsonWebKeystoreCache.get("https://sso.example.org/cas/oidc");
        Assertions.assertNotNull(optional);
        Assertions.assertTrue(optional.isPresent());
        Optional optional2 = (Optional) this.oidcDefaultJsonWebKeystoreCache.get("https://sso.example.org/cas/oidc");
        Assertions.assertNotNull(optional2);
        Assertions.assertTrue(optional2.isPresent());
    }

    @Test
    public void verifyNullResource() {
        OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService = (OidcJsonWebKeystoreGeneratorService) Mockito.mock(OidcJsonWebKeystoreGeneratorService.class);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn((Object) null);
        Assertions.assertTrue(new OidcDefaultJsonWebKeystoreCacheLoader(oidcJsonWebKeystoreGeneratorService).load("https://cas.example.org").isEmpty());
    }

    @Test
    public void verifyEmptyFile() throws Exception {
        OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService = (OidcJsonWebKeystoreGeneratorService) Mockito.mock(OidcJsonWebKeystoreGeneratorService.class);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn(ResourceUtils.EMPTY_RESOURCE);
        OidcDefaultJsonWebKeystoreCacheLoader oidcDefaultJsonWebKeystoreCacheLoader = new OidcDefaultJsonWebKeystoreCacheLoader(oidcJsonWebKeystoreGeneratorService);
        Assertions.assertTrue(oidcDefaultJsonWebKeystoreCacheLoader.load("https://cas.example.org").isEmpty());
        File createTempFile = File.createTempFile("keys", ".json");
        FileUtils.writeStringToFile(createTempFile, new JsonWebKeySet(List.of()).toJson(), StandardCharsets.UTF_8);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn(new FileSystemResource(createTempFile));
        Assertions.assertTrue(oidcDefaultJsonWebKeystoreCacheLoader.load("https://cas.example.org").isEmpty());
    }

    @Test
    public void verifyBadKeys() {
        OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService = (OidcJsonWebKeystoreGeneratorService) Mockito.mock(OidcJsonWebKeystoreGeneratorService.class);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn(new ByteArrayResource("{ \"keys\": [ {\"kty\":\"EC\",\"x\":\"sPlKwAgSxxOE\",\"y\":\"6AyisnUKM9H8\",\"crv\":\"P-256\"} ]}".getBytes(StandardCharsets.UTF_8)));
        Assertions.assertTrue(new OidcDefaultJsonWebKeystoreCacheLoader(oidcJsonWebKeystoreGeneratorService).load("https://cas.example.org").isEmpty());
    }
}
