package org.apereo.cas.oidc.ticket;

import javax.servlet.http.Cookie;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.services.OidcRegisteredService;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.support.oauth.OAuth20GrantTypes;
import org.apereo.cas.support.oauth.OAuth20ResponseTypes;
import org.apereo.cas.support.oauth.web.response.OAuth20AuthorizationRequest;
import org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenRequestContext;
import org.apereo.cas.support.oauth.web.response.callback.OAuth20AuthorizationResponseBuilder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.profile.CommonProfile;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.TestPropertySource;
import org.springframework.web.servlet.ModelAndView;

@Tag("OIDC")
@TestPropertySource(properties = {"cas.tgc.crypto.enabled=false", "cas.authn.oidc.par.max-time-to-live-in-seconds=5", "cas.authn.oidc.par.number-of-uses=1"})
/* loaded from: input_file:org/apereo/cas/oidc/ticket/OidcPushedAuthorizationRequestUriResponseBuilderTests.class */
public class OidcPushedAuthorizationRequestUriResponseBuilderTests extends AbstractOidcTests {

    @Autowired
    @Qualifier("oidcPushedAuthorizationRequestResponseBuilder")
    private OAuth20AuthorizationResponseBuilder oidcPushedAuthorizationRequestResponseBuilder;

    @Test
    public void verifyOperation() throws Exception {
        Assertions.assertEquals(0, this.oidcPushedAuthorizationRequestResponseBuilder.getOrder());
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService();
        CommonProfile commonProfile = new CommonProfile();
        commonProfile.setId("casuser");
        AccessTokenRequestContext build = AccessTokenRequestContext.builder().clientId(oidcRegisteredService.getClientId()).service(RegisteredServiceTestUtils.getService()).authentication(RegisteredServiceTestUtils.getAuthentication()).registeredService(oidcRegisteredService).grantType(OAuth20GrantTypes.AUTHORIZATION_CODE).responseType(OAuth20ResponseTypes.CODE).userProfile(commonProfile).build();
        Assertions.assertTrue(this.oidcPushedAuthorizationRequestResponseBuilder.supports(OAuth20AuthorizationRequest.builder().clientId(oidcRegisteredService.getClientId()).url("oidcPushAuthorize").grantType(OAuth20GrantTypes.AUTHORIZATION_CODE.getType()).responseType(OAuth20ResponseTypes.CODE.getType()).build()));
        ModelAndView build2 = this.oidcPushedAuthorizationRequestResponseBuilder.build(build);
        Assertions.assertTrue(build2.getModel().containsKey("expires_in"));
        String obj = build2.getModel().get("request_uri").toString();
        Assertions.assertNotNull(this.ticketRegistry.getTicket(obj, OidcPushedAuthorizationRequest.class));
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/oidcPushAuthorize");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        OAuth20AuthorizationRequest build3 = ((OAuth20AuthorizationRequest.OAuth20AuthorizationRequestBuilder) this.oidcPushedAuthorizationRequestResponseBuilder.toAuthorizationRequest(new JEEContext(mockHttpServletRequest, mockHttpServletResponse), build.getAuthentication(), build.getService(), build.getRegisteredService()).get()).build();
        Assertions.assertNotNull(build3);
        Assertions.assertFalse(build3.isSingleSignOnSessionRequired());
        mockHttpServletRequest.addParameter("request_uri", obj);
        MockTicketGrantingTicket mockTicketGrantingTicket = new MockTicketGrantingTicket("casuser");
        this.ticketRegistry.addTicket(mockTicketGrantingTicket);
        mockHttpServletRequest.setCookies(new Cookie[]{this.ticketGrantingTicketCookieGenerator.addCookie(mockHttpServletRequest, mockHttpServletResponse, mockTicketGrantingTicket.getId())});
        OAuth20AuthorizationRequest build4 = ((OAuth20AuthorizationRequest.OAuth20AuthorizationRequestBuilder) this.oidcPushedAuthorizationRequestResponseBuilder.toAuthorizationRequest(new JEEContext(mockHttpServletRequest, mockHttpServletResponse), build.getAuthentication(), build.getService(), build.getRegisteredService()).get()).build();
        AccessTokenRequestContext accessTokenRequest = build4.getAccessTokenRequest();
        Assertions.assertTrue(build4.isSingleSignOnSessionRequired());
        Assertions.assertNotNull(accessTokenRequest.getAuthentication());
        Assertions.assertNotNull(accessTokenRequest.getRegisteredService());
        Assertions.assertNotNull(accessTokenRequest.getResponseType());
        Assertions.assertNotNull(accessTokenRequest.getGrantType());
        Assertions.assertNotNull(accessTokenRequest.getTicketGrantingTicket());
        Assertions.assertNull(this.ticketRegistry.getTicket(obj, OidcPushedAuthorizationRequest.class));
    }
}
