package org.apereo.cas.oidc.web.controllers.authorize;

import java.util.UUID;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.oidc.OidcConfigurationContext;
import org.apereo.cas.services.OidcRegisteredService;
import org.apereo.cas.support.oauth.OAuth20ResponseTypes;
import org.apereo.cas.util.CollectionUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.cas.profile.CasProfile;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.jee.context.JEEContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.TestPropertySource;

@Tag("OIDC")
@TestPropertySource(properties = {"cas.authn.oidc.discovery.require-pushed-authorization-requests=true"})
/* loaded from: input_file:org/apereo/cas/oidc/web/controllers/authorize/OidcPushedAuthorizeEndpointControllerTests.class */
public class OidcPushedAuthorizeEndpointControllerTests extends AbstractOidcTests {

    @Autowired
    @Qualifier("oidcPushedAuthorizeController")
    protected OidcPushedAuthorizeEndpointController oidcPushedAuthorizeController;

    @Test
    public void verifyGetOperationFails() throws Exception {
        Assertions.assertNotNull(this.oidcPushedAuthorizeController);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setMethod(HttpMethod.GET.name());
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Assertions.assertEquals(HttpStatus.METHOD_NOT_ALLOWED, this.oidcPushedAuthorizeController.handleRequest(mockHttpServletRequest, mockHttpServletResponse).getStatus());
        mockHttpServletRequest.setMethod(HttpMethod.POST.name());
        Assertions.assertEquals(HttpStatus.BAD_REQUEST, this.oidcPushedAuthorizeController.handleRequestPost(mockHttpServletRequest, mockHttpServletResponse).getStatus());
    }

    @Test
    public void verifyOperation() throws Exception {
        String uuid = UUID.randomUUID().toString();
        MockHttpServletRequest httpRequestForEndpoint = getHttpRequestForEndpoint("oidcPushAuthorize");
        httpRequestForEndpoint.setMethod(HttpMethod.GET.name());
        httpRequestForEndpoint.setParameter("client_id", uuid);
        httpRequestForEndpoint.setParameter("redirect_uri", "https://oauth.example.org/");
        httpRequestForEndpoint.setParameter("response_type", OAuth20ResponseTypes.TOKEN.name().toLowerCase());
        httpRequestForEndpoint.setContextPath("");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        OidcConfigurationContext configurationContext = this.oidcPushedAuthorizeController.getConfigurationContext();
        configurationContext.getCasProperties().getAuthn().getOauth().getSessionReplication().getCookie().setAutoConfigureCookiePath(false);
        configurationContext.getOauthDistributedSessionCookieGenerator().setCookiePath("");
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(uuid);
        oidcRegisteredService.setBypassApprovalPrompt(true);
        this.servicesManager.save(oidcRegisteredService);
        CasProfile casProfile = new CasProfile();
        casProfile.setId("casuser");
        SessionStore sessionStore = this.oidcPushedAuthorizeController.getConfigurationContext().getSessionStore();
        JEEContext jEEContext = new JEEContext(httpRequestForEndpoint, mockHttpServletResponse);
        MockTicketGrantingTicket mockTicketGrantingTicket = new MockTicketGrantingTicket("casuser");
        this.oidcPushedAuthorizeController.getConfigurationContext().getTicketRegistry().addTicket(mockTicketGrantingTicket);
        sessionStore.set(jEEContext, "ticketGrantingTicketId", mockTicketGrantingTicket.getId());
        sessionStore.set(jEEContext, "pac4jUserProfiles", CollectionUtils.wrapLinkedHashMap(casProfile.getClientName(), casProfile));
        Assertions.assertNotNull(this.oidcPushedAuthorizeController.handleRequestPost(httpRequestForEndpoint, mockHttpServletResponse));
    }
}
