package org.apereo.cas.oidc.web;

import java.util.UUID;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.support.oauth.OAuth20ResponseTypes;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.TestPropertySource;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/web/OidcHandlerInterceptorAdapterTests.class */
class OidcHandlerInterceptorAdapterTests {

    @Nested
    @TestPropertySource(properties = {"cas.authn.oidc.registration.dynamic-client-registration-mode=PROTECTED"})
    /* loaded from: input_file:org/apereo/cas/oidc/web/OidcHandlerInterceptorAdapterTests$DefaultTests.class */
    class DefaultTests extends AbstractOidcTests {
        DefaultTests(OidcHandlerInterceptorAdapterTests oidcHandlerInterceptorAdapterTests) {
        }

        @Test
        void verifyNothing() throws Throwable {
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addHeader("user-agent", "MSIE");
            Assertions.assertTrue(this.oauthInterceptor.preHandle(mockHttpServletRequest, new MockHttpServletResponse(), new Object()));
        }

        @Test
        void verifyNoOIDC() throws Throwable {
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addHeader("user-agent", "MSIE");
            mockHttpServletRequest.setRequestURI("/device");
            Assertions.assertFalse(this.oauthInterceptor.preHandle(mockHttpServletRequest, new MockHttpServletResponse(), new Object()));
        }

        @Test
        void verifyConfigUrl() throws Throwable {
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addHeader("user-agent", "MSIE");
            mockHttpServletRequest.setRequestURI("/clientConfig");
            Assertions.assertFalse(this.oauthInterceptor.preHandle(mockHttpServletRequest, new MockHttpServletResponse(), new Object()));
        }

        @Test
        void verifyRegUrl() throws Throwable {
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addHeader("user-agent", "MSIE");
            mockHttpServletRequest.setRequestURI("/register");
            Assertions.assertFalse(this.oauthInterceptor.preHandle(mockHttpServletRequest, new MockHttpServletResponse(), new Object()));
        }

        @Test
        void verifyPushAuthzUrl() throws Throwable {
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addHeader("user-agent", "MSIE");
            mockHttpServletRequest.setRequestURI("/oidcPushAuthorize");
            Assertions.assertFalse(this.oauthInterceptor.preHandle(mockHttpServletRequest, new MockHttpServletResponse(), new Object()));
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.oidc.discovery.require-pushed-authorization-requests=true"})
    /* loaded from: input_file:org/apereo/cas/oidc/web/OidcHandlerInterceptorAdapterTests$PushedAuthorizationTests.class */
    class PushedAuthorizationTests extends AbstractOidcTests {
        PushedAuthorizationTests(OidcHandlerInterceptorAdapterTests oidcHandlerInterceptorAdapterTests) {
        }

        @Test
        void verifyAuthzUrl() throws Throwable {
            OAuthRegisteredService oAuthRegisteredService = getOAuthRegisteredService(UUID.randomUUID().toString(), "https://oauth.example.org");
            this.servicesManager.save(oAuthRegisteredService);
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.setRequestURI("/oidcAuthorize");
            mockHttpServletRequest.addParameter("client_id", oAuthRegisteredService.getClientId());
            mockHttpServletRequest.addParameter("redirect_uri", oAuthRegisteredService.getServiceId());
            mockHttpServletRequest.addParameter("response_type", OAuth20ResponseTypes.CODE.getType());
            mockHttpServletRequest.addHeader("user-agent", "MSIE");
            mockHttpServletRequest.setMethod(HttpMethod.GET.name());
            MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
            Assertions.assertFalse(this.oauthInterceptor.preHandle(mockHttpServletRequest, mockHttpServletResponse, new Object()));
            Assertions.assertEquals(HttpStatus.FORBIDDEN.value(), mockHttpServletResponse.getStatus());
        }
    }

    OidcHandlerInterceptorAdapterTests() {
    }
}
