package org.apereo.cas.oidc.profile;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.jwt.JWTClaimsSet;
import java.util.Map;
import java.util.UUID;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.services.OidcRegisteredService;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.apereo.cas.token.JwtBuilder;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.pac4j.jee.context.JEEContext;
import org.springframework.http.ResponseEntity;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("OIDC")
/* loaded from: input_file:org/apereo/cas/oidc/profile/OidcUserProfileViewRendererDefaultTests.class */
class OidcUserProfileViewRendererDefaultTests extends AbstractOidcTests {
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(false).build().toObjectMapper();

    OidcUserProfileViewRendererDefaultTests() {
    }

    @Test
    void verifyOperation() throws Throwable {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), mockHttpServletResponse);
        OAuth20AccessToken accessToken = getAccessToken();
        ResponseEntity render = this.oidcUserProfileViewRenderer.render(this.oidcUserProfileDataCreator.createFrom(accessToken, jEEContext), accessToken, mockHttpServletResponse);
        Assertions.assertNotNull(render);
        Assertions.assertNotNull(render.getBody());
        Map map = (Map) MAPPER.readValue(render.getBody().toString(), Map.class);
        Assertions.assertTrue(map.containsKey("auth_time"));
        Assertions.assertTrue(map.containsKey("sub"));
        Assertions.assertTrue(map.containsKey("id"));
        Assertions.assertTrue(map.containsKey("client_id"));
        Assertions.assertTrue(map.containsKey("attributes"));
        Assertions.assertTrue(map.containsKey("service"));
        Map map2 = (Map) map.get("attributes");
        Assertions.assertTrue(map2.containsKey("email"));
        Assertions.assertEquals("casuser@example.org", CollectionUtils.firstElement(map2.get("email")).get());
    }

    @Test
    void verifyOperationOAuth() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), mockHttpServletResponse);
        OAuth20AccessToken accessToken = getAccessToken(uuid);
        this.servicesManager.save(getOAuthRegisteredService(uuid, "https://somthing.com"));
        ResponseEntity render = this.oidcUserProfileViewRenderer.render(this.oidcUserProfileDataCreator.createFrom(accessToken, jEEContext), accessToken, mockHttpServletResponse);
        Assertions.assertNotNull(render);
        Assertions.assertNotNull(render.getBody());
    }

    @Test
    void verifyOperationEncryptedAndSigned() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), mockHttpServletResponse);
        OAuth20AccessToken accessToken = getAccessToken(uuid);
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(uuid);
        oidcRegisteredService.setUserInfoEncryptedResponseEncoding("A128CBC-HS256");
        oidcRegisteredService.setUserInfoEncryptedResponseAlg("RSA-OAEP-256");
        oidcRegisteredService.setUserInfoSigningAlg("RS256");
        oidcRegisteredService.setSignIdToken(true);
        oidcRegisteredService.setEncryptIdToken(true);
        this.servicesManager.save(oidcRegisteredService);
        ResponseEntity render = this.oidcUserProfileViewRenderer.render(this.oidcUserProfileDataCreator.createFrom(accessToken, jEEContext), accessToken, mockHttpServletResponse);
        Assertions.assertNotNull(render);
        Assertions.assertNotNull(render.getBody());
    }

    @Test
    void verifyOperationSigned() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), mockHttpServletResponse);
        OAuth20AccessToken accessToken = getAccessToken(uuid);
        OidcRegisteredService oidcRegisteredService = getOidcRegisteredService(uuid);
        oidcRegisteredService.setUserInfoSigningAlg("RS256");
        oidcRegisteredService.setSignIdToken(true);
        oidcRegisteredService.setEncryptIdToken(false);
        this.servicesManager.save(oidcRegisteredService);
        ResponseEntity render = this.oidcUserProfileViewRenderer.render(this.oidcUserProfileDataCreator.createFrom(accessToken, jEEContext), accessToken, mockHttpServletResponse);
        Assertions.assertNotNull(render);
        String str = (String) render.getBody();
        Assertions.assertNotNull(str);
        JWTClaimsSet parse = JwtBuilder.parse(str);
        Assertions.assertNotNull(parse);
        Assertions.assertEquals("casuser@example.org", ((Map) parse.getClaim("attributes")).get("email"));
        Assertions.assertEquals("https://sso.example.org/cas/oidc", parse.getIssuer());
    }
}
