package org.apereo.cas.oidc.jwks;

import java.io.File;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import org.apache.commons.io.FileUtils;
import org.apereo.cas.oidc.AbstractOidcTests;
import org.apereo.cas.oidc.jwks.generator.OidcJsonWebKeystoreGeneratorService;
import org.apereo.cas.util.ResourceUtils;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.PublicJsonWebKey;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.core.io.ByteArrayResource;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.test.context.TestPropertySource;

@Tag("OIDC")
@TestPropertySource(properties = {"cas.authn.oidc.jwks.core.jwks-type=ec", "cas.authn.oidc.jwks.core.jwks-key-size=384", "cas.authn.oidc.jwks.file-system.jwks-file=file:${#systemProperties['java.io.tmpdir']}/keystore.jwks"})
/* loaded from: input_file:org/apereo/cas/oidc/jwks/OidcDefaultJsonWebKeystoreCacheLoaderTests.class */
class OidcDefaultJsonWebKeystoreCacheLoaderTests extends AbstractOidcTests {
    OidcDefaultJsonWebKeystoreCacheLoaderTests() {
    }

    @BeforeAll
    public static void setup() throws Throwable {
        File file = new File(FileUtils.getTempDirectory(), "keystore.jwks");
        if (file.exists()) {
            FileUtils.delete(file);
        }
    }

    @Test
    void verifyNoWebKeys() throws Throwable {
        JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(new JsonWebKey[0]);
        OidcDefaultJsonWebKeystoreCacheLoader oidcDefaultJsonWebKeystoreCacheLoader = (OidcDefaultJsonWebKeystoreCacheLoader) Mockito.mock(OidcDefaultJsonWebKeystoreCacheLoader.class);
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.buildJsonWebKeySet((OidcJsonWebKeyCacheKey) Mockito.any(OidcJsonWebKeyCacheKey.class))).thenReturn(Optional.of(jsonWebKeySet));
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.load((OidcJsonWebKeyCacheKey) Mockito.any(OidcJsonWebKeyCacheKey.class))).thenCallRealMethod();
        Assertions.assertNull(oidcDefaultJsonWebKeystoreCacheLoader.load(new OidcJsonWebKeyCacheKey(UUID.randomUUID().toString(), OidcJsonWebKeyUsage.SIGNING)));
        jsonWebKeySet.getJsonWebKeys().add((JsonWebKey) Mockito.mock(JsonWebKey.class));
        Assertions.assertNull(oidcDefaultJsonWebKeystoreCacheLoader.load(new OidcJsonWebKeyCacheKey(UUID.randomUUID().toString(), OidcJsonWebKeyUsage.SIGNING)));
    }

    @Test
    void verifyBadKeyCount() throws Throwable {
        JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(new JsonWebKey[0]);
        PublicJsonWebKey publicJsonWebKey = (PublicJsonWebKey) Mockito.mock(PublicJsonWebKey.class);
        jsonWebKeySet.getJsonWebKeys().add(publicJsonWebKey);
        OidcDefaultJsonWebKeystoreCacheLoader oidcDefaultJsonWebKeystoreCacheLoader = (OidcDefaultJsonWebKeystoreCacheLoader) Mockito.mock(OidcDefaultJsonWebKeystoreCacheLoader.class);
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.buildJsonWebKeySet((OidcJsonWebKeyCacheKey) Mockito.any(OidcJsonWebKeyCacheKey.class))).thenCallRealMethod();
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.load((OidcJsonWebKeyCacheKey) Mockito.any(OidcJsonWebKeyCacheKey.class))).thenCallRealMethod();
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.generateJwksResource()).thenReturn(new ByteArrayResource("jwks".getBytes(StandardCharsets.UTF_8)));
        Mockito.when(oidcDefaultJsonWebKeystoreCacheLoader.buildJsonWebKeySet((Resource) Mockito.any(Resource.class), (OidcJsonWebKeyCacheKey) Mockito.any(OidcJsonWebKeyCacheKey.class))).thenReturn(jsonWebKeySet);
        Assertions.assertNull(oidcDefaultJsonWebKeystoreCacheLoader.load(new OidcJsonWebKeyCacheKey(UUID.randomUUID().toString(), OidcJsonWebKeyUsage.SIGNING)));
        Mockito.when(publicJsonWebKey.getAlgorithm()).thenReturn("some-alg");
        Assertions.assertNull(oidcDefaultJsonWebKeystoreCacheLoader.load(new OidcJsonWebKeyCacheKey(UUID.randomUUID().toString(), OidcJsonWebKeyUsage.SIGNING)));
    }

    @Test
    void verifyOperation() throws Throwable {
        Assertions.assertNotNull((JsonWebKeySet) this.oidcDefaultJsonWebKeystoreCache.get(new OidcJsonWebKeyCacheKey("https://sso.example.org/cas/oidc", OidcJsonWebKeyUsage.SIGNING)));
        Assertions.assertNotNull((JsonWebKeySet) this.oidcDefaultJsonWebKeystoreCache.get(new OidcJsonWebKeyCacheKey("https://sso.example.org/cas/oidc", OidcJsonWebKeyUsage.SIGNING)));
    }

    @Test
    void verifyNullResource() throws Throwable {
        OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService = (OidcJsonWebKeystoreGeneratorService) Mockito.mock(OidcJsonWebKeystoreGeneratorService.class);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn((Object) null);
        Assertions.assertNull(new OidcDefaultJsonWebKeystoreCacheLoader(oidcJsonWebKeystoreGeneratorService).load(new OidcJsonWebKeyCacheKey("https://cas.example.org", OidcJsonWebKeyUsage.SIGNING)));
    }

    @Test
    void verifyEmptyFile() throws Throwable {
        OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService = (OidcJsonWebKeystoreGeneratorService) Mockito.mock(OidcJsonWebKeystoreGeneratorService.class);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn(ResourceUtils.EMPTY_RESOURCE);
        OidcDefaultJsonWebKeystoreCacheLoader oidcDefaultJsonWebKeystoreCacheLoader = new OidcDefaultJsonWebKeystoreCacheLoader(oidcJsonWebKeystoreGeneratorService);
        Assertions.assertNull(oidcDefaultJsonWebKeystoreCacheLoader.load(new OidcJsonWebKeyCacheKey("https://cas.example.org", OidcJsonWebKeyUsage.SIGNING)));
        File createTempFile = File.createTempFile("keys", ".json");
        FileUtils.writeStringToFile(createTempFile, new JsonWebKeySet(List.of()).toJson(), StandardCharsets.UTF_8);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn(new FileSystemResource(createTempFile));
        Assertions.assertNull(oidcDefaultJsonWebKeystoreCacheLoader.load(new OidcJsonWebKeyCacheKey("https://cas.example.org", OidcJsonWebKeyUsage.SIGNING)));
    }

    @Test
    void verifyBadKeys() throws Throwable {
        OidcJsonWebKeystoreGeneratorService oidcJsonWebKeystoreGeneratorService = (OidcJsonWebKeystoreGeneratorService) Mockito.mock(OidcJsonWebKeystoreGeneratorService.class);
        Mockito.when(oidcJsonWebKeystoreGeneratorService.generate()).thenReturn(new ByteArrayResource("{ \"keys\": [ {\"kty\":\"EC\",\"x\":\"sPlKwAgSxxOE\",\"y\":\"6AyisnUKM9H8\",\"crv\":\"P-256\"} ]}".getBytes(StandardCharsets.UTF_8)));
        Assertions.assertNull(new OidcDefaultJsonWebKeystoreCacheLoader(oidcJsonWebKeystoreGeneratorService).load(new OidcJsonWebKeyCacheKey("https://cas.example.org", OidcJsonWebKeyUsage.SIGNING)));
    }
}
