package org.apereo.cas.web.saml2;

import java.util.Collection;
import org.apereo.cas.pac4j.client.DelegatedIdentityProviderFactory;
import org.apereo.cas.support.pac4j.authentication.attributes.GroovyAttributeConverter;
import org.apereo.cas.test.CasTestExtension;
import org.apereo.cas.web.saml2.BaseSaml2DelegatedAuthenticationTests;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mockito;
import org.pac4j.core.profile.converter.AttributeConverter;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.metadata.DefaultSAML2MetadataSigner;
import org.pac4j.saml.store.HttpSessionStoreFactory;
import org.pac4j.saml.store.SAMLMessageStoreFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import;
import org.springframework.test.context.TestPropertySource;

@Tag("SAML2Web")
/* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests.class */
class DelegatedSaml2IdentityProviderTests {

    @ExtendWith({CasTestExtension.class})
    @SpringBootTest(classes = {BaseSaml2DelegatedAuthenticationTests.SharedTestConfiguration.class}, properties = {"cas.custom.properties.delegation-test.enabled=false"})
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$BaseTests.class */
    static abstract class BaseTests {

        @Autowired
        @Qualifier("pac4jDelegatedClientFactory")
        protected DelegatedIdentityProviderFactory delegatedIdentityProviderFactory;

        BaseTests() {
        }
    }

    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$CustomAttributeConverterForTest.class */
    public static class CustomAttributeConverterForTest implements AttributeConverter {
        public Object convert(Object obj) {
            return null;
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pac4j.saml[0].keystore-path=file:/tmp/keystore-${#randomNumber6}.jks", "cas.authn.pac4j.saml[0].callback-url-type=NONE", "cas.authn.pac4j.saml[0].keystore-password=1234567890", "cas.authn.pac4j.saml[0].private-key-password=1234567890", "cas.authn.pac4j.saml[0].metadata.identity-provider-metadata-path=classpath:idp-metadata.xml", "cas.authn.pac4j.saml[0].metadata.service-provider.file-system.location=file:/tmp/sp.xml", "cas.authn.pac4j.saml[0].service-provider-entity-id=test-entityid", "cas.authn.pac4j.saml[0].message-store-factory=org.pac4j.saml.store.HttpSessionStoreFactory", "cas.authn.pac4j.saml[0].name-id-policy-format=transient", "cas.authn.pac4j.saml[0].mapped-attributes[0]=attr1->givenName", "cas.authn.pac4j.saml[0].requested-attributes[0].name=requestedAttribute", "cas.authn.pac4j.saml[0].requested-attributes[0].friendly-name=friendlyRequestedName", "cas.authn.pac4j.saml[0].blocked-signature-signing-algorithms[0]=sha-1", "cas.authn.pac4j.saml[0].signature-algorithms[0]=sha-256", "cas.authn.pac4j.saml[0].signature-reference-digest-methods[0]=sha-256", "cas.authn.pac4j.saml[0].authn-context-class-ref[0]=classRef1", "cas.authn.pac4j.saml[0].assertion-consumer-service-index=1", "cas.authn.pac4j.saml[0].principal-id-attribute=givenName", "cas.authn.pac4j.saml[0].force-keystore-generation=true", "cas.authn.pac4j.saml[1].message-store-factory=org.pac4j.saml.store.HttpSessionStoreFactory", "cas.authn.pac4j.saml[1].keystore-path=file:/tmp/keystore-${#randomNumber6}.jks", "cas.authn.pac4j.saml[1].keystore-password=2234567890", "cas.authn.pac4j.saml[1].private-key-password=2234567890", "cas.authn.pac4j.saml[1].metadata.identity-provider-metadata-path=https://idp.unicon.net/idp/shibboleth", "cas.authn.pac4j.saml[1].metadata.service-provider.file-system.location=file:/tmp/sp2.xml", "cas.authn.pac4j.saml[1].service-provider-entity-id=test-entityid2", "cas.authn.pac4j.core.lazy-init=false"})
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$Saml2Clients.class */
    class Saml2Clients extends BaseTests {
        Saml2Clients(DelegatedSaml2IdentityProviderTests delegatedSaml2IdentityProviderTests) {
        }

        @Test
        void verifyClient() throws Throwable {
            Collection build = this.delegatedIdentityProviderFactory.build();
            Assertions.assertEquals(2, build.size());
            build.forEach(baseClient -> {
                SAML2Client sAML2Client = (SAML2Client) baseClient;
                Assertions.assertTrue(sAML2Client.isInitialized());
                Assertions.assertInstanceOf(HttpSessionStoreFactory.class, sAML2Client.getConfiguration().getSamlMessageStoreFactory());
                Assertions.assertNotNull(sAML2Client.getIdentityProviderMetadataResolver().getEntityId());
            });
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pac4j.saml[0].saml2-attribute-converter=org.apereo.cas.web.saml2.DelegatedSaml2IdentityProviderTests.CustomAttributeConverterForTest", "cas.authn.pac4j.saml[0].keystore-path=file:/tmp/keystore-${#randomNumber6}.jks", "cas.authn.pac4j.saml[0].keystore-password=1234567890", "cas.authn.pac4j.saml[0].private-key-password=1234567890", "cas.authn.pac4j.saml[0].metadata.identity-provider-metadata-path=classpath:idp-metadata.xml", "cas.authn.pac4j.saml[0].metadata.service-provider.file-system.location=file:/tmp/sp.xml", "cas.authn.pac4j.saml[0].service-provider-entity-id=test-entityid", "cas.authn.pac4j.saml[0].metadata-signer-strategy=xmlsec", "cas.authn.pac4j.core.lazy-init=true"})
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$Saml2ClientsWithCustomAttributeConverter.class */
    class Saml2ClientsWithCustomAttributeConverter extends BaseTests {
        Saml2ClientsWithCustomAttributeConverter(DelegatedSaml2IdentityProviderTests delegatedSaml2IdentityProviderTests) {
        }

        @Test
        void verifyClient() throws Throwable {
            Collection build = this.delegatedIdentityProviderFactory.build();
            Assertions.assertEquals(1, build.size());
            Assertions.assertInstanceOf(CustomAttributeConverterForTest.class, ((SAML2Client) build.stream().findFirst().get()).getConfiguration().getSamlAttributeConverter());
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pac4j.saml[0].keystore-path=file:/tmp/keystore-${#randomNumber6}.jks", "cas.authn.pac4j.saml[0].keystore-password=1234567890", "cas.authn.pac4j.saml[0].private-key-password=1234567890", "cas.authn.pac4j.saml[0].metadata.identity-provider-metadata-path=classpath:idp-metadata.xml", "cas.authn.pac4j.saml[0].metadata.service-provider.file-system.location=file:/tmp/sp.xml", "cas.authn.pac4j.saml[0].service-provider-entity-id=test-entityid", "cas.authn.pac4j.saml[0].message-store-factory=org.pac4j.saml.store.unknown", "cas.authn.pac4j.core.lazy-init=true"})
    @Import({SamlMessageStoreTestConfiguration.class})
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$Saml2ClientsWithCustomMessageStore.class */
    class Saml2ClientsWithCustomMessageStore extends BaseTests {
        Saml2ClientsWithCustomMessageStore(DelegatedSaml2IdentityProviderTests delegatedSaml2IdentityProviderTests) {
        }

        @Test
        void verifyClient() throws Throwable {
            Collection build = this.delegatedIdentityProviderFactory.build();
            Assertions.assertEquals(1, build.size());
            SAML2Client sAML2Client = (SAML2Client) build.iterator().next();
            Assertions.assertNotNull(sAML2Client.getConfiguration().getSamlMessageStoreFactory());
            Assertions.assertInstanceOf(DefaultSAML2MetadataSigner.class, sAML2Client.getConfiguration().getMetadataSigner());
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pac4j.saml[0].saml2-attribute-converter=classpath:/SAMLAttributeConverter.groovy", "cas.authn.pac4j.saml[0].keystore-path=file:/tmp/keystore-${#randomNumber6}.jks", "cas.authn.pac4j.saml[0].keystore-password=1234567890", "cas.authn.pac4j.saml[0].private-key-password=1234567890", "cas.authn.pac4j.saml[0].metadata.identity-provider-metadata-path=classpath:idp-metadata.xml", "cas.authn.pac4j.saml[0].metadata.service-provider.file-system.location=file:/tmp/sp.xml", "cas.authn.pac4j.saml[0].service-provider-entity-id=test-entityid", "cas.authn.pac4j.saml[0].metadata-signer-strategy=xmlsec", "cas.authn.pac4j.core.lazy-init=true"})
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$Saml2ClientsWithGroovyAttributeConverter.class */
    class Saml2ClientsWithGroovyAttributeConverter extends BaseTests {
        Saml2ClientsWithGroovyAttributeConverter(DelegatedSaml2IdentityProviderTests delegatedSaml2IdentityProviderTests) {
        }

        @Test
        void verifyClient() throws Throwable {
            Collection build = this.delegatedIdentityProviderFactory.build();
            Assertions.assertEquals(1, build.size());
            Assertions.assertInstanceOf(GroovyAttributeConverter.class, ((SAML2Client) build.stream().findFirst().orElseThrow()).getConfiguration().getSamlAttributeConverter());
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pac4j.saml[0].keystore-path=file:/tmp/keystore-${#randomNumber6}.jks", "cas.authn.pac4j.saml[0].keystore-password=1234567890", "cas.authn.pac4j.saml[0].private-key-password=1234567890", "cas.authn.pac4j.saml[0].metadata.identity-provider-metadata-path=classpath:idp-metadata.xml", "cas.authn.pac4j.saml[0].metadata.service-provider.file-system.location=file:/tmp/sp.xml", "cas.authn.pac4j.saml[0].service-provider-entity-id=test-entityid", "cas.authn.pac4j.saml[0].message-store-factory=org.pac4j.saml.store.unknown", "cas.authn.pac4j.core.lazy-init=true"})
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$Saml2ClientsWithUnknownMessageStore.class */
    class Saml2ClientsWithUnknownMessageStore extends BaseTests {
        Saml2ClientsWithUnknownMessageStore(DelegatedSaml2IdentityProviderTests delegatedSaml2IdentityProviderTests) {
        }

        @Test
        void verifyClient() throws Throwable {
            Assertions.assertEquals(1, this.delegatedIdentityProviderFactory.build().size());
        }
    }

    @TestConfiguration(value = "SamlMessageStoreTestConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/web/saml2/DelegatedSaml2IdentityProviderTests$SamlMessageStoreTestConfiguration.class */
    static class SamlMessageStoreTestConfiguration {
        SamlMessageStoreTestConfiguration() {
        }

        @Bean
        public SAMLMessageStoreFactory delegatedSaml2ClientSAMLMessageStoreFactory() {
            return (SAMLMessageStoreFactory) Mockito.mock(SAMLMessageStoreFactory.class);
        }
    }

    DelegatedSaml2IdentityProviderTests() {
    }
}
