package org.apereo.cas.pm;

import com.unboundid.ldap.sdk.LDAPConnection;
import java.util.Map;
import org.apereo.cas.adaptors.ldap.LdapIntegrationTestsOperations;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.util.junit.EnabledIfPortOpen;
import org.apereo.inspektr.common.web.ClientInfo;
import org.apereo.inspektr.common.web.ClientInfoHolder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.ldaptive.BindConnectionInitializer;
import org.ldaptive.Credential;
import org.springframework.core.io.ClassPathResource;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.TestPropertySource;

@Tag("Ldap")
@DirtiesContext
@TestPropertySource(properties = {"cas.authn.pm.reset.sms.attribute-name=telephoneNumber", "cas.authn.pm.ldap[0].ldap-url=ldap://localhost:11389", "cas.authn.pm.ldap[0].bind-dn=cn=admin,dc=example,dc=org", "cas.authn.pm.ldap[0].bind-credential=P@ssw0rd", "cas.authn.pm.ldap[0].base-dn=ou=people,dc=example,dc=org", "cas.authn.pm.ldap[0].search-filter=cn={0}", "cas.authn.pm.ldap[0].type=GENERIC", "cas.authn.pm.ldap[0].trust-manager=ANY", "cas.authn.pm.ldap[0].security-questions-attributes.registeredAddress=roomNumber"})
@EnabledIfPortOpen(port = {OpenLdapPasswordManagementServiceTests.LDAP_PORT})
/* loaded from: input_file:org/apereo/cas/pm/OpenLdapPasswordManagementServiceTests.class */
public class OpenLdapPasswordManagementServiceTests extends BaseLdapPasswordManagementServiceTests {
    private static final int LDAP_PORT = 11389;

    @BeforeAll
    public static void bootstrap() throws Exception {
        ClientInfoHolder.setClientInfo(new ClientInfo(new MockHttpServletRequest()));
        LdapIntegrationTestsOperations.populateEntries(new LDAPConnection("localhost", LDAP_PORT, "cn=admin,dc=example,dc=org", "P@ssw0rd"), new ClassPathResource("ldif/openldap-pm.ldif").getInputStream(), "ou=people,dc=example,dc=org", new BindConnectionInitializer("cn=admin,dc=example,dc=org", new Credential("P@ssw0rd")));
    }

    @Test
    public void verifyTokenCreationAndParsing() {
        String createToken = this.passwordChangeService.createToken("casuser");
        Assertions.assertNotNull(createToken);
        Assertions.assertEquals("casuser", this.passwordChangeService.parseToken(createToken));
    }

    @Test
    public void verifyPasswordChangedFails() {
        UsernamePasswordCredential usernamePasswordCredential = new UsernamePasswordCredential("caspm", "123456");
        PasswordChangeRequest passwordChangeRequest = new PasswordChangeRequest();
        passwordChangeRequest.setConfirmedPassword("Mellon");
        passwordChangeRequest.setPassword("Mellon");
        passwordChangeRequest.setUsername(usernamePasswordCredential.getUsername());
        Assertions.assertTrue(this.passwordChangeService.change(usernamePasswordCredential, passwordChangeRequest));
    }

    @Test
    public void verifyFindEmail() {
        Assertions.assertEquals("caspm@example.org", this.passwordChangeService.findEmail("caspm"));
    }

    @Test
    public void verifyFindPhone() {
        Assertions.assertEquals("1234567890", this.passwordChangeService.findPhone("caspm"));
    }

    @Test
    public void verifyFindSecurityQuestions() {
        Map securityQuestions = this.passwordChangeService.getSecurityQuestions("caspm");
        Assertions.assertEquals(1, securityQuestions.size());
        Assertions.assertTrue(securityQuestions.containsKey("RegisteredAddressQuestion"));
        Assertions.assertEquals("666", securityQuestions.get("RegisteredAddressQuestion"));
    }
}
