package org.apereo.cas.pm.web.flow.actions;

import java.util.UUID;
import org.apereo.cas.pm.PasswordManagementQuery;
import org.apereo.cas.pm.web.flow.PasswordManagementWebflowUtils;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.TransientSessionTicket;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.junit.EnabledIfListeningOnPort;
import org.apereo.inspektr.common.web.ClientInfo;
import org.apereo.inspektr.common.web.ClientInfoHolder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockServletContext;
import org.springframework.test.context.TestPropertySource;
import org.springframework.webflow.context.servlet.ServletExternalContext;
import org.springframework.webflow.test.MockRequestContext;

@Tag("Mail")
@EnabledIfListeningOnPort(port = {25000})
/* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests.class */
public class VerifyPasswordResetRequestActionTests {

    @Nested
    @TestPropertySource(properties = {"cas.ticket.tst.number-of-uses=2"})
    /* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests$PasswordResetTokenMultiUse.class */
    public class PasswordResetTokenMultiUse extends BasePasswordManagementActionTests {
        public PasswordResetTokenMultiUse() {
        }

        @Test
        public void verifyAction() throws Exception {
            MockRequestContext mockRequestContext = new MockRequestContext();
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
            mockHttpServletRequest.setRemoteAddr("1.2.3.4");
            mockHttpServletRequest.setLocalAddr("1.2.3.4");
            mockHttpServletRequest.addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(new ClientInfo(mockHttpServletRequest));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("casuser").build());
            TransientSessionTicket create = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create);
            mockHttpServletRequest.addParameter("pswdrst", create.getId());
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("success", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
            Assertions.assertNotNull(this.ticketRegistry.getTicket(create.getId()));
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pm.reset.security-questions-enabled=false"})
    /* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests$SecurityQuestionsDisabled.class */
    public class SecurityQuestionsDisabled extends BasePasswordManagementActionTests {
        public SecurityQuestionsDisabled() {
        }

        @Test
        public void verifyAction() throws Exception {
            MockRequestContext mockRequestContext = new MockRequestContext();
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            mockHttpServletRequest.setRemoteAddr("1.2.3.4");
            mockHttpServletRequest.setLocalAddr("1.2.3.4");
            mockHttpServletRequest.addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(new ClientInfo(mockHttpServletRequest));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("casuser").build());
            TransientSessionTicket create = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create);
            mockHttpServletRequest.addParameter("pswdrst", create.getId());
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("questionsDisabled", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
        }
    }

    @Nested
    /* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests$SecurityQuestionsEnabled.class */
    public class SecurityQuestionsEnabled extends BasePasswordManagementActionTests {
        public SecurityQuestionsEnabled() {
        }

        @Test
        public void verifyInvalidToken() throws Exception {
            MockRequestContext mockRequestContext = new MockRequestContext();
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            mockHttpServletRequest.addParameter("pswdrst", UUID.randomUUID().toString());
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
        }

        @Test
        public void verifyAction() throws Exception {
            MockRequestContext mockRequestContext = new MockRequestContext();
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
            mockHttpServletRequest.setRemoteAddr("1.2.3.4");
            mockHttpServletRequest.setLocalAddr("1.2.3.4");
            mockHttpServletRequest.addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(new ClientInfo(mockHttpServletRequest));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("casuser").build());
            TransientSessionTicket create = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create);
            mockHttpServletRequest.addParameter("pswdrst", create.getId());
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("success", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
            Assertions.assertTrue(PasswordManagementWebflowUtils.isPasswordResetSecurityQuestionsEnabled(mockRequestContext));
            Assertions.assertNotNull(PasswordManagementWebflowUtils.getPasswordResetUsername(mockRequestContext));
            Assertions.assertNotNull(PasswordManagementWebflowUtils.getPasswordResetToken(mockRequestContext));
            Assertions.assertThrows(InvalidTicketException.class, () -> {
                this.ticketRegistry.getTicket(create.getId(), TransientSessionTicket.class);
            });
        }

        @Test
        public void verifyNoQuestionsAvailAction() throws Exception {
            MockRequestContext mockRequestContext = new MockRequestContext();
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.setRemoteAddr("1.2.3.4");
            mockHttpServletRequest.setLocalAddr("1.2.3.4");
            mockHttpServletRequest.addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(new ClientInfo(mockHttpServletRequest));
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("noquestions").build());
            TransientSessionTicket create = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create);
            mockHttpServletRequest.addParameter("pswdrst", create.getId());
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
        }

        @Test
        public void verifyBadTicketAction() throws Exception {
            MockRequestContext mockRequestContext = new MockRequestContext();
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addParameter("pswdrst", "badticket");
            mockRequestContext.setExternalContext(new ServletExternalContext(new MockServletContext(), mockHttpServletRequest, new MockHttpServletResponse()));
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(mockRequestContext).getId());
        }
    }
}
