package org.apereo.cas.pm.web.flow.actions;

import java.util.UUID;
import org.apereo.cas.mock.MockTicketGrantingTicket;
import org.apereo.cas.pm.PasswordManagementQuery;
import org.apereo.cas.pm.web.flow.PasswordManagementWebflowUtils;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.TransientSessionTicket;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.MockRequestContext;
import org.apereo.cas.util.junit.EnabledIfListeningOnPort;
import org.apereo.cas.web.support.WebUtils;
import org.apereo.inspektr.common.web.ClientInfo;
import org.apereo.inspektr.common.web.ClientInfoHolder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.test.context.TestPropertySource;

@Tag("Mail")
@EnabledIfListeningOnPort(port = {25000})
/* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests.class */
class VerifyPasswordResetRequestActionTests {

    @Nested
    @TestPropertySource(properties = {"cas.ticket.tst.number-of-uses=2"})
    /* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests$PasswordResetTokenMultiUse.class */
    class PasswordResetTokenMultiUse extends BasePasswordManagementActionTests {
        PasswordResetTokenMultiUse(VerifyPasswordResetRequestActionTests verifyPasswordResetRequestActionTests) {
        }

        @Test
        void verifyAction() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(create).getId());
            create.getHttpServletRequest().setRemoteAddr("1.2.3.4");
            create.getHttpServletRequest().setLocalAddr("1.2.3.4");
            create.getHttpServletRequest().addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(ClientInfo.from(create.getHttpServletRequest()));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("casuser").build());
            TransientSessionTicket create2 = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create2);
            create.setParameter("pswdrst", create2.getId());
            Assertions.assertEquals("success", this.verifyPasswordResetRequestAction.execute(create).getId());
            Assertions.assertNotNull(this.ticketRegistry.getTicket(create2.getId()));
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.pm.reset.security-questions-enabled=false"})
    /* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests$SecurityQuestionsDisabled.class */
    class SecurityQuestionsDisabled extends BasePasswordManagementActionTests {
        SecurityQuestionsDisabled(VerifyPasswordResetRequestActionTests verifyPasswordResetRequestActionTests) {
        }

        @Test
        void verifyAction() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.getHttpServletRequest().setRemoteAddr("1.2.3.4");
            create.getHttpServletRequest().setLocalAddr("1.2.3.4");
            create.getHttpServletRequest().addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(ClientInfo.from(create.getHttpServletRequest()));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("casuser").build());
            TransientSessionTicket create2 = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create2);
            create.setParameter("pswdrst", create2.getId());
            Assertions.assertEquals("questionsDisabled", this.verifyPasswordResetRequestAction.execute(create).getId());
        }
    }

    @Nested
    /* loaded from: input_file:org/apereo/cas/pm/web/flow/actions/VerifyPasswordResetRequestActionTests$SecurityQuestionsEnabled.class */
    class SecurityQuestionsEnabled extends BasePasswordManagementActionTests {
        SecurityQuestionsEnabled(VerifyPasswordResetRequestActionTests verifyPasswordResetRequestActionTests) {
        }

        @Test
        void verifyInvalidToken() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setParameter("pswdrst", UUID.randomUUID().toString());
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(create).getId());
        }

        @Test
        void verifyActionWithoutToken() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.getHttpServletRequest().setRemoteAddr("1.2.3.4");
            create.getHttpServletRequest().setLocalAddr("1.2.3.4");
            create.getHttpServletRequest().addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(ClientInfo.from(create.getHttpServletRequest()));
            MockTicketGrantingTicket mockTicketGrantingTicket = new MockTicketGrantingTicket("casuser");
            this.ticketRegistry.addTicket(mockTicketGrantingTicket);
            WebUtils.putTicketGrantingTicketInScopes(create, mockTicketGrantingTicket);
            Assertions.assertEquals("success", this.verifyPasswordResetRequestAction.execute(create).getId());
        }

        @Test
        void verifyActionWithResetToken() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(create).getId());
            create.getHttpServletRequest().setRemoteAddr("1.2.3.4");
            create.getHttpServletRequest().setLocalAddr("1.2.3.4");
            create.getHttpServletRequest().addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(ClientInfo.from(create.getHttpServletRequest()));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("casuser").build());
            TransientSessionTicket create2 = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create2);
            create.setParameter("pswdrst", create2.getId());
            Assertions.assertEquals("success", this.verifyPasswordResetRequestAction.execute(create).getId());
            Assertions.assertTrue(PasswordManagementWebflowUtils.isPasswordResetSecurityQuestionsEnabled(create));
            Assertions.assertNotNull(PasswordManagementWebflowUtils.getPasswordResetUsername(create));
            Assertions.assertNotNull(PasswordManagementWebflowUtils.getPasswordResetToken(create));
            Assertions.assertThrows(InvalidTicketException.class, () -> {
                this.ticketRegistry.getTicket(create2.getId(), TransientSessionTicket.class);
            });
        }

        @Test
        void verifyNoQuestionsAvailAction() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.getHttpServletRequest().setRemoteAddr("1.2.3.4");
            create.getHttpServletRequest().setLocalAddr("1.2.3.4");
            create.getHttpServletRequest().addHeader("user-agent", "test");
            ClientInfoHolder.setClientInfo(ClientInfo.from(create.getHttpServletRequest()));
            String createToken = this.passwordManagementService.createToken(PasswordManagementQuery.builder().username("noquestions").build());
            TransientSessionTicket create2 = this.ticketFactory.get(TransientSessionTicket.class).create(this.webApplicationServiceFactory.createService(this.casProperties.getServer().getPrefix()), CollectionUtils.wrap("token", createToken));
            this.ticketRegistry.addTicket(create2);
            create.setParameter("pswdrst", create2.getId());
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(create).getId());
        }

        @Test
        void verifyBadTicketAction() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setParameter("pswdrst", "badticket");
            Assertions.assertEquals("error", this.verifyPasswordResetRequestAction.execute(create).getId());
        }
    }

    VerifyPasswordResetRequestActionTests() {
    }
}
