package org.apereo.cas.support.saml.web.idp.profile;

import java.util.UUID;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.saml.BaseSamlIdPConfigurationTests;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPPostProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.sso.SSOSamlIdPProfileCallbackHandlerControllerTests;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.MethodOrderer;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.TestMethodOrder;
import org.mockito.Mockito;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.SAMLException;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Import;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.test.context.TestPropertySource;
import org.springframework.web.servlet.ModelAndView;

@Tag("SAML")
@TestPropertySource(properties = {"cas.authn.saml-idp.metadata.file-system.location=file:src/test/resources/metadata"})
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
@Import({SSOSamlIdPProfileCallbackHandlerControllerTests.SamlIdPTestConfiguration.class})
/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/profile/SamlIdPProfileHandlerControllerTests.class */
public class SamlIdPProfileHandlerControllerTests extends BaseSamlIdPConfigurationTests {

    @Autowired
    @Qualifier("ssoPostProfileHandlerController")
    private SSOSamlIdPPostProfileHandlerController controller;

    @Test
    public void verifyNoMetadataForRequest() {
        SamlRegisteredService samlRegisteredService = new SamlRegisteredService();
        samlRegisteredService.setServiceId(UUID.randomUUID().toString());
        this.servicesManager.save(samlRegisteredService);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        Pair of = Pair.of(getAuthnRequestFor(samlRegisteredService.getServiceId()), new MessageContext());
        Assertions.assertThrows(UnauthorizedServiceException.class, () -> {
            this.controller.verifySamlAuthenticationRequest(of, mockHttpServletRequest);
        });
    }

    @Test
    public void verifyNoSignAuthnRequest() throws Exception {
        SamlRegisteredService samlRegisteredService = new SamlRegisteredService();
        samlRegisteredService.setServiceId(UUID.randomUUID().toString());
        this.servicesManager.save(samlRegisteredService);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        AuthnRequest authnRequestFor = getAuthnRequestFor(samlRegisteredService.getServiceId());
        SamlRegisteredServiceServiceProviderMetadataFacade samlRegisteredServiceServiceProviderMetadataFacade = (SamlRegisteredServiceServiceProviderMetadataFacade) Mockito.mock(SamlRegisteredServiceServiceProviderMetadataFacade.class);
        Mockito.when(Boolean.valueOf(samlRegisteredServiceServiceProviderMetadataFacade.isAuthnRequestsSigned())).thenReturn(true);
        MessageContext messageContext = new MessageContext();
        messageContext.setMessage(authnRequestFor);
        Assertions.assertThrows(SAMLException.class, () -> {
            this.controller.verifyAuthenticationContextSignature(messageContext, mockHttpServletRequest, authnRequestFor, samlRegisteredServiceServiceProviderMetadataFacade, samlRegisteredService);
        });
    }

    @Test
    public void verifyException() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("username", "casuser");
        ModelAndView handleUnauthorizedServiceException = this.controller.handleUnauthorizedServiceException(mockHttpServletRequest, new IllegalStateException());
        Assertions.assertEquals("error/casServiceErrorView", handleUnauthorizedServiceException.getViewName());
        Assertions.assertTrue(handleUnauthorizedServiceException.getModel().containsKey("rootCauseException"));
        Assertions.assertThrows(UnauthorizedServiceException.class, () -> {
            this.controller.verifySamlRegisteredService("");
        });
    }
}
