package org.apereo.cas.support.saml.web.idp.delegation;

import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.config.SamlIdPDelegatedAuthenticationConfiguration;
import org.apereo.cas.pac4j.client.DelegatedClientAuthenticationRequestCustomizer;
import org.apereo.cas.support.saml.BaseSamlIdPConfigurationTests;
import org.apereo.cas.support.saml.SamlIdPTestUtils;
import org.apereo.cas.support.saml.SamlIdPUtils;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.RequestedAuthnContext;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.saml.client.SAML2Client;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Import;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("SAML2")
@Import({SamlIdPDelegatedAuthenticationConfiguration.class})
/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/delegation/SamlIdPDelegatedAuthenticationConfigurationTests.class */
public class SamlIdPDelegatedAuthenticationConfigurationTests extends BaseSamlIdPConfigurationTests {

    @Autowired
    @Qualifier("saml2DelegatedClientAuthenticationRequestCustomizer")
    private DelegatedClientAuthenticationRequestCustomizer customizer;

    @Test
    public void verifyOperation() throws Exception {
        SamlRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor("https://cassp.example.org");
        samlRegisteredServiceFor.setId(2000L);
        AuthnRequest authnRequest = SamlIdPTestUtils.getAuthnRequest(this.openSamlConfigBean, samlRegisteredServiceFor);
        authnRequest.setForceAuthn(true);
        authnRequest.setIsPassive(true);
        AuthnContextClassRef buildObject = this.openSamlConfigBean.getBuilderFactory().getBuilder(AuthnContextClassRef.DEFAULT_ELEMENT_NAME).buildObject(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
        buildObject.setURI("https://refeds.org/profile/mfa");
        RequestedAuthnContext buildObject2 = this.openSamlConfigBean.getBuilderFactory().getBuilder(RequestedAuthnContext.DEFAULT_ELEMENT_NAME).buildObject(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
        buildObject2.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
        buildObject2.getAuthnContextClassRefs().add(buildObject);
        authnRequest.setRequestedAuthnContext(buildObject2);
        JEEContext jEEContext = new JEEContext(new MockHttpServletRequest(), new MockHttpServletResponse());
        MessageContext messageContext = new MessageContext();
        messageContext.setMessage(authnRequest);
        SamlIdPUtils.storeSamlRequest(jEEContext, this.openSamlConfigBean, this.samlIdPDistributedSessionStore, Pair.of(authnRequest, messageContext));
        SAML2Client sAML2Client = (SAML2Client) Mockito.mock(SAML2Client.class);
        Assertions.assertTrue(this.customizer.supports(sAML2Client, jEEContext));
        this.customizer.customize(sAML2Client, jEEContext);
        Assertions.assertTrue(jEEContext.getRequestAttribute("ForceAuthn").isPresent());
        Assertions.assertTrue(jEEContext.getRequestAttribute("Passive").isPresent());
        Assertions.assertTrue(jEEContext.getRequestAttribute("AuthnContextClassRefs").isPresent());
        Assertions.assertTrue(jEEContext.getRequestAttribute("ComparisonType").isPresent());
    }
}
