package org.apereo.cas.support.saml.services;

import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.http.client.utils.URIBuilder;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.BaseWebBasedRegisteredService;
import org.apereo.cas.services.CasRegisteredService;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.support.saml.BaseSamlIdPConfigurationTests;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.EncodingUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.MockedStatic;
import org.mockito.Mockito;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Tag("SAML2")
/* loaded from: input_file:org/apereo/cas/support/saml/services/SamlIdPServicesManagerRegisteredServiceLocatorTests.class */
public class SamlIdPServicesManagerRegisteredServiceLocatorTests extends BaseSamlIdPConfigurationTests {
    private static final String SAML_AUTHN_REQUEST1 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><saml2p:AuthnRequest xmlns:saml2p=\"urn:oasis:names:tc:SAML:2.0:protocol\" AssertionConsumerServiceURL=\"http://localhost:8081/callback?client_name=SAML2Client\" ForceAuthn=\"false\" IssueInstant=\"2018-10-05T14:52:47.084Z\" ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Version=\"2.0\"><saml2:Issuer xmlns:saml2=\"urn:oasis:names:tc:SAML:2.0:assertion\">%s</saml2:Issuer><saml2p:NameIDPolicy AllowCreate=\"true\"/></saml2p:AuthnRequest>";
    private static final String SAML_LOGOUT_REQUEST1 = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><saml2p:LogoutRequest xmlns:saml2p=\"urn:oasis:names:tc:SAML:2.0:protocol\" Destination=\"http://localhost:8081/callback?client_name=SAML2Client\" ID=\"_81838f9e55714ae79732d8525266bc230c53dbe\" IssueInstant=\"2021-04-06T12:22:57.210Z\" Version=\"2.0\"><saml2:Issuer xmlns:saml2=\"urn:oasis:names:tc:SAML:2.0:assertion\">%s</saml2:Issuer><saml2:NameID xmlns:saml2=\"urn:oasis:names:tc:SAML:2.0:assertion\" Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\">bellini</saml2:NameID><saml2p:SessionIndex>ST-1-7EEGV0DEBGW5I-FhzInvmTzVG8o</saml2p:SessionIndex></saml2p:LogoutRequest>";
    private static final String SAML_AUTHN_REQUEST2 = "fVNdj9owEHyv1P9g+Z3E5OAoFlBR6AcShYjQPvSlMvbmsJTYrte5o/++ToATlVqeYtkzszO7mwmKunJ83oSj2cGvBjCQU10Z5N3DlDbecCtQIzeiBuRB8mL+dc2zhHHnbbDSVvSGcp8hEMEHbQ0lq+WUbjcf19vPq83Pd2w8YqOSsQcmhoqxx4zJsRqrcjwqH7ORKGGspMwGlHwHj5E/pVGOktzbZ63Ab2KlKS1yEmKAqI3YwMpgECZEJOsPemzU6z/uswc+zPhg+IOSZURqI0IndgzB8TTVyiVwErWrIJG2TotiW4B/1hISd3RduS7wB22UNk/3sx7OIORf9vu8l2+LPSXza/6FNdjU4C/y33brVxP4twcFte2nUQtOrYn3QiKdvX1DyKRtN++i+lnLxTO5bQEe9SGx/iltDwdbQTj20E3SW8qrhuNt+1bL3FZa/iafrK9F+H+2ftLvbrTqlR2UQy10NVfKA2LMWFX2ZeFBhDiS4Bug6W2ty5aB6nYu9iHAKZCFrZ3wGtthxPQynDNeU95iF1Xcoh2Us7uLJrlscfE6j58X61U7PJCx8N4Lg876cOnHP8U7x+kdyxFxfb/9e2Z/AA==";

    @BeforeEach
    public void setup() {
        this.servicesManager.deleteAll();
    }

    @Test
    public void verifyInCommonAggregateWithCallback() throws Exception {
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("http://localhost:8443/cas/idp/profile/SAML2/Callback.*");
        registeredService.setEvaluationOrder(0);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor("https://sp.testshib.org/shibboleth-sp");
        samlRegisteredServiceFor.setEvaluationOrder(100);
        BaseWebBasedRegisteredService samlRegisteredServiceFor2 = getSamlRegisteredServiceFor(".+");
        samlRegisteredServiceFor2.setMetadataLocation("https://mdq.incommon.org/entities");
        samlRegisteredServiceFor2.setEvaluationOrder(1000);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor, samlRegisteredServiceFor2});
        this.servicesManager.save((RegisteredService[]) wrapList.toArray(new RegisteredService[0]));
        Collections.sort(wrapList);
        URIBuilder uRIBuilder = new URIBuilder("http://localhost:8443/cas/idp/profile/SAML2/Callback?entityId=https://sp.testshib.org/shibboleth-sp");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("http://localhost:8443/cas/idp/profile/SAML2/Callback");
        uRIBuilder.getQueryParams().forEach(nameValuePair -> {
            mockHttpServletRequest.addParameter(nameValuePair.getName(), nameValuePair.getValue());
        });
        RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(mockHttpServletRequest, new MockHttpServletResponse()));
        Assertions.assertEquals(this.servicesManager.findServiceBy(this.webApplicationServiceFactory.createService(uRIBuilder.toString())), samlRegisteredServiceFor);
    }

    @Test
    public void verifyLogoutOperation() {
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator);
        Assertions.assertEquals(Integer.MIN_VALUE, this.samlIdPServicesManagerRegisteredServiceLocator.getOrder());
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(".+");
        registeredService.setEvaluationOrder(10);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, ".+");
        samlRegisteredServiceFor.setEvaluationOrder(9);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor});
        Collections.sort(wrapList);
        WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
        createService.setAttributes(Map.of("SAMLRequest", List.of(EncodingUtils.encodeBase64(String.format(SAML_LOGOUT_REQUEST1, createService.getId())))));
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator.locate(wrapList, createService));
    }

    @Test
    public void verifyOperation() {
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator);
        Assertions.assertEquals(Integer.MIN_VALUE, this.samlIdPServicesManagerRegisteredServiceLocator.getOrder());
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(".+");
        registeredService.setEvaluationOrder(10);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, ".+");
        samlRegisteredServiceFor.setEvaluationOrder(9);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor});
        Collections.sort(wrapList);
        WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
        createService.setAttributes(Map.of("SAMLRequest", List.of(EncodingUtils.encodeBase64(String.format(SAML_AUTHN_REQUEST1, createService.getId())))));
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator.locate(wrapList, createService));
    }

    @Test
    public void verifyRedirectEncodedSamlRequestOperation() {
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator);
        Assertions.assertEquals(Integer.MIN_VALUE, this.samlIdPServicesManagerRegisteredServiceLocator.getOrder());
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("mmoayyed.*");
        registeredService.setEvaluationOrder(10);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, ".+");
        samlRegisteredServiceFor.setEvaluationOrder(9);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor});
        Collections.sort(wrapList);
        WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
        createService.setAttributes(Map.of("SAMLRequest", List.of(SAML_AUTHN_REQUEST2)));
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator.locate(wrapList, createService));
    }

    @Test
    public void verifyEntityIdParam() {
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator);
        Assertions.assertEquals(Integer.MIN_VALUE, this.samlIdPServicesManagerRegisteredServiceLocator.getOrder());
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(".+");
        registeredService.setEvaluationOrder(10);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, ".+");
        samlRegisteredServiceFor.setEvaluationOrder(9);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor});
        Collections.sort(wrapList);
        WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
        createService.setAttributes(Map.of("entityId", List.of(createService.getId())));
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator.locate(wrapList, createService));
    }

    @Test
    public void verifyProviderIdParam() {
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator);
        Assertions.assertEquals(Integer.MIN_VALUE, this.samlIdPServicesManagerRegisteredServiceLocator.getOrder());
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(".+");
        registeredService.setEvaluationOrder(10);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, ".+");
        samlRegisteredServiceFor.setEvaluationOrder(9);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor});
        Collections.sort(wrapList);
        WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
        createService.setAttributes(Map.of("providerId", List.of(createService.getId())));
        Assertions.assertNotNull(this.samlIdPServicesManagerRegisteredServiceLocator.locate(wrapList, createService));
    }

    @Test
    public void verifyReverseOperation() {
        RegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(".+");
        registeredService.setEvaluationOrder(9);
        RegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, ".+");
        samlRegisteredServiceFor.setEvaluationOrder(10);
        this.servicesManager.save(new RegisteredService[]{registeredService, samlRegisteredServiceFor});
        WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
        createService.setAttributes(Map.of("SAMLRequest", List.of(EncodingUtils.encodeBase64(String.format(SAML_AUTHN_REQUEST1, createService.getId())))));
        RegisteredService findServiceBy = this.servicesManager.findServiceBy(createService);
        Assertions.assertNotNull(findServiceBy);
        Assertions.assertTrue(findServiceBy instanceof SamlRegisteredService);
    }

    @Test
    public void verifyEntityIDFilter() {
        MockedStatic mockStatic = Mockito.mockStatic(SamlRegisteredServiceServiceProviderMetadataFacade.class);
        try {
            SamlRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(false, false, false, "urn:abc:def.+");
            samlRegisteredServiceFor.setEvaluationOrder(9);
            this.servicesManager.save(samlRegisteredServiceFor);
            mockStatic.when(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.any(), Mockito.anyString());
            }).thenCallRealMethod();
            WebApplicationService createService = this.webApplicationServiceFactory.createService("https://sp.testshib.org/shibboleth-sp");
            createService.setAttributes(Map.of("SAMLRequest", List.of(EncodingUtils.encodeBase64(String.format(SAML_AUTHN_REQUEST1, "https://sp.testshib.org/shibboleth-sp")))));
            Assertions.assertNull(this.servicesManager.findServiceBy(createService));
            mockStatic.verify(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.eq(samlRegisteredServiceFor), Mockito.anyString());
            }, Mockito.never());
            SamlRegisteredService samlRegisteredServiceFor2 = getSamlRegisteredServiceFor(false, false, false, ".+");
            samlRegisteredServiceFor2.setEvaluationOrder(10);
            this.servicesManager.save(samlRegisteredServiceFor2);
            Assertions.assertNotNull(this.servicesManager.findServiceBy(createService));
            mockStatic.verify(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.eq(samlRegisteredServiceFor2), (String) Mockito.eq("https://sp.testshib.org/shibboleth-sp"));
            });
            if (mockStatic != null) {
                mockStatic.close();
            }
        } catch (Throwable th) {
            if (mockStatic != null) {
                try {
                    mockStatic.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void verifyMatchWithEncodedParam() {
        MockedStatic mockStatic = Mockito.mockStatic(SamlRegisteredServiceServiceProviderMetadataFacade.class);
        try {
            SamlRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor(".*app.samlclient.edu.*/sp");
            samlRegisteredServiceFor.setEvaluationOrder(4);
            this.servicesManager.save(samlRegisteredServiceFor);
            SamlRegisteredService samlRegisteredServiceFor2 = getSamlRegisteredServiceFor("4464.+");
            samlRegisteredServiceFor2.setMetadataLocation("http://localhost:9428/entities/{0}");
            samlRegisteredServiceFor2.setEvaluationOrder(1000);
            this.servicesManager.save(samlRegisteredServiceFor2);
            mockStatic.when(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.any(), Mockito.anyString());
            }).thenCallRealMethod();
            WebApplicationService webApplicationService = (WebApplicationService) Mockito.mock(WebApplicationService.class);
            Mockito.when(webApplicationService.getId()).thenReturn("https://sso.cas.edu/cas?entityId=https%3A%2F%2Fapp.samlclient.edu%3A9443%2Fsp");
            Mockito.when(webApplicationService.getAttributes()).thenReturn(Map.of("entityId", List.of("https://app.samlclient.edu:9443/sp")));
            Assertions.assertNull(this.servicesManager.findServiceBy(webApplicationService));
            mockStatic.verify(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.eq(samlRegisteredServiceFor2), Mockito.anyString());
            }, Mockito.never());
            mockStatic.verify(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.eq(samlRegisteredServiceFor), Mockito.anyString());
            });
            if (mockStatic != null) {
                mockStatic.close();
            }
        } catch (Throwable th) {
            if (mockStatic != null) {
                try {
                    mockStatic.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void verifyNoSamlService() {
        MockedStatic mockStatic = Mockito.mockStatic(SamlRegisteredServiceServiceProviderMetadataFacade.class);
        try {
            CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService(".*app.samlclient.edu.*/sp");
            registeredService.setEvaluationOrder(4);
            this.servicesManager.save(registeredService);
            mockStatic.when(() -> {
                SamlRegisteredServiceServiceProviderMetadataFacade.get((SamlRegisteredServiceCachingMetadataResolver) Mockito.any(), (SamlRegisteredService) Mockito.any(), Mockito.anyString());
            }).thenCallRealMethod();
            Assertions.assertNull(this.servicesManager.findServiceBy(RegisteredServiceTestUtils.getService("app.samlclient.edu")));
            if (mockStatic != null) {
                mockStatic.close();
            }
        } catch (Throwable th) {
            if (mockStatic != null) {
                try {
                    mockStatic.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void verifyWithSelectionStrategy() throws Exception {
        BaseWebBasedRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("http://localhost:8443/cas/idp/profile/SAML2/Callback.*");
        registeredService.setEvaluationOrder(0);
        BaseWebBasedRegisteredService samlRegisteredServiceFor = getSamlRegisteredServiceFor("https://sp.testshib.org/shibboleth-sp");
        samlRegisteredServiceFor.setEvaluationOrder(100);
        BaseWebBasedRegisteredService samlRegisteredServiceFor2 = getSamlRegisteredServiceFor(".+");
        samlRegisteredServiceFor2.setMetadataLocation("https://example.org");
        samlRegisteredServiceFor2.setEvaluationOrder(1000);
        List wrapList = CollectionUtils.wrapList(new BaseWebBasedRegisteredService[]{registeredService, samlRegisteredServiceFor, samlRegisteredServiceFor2});
        this.servicesManager.save((RegisteredService[]) wrapList.toArray(new RegisteredService[0]));
        Collections.sort(wrapList);
        URIBuilder uRIBuilder = new URIBuilder("http://localhost:8443/cas/idp/profile/SAML2/Callback?entityId=https%3A%2F%2Fsp.testshib.org%2Fshibboleth-sp");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("http://localhost:8443/cas/idp/profile/SAML2/Callback");
        uRIBuilder.getQueryParams().forEach(nameValuePair -> {
            mockHttpServletRequest.addParameter(nameValuePair.getName(), nameValuePair.getValue());
        });
        RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(mockHttpServletRequest, new MockHttpServletResponse()));
        WebApplicationService createService = this.webApplicationServiceFactory.createService(uRIBuilder.toString());
        Assertions.assertFalse(createService.getAttributes().isEmpty());
        Service resolveServiceFrom = new SamlIdPEntityIdAuthenticationServiceSelectionStrategy(this.servicesManager, this.webApplicationServiceFactory, "http://localhost:8443/cas").resolveServiceFrom(createService);
        Assertions.assertNotNull(resolveServiceFrom);
        Assertions.assertFalse(resolveServiceFrom.getAttributes().isEmpty());
        Assertions.assertEquals(samlRegisteredServiceFor, this.servicesManager.findServiceBy(resolveServiceFrom));
    }
}
