package org.apereo.cas.support.saml.web.idp.profile.ecp;

import java.nio.charset.StandardCharsets;
import java.util.Objects;
import java.util.UUID;
import org.apereo.cas.support.saml.BaseSamlIdPConfigurationTests;
import org.apereo.cas.support.saml.SamlUtils;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.util.HttpUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.Issuer;
import org.opensaml.soap.soap11.Body;
import org.opensaml.soap.soap11.Envelope;
import org.opensaml.soap.soap11.FaultString;
import org.opensaml.soap.soap11.Header;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpHeaders;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("SAML2Web")
/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/profile/ecp/ECPSamlIdPProfileHandlerControllerTests.class */
public class ECPSamlIdPProfileHandlerControllerTests extends BaseSamlIdPConfigurationTests {

    @Autowired
    @Qualifier("ecpProfileHandlerController")
    private ECPSamlIdPProfileHandlerController controller;
    private SamlRegisteredService samlRegisteredService;

    @BeforeEach
    public void beforeEach() {
        this.servicesManager.deleteAll();
        this.samlRegisteredService = getSamlRegisteredServiceFor(false, false, false, "https://cassp.example.org");
        this.servicesManager.save(this.samlRegisteredService);
    }

    @Test
    public void verifyOK() throws Exception {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setMethod("POST");
        mockHttpServletRequest.setContentType("text/xml");
        HttpHeaders createBasicAuthHeaders = HttpUtils.createBasicAuthHeaders("casuser", "casuser");
        Objects.requireNonNull(mockHttpServletRequest);
        createBasicAuthHeaders.forEach((v1, v2) -> {
            r1.addHeader(v1, v2);
        });
        mockHttpServletRequest.setContent(SamlUtils.transformSamlObject(this.openSamlConfigBean, getEnvelope(this.samlRegisteredService.getServiceId())).toString().getBytes(StandardCharsets.UTF_8));
        this.controller.handleEcpRequest(mockHttpServletResponse, mockHttpServletRequest);
        Assertions.assertEquals(200, mockHttpServletResponse.getStatus());
    }

    @Test
    public void verifyBadAuthn() throws Exception {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setMethod("POST");
        mockHttpServletRequest.setContentType("text/xml");
        HttpHeaders createBasicAuthHeaders = HttpUtils.createBasicAuthHeaders("xyz", "123");
        Objects.requireNonNull(mockHttpServletRequest);
        createBasicAuthHeaders.forEach((v1, v2) -> {
            r1.addHeader(v1, v2);
        });
        mockHttpServletRequest.setContent(SamlUtils.transformSamlObject(this.openSamlConfigBean, getEnvelope(this.samlRegisteredService.getServiceId())).toString().getBytes(StandardCharsets.UTF_8));
        this.controller.handleEcpRequest(mockHttpServletResponse, mockHttpServletRequest);
        Assertions.assertEquals(200, mockHttpServletResponse.getStatus());
        Assertions.assertNotNull(mockHttpServletRequest.getAttribute("samlError"));
        Assertions.assertNotNull(mockHttpServletRequest.getAttribute(FaultString.class.getSimpleName()));
    }

    @Test
    public void verifyNoCredentials() throws Exception {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setMethod("POST");
        mockHttpServletRequest.setContentType("text/xml");
        mockHttpServletRequest.setContent(SamlUtils.transformSamlObject(this.openSamlConfigBean, getEnvelope(this.samlRegisteredService.getServiceId())).toString().getBytes(StandardCharsets.UTF_8));
        this.controller.handleEcpRequest(mockHttpServletResponse, mockHttpServletRequest);
        Assertions.assertEquals(401, mockHttpServletResponse.getStatus());
    }

    @Test
    public void verifyFailures() throws Exception {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        HttpHeaders createBasicAuthHeaders = HttpUtils.createBasicAuthHeaders("casuser", "casuser");
        Objects.requireNonNull(mockHttpServletRequest);
        createBasicAuthHeaders.forEach((v1, v2) -> {
            r1.addHeader(v1, v2);
        });
        mockHttpServletRequest.setMethod("POST");
        mockHttpServletRequest.setContentType("text/xml");
        this.controller.handleEcpRequest(mockHttpServletResponse, mockHttpServletRequest);
        Assertions.assertEquals(200, mockHttpServletResponse.getStatus());
        mockHttpServletRequest.setContent(SamlUtils.transformSamlObject(this.openSamlConfigBean, getEnvelope(UUID.randomUUID().toString())).toString().getBytes(StandardCharsets.UTF_8));
        this.controller.handleEcpRequest(mockHttpServletResponse, mockHttpServletRequest);
        Assertions.assertEquals(200, mockHttpServletResponse.getStatus());
        Assertions.assertNotNull(mockHttpServletRequest.getAttribute("samlError"));
        Assertions.assertNotNull(mockHttpServletRequest.getAttribute(FaultString.class.getSimpleName()));
    }

    private Envelope getEnvelope(String str) {
        Envelope buildObject = this.openSamlConfigBean.getBuilderFactory().getBuilder(Envelope.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject.setHeader(this.openSamlConfigBean.getBuilderFactory().getBuilder(Header.DEFAULT_ELEMENT_NAME).buildObject());
        Body buildObject2 = this.openSamlConfigBean.getBuilderFactory().getBuilder(Body.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject2.getUnknownXMLObjects().add(getAuthnRequest(str));
        buildObject.setBody(buildObject2);
        return buildObject;
    }

    private AuthnRequest getAuthnRequest(String str) {
        AuthnRequest buildObject = this.openSamlConfigBean.getBuilderFactory().getBuilder(AuthnRequest.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject.setProtocolBinding("urn:oasis:names:tc:SAML:2.0:bindings:PAOS");
        Issuer buildObject2 = this.openSamlConfigBean.getBuilderFactory().getBuilder(Issuer.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject2.setValue(str);
        buildObject.setIssuer(buildObject2);
        return buildObject;
    }
}
