package org.apereo.cas.web;

import java.util.UUID;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.mfa.TestMultifactorAuthenticationProvider;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.util.MockRequestContext;
import org.apereo.cas.web.flow.BaseSamlIdPWebflowTests;
import org.apereo.cas.web.flow.SingleSignOnParticipationRequest;
import org.apereo.cas.web.flow.SingleSignOnParticipationStrategy;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.Issuer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.test.context.TestPropertySource;
import org.springframework.webflow.context.ExternalContextHolder;
import org.springframework.webflow.execution.RequestContextHolder;

@Tag("SAML2")
/* loaded from: input_file:org/apereo/cas/web/SamlIdPSingleSignOnParticipationStrategyTests.class */
class SamlIdPSingleSignOnParticipationStrategyTests {

    @Nested
    /* loaded from: input_file:org/apereo/cas/web/SamlIdPSingleSignOnParticipationStrategyTests$DefaultTests.class */
    class DefaultTests extends BaseSamlIdPWebflowTests {

        @Autowired
        @Qualifier("samlIdPSingleSignOnParticipationStrategy")
        private SingleSignOnParticipationStrategy samlIdPSingleSignOnParticipationStrategy;

        DefaultTests(SamlIdPSingleSignOnParticipationStrategyTests samlIdPSingleSignOnParticipationStrategyTests) {
        }

        @Test
        void verifyParticipation() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            RequestContextHolder.setRequestContext(create);
            ExternalContextHolder.setExternalContext(create.getExternalContext());
            String uuid = UUID.randomUUID().toString();
            SingleSignOnParticipationRequest attribute = SingleSignOnParticipationRequest.builder().httpServletRequest(create.getHttpServletRequest()).httpServletResponse(create.getHttpServletResponse()).requestContext(create).build().attribute(AuthnRequest.class.getName(), getAuthnRequestFor(uuid)).attribute(Issuer.class.getName(), uuid);
            Assertions.assertTrue(this.samlIdPSingleSignOnParticipationStrategy.supports(attribute));
            Assertions.assertTrue(this.samlIdPSingleSignOnParticipationStrategy.isParticipating(attribute));
        }

        @Test
        void verifyForcedAuthn() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            RequestContextHolder.setRequestContext(create);
            ExternalContextHolder.setExternalContext(create.getExternalContext());
            String uuid = UUID.randomUUID().toString();
            AuthnRequest authnRequestFor = getAuthnRequestFor(uuid);
            Mockito.when(authnRequestFor.isForceAuthn()).thenReturn(Boolean.TRUE);
            SingleSignOnParticipationRequest attribute = SingleSignOnParticipationRequest.builder().httpServletRequest(create.getHttpServletRequest()).httpServletResponse(create.getHttpServletResponse()).requestContext(create).build().attribute(AuthnRequest.class.getName(), authnRequestFor).attribute(Issuer.class.getName(), uuid);
            Assertions.assertTrue(this.samlIdPSingleSignOnParticipationStrategy.supports(attribute));
            Assertions.assertFalse(this.samlIdPSingleSignOnParticipationStrategy.isParticipating(attribute));
        }
    }

    @Nested
    @TestPropertySource(properties = {"cas.authn.mfa.triggers.global.global-provider-id=mfa-dummy"})
    /* loaded from: input_file:org/apereo/cas/web/SamlIdPSingleSignOnParticipationStrategyTests$MfaProviderTests.class */
    class MfaProviderTests extends BaseSamlIdPWebflowTests {

        @Autowired
        @Qualifier("samlIdPSingleSignOnParticipationStrategy")
        private SingleSignOnParticipationStrategy samlIdPSingleSignOnParticipationStrategy;

        MfaProviderTests(SamlIdPSingleSignOnParticipationStrategyTests samlIdPSingleSignOnParticipationStrategyTests) {
        }

        @Test
        void verifyMfaProviderFailsContext() throws Throwable {
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            RequestContextHolder.setRequestContext(create);
            ExternalContextHolder.setExternalContext(create.getExternalContext());
            TestMultifactorAuthenticationProvider.registerProviderIntoApplicationContext(this.applicationContext);
            String uuid = UUID.randomUUID().toString();
            Assertions.assertFalse(this.samlIdPSingleSignOnParticipationStrategy.isParticipating(SingleSignOnParticipationRequest.builder().httpServletRequest(create.getHttpServletRequest()).httpServletResponse(create.getHttpServletResponse()).requestContext(create).build().attribute(AuthnRequest.class.getName(), getAuthnRequestFor(uuid)).attribute(Authentication.class.getName(), RegisteredServiceTestUtils.getAuthentication("casuser")).attribute(Issuer.class.getName(), uuid)));
        }
    }

    SamlIdPSingleSignOnParticipationStrategyTests() {
    }
}
