package org.apereo.cas.web.view;

import com.google.common.base.Throwables;
import java.security.PrivateKey;
import java.util.Map;
import javax.crypto.Cipher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.support.DefaultCasProtocolAttributeEncoder;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.EncodingUtils;
import org.apereo.cas.util.cipher.NoOpCipherExecutor;
import org.apereo.cas.util.crypto.PrivateKeyFactoryBean;
import org.apereo.cas.web.AbstractServiceValidateControllerTests;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.core.io.ClassPathResource;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockServletContext;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.TestPropertySource;
import org.springframework.web.context.support.GenericWebApplicationContext;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.View;
import org.springframework.web.servlet.support.RequestContext;

@DirtiesContext
@TestPropertySource(properties = {"cas.clearpass.cacheCredential=true", "cas.clearpass.cipherEnabled=false"})
/* loaded from: input_file:org/apereo/cas/web/view/Cas30ResponseViewTests.class */
public class Cas30ResponseViewTests extends AbstractServiceValidateControllerTests {
    private static final Logger LOGGER = LoggerFactory.getLogger(Cas30ResponseViewTests.class);

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Autowired
    @Qualifier("cas3ServiceJsonView")
    private View cas3ServiceJsonView;

    @Autowired
    @Qualifier("cas3SuccessView")
    private View cas3SuccessView;

    @Autowired
    @Qualifier("cas3ServiceFailureView")
    private View cas3ServiceFailureView;

    @Before
    public void setUp() {
        this.serviceValidateController.setFailureView(this.cas3ServiceFailureView);
        this.serviceValidateController.setSuccessView(this.cas3SuccessView);
        this.serviceValidateController.setJsonView(this.cas3ServiceJsonView);
    }

    private Map<?, ?> renderView() throws Exception {
        ModelAndView modelAndViewUponServiceValidationWithSecurePgtUrl = getModelAndViewUponServiceValidationWithSecurePgtUrl();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest(new MockServletContext());
        mockHttpServletRequest.setAttribute(RequestContext.WEB_APPLICATION_CONTEXT_ATTRIBUTE, new GenericWebApplicationContext(mockHttpServletRequest.getServletContext()));
        new Cas30ResponseView(true, new DefaultCasProtocolAttributeEncoder(this.servicesManager, NoOpCipherExecutor.getInstance()), this.servicesManager, "attribute", new View() { // from class: org.apereo.cas.web.view.Cas30ResponseViewTests.1
            public String getContentType() {
                return "text/html";
            }

            public void render(Map<String, ?> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
                httpServletRequest.getClass();
                map.forEach(httpServletRequest::setAttribute);
            }
        }, true).render(modelAndViewUponServiceValidationWithSecurePgtUrl.getModel(), mockHttpServletRequest, new MockHttpServletResponse());
        return (Map) mockHttpServletRequest.getAttribute("attributes");
    }

    @Test
    public void verifyViewAuthnAttributes() throws Exception {
        Map<?, ?> renderView = renderView();
        Assert.assertTrue(renderView.containsKey("authenticationDate"));
        Assert.assertTrue(renderView.containsKey("isFromNewLogin"));
        Assert.assertTrue(renderView.containsKey("longTermAuthenticationRequestTokenUsed"));
    }

    @Test
    public void verifyPasswordAsAuthenticationAttributeCanDecrypt() throws Exception {
        Map<?, ?> renderView = renderView();
        Assert.assertTrue(renderView.containsKey("credential"));
        Assert.assertEquals(decryptCredential((String) renderView.get("credential")), CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword().getPassword());
    }

    @Test
    public void verifyProxyGrantingTicketAsAuthenticationAttributeCanDecrypt() throws Exception {
        Map<?, ?> renderView = renderView();
        Assert.assertTrue(renderView.containsKey("proxyGrantingTicket"));
        Assert.assertNotNull(decryptCredential((String) renderView.get("proxyGrantingTicket")));
    }

    private String decryptCredential(String str) {
        try {
            PrivateKeyFactoryBean privateKeyFactoryBean = new PrivateKeyFactoryBean();
            privateKeyFactoryBean.setAlgorithm("RSA");
            privateKeyFactoryBean.setLocation(new ClassPathResource("RSA1024Private.p8"));
            privateKeyFactoryBean.setSingleton(false);
            PrivateKey privateKey = (PrivateKey) privateKeyFactoryBean.getObject();
            LOGGER.debug("Initializing cipher based on [{}]", privateKey.getAlgorithm());
            Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
            LOGGER.debug("Decoding value [{}]", str);
            byte[] decodeBase64 = EncodingUtils.decodeBase64(str);
            LOGGER.debug("Initializing decrypt-mode via private key [{}]", privateKey.getAlgorithm());
            cipher.init(2, privateKey);
            return new String(cipher.doFinal(decodeBase64));
        } catch (Exception e) {
            throw Throwables.propagate(e);
        }
    }
}
