package org.apereo.cas.web.security.authentication;

import java.util.UUID;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.test.CasTestExtension;
import org.apereo.cas.util.MockRequestContext;
import org.apereo.cas.web.flow.CasDefaultFlowUrlHandler;
import org.apereo.cas.web.flow.executor.CasFlowExecutor;
import org.apereo.cas.web.security.BaseWebSecurityTests;
import org.apereo.cas.web.support.WebUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.security.core.context.DeferredSecurityContext;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.FlowExecution;
import org.springframework.webflow.execution.FlowExecutionKey;
import org.springframework.webflow.execution.repository.FlowExecutionRepository;
import org.springframework.webflow.executor.FlowExecutor;

@Tag("Webflow")
@ExtendWith({CasTestExtension.class})
@SpringBootTest(classes = {WebflowTestConfiguration.class, BaseWebSecurityTests.SharedTestConfiguration.class})
/* loaded from: input_file:org/apereo/cas/web/security/authentication/CasWebflowSecurityContextRepositoryTests.class */
class CasWebflowSecurityContextRepositoryTests {
    private static final String USERNAME = UUID.randomUUID().toString();

    @Autowired
    private ConfigurableApplicationContext applicationContext;

    @Autowired
    @Qualifier("securityContextRepository")
    private SecurityContextRepository securityContextRepository;

    @TestConfiguration(proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/web/security/authentication/CasWebflowSecurityContextRepositoryTests$WebflowTestConfiguration.class */
    static class WebflowTestConfiguration {
        WebflowTestConfiguration() {
        }

        @Bean
        public FlowExecutor loginFlowExecutor() {
            LocalAttributeMap localAttributeMap = new LocalAttributeMap();
            WebUtils.putAuthentication(CoreAuthenticationTestUtils.getAuthentication(CasWebflowSecurityContextRepositoryTests.USERNAME), localAttributeMap);
            FlowExecution flowExecution = (FlowExecution) Mockito.mock(FlowExecution.class);
            Mockito.when(flowExecution.getConversationScope()).thenReturn(localAttributeMap);
            CasFlowExecutor casFlowExecutor = (CasFlowExecutor) Mockito.mock(CasFlowExecutor.class);
            FlowExecutionRepository flowExecutionRepository = (FlowExecutionRepository) Mockito.mock(FlowExecutionRepository.class);
            Mockito.when(flowExecutionRepository.parseFlowExecutionKey(Mockito.anyString())).thenReturn((FlowExecutionKey) Mockito.mock(FlowExecutionKey.class));
            Mockito.when(flowExecutionRepository.getFlowExecution((FlowExecutionKey) Mockito.any(FlowExecutionKey.class))).thenReturn(flowExecution);
            Mockito.when(casFlowExecutor.getFlowExecutionRepository()).thenReturn(flowExecutionRepository);
            Mockito.when(casFlowExecutor.getFlowUrlHandler()).thenReturn(new CasDefaultFlowUrlHandler());
            return casFlowExecutor;
        }
    }

    CasWebflowSecurityContextRepositoryTests() {
    }

    @Test
    void verifyNoContext() throws Exception {
        MockRequestContext create = MockRequestContext.create(this.applicationContext);
        Assertions.assertFalse(this.securityContextRepository.containsContext(create.getHttpServletRequest()));
        DeferredSecurityContext loadDeferredContext = this.securityContextRepository.loadDeferredContext(create.getHttpServletRequest());
        Assertions.assertDoesNotThrow(() -> {
            this.securityContextRepository.saveContext((SecurityContext) loadDeferredContext.get(), create.getHttpServletRequest(), create.getHttpServletResponse());
        });
    }

    @Test
    void verifyWebflowAuthenticated() throws Exception {
        MockRequestContext create = MockRequestContext.create(this.applicationContext);
        create.setParameter("execution", UUID.randomUUID().toString());
        Assertions.assertTrue(this.securityContextRepository.containsContext(create.getHttpServletRequest()));
        SecurityContext securityContext = (SecurityContext) this.securityContextRepository.loadDeferredContext(create.getHttpServletRequest()).get();
        Assertions.assertEquals(USERNAME, ((Principal) securityContext.getAuthentication().getPrincipal()).getId());
        Assertions.assertTrue(securityContext.getAuthentication().getAuthorities().size() > 1);
        Assertions.assertTrue(securityContext.getAuthentication().getAuthorities().stream().anyMatch(grantedAuthority -> {
            return "ROLE_USER".equalsIgnoreCase(grantedAuthority.getAuthority());
        }));
    }
}
