package org.apereo.cas.ws.idp.services;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Map;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.config.CasCoreUtilConfiguration;
import org.apereo.cas.services.CasRegisteredService;
import org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.serialization.JacksonObjectMapperFactory;
import org.apereo.cas.ws.idp.WSFederationClaims;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.core.io.ClassPathResource;

@Tag("WSFederation")
@SpringBootTest(classes = {RefreshAutoConfiguration.class, CasCoreUtilConfiguration.class})
/* loaded from: input_file:org/apereo/cas/ws/idp/services/WSFederationClaimsReleasePolicyTests.class */
public class WSFederationClaimsReleasePolicyTests {
    private static final File JSON_FILE = new File(FileUtils.getTempDirectoryPath(), "WSFederationClaimsReleasePolicyTests.json");
    private static final ObjectMapper MAPPER = JacksonObjectMapperFactory.builder().defaultTypingEnabled(true).build().toObjectMapper();

    @Test
    public void verifyAttributeReleaseNone() {
        CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("verifyAttributeRelease");
        Assertions.assertTrue(new WSFederationClaimsReleasePolicy(CollectionUtils.wrap("uid", "casuser", "cn", "CAS")).getAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("uid", "casuser", "cn", "CAS", "givenName", "CAS User"))).build()).isEmpty());
    }

    @Test
    public void verifyAttributeReleaseInlineGroovy() {
        CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("verifyAttributeRelease");
        Map attributes = new WSFederationClaimsReleasePolicy(CollectionUtils.wrap(WSFederationClaims.EMAIL_ADDRESS_2005.name(), "groovy { return attributes['cn'][0] + '@example.org' }")).getAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", "casuser"))).build());
        Assertions.assertFalse(attributes.isEmpty());
        Assertions.assertTrue(attributes.containsKey(WSFederationClaims.EMAIL_ADDRESS_2005.getUri()));
        Assertions.assertEquals(List.of("casuser@example.org"), attributes.get(WSFederationClaims.EMAIL_ADDRESS_2005.getUri()));
    }

    @Test
    public void verifyAttributeReleaseScriptGroovy() throws Exception {
        File file = new File(FileUtils.getTempDirectoryPath(), "script.groovy");
        FileUtils.write(file, IOUtils.toString(new ClassPathResource("wsfed-attr.groovy").getInputStream(), StandardCharsets.UTF_8), StandardCharsets.UTF_8);
        CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("verifyAttributeRelease");
        Map attributes = new WSFederationClaimsReleasePolicy(CollectionUtils.wrap(WSFederationClaims.EMAIL_ADDRESS_2005.name(), "file:" + file.getCanonicalPath())).getAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", "casuser"))).build());
        Assertions.assertFalse(attributes.isEmpty());
        Assertions.assertTrue(attributes.containsKey(WSFederationClaims.EMAIL_ADDRESS_2005.getUri()));
        Assertions.assertEquals(List.of("casuser@example.org"), attributes.get(WSFederationClaims.EMAIL_ADDRESS_2005.getUri()));
    }

    @Test
    public void verifyAttributeRelease() {
        CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("verifyAttributeRelease");
        WSFederationClaimsReleasePolicy wSFederationClaimsReleasePolicy = new WSFederationClaimsReleasePolicy(CollectionUtils.wrap(WSFederationClaims.COMMON_NAME.name(), "cn", WSFederationClaims.EMAIL_ADDRESS.name(), "email", WSFederationClaims.GROUP.name(), "unkown", WSFederationClaims.EMAIL_ADDRESS_2005.name(), "unknown"));
        Assertions.assertFalse(wSFederationClaimsReleasePolicy.getAllowedAttributes().isEmpty());
        Map attributes = wSFederationClaimsReleasePolicy.getAttributes(RegisteredServiceAttributeReleasePolicyContext.builder().registeredService(registeredService).service(CoreAuthenticationTestUtils.getService()).principal(CoreAuthenticationTestUtils.getPrincipal("casuser", CollectionUtils.wrap("cn", "casuser", "email", "cas@example.org", WSFederationClaims.EMAIL_ADDRESS_2005.getUri(), "cas2005@example.org"))).build());
        Assertions.assertSame(3, Integer.valueOf(attributes.size()));
        Assertions.assertTrue(attributes.containsKey(WSFederationClaims.COMMON_NAME.getUri()));
        Assertions.assertTrue(attributes.containsKey(WSFederationClaims.EMAIL_ADDRESS.getUri()));
        Assertions.assertTrue(attributes.containsKey(WSFederationClaims.EMAIL_ADDRESS_2005.getUri()));
        Assertions.assertEquals(CollectionUtils.wrapArrayList(new String[]{"casuser"}), (List) attributes.get(WSFederationClaims.COMMON_NAME.getUri()));
        Assertions.assertEquals(CollectionUtils.wrapArrayList(new String[]{"cas@example.org"}), (List) attributes.get(WSFederationClaims.EMAIL_ADDRESS.getUri()));
    }

    @Test
    public void verifySerializePolicyToJson() throws IOException {
        WSFederationClaimsReleasePolicy wSFederationClaimsReleasePolicy = new WSFederationClaimsReleasePolicy(CollectionUtils.wrap(WSFederationClaims.COMMON_NAME.name(), "cn", WSFederationClaims.EMAIL_ADDRESS.name(), "email"));
        MAPPER.writeValue(JSON_FILE, wSFederationClaimsReleasePolicy);
        Assertions.assertEquals(wSFederationClaimsReleasePolicy, (WSFederationClaimsReleasePolicy) MAPPER.readValue(JSON_FILE, WSFederationClaimsReleasePolicy.class));
    }
}
