package org.apereo.cas.ws.idp.services;

import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.cxf.binding.soap.SoapFault;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apereo.cas.BaseCoreWsSecurityIdentityProviderConfigurationTests;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.SecurityTokenServiceClient;
import org.apereo.cas.authentication.SecurityTokenServiceClientBuilder;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ws.idp.WSFederationClaims;
import org.apereo.cas.ws.idp.web.WSFederationRequest;
import org.jasig.cas.client.authentication.AttributePrincipalImpl;
import org.jasig.cas.client.validation.Assertion;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.TestConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Import;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.test.context.TestPropertySource;
import org.w3c.dom.Element;

@Tag("WSFederation")
@Import({DefaultRelyingPartyTokenProducerTestConfiguration.class})
@TestPropertySource(properties = {"cas.authn.wsfed-idp.sts.custom-claims=my-custom-claim,second-custom-claim"})
/* loaded from: input_file:org/apereo/cas/ws/idp/services/DefaultRelyingPartyTokenProducerTests.class */
public class DefaultRelyingPartyTokenProducerTests extends BaseCoreWsSecurityIdentityProviderConfigurationTests {

    @Autowired
    @Qualifier("wsFederationRelyingPartyTokenProducer")
    private WSFederationRelyingPartyTokenProducer wsFederationRelyingPartyTokenProducer;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @TestConfiguration(value = "DefaultRelyingPartyTokenProducerTestConfiguration", proxyBeanMethods = false)
    /* loaded from: input_file:org/apereo/cas/ws/idp/services/DefaultRelyingPartyTokenProducerTests$DefaultRelyingPartyTokenProducerTestConfiguration.class */
    public static class DefaultRelyingPartyTokenProducerTestConfiguration {
        @Bean
        public SecurityTokenServiceClientBuilder securityTokenServiceClientBuilder() throws Exception {
            SecurityTokenServiceClient securityTokenServiceClient = (SecurityTokenServiceClient) Mockito.mock(SecurityTokenServiceClient.class);
            SecurityTokenServiceClientBuilder securityTokenServiceClientBuilder = (SecurityTokenServiceClientBuilder) Mockito.mock(SecurityTokenServiceClientBuilder.class);
            Mockito.when(securityTokenServiceClientBuilder.buildClientForRelyingPartyTokenResponses((SecurityToken) Mockito.any(SecurityToken.class), (WSFederationRegisteredService) Mockito.any(WSFederationRegisteredService.class))).thenReturn(securityTokenServiceClient);
            Mockito.when(securityTokenServiceClient.getProperties()).thenReturn(new HashMap(0));
            Element createElement = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument().createElement("SecurityToken");
            createElement.setAttribute("id", "abcdefgh123456");
            Mockito.when(securityTokenServiceClient.requestSecurityTokenResponse((String) ArgumentMatchers.eq("CAS"))).thenReturn(createElement);
            Mockito.when(securityTokenServiceClient.requestSecurityTokenResponse((String) ArgumentMatchers.eq("FatalError"))).thenThrow(new Throwable[]{new SoapFault("error", SoapFault.FAULT_CODE_SERVER)});
            Mockito.when(securityTokenServiceClient.requestSecurityTokenResponse((String) ArgumentMatchers.eq("RequestFailed"))).thenThrow(new Throwable[]{new SoapFault("error", new QName("RequestFailed"))});
            return securityTokenServiceClientBuilder;
        }
    }

    @Test
    public void verifyFailsOperation() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        WSFederationRegisteredService wSFederationRegisteredService = new WSFederationRegisteredService();
        wSFederationRegisteredService.setRealm("CAS");
        wSFederationRegisteredService.setServiceId("http://app.example.org/wsfed-idp");
        wSFederationRegisteredService.setName("WSFED App");
        wSFederationRegisteredService.setId(100L);
        wSFederationRegisteredService.setAppliesTo("FatalError");
        wSFederationRegisteredService.setWsdlLocation("classpath:wsdl/ws-trust-1.4-service.wsdl");
        this.servicesManager.save(wSFederationRegisteredService);
        AttributePrincipalImpl attributePrincipalImpl = new AttributePrincipalImpl("casuser", CoreAuthenticationTestUtils.getAttributes());
        Assertion assertion = (Assertion) Mockito.mock(Assertion.class);
        Mockito.when(assertion.getPrincipal()).thenReturn(attributePrincipalImpl);
        SecurityToken securityToken = (SecurityToken) Mockito.mock(SecurityToken.class);
        Assertions.assertThrows(SoapFault.class, () -> {
            this.wsFederationRelyingPartyTokenProducer.produce(securityToken, wSFederationRegisteredService, WSFederationRequest.of(mockHttpServletRequest), mockHttpServletRequest, assertion);
        });
    }

    @Test
    public void verifyRequestFailsOperation() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        WSFederationRegisteredService wSFederationRegisteredService = new WSFederationRegisteredService();
        wSFederationRegisteredService.setRealm("CAS");
        wSFederationRegisteredService.setServiceId("http://app.example.org/wsfed-idp");
        wSFederationRegisteredService.setName("WSFED App");
        wSFederationRegisteredService.setId(100L);
        wSFederationRegisteredService.setAppliesTo("RequestFailed");
        wSFederationRegisteredService.setWsdlLocation("classpath:wsdl/ws-trust-1.4-service.wsdl");
        this.servicesManager.save(wSFederationRegisteredService);
        AttributePrincipalImpl attributePrincipalImpl = new AttributePrincipalImpl("casuser", CoreAuthenticationTestUtils.getAttributes());
        Assertion assertion = (Assertion) Mockito.mock(Assertion.class);
        Mockito.when(assertion.getPrincipal()).thenReturn(attributePrincipalImpl);
        SecurityToken securityToken = (SecurityToken) Mockito.mock(SecurityToken.class);
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            this.wsFederationRelyingPartyTokenProducer.produce(securityToken, wSFederationRegisteredService, WSFederationRequest.of(mockHttpServletRequest), mockHttpServletRequest, assertion);
        });
    }

    @Test
    public void verifyOperation() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        WSFederationRegisteredService wSFederationRegisteredService = new WSFederationRegisteredService();
        wSFederationRegisteredService.setRealm("CAS");
        wSFederationRegisteredService.setServiceId("http://app.example.org/wsfed-idp");
        wSFederationRegisteredService.setName("WSFED App");
        wSFederationRegisteredService.setId(100L);
        wSFederationRegisteredService.setAppliesTo("CAS");
        wSFederationRegisteredService.setWsdlLocation("classpath:wsdl/ws-trust-1.4-service.wsdl");
        this.servicesManager.save(wSFederationRegisteredService);
        Map attributes = CoreAuthenticationTestUtils.getAttributes();
        attributes.put(WSFederationClaims.COMMON_NAME.name(), List.of("common-name-wsfed"));
        attributes.put(WSFederationClaims.GIVEN_NAME.getUri(), List.of("common-name-wsfed"));
        attributes.put("my-custom-claim", List.of("custom-claim-value"));
        AttributePrincipalImpl attributePrincipalImpl = new AttributePrincipalImpl("casuser", attributes);
        Assertion assertion = (Assertion) Mockito.mock(Assertion.class);
        Mockito.when(assertion.getPrincipal()).thenReturn(attributePrincipalImpl);
        Assertions.assertEquals("<SecurityToken id=\"abcdefgh123456\"/>", this.wsFederationRelyingPartyTokenProducer.produce((SecurityToken) Mockito.mock(SecurityToken.class), wSFederationRegisteredService, WSFederationRequest.of(mockHttpServletRequest), mockHttpServletRequest, assertion));
    }
}
