package org.apereo.cas.web.security.authentication;

import java.util.Collections;
import org.apereo.cas.util.junit.ConditionalIgnore;
import org.apereo.cas.util.junit.RunningContinuousIntegrationCondition;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.test.context.TestPropertySource;

@ConditionalIgnore(condition = RunningContinuousIntegrationCondition.class)
@TestPropertySource(properties = {"cas.monitor.endpoints.ldap.ldapAuthz.roleAttribute=roomNumber", "cas.monitor.endpoints.ldap.ldapAuthz.searchFilter=cn={user}", "cas.monitor.endpoints.ldap.ldapAuthz.baseDn=ou=people,dc=example,dc=org", "cas.monitor.endpoints.ldap.ldapAuthz.rolePrefix=ROLE_"})
/* loaded from: input_file:org/apereo/cas/web/security/authentication/MonitorEndpointLdapAuthenticationProviderRolesBasedTests.class */
public class MonitorEndpointLdapAuthenticationProviderRolesBasedTests extends BaseMonitorEndpointLdapAuthenticationProviderTests {
    @Test
    public void verifyAuthorizedByRole() {
        SecurityProperties securityProperties = new SecurityProperties();
        securityProperties.getUser().setRoles(Collections.singletonList("ROLE_888"));
        Assert.assertNotNull(new MonitorEndpointLdapAuthenticationProvider(this.casProperties.getMonitor().getEndpoints().getLdap(), securityProperties).authenticate(new UsernamePasswordAuthenticationToken("authzcas", "123456")));
    }

    @Test
    public void verifyUnauthorizedByRole() {
        SecurityProperties securityProperties = new SecurityProperties();
        securityProperties.getUser().setRoles(Collections.singletonList("SOME_BAD_ROLE"));
        MonitorEndpointLdapAuthenticationProvider monitorEndpointLdapAuthenticationProvider = new MonitorEndpointLdapAuthenticationProvider(this.casProperties.getMonitor().getEndpoints().getLdap(), securityProperties);
        this.thrown.expect(BadCredentialsException.class);
        monitorEndpointLdapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("authzcas", "123456"));
    }

    @Test
    public void verifyUserNotFound() {
        SecurityProperties securityProperties = new SecurityProperties();
        securityProperties.getUser().setRoles(Collections.singletonList("SOME_BAD_ROLE"));
        MonitorEndpointLdapAuthenticationProvider monitorEndpointLdapAuthenticationProvider = new MonitorEndpointLdapAuthenticationProvider(this.casProperties.getMonitor().getEndpoints().getLdap(), securityProperties);
        this.thrown.expect(BadCredentialsException.class);
        monitorEndpointLdapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("UNKNOWN_USER", "123456"));
    }

    @Test
    public void verifyUserBadPassword() {
        SecurityProperties securityProperties = new SecurityProperties();
        securityProperties.getUser().setRoles(Collections.singletonList("SOME_BAD_ROLE"));
        MonitorEndpointLdapAuthenticationProvider monitorEndpointLdapAuthenticationProvider = new MonitorEndpointLdapAuthenticationProvider(this.casProperties.getMonitor().getEndpoints().getLdap(), securityProperties);
        this.thrown.expect(BadCredentialsException.class);
        monitorEndpointLdapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("authzcas", "BAD_PASSWORD"));
    }
}
