package org.apereo.cas.uma.web.controllers.claims;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.time.Clock;
import java.time.ZonedDateTime;
import java.util.HashMap;
import java.util.UUID;
import org.apache.commons.lang3.tuple.Triple;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.expiration.NeverExpiresExpirationPolicy;
import org.apereo.cas.uma.ticket.permission.UmaPermissionTicket;
import org.apereo.cas.uma.web.controllers.BaseUmaEndpointControllerTests;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.springframework.web.servlet.view.RedirectView;

@Tag("UMA")
/* loaded from: input_file:org/apereo/cas/uma/web/controllers/claims/UmaRequestingPartyClaimsCollectionEndpointControllerTests.class */
class UmaRequestingPartyClaimsCollectionEndpointControllerTests extends BaseUmaEndpointControllerTests {
    UmaRequestingPartyClaimsCollectionEndpointControllerTests() {
    }

    @Test
    void verifyOp() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        OAuthRegisteredService registeredService = getRegisteredService(uuid, "secret");
        this.servicesManager.save(registeredService);
        Triple<HttpServletRequest, HttpServletResponse, String> authenticateUmaRequestWithProtectionScope = authenticateUmaRequestWithProtectionScope();
        String uuid2 = UUID.randomUUID().toString();
        this.ticketRegistry.addTicket(getUmaPermissionTicket(uuid2));
        Assertions.assertInstanceOf(RedirectView.class, this.umaRequestingPartyClaimsCollectionEndpointController.getClaims(uuid, registeredService.getServiceId(), uuid2, "state", (HttpServletRequest) authenticateUmaRequestWithProtectionScope.getLeft(), (HttpServletResponse) authenticateUmaRequestWithProtectionScope.getMiddle()));
    }

    private static UmaPermissionTicket getUmaPermissionTicket(String str) {
        UmaPermissionTicket umaPermissionTicket = (UmaPermissionTicket) Mockito.mock(UmaPermissionTicket.class);
        Mockito.when(umaPermissionTicket.getId()).thenReturn(str);
        Mockito.when(Boolean.valueOf(umaPermissionTicket.isExpired())).thenReturn(Boolean.FALSE);
        Mockito.when(umaPermissionTicket.getClaims()).thenReturn(new HashMap());
        Mockito.when(umaPermissionTicket.getCreationTime()).thenReturn(ZonedDateTime.now(Clock.systemUTC()));
        Mockito.when(umaPermissionTicket.getExpirationPolicy()).thenReturn(NeverExpiresExpirationPolicy.INSTANCE);
        return umaPermissionTicket;
    }

    @Test
    void verifyInvalidRedirect() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        this.servicesManager.save(getRegisteredService(uuid, "secret"));
        Triple<HttpServletRequest, HttpServletResponse, String> authenticateUmaRequestWithProtectionScope = authenticateUmaRequestWithProtectionScope();
        String uuid2 = UUID.randomUUID().toString();
        this.ticketRegistry.addTicket(getUmaPermissionTicket(uuid2));
        Assertions.assertThrows(UnauthorizedServiceException.class, () -> {
            this.umaRequestingPartyClaimsCollectionEndpointController.getClaims(uuid, "bad-redirect", uuid2, "state", (HttpServletRequest) authenticateUmaRequestWithProtectionScope.getLeft(), (HttpServletResponse) authenticateUmaRequestWithProtectionScope.getMiddle());
        });
    }

    @Test
    void verifyInvalidTicket() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        OAuthRegisteredService registeredService = getRegisteredService(uuid, "secret");
        this.servicesManager.save(registeredService);
        Triple<HttpServletRequest, HttpServletResponse, String> authenticateUmaRequestWithProtectionScope = authenticateUmaRequestWithProtectionScope();
        String uuid2 = UUID.randomUUID().toString();
        UmaPermissionTicket umaPermissionTicket = getUmaPermissionTicket(uuid2);
        Mockito.when(Boolean.valueOf(umaPermissionTicket.isExpired())).thenReturn(Boolean.TRUE);
        this.ticketRegistry.addTicket(umaPermissionTicket);
        Assertions.assertThrows(InvalidTicketException.class, () -> {
            this.umaRequestingPartyClaimsCollectionEndpointController.getClaims(uuid, registeredService.getServiceId(), uuid2, "state", (HttpServletRequest) authenticateUmaRequestWithProtectionScope.getLeft(), (HttpServletResponse) authenticateUmaRequestWithProtectionScope.getMiddle());
        });
    }
}
