package org.apereo.cas.web.flow.delegation;

import java.util.List;
import org.apereo.cas.api.PasswordlessUserAccount;
import org.apereo.cas.configuration.support.TriStateBoolean;
import org.apereo.cas.util.MockRequestContext;
import org.apereo.cas.web.flow.BasePasswordlessAuthenticationActionTests;
import org.apereo.cas.web.flow.BaseWebflowConfigurerTests;
import org.apereo.cas.web.flow.PasswordlessWebflowUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.parallel.Execution;
import org.junit.jupiter.api.parallel.ExecutionMode;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Import;
import org.springframework.test.context.TestPropertySource;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.execution.Action;
import org.springframework.webflow.test.MockFlowExecutionContext;
import org.springframework.webflow.test.MockFlowSession;

@Tag("WebflowAuthenticationActions")
@Execution(ExecutionMode.SAME_THREAD)
/* loaded from: input_file:org/apereo/cas/web/flow/delegation/PasswordlessDetermineDelegatedAuthenticationActionTests.class */
class PasswordlessDetermineDelegatedAuthenticationActionTests {

    @Nested
    @Import({BaseWebflowConfigurerTests.SharedTestConfiguration.class})
    @TestPropertySource(properties = {"cas.authn.pac4j.cas[0].login-url=https://casserver.herokuapp.com/cas/login", "cas.authn.pac4j.cas[0].protocol=CAS30", "cas.authn.passwordless.accounts.simple.casuser=casuser@example.org", "cas.authn.passwordless.core.delegated-authentication-activated=true", "cas.authn.passwordless.core.delegated-authentication-selector-script.location=classpath:/DelegatedAuthenticationSelectorScript.groovy"})
    /* loaded from: input_file:org/apereo/cas/web/flow/delegation/PasswordlessDetermineDelegatedAuthenticationActionTests$WithClients.class */
    class WithClients extends BasePasswordlessAuthenticationActionTests {

        @Autowired
        @Qualifier("determineDelegatedAuthenticationAction")
        private Action determineDelegatedAuthenticationAction;

        WithClients(PasswordlessDetermineDelegatedAuthenticationActionTests passwordlessDetermineDelegatedAuthenticationActionTests) {
        }

        @Test
        void verifyNoAcct() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            Assertions.assertEquals("error", this.determineDelegatedAuthenticationAction.execute(create).getId());
        }

        @Test
        void verifyAction() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            PasswordlessWebflowUtils.putPasswordlessAuthenticationAccount(create, PasswordlessUserAccount.builder().email("email").phone("phone").username("casuser").name("casuser").build());
            Assertions.assertEquals("prompt", this.determineDelegatedAuthenticationAction.execute(create).getId());
        }

        @Test
        void verifyCantDetermineIdP() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            PasswordlessWebflowUtils.putPasswordlessAuthenticationAccount(create, PasswordlessUserAccount.builder().email("email").phone("phone").username("unknown").name("unknown").build());
            Assertions.assertEquals("success", this.determineDelegatedAuthenticationAction.execute(create).getId());
        }

        @Test
        void verifyActionByUser() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            PasswordlessWebflowUtils.putPasswordlessAuthenticationAccount(create, PasswordlessUserAccount.builder().email("email").phone("phone").delegatedAuthenticationEligible(TriStateBoolean.TRUE).username("casuser").name("casuser").build());
            Assertions.assertEquals("prompt", this.determineDelegatedAuthenticationAction.execute(create).getId());
            Assertions.assertNotNull(create.getHttpServletRequest().getAttribute("client_name"));
        }

        @Test
        void verifyActionByUserDisallowed() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            PasswordlessWebflowUtils.putPasswordlessAuthenticationAccount(create, PasswordlessUserAccount.builder().email("email").phone("phone").delegatedAuthenticationEligible(TriStateBoolean.TRUE).allowedDelegatedClients(List.of("UnknownClient")).username("casuser").name("casuser").build());
            Assertions.assertEquals("success", this.determineDelegatedAuthenticationAction.execute(create).getId());
        }

        @Test
        void verifyAuthInactive() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            PasswordlessWebflowUtils.putPasswordlessAuthenticationAccount(create, PasswordlessUserAccount.builder().email("email").phone("phone").username("casuser").name("casuser").delegatedAuthenticationEligible(TriStateBoolean.FALSE).build());
            Assertions.assertEquals("success", this.determineDelegatedAuthenticationAction.execute(create).getId());
        }
    }

    @Nested
    @Import({BaseWebflowConfigurerTests.SharedTestConfiguration.class})
    @TestPropertySource(properties = {"cas.authn.passwordless.accounts.simple.casuser=casuser@example.org", "cas.authn.passwordless.core.delegated-authentication-activated=true", "cas.authn.passwordless.core.delegated-authentication-selector-script.location=classpath:/DelegatedAuthenticationSelectorScript.groovy"})
    /* loaded from: input_file:org/apereo/cas/web/flow/delegation/PasswordlessDetermineDelegatedAuthenticationActionTests$WithoutClients.class */
    class WithoutClients extends BasePasswordlessAuthenticationActionTests {

        @Autowired
        @Qualifier("determineDelegatedAuthenticationAction")
        private Action determineDelegatedAuthenticationAction;

        WithoutClients(PasswordlessDetermineDelegatedAuthenticationActionTests passwordlessDetermineDelegatedAuthenticationActionTests) {
        }

        @Test
        void verifyNoClients() throws Throwable {
            Flow flow = new Flow("login");
            flow.setApplicationContext(this.applicationContext);
            MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(new MockFlowSession(flow));
            MockRequestContext create = MockRequestContext.create(this.applicationContext);
            create.setFlowExecutionContext(mockFlowExecutionContext);
            PasswordlessWebflowUtils.putPasswordlessAuthenticationAccount(create, PasswordlessUserAccount.builder().email("email").phone("phone").username("casuser").name("casuser").build());
            Assertions.assertEquals("success", this.determineDelegatedAuthenticationAction.execute(create).getId());
        }
    }

    PasswordlessDetermineDelegatedAuthenticationActionTests() {
    }
}
