package org.apereo.cas.web;

import java.util.List;
import org.apereo.cas.config.CasSamlIdentityProviderDiscoveryAutoConfiguration;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.CasRegisteredService;
import org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy;
import org.apereo.cas.services.DefaultRegisteredServiceDelegatedAuthenticationPolicy;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.web.BaseDelegatedAuthenticationTests;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("SAML2Web")
@EnableConfigurationProperties({CasConfigurationProperties.class})
@SpringBootTest(classes = {BaseDelegatedAuthenticationTests.SharedTestConfiguration.class, CasSamlIdentityProviderDiscoveryAutoConfiguration.class})
/* loaded from: input_file:org/apereo/cas/web/SamlIdentityProviderDiscoveryFeedControllerTests.class */
class SamlIdentityProviderDiscoveryFeedControllerTests {

    @Autowired
    @Qualifier("identityProviderDiscoveryFeedController")
    private SamlIdentityProviderDiscoveryFeedController controller;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    SamlIdentityProviderDiscoveryFeedControllerTests() {
    }

    @Test
    void verifyFeed() throws Throwable {
        Assertions.assertFalse(this.controller.getDiscoveryFeed().isEmpty());
        Assertions.assertNotNull(this.controller.home());
        Assertions.assertNotNull(this.controller.redirect("https://cas.example.org/idp", new MockHttpServletRequest(), new MockHttpServletResponse()));
        Assertions.assertThrows(UnauthorizedServiceException.class, () -> {
            MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
            mockHttpServletRequest.addParameter("service", "https://service.example");
            DefaultRegisteredServiceAccessStrategy defaultRegisteredServiceAccessStrategy = new DefaultRegisteredServiceAccessStrategy();
            DefaultRegisteredServiceDelegatedAuthenticationPolicy defaultRegisteredServiceDelegatedAuthenticationPolicy = new DefaultRegisteredServiceDelegatedAuthenticationPolicy();
            defaultRegisteredServiceDelegatedAuthenticationPolicy.setAllowedProviders(List.of("OtherClient"));
            defaultRegisteredServiceDelegatedAuthenticationPolicy.setPermitUndefined(false);
            defaultRegisteredServiceAccessStrategy.setDelegatedAuthenticationPolicy(defaultRegisteredServiceDelegatedAuthenticationPolicy);
            CasRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("https://service.example");
            registeredService.setAccessStrategy(defaultRegisteredServiceAccessStrategy);
            this.servicesManager.save(registeredService);
            this.controller.redirect("https://cas.example.org/idp", mockHttpServletRequest, new MockHttpServletResponse());
        });
    }
}
