package org.apereo.cas.authentication;

import java.util.Map;
import org.apereo.cas.authentication.principal.AbstractWebApplicationService;
import org.apereo.cas.authentication.surrogate.BaseSurrogateAuthenticationServiceTests;
import org.apereo.cas.config.CasCoreAuthenticationConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationPrincipalConfiguration;
import org.apereo.cas.config.CasCoreAuthenticationSupportConfiguration;
import org.apereo.cas.config.CasCoreConfiguration;
import org.apereo.cas.config.CasCoreHttpConfiguration;
import org.apereo.cas.config.CasCoreNotificationsConfiguration;
import org.apereo.cas.config.CasCoreServicesConfiguration;
import org.apereo.cas.config.CasCoreTicketCatalogConfiguration;
import org.apereo.cas.config.CasCoreTicketIdGeneratorsConfiguration;
import org.apereo.cas.config.CasCoreTicketsConfiguration;
import org.apereo.cas.config.CasCoreUtilConfiguration;
import org.apereo.cas.config.CasCoreUtilSerializationConfiguration;
import org.apereo.cas.config.CasCoreWebConfiguration;
import org.apereo.cas.config.CasPersonDirectoryTestConfiguration;
import org.apereo.cas.config.CasRegisteredServicesTestConfiguration;
import org.apereo.cas.config.CasRestConfiguration;
import org.apereo.cas.config.SurrogateAuthenticationAuditConfiguration;
import org.apereo.cas.config.SurrogateAuthenticationConfiguration;
import org.apereo.cas.config.SurrogateAuthenticationRestConfiguration;
import org.apereo.cas.config.SurrogateComponentSerializationConfiguration;
import org.apereo.cas.config.support.CasWebApplicationServiceFactoryConfiguration;
import org.apereo.cas.logout.config.CasCoreLogoutConfiguration;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.ServicesManager;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.function.Executable;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;

@Tag("Authentication")
@SpringBootTest(classes = {RefreshAutoConfiguration.class, SurrogateAuthenticationConfiguration.class, SurrogateComponentSerializationConfiguration.class, SurrogateAuthenticationRestConfiguration.class, SurrogateAuthenticationAuditConfiguration.class, CasWebApplicationServiceFactoryConfiguration.class, CasCoreServicesConfiguration.class, CasCoreUtilConfiguration.class, CasCoreTicketIdGeneratorsConfiguration.class, CasCoreWebConfiguration.class, CasRestConfiguration.class, CasRegisteredServicesTestConfiguration.class, CasCoreTicketsConfiguration.class, CasCoreUtilSerializationConfiguration.class, CasCoreAuthenticationConfiguration.class, CasCoreAuthenticationSupportConfiguration.class, CasCoreAuthenticationPrincipalConfiguration.class, CasPersonDirectoryTestConfiguration.class, CasCoreTicketCatalogConfiguration.class, CasCoreHttpConfiguration.class, CasCoreLogoutConfiguration.class, CasCoreNotificationsConfiguration.class, CasCoreConfiguration.class}, properties = {"cas.authn.surrogate.simple.surrogates.casuser=cassurrogate"})
/* loaded from: input_file:org/apereo/cas/authentication/SurrogateAuthenticationPostProcessorTests.class */
public class SurrogateAuthenticationPostProcessorTests {

    @Autowired
    @Qualifier("surrogateAuthenticationPostProcessor")
    private AuthenticationPostProcessor surrogateAuthenticationPostProcessor;

    @Autowired
    @Qualifier("servicesManager")
    private ServicesManager servicesManager;

    @Test
    public void verifySupports() {
        Assertions.assertFalse(this.surrogateAuthenticationPostProcessor.supports(CoreAuthenticationTestUtils.getCredentialsWithSameUsernameAndPassword()));
        Assertions.assertTrue(this.surrogateAuthenticationPostProcessor.supports(new SurrogateUsernamePasswordCredential()));
    }

    @Test
    public void verifySurrogateCredentialNotFound() {
        Credential surrogateUsernamePasswordCredential = new SurrogateUsernamePasswordCredential();
        surrogateUsernamePasswordCredential.setUsername(BaseSurrogateAuthenticationServiceTests.CASUSER);
        surrogateUsernamePasswordCredential.setPassword("Mellon");
        DefaultAuthenticationTransaction of = DefaultAuthenticationTransaction.of(RegisteredServiceTestUtils.getService("service"), new Credential[]{surrogateUsernamePasswordCredential});
        AuthenticationBuilder authenticationBuilder = (AuthenticationBuilder) Mockito.mock(AuthenticationBuilder.class);
        Mockito.when(authenticationBuilder.build()).thenReturn(CoreAuthenticationTestUtils.getAuthentication(new SurrogatePrincipal(CoreAuthenticationTestUtils.getPrincipal(BaseSurrogateAuthenticationServiceTests.CASUSER), CoreAuthenticationTestUtils.getPrincipal("something"))));
        Assertions.assertThrows(AuthenticationException.class, () -> {
            this.surrogateAuthenticationPostProcessor.process(authenticationBuilder, of);
        });
    }

    @Test
    public void verifyProcessorWorks() {
        Credential surrogateUsernamePasswordCredential = new SurrogateUsernamePasswordCredential();
        surrogateUsernamePasswordCredential.setUsername(BaseSurrogateAuthenticationServiceTests.CASUSER);
        surrogateUsernamePasswordCredential.setPassword("Mellon");
        surrogateUsernamePasswordCredential.setSurrogateUsername("cassurrogate");
        final DefaultAuthenticationTransaction of = DefaultAuthenticationTransaction.of(RegisteredServiceTestUtils.getService("https://localhost"), new Credential[]{surrogateUsernamePasswordCredential});
        final AuthenticationBuilder authenticationBuilder = (AuthenticationBuilder) Mockito.mock(AuthenticationBuilder.class);
        Mockito.when(authenticationBuilder.build()).thenReturn(CoreAuthenticationTestUtils.getAuthentication(BaseSurrogateAuthenticationServiceTests.CASUSER));
        Assertions.assertDoesNotThrow(new Executable() { // from class: org.apereo.cas.authentication.SurrogateAuthenticationPostProcessorTests.1
            public void execute() {
                SurrogateAuthenticationPostProcessorTests.this.surrogateAuthenticationPostProcessor.process(authenticationBuilder, of);
            }
        });
    }

    @Test
    public void verifyNoPrimaryCredential() {
        DefaultAuthenticationTransaction of = DefaultAuthenticationTransaction.of(RegisteredServiceTestUtils.getService("service"), new Credential[0]);
        AuthenticationBuilder authenticationBuilder = (AuthenticationBuilder) Mockito.mock(AuthenticationBuilder.class);
        Mockito.when(authenticationBuilder.build()).thenReturn(CoreAuthenticationTestUtils.getAuthentication(new SurrogatePrincipal(CoreAuthenticationTestUtils.getPrincipal(BaseSurrogateAuthenticationServiceTests.CASUSER), CoreAuthenticationTestUtils.getPrincipal("something"))));
        Assertions.assertThrows(AuthenticationException.class, () -> {
            this.surrogateAuthenticationPostProcessor.process(authenticationBuilder, of);
        });
    }

    @Test
    public void verifyAuthN() {
        Credential surrogateUsernamePasswordCredential = new SurrogateUsernamePasswordCredential();
        surrogateUsernamePasswordCredential.setUsername(BaseSurrogateAuthenticationServiceTests.CASUSER);
        surrogateUsernamePasswordCredential.setPassword("Mellon");
        surrogateUsernamePasswordCredential.setSurrogateUsername("cassurrogate");
        AbstractWebApplicationService service = RegisteredServiceTestUtils.getService("service");
        this.servicesManager.save(RegisteredServiceTestUtils.getRegisteredService(service.getId(), Map.of()));
        final DefaultAuthenticationTransaction of = DefaultAuthenticationTransaction.of(service, new Credential[]{surrogateUsernamePasswordCredential});
        final AuthenticationBuilder authenticationBuilder = (AuthenticationBuilder) Mockito.mock(AuthenticationBuilder.class);
        Mockito.when(authenticationBuilder.build()).thenReturn(CoreAuthenticationTestUtils.getAuthentication(new SurrogatePrincipal(CoreAuthenticationTestUtils.getPrincipal(BaseSurrogateAuthenticationServiceTests.CASUSER), CoreAuthenticationTestUtils.getPrincipal("something"))));
        Assertions.assertDoesNotThrow(new Executable() { // from class: org.apereo.cas.authentication.SurrogateAuthenticationPostProcessorTests.2
            public void execute() {
                SurrogateAuthenticationPostProcessorTests.this.surrogateAuthenticationPostProcessor.process(authenticationBuilder, of);
            }
        });
    }

    @Test
    public void verifyFailAuthN() {
        Credential surrogateUsernamePasswordCredential = new SurrogateUsernamePasswordCredential();
        surrogateUsernamePasswordCredential.setUsername(BaseSurrogateAuthenticationServiceTests.CASUSER);
        surrogateUsernamePasswordCredential.setPassword("Mellon");
        surrogateUsernamePasswordCredential.setSurrogateUsername("other-user");
        AbstractWebApplicationService service = RegisteredServiceTestUtils.getService("service");
        this.servicesManager.save(RegisteredServiceTestUtils.getRegisteredService(service.getId(), Map.of()));
        DefaultAuthenticationTransaction of = DefaultAuthenticationTransaction.of(service, new Credential[]{surrogateUsernamePasswordCredential});
        AuthenticationBuilder authenticationBuilder = (AuthenticationBuilder) Mockito.mock(AuthenticationBuilder.class);
        Mockito.when(authenticationBuilder.build()).thenReturn(CoreAuthenticationTestUtils.getAuthentication(new SurrogatePrincipal(CoreAuthenticationTestUtils.getPrincipal(BaseSurrogateAuthenticationServiceTests.CASUSER), CoreAuthenticationTestUtils.getPrincipal("something"))));
        Assertions.assertThrows(AuthenticationException.class, () -> {
            this.surrogateAuthenticationPostProcessor.process(authenticationBuilder, of);
        });
    }
}
