package org.apereo.cas.webauthn.web;

import com.yubico.data.CredentialRegistration;
import com.yubico.webauthn.RegisteredCredential;
import com.yubico.webauthn.data.ByteArray;
import com.yubico.webauthn.data.UserIdentity;
import java.nio.charset.StandardCharsets;
import java.time.Clock;
import java.time.Instant;
import java.util.UUID;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.util.EncodingUtils;
import org.apereo.cas.util.RandomUtils;
import org.apereo.cas.webauthn.WebAuthnUtils;
import org.apereo.cas.webauthn.storage.WebAuthnCredentialRepository;
import org.apereo.cas.webauthn.web.flow.BaseWebAuthnWebflowTests;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.http.HttpStatus;
import org.springframework.mock.web.MockHttpServletRequest;

@Tag("MFAProvider")
@SpringBootTest(classes = {BaseWebAuthnWebflowTests.SharedTestConfiguration.class}, properties = {"management.endpoints.web.exposure.include=*", "management.endpoint.webAuthnDevices.enabled=true"})
/* loaded from: input_file:org/apereo/cas/webauthn/web/WebAuthnRegisteredDevicesEndpointTests.class */
class WebAuthnRegisteredDevicesEndpointTests {

    @Autowired
    @Qualifier("webAuthnRegisteredDevicesEndpoint")
    private WebAuthnRegisteredDevicesEndpoint webAuthnRegisteredDevicesEndpoint;

    @Autowired
    @Qualifier("webAuthnCredentialRepository")
    private WebAuthnCredentialRepository webAuthnCredentialRepository;

    WebAuthnRegisteredDevicesEndpointTests() {
    }

    private static CredentialRegistration getCredentialRegistration(Authentication authentication) throws Exception {
        return CredentialRegistration.builder().userIdentity(UserIdentity.builder().name(authentication.getPrincipal().getId()).displayName("CAS").id(ByteArray.fromBase64Url(authentication.getPrincipal().getId())).build()).registrationTime(Instant.now(Clock.systemUTC())).credential(RegisteredCredential.builder().credentialId(ByteArray.fromBase64Url(authentication.getPrincipal().getId())).userHandle(ByteArray.fromBase64Url(RandomUtils.randomAlphabetic(8))).publicKeyCose(ByteArray.fromBase64Url(RandomUtils.randomAlphabetic(8))).build()).build();
    }

    @Test
    void verifyOperation() throws Throwable {
        String uuid = UUID.randomUUID().toString();
        register(RegisteredServiceTestUtils.getAuthentication(uuid));
        String uuid2 = UUID.randomUUID().toString();
        register(RegisteredServiceTestUtils.getAuthentication(uuid2));
        Assertions.assertFalse(this.webAuthnRegisteredDevicesEndpoint.fetch(uuid).isEmpty());
        Assertions.assertFalse(this.webAuthnRegisteredDevicesEndpoint.fetch(uuid2).isEmpty());
        this.webAuthnRegisteredDevicesEndpoint.delete(uuid, uuid);
        Assertions.assertTrue(this.webAuthnRegisteredDevicesEndpoint.fetch(uuid).isEmpty());
        this.webAuthnRegisteredDevicesEndpoint.delete(uuid2);
        Assertions.assertTrue(this.webAuthnRegisteredDevicesEndpoint.fetch(uuid).isEmpty());
        Assertions.assertTrue(this.webAuthnRegisteredDevicesEndpoint.fetch(uuid2).isEmpty());
        String uuid3 = UUID.randomUUID().toString();
        Assertions.assertTrue(this.webAuthnRegisteredDevicesEndpoint.write(uuid3, EncodingUtils.encodeBase64(WebAuthnUtils.getObjectMapper().writeValueAsString(getCredentialRegistration(RegisteredServiceTestUtils.getAuthentication(uuid3))))));
    }

    @Test
    void verifyImportExport() throws Throwable {
        register(RegisteredServiceTestUtils.getAuthentication(UUID.randomUUID().toString()));
        Assertions.assertEquals(HttpStatus.OK, this.webAuthnRegisteredDevicesEndpoint.export().getStatusCode());
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setContent(WebAuthnUtils.getObjectMapper().writeValueAsString(getCredentialRegistration(RegisteredServiceTestUtils.getAuthentication(UUID.randomUUID().toString()))).getBytes(StandardCharsets.UTF_8));
        Assertions.assertEquals(HttpStatus.CREATED, this.webAuthnRegisteredDevicesEndpoint.importAccount(mockHttpServletRequest).getStatusCode());
    }

    private CredentialRegistration register(Authentication authentication) throws Exception {
        CredentialRegistration credentialRegistration = getCredentialRegistration(authentication);
        Assertions.assertNotNull(WebAuthnUtils.getObjectMapper().writeValueAsString(credentialRegistration));
        this.webAuthnCredentialRepository.addRegistrationByUsername(authentication.getPrincipal().getId(), credentialRegistration);
        return credentialRegistration;
    }
}
