package org.apereo.cas.adaptors.x509.authentication.principal;

import java.security.cert.X509Certificate;
import java.util.Optional;
import org.apereo.cas.adaptors.x509.authentication.CasX509Certificate;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.CoreAuthenticationUtils;
import org.apereo.cas.authentication.attribute.AttributeDefinitionStore;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.resolvers.PrincipalResolutionContext;
import org.apereo.cas.configuration.model.core.authentication.PrincipalAttributesCoreProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.util.CollectionUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mock;
import org.mockito.MockitoAnnotations;

@Tag("X509")
/* loaded from: input_file:org/apereo/cas/adaptors/x509/authentication/principal/X509SerialNumberAndIssuerDNPrincipalResolverTests.class */
public class X509SerialNumberAndIssuerDNPrincipalResolverTests {
    private static final CasX509Certificate VALID_CERTIFICATE = new CasX509Certificate(true);
    private X509SerialNumberAndIssuerDNPrincipalResolver resolver;

    @Mock
    private ServicesManager servicesManager;

    @Mock
    private AttributeDefinitionStore attributeDefinitionStore;

    @BeforeEach
    public void setup() throws Exception {
        MockitoAnnotations.openMocks(this).close();
        this.resolver = new X509SerialNumberAndIssuerDNPrincipalResolver(PrincipalResolutionContext.builder().servicesManager(this.servicesManager).attributeDefinitionStore(this.attributeDefinitionStore).attributeMerger(CoreAuthenticationUtils.getAttributeMerger(PrincipalAttributesCoreProperties.MergingStrategyTypes.REPLACE)).attributeRepository(CoreAuthenticationTestUtils.getAttributeRepository()).principalFactory(PrincipalFactoryUtils.newPrincipalFactory()).returnNullIfNoAttributes(false).principalNameTransformer(str -> {
            return str;
        }).useCurrentPrincipalId(false).resolveAttributes(true).activeAttributeRepositoryIdentifiers(CollectionUtils.wrapSet("*")).build());
        this.resolver.setX509AttributeExtractor(new DefaultX509AttributeExtractor());
    }

    @Test
    public void verifyResolvePrincipalInternal() {
        X509CertificateCredential x509CertificateCredential = new X509CertificateCredential(new X509Certificate[]{VALID_CERTIFICATE});
        x509CertificateCredential.setCertificate(VALID_CERTIFICATE);
        Assertions.assertEquals("SERIALNUMBER=" + VALID_CERTIFICATE.getSerialNumber().toString() + ", " + VALID_CERTIFICATE.getIssuerDN().getName(), this.resolver.resolve(x509CertificateCredential, Optional.of(CoreAuthenticationTestUtils.getPrincipal()), Optional.of(new SimpleTestUsernamePasswordAuthenticationHandler()), Optional.of(CoreAuthenticationTestUtils.getService())).getId());
    }

    @Test
    public void verifySupport() {
        Assertions.assertTrue(this.resolver.supports(new X509CertificateCredential(new X509Certificate[]{VALID_CERTIFICATE})));
    }

    @Test
    public void verifySupportFalse() {
        Assertions.assertFalse(this.resolver.supports(new UsernamePasswordCredential()));
    }
}
