package io.jans.as.server.service;

import io.jans.as.common.model.registration.Client;
import io.jans.as.common.util.RedirectUri;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.server.authorize.ws.rs.AuthzRequest;
import io.jans.as.server.security.Identity;
import io.jans.as.server.service.external.ExternalAuthenticationService;
import io.jans.model.AuthenticationScriptUsageType;
import io.jans.model.custom.script.conf.CustomScriptConfiguration;
import io.jans.model.custom.script.model.CustomScript;
import io.jans.model.custom.script.type.auth.DummyPersonAuthenticationType;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.ws.rs.WebApplicationException;
import java.util.HashMap;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.Assert;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;
import org.testng.collections.Lists;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/service/AcrServiceTest.class */
public class AcrServiceTest {

    @InjectMocks
    private AcrService acrService;

    @Mock
    private Logger log;

    @Mock
    private Identity identity;

    @Mock
    private SessionIdService sessionIdService;

    @Mock
    private ExternalAuthenticationService externalAuthenticationService;

    @Mock
    private AppConfiguration appConfiguration;

    @Test
    public void getScriptName_whenAcrIsAgama_shouldReturnAgama() {
        Assert.assertEquals(AcrService.getScriptName("agama_flow-parameter1"), "agama");
        Assert.assertEquals(AcrService.getScriptName("agama_io.jans.flow-parameter1"), "agama");
        Assert.assertEquals(AcrService.getScriptName("agama_io.jans.flow"), "agama");
        Assert.assertEquals(AcrService.getScriptName("agama"), "agama");
    }

    @Test
    public void getScriptName_whenAcrNotAgama_shouldReturnProvidedAcr() {
        Assert.assertEquals(AcrService.getScriptName("basic"), "basic");
    }

    @Test
    public void removeParametersFromAgamaAcr_whenAcrHasParameters_shouldRemoveParameters() {
        Assert.assertEquals(AcrService.removeParametersFromAgamaAcr("agama_flow-parameter1"), "agama_flow");
        Assert.assertEquals(AcrService.removeParametersFromAgamaAcr("agama_io.jans.flow-parameter1"), "agama_io.jans.flow");
        Assert.assertEquals(AcrService.removeParametersFromAgamaAcr("agama_io.jans.flow"), "agama_io.jans.flow");
    }

    @Test
    public void removeParametersFromAgamaAcr_whenAuthzRequestIsWithAcrWithParameters_shouldRemoveParameters() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("agama_io.jans.flow-parameter1 acr2");
        AcrService.removeParametersForAgamaAcr(authzRequest);
        Assert.assertEquals(authzRequest.getAcrValues(), "agama_io.jans.flow acr2");
    }

    @Test
    public void isAgama_whenAcrIsNullOrNonAgama_shouldReturnFalse() {
        Assert.assertFalse(AcrService.isAgama((String) null));
        Assert.assertFalse(AcrService.isAgama(""));
        Assert.assertFalse(AcrService.isAgama("asf"));
    }

    @Test
    public void isAgama_whenAcrStartsFromAgama_shouldReturnTrue() {
        Assert.assertTrue(AcrService.isAgama("agama_"));
        Assert.assertTrue(AcrService.isAgama("agama_flow"));
        Assert.assertTrue(AcrService.isAgama("agama_com.company.flow"));
    }

    @Test
    public void checkClientAuthorizedAcrs_whenClientAuthorizedAcrsEmpty_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("acr1");
        this.acrService.checkClientAuthorizedAcrs(authzRequest, new Client());
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void checkClientAuthorizedAcrs_whenClientDoesNotAllowAcr_shouldThrowException() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("my_acr");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Client client = new Client();
        client.getAttributes().setAuthorizedAcrValues(Lists.newArrayList(new String[]{"clientAcr"}));
        this.acrService.checkClientAuthorizedAcrs(authzRequest, client);
    }

    @Test
    public void checkClientAuthorizedAcrs_whenClientAllowAcr_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("my_acr");
        Client client = new Client();
        client.getAttributes().setAuthorizedAcrValues(Lists.newArrayList(new String[]{"my_acr"}));
        this.acrService.checkClientAuthorizedAcrs(authzRequest, client);
    }

    @Test
    public void checkClientAuthorizedAcrs_whenClientAllowAcrViaMappings_shouldPass() {
        HashMap hashMap = new HashMap();
        hashMap.put("my_acr", "map2");
        Mockito.when(this.appConfiguration.getAcrMappings()).thenReturn(hashMap);
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("my_acr");
        this.acrService.applyAcrMappings(authzRequest);
        Client client = new Client();
        client.getAttributes().setAuthorizedAcrValues(Lists.newArrayList(new String[]{"my_acr"}));
        this.acrService.checkClientAuthorizedAcrs(authzRequest, client);
    }

    @Test
    public void applyAcrMappings_whenMappingsIsNotSet_shouldDoNothing() {
        Assert.assertEquals(this.acrService.applyAcrMappings(Lists.newArrayList(new String[]{"acr1", "acr2"})), "acr1 acr2");
    }

    @Test
    public void applyAcrMappings_whenMappingsIsSet_shouldMapCorrectly() {
        HashMap hashMap = new HashMap();
        hashMap.put("acr2", "map2");
        Mockito.when(this.appConfiguration.getAcrMappings()).thenReturn(hashMap);
        Assert.assertEquals(this.acrService.applyAcrMappings(Lists.newArrayList(new String[]{"acr1", "acr2"})), "acr1 map2");
    }

    @Test
    public void checkAcrScriptIsAvailable_forBlankAcr_shouldPass() {
        this.acrService.checkAcrScriptIsAvailable(new AuthzRequest());
    }

    @Test
    public void checkAcrScriptIsAvailable_forBuildInAcr_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("simple_password_auth");
        this.acrService.checkAcrScriptIsAvailable(authzRequest);
    }

    @Test
    public void checkAcrScriptIsAvailable_whenScriptIsAvailable_shouldPass() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("my_acr");
        Mockito.when(this.externalAuthenticationService.determineCustomScriptConfiguration(AuthenticationScriptUsageType.INTERACTIVE, authzRequest.getAcrValuesList())).thenReturn(new CustomScriptConfiguration(new CustomScript(), new DummyPersonAuthenticationType(), new HashMap()));
        this.acrService.checkAcrScriptIsAvailable(authzRequest);
    }

    @Test
    public void checkAcrScriptIsAvailable_whenScriptIsNotAvailable_shouldFail() {
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setAcrValues("my_acr");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        try {
            this.acrService.checkAcrScriptIsAvailable(authzRequest);
            Assert.fail("Script is not available but exception is not thrown.");
        } catch (WebApplicationException e) {
        }
    }
}
