package org.apereo.cas.azure.ad.authentication;

import java.util.List;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.attribute.PersonAttributeDao;
import org.apereo.cas.azure.ad.BaseAzureActiveDirectoryTests;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable;
import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariables;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.test.context.TestPropertySource;

@Tag("Azure")
@EnabledIfEnvironmentVariables({@EnabledIfEnvironmentVariable(named = "AZURE_AD_USER_PASSWORD", matches = ".+"), @EnabledIfEnvironmentVariable(named = "AZURE_AD_DOMAIN", matches = ".+")})
/* loaded from: input_file:org/apereo/cas/azure/ad/authentication/AzureActiveDirectoryAuthenticationTests.class */
class AzureActiveDirectoryAuthenticationTests {
    private static final String AZURE_AD_USER_PASSWORD = System.getenv("AZURE_AD_USER_PASSWORD");
    private static final String AZURE_AD_DOMAIN = System.getenv("AZURE_AD_DOMAIN");

    @TestPropertySource(properties = {"cas.authn.attribute-repository.azure-active-directory[0].client-id=d430f66f-bc3b-4e2d-a9bf-bf6c7ded8b7e", "cas.authn.attribute-repository.azure-active-directory[0].client-secret=Ro58Q~NbOEInGNGAEdxHGWJ3QkS0jVTLP1fuLcg-", "cas.authn.attribute-repository.azure-active-directory[0].tenant=2bbf190a-1ee3-487d-b39f-4d5038acf9ad"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/AzureActiveDirectoryAuthenticationTests$AttributeResolutionTests.class */
    class AttributeResolutionTests extends BaseAzureActiveDirectoryTests {

        @Autowired
        @Qualifier("microsoftAzureActiveDirectoryAttributeRepositories")
        protected List<PersonAttributeDao> microsoftAzureActiveDirectoryAttributeRepositories;

        AttributeResolutionTests(AzureActiveDirectoryAuthenticationTests azureActiveDirectoryAuthenticationTests) {
        }

        @Test
        void verifyOperation() throws Throwable {
            Assertions.assertNotNull(((PersonAttributeDao) this.microsoftAzureActiveDirectoryAttributeRepositories.getFirst()).getPerson("castest@" + AzureActiveDirectoryAuthenticationTests.AZURE_AD_DOMAIN));
        }
    }

    @TestPropertySource(properties = {"cas.authn.azure-active-directory.client-id=d430f66f-bc3b-4e2d-a9bf-bf6c7ded8b7e", "cas.authn.azure-active-directory.client-secret=Ro58Q~NbOEInGNGAEdxHGWJ3QkS0jVTLP1fuLcg-", "cas.authn.azure-active-directory.login-url=https://login.microsoftonline.com/common/", "cas.authn.azure-active-directory.tenant=2bbf190a-1ee3-487d-b39f-4d5038acf9ad"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/AzureActiveDirectoryAuthenticationTests$ConfidentialClientTests.class */
    class ConfidentialClientTests extends BaseAzureActiveDirectoryTests {

        @Autowired
        @Qualifier("microsoftAzureActiveDirectoryAuthenticationHandler")
        protected AuthenticationHandler microsoftAzureActiveDirectoryAuthenticationHandler;

        ConfidentialClientTests(AzureActiveDirectoryAuthenticationTests azureActiveDirectoryAuthenticationTests) {
        }

        @Test
        void verifyOperation() throws Throwable {
            Assertions.assertNotNull(this.microsoftAzureActiveDirectoryAuthenticationHandler.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("castest@" + AzureActiveDirectoryAuthenticationTests.AZURE_AD_DOMAIN, AzureActiveDirectoryAuthenticationTests.AZURE_AD_USER_PASSWORD), (Service) Mockito.mock(Service.class)));
        }
    }

    @TestPropertySource(properties = {"cas.authn.azure-active-directory.client-id=d430f66f-bc3b-4e2d-a9bf-bf6c7ded8b7e", "cas.authn.azure-active-directory.login-url=https://login.microsoftonline.com/common/", "cas.authn.azure-active-directory.tenant=2bbf190a-1ee3-487d-b39f-4d5038acf9ad"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/AzureActiveDirectoryAuthenticationTests$PublicClientTests.class */
    class PublicClientTests extends BaseAzureActiveDirectoryTests {

        @Autowired
        @Qualifier("microsoftAzureActiveDirectoryAuthenticationHandler")
        protected AuthenticationHandler microsoftAzureActiveDirectoryAuthenticationHandler;

        PublicClientTests(AzureActiveDirectoryAuthenticationTests azureActiveDirectoryAuthenticationTests) {
        }

        @Test
        void verifyOperation() throws Throwable {
            Assertions.assertNotNull(this.microsoftAzureActiveDirectoryAuthenticationHandler.authenticate(CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("castest@" + AzureActiveDirectoryAuthenticationTests.AZURE_AD_DOMAIN, AzureActiveDirectoryAuthenticationTests.AZURE_AD_USER_PASSWORD), (Service) Mockito.mock(Service.class)));
        }

        @Test
        void verifyOperationFails() throws Throwable {
            UsernamePasswordCredential credentialsWithDifferentUsernameAndPassword = CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("castest@" + AzureActiveDirectoryAuthenticationTests.AZURE_AD_DOMAIN, "bf65hfg78");
            Assertions.assertThrows(FailedLoginException.class, () -> {
                this.microsoftAzureActiveDirectoryAuthenticationHandler.authenticate(credentialsWithDifferentUsernameAndPassword, (Service) Mockito.mock(Service.class));
            });
        }
    }

    @TestPropertySource(properties = {"cas.authn.azure-active-directory.client-id=d430f66f-bc3b-4e2d-a9bf-bf6c7ded8b7e", "cas.authn.azure-active-directory.login-url=https://login.microsoftonline.com/common/", "cas.authn.azure-active-directory.tenant=2bbf190a-1ee3-487d-b39f-4d5038acf9ad", "cas.authn.azure-active-directory.resource=https://unknown.example.org"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/azure/ad/authentication/AzureActiveDirectoryAuthenticationTests$UnknownResourceTests.class */
    class UnknownResourceTests extends BaseAzureActiveDirectoryTests {

        @Autowired
        @Qualifier("microsoftAzureActiveDirectoryAuthenticationHandler")
        protected AuthenticationHandler microsoftAzureActiveDirectoryAuthenticationHandler;

        UnknownResourceTests(AzureActiveDirectoryAuthenticationTests azureActiveDirectoryAuthenticationTests) {
        }

        @Test
        void verifyOperationFails() throws Throwable {
            UsernamePasswordCredential credentialsWithDifferentUsernameAndPassword = CoreAuthenticationTestUtils.getCredentialsWithDifferentUsernameAndPassword("castest@" + AzureActiveDirectoryAuthenticationTests.AZURE_AD_DOMAIN, "bf65hfg78");
            Assertions.assertThrows(FailedLoginException.class, () -> {
                this.microsoftAzureActiveDirectoryAuthenticationHandler.authenticate(credentialsWithDifferentUsernameAndPassword, (Service) Mockito.mock(Service.class));
            });
        }
    }

    AzureActiveDirectoryAuthenticationTests() {
    }
}
