package net.shibboleth.idp.test.flows.cas;

import javax.annotation.Nonnull;
import net.shibboleth.idp.authn.AuthenticationResult;
import net.shibboleth.idp.authn.principal.UsernamePrincipal;
import net.shibboleth.idp.cas.ticket.ProxyGrantingTicket;
import net.shibboleth.idp.cas.ticket.TicketIdentifierGenerationStrategy;
import net.shibboleth.idp.cas.ticket.TicketService;
import net.shibboleth.idp.session.IdPSession;
import net.shibboleth.idp.session.SessionManager;
import net.shibboleth.idp.test.flows.AbstractFlowTest;
import org.joda.time.DateTime;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.webflow.core.collection.MutableAttributeMap;
import org.springframework.webflow.executor.FlowExecutionResult;
import org.testng.Assert;
import org.testng.annotations.Test;

@ContextConfiguration(locations = {"/test/test-cas-beans.xml"})
/* loaded from: input_file:net/shibboleth/idp/test/flows/cas/ProxyFlowTest.class */
public class ProxyFlowTest extends AbstractFlowTest {

    @Nonnull
    private static String FLOW_ID = "cas/proxy";

    @Autowired
    private TicketService ticketService;

    @Autowired
    private SessionManager sessionManager;

    @Test
    public void testSuccess() throws Exception {
        IdPSession createSession = this.sessionManager.createSession("john");
        createSession.addAuthenticationResult(new AuthenticationResult("authn/Password", new UsernamePrincipal("john")));
        ProxyGrantingTicket createProxyGrantingTicket = createProxyGrantingTicket(createSession.getId());
        this.externalContext.getMockRequestParameterMap().put("targetService", createProxyGrantingTicket.getService());
        this.externalContext.getMockRequestParameterMap().put("pgt", createProxyGrantingTicket.getId());
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        String contentAsString = this.response.getContentAsString();
        Assert.assertEquals(launchExecution.getOutcome().getId(), "proxySuccess");
        Assert.assertTrue(contentAsString.contains("<cas:proxySuccess>"));
        Assert.assertTrue(contentAsString.contains("<cas:proxyTicket>PT-"));
    }

    @Test
    public void testFailureTicketExpired() throws Exception {
        this.externalContext.getMockRequestParameterMap().put("targetService", "https://test.example.org/");
        this.externalContext.getMockRequestParameterMap().put("pgt", "PGT-123-ABC");
        Assert.assertEquals(this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext).getOutcome().getId(), "proxyFailure");
        String contentAsString = this.response.getContentAsString();
        Assert.assertTrue(contentAsString.contains("<cas:proxyFailure code=\"INVALID_TICKET\""));
        Assert.assertTrue(contentAsString.contains("E_TICKET_EXPIRED"));
    }

    @Test
    public void testFailureSessionExpired() throws Exception {
        ProxyGrantingTicket createProxyGrantingTicket = createProxyGrantingTicket("No-Such-SessionId");
        this.externalContext.getMockRequestParameterMap().put("targetService", createProxyGrantingTicket.getService());
        this.externalContext.getMockRequestParameterMap().put("pgt", createProxyGrantingTicket.getId());
        Assert.assertEquals(this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext).getOutcome().getId(), "proxyFailure");
        String contentAsString = this.response.getContentAsString();
        Assert.assertTrue(contentAsString.contains("<cas:proxyFailure code=\"INVALID_TICKET\""));
        Assert.assertTrue(contentAsString.contains("E_SESSION_EXPIRED"));
    }

    private ProxyGrantingTicket createProxyGrantingTicket(String str) {
        return this.ticketService.createProxyGrantingTicket(new TicketIdentifierGenerationStrategy("PGT", 50).generateIdentifier(), DateTime.now().plusSeconds(10).toInstant(), this.ticketService.createServiceTicket(new TicketIdentifierGenerationStrategy("ST", 25).generateIdentifier(), DateTime.now().plusSeconds(5).toInstant(), str, "https://service.example.org/", false));
    }
}
