package io.gravitee.am.gateway.handler.common.vertx.web.handler;

import io.gravitee.am.common.exception.jwt.SignatureException;
import io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.AuthenticationFlowChain;
import io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.AuthenticationFlowStep;
import io.gravitee.am.gateway.handler.common.vertx.web.handler.impl.internal.WebAuthnLoginStep;
import io.gravitee.am.gateway.handler.common.webauthn.WebAuthnCookieService;
import io.gravitee.am.model.Credential;
import io.gravitee.am.model.Domain;
import io.gravitee.am.model.ReferenceType;
import io.gravitee.am.model.login.LoginSettings;
import io.gravitee.am.model.oidc.Client;
import io.gravitee.am.service.CredentialService;
import io.reactivex.rxjava3.core.Flowable;
import io.reactivex.rxjava3.core.Single;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.rxjava3.core.http.Cookie;
import io.vertx.rxjava3.core.http.HttpServerRequest;
import io.vertx.rxjava3.ext.auth.User;
import io.vertx.rxjava3.ext.web.RoutingContext;
import java.util.List;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:io/gravitee/am/gateway/handler/common/vertx/web/handler/WebAuthnLoginStepTest.class */
public class WebAuthnLoginStepTest {
    private static final Handler<RoutingContext> redirectHandler = RedirectHandler.create("/webauthn/login");

    @Mock
    private RoutingContext routingContext;

    @Mock
    private HttpServerRequest httpServerRequest;

    @Mock
    private WebAuthnCookieService webAuthnCookieService;

    @Mock
    private Domain domain;

    @Mock
    private CredentialService credentialService;
    private AuthenticationFlowChain authenticationFlowChain;
    private WebAuthnLoginStep webAuthnLoginStep;

    @Before
    public void setUp() {
        this.webAuthnLoginStep = new WebAuthnLoginStep(redirectHandler, this.domain, this.credentialService, this.webAuthnCookieService);
        this.authenticationFlowChain = (AuthenticationFlowChain) Mockito.spy(new AuthenticationFlowChain(List.of(this.webAuthnLoginStep)));
        Mockito.when(this.webAuthnCookieService.getRememberDeviceCookieName()).thenReturn("cookieName");
        Mockito.when(this.routingContext.request()).thenReturn(this.httpServerRequest);
        Mockito.when(this.domain.getId()).thenReturn("domainId");
        ((AuthenticationFlowChain) Mockito.doNothing().when(this.authenticationFlowChain)).exit((AuthenticationFlowStep) Mockito.any());
        ((AuthenticationFlowChain) Mockito.doNothing().when(this.authenticationFlowChain)).doNext((RoutingContext) Mockito.any());
    }

    @Test
    public void mustDoNext_userAlreadyAuthenticated() {
        Mockito.when(this.routingContext.user()).thenReturn(User.create(new JsonObject()));
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }

    @Test
    public void mustDoNext_optionDisabled() {
        LoginSettings loginSettings = (LoginSettings) Mockito.mock(LoginSettings.class);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessEnabled())).thenReturn(false);
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn(loginSettings);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }

    @Test
    public void mustDoNext_optionDisabled2() {
        LoginSettings loginSettings = (LoginSettings) Mockito.mock(LoginSettings.class);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessRememberDeviceEnabled())).thenReturn(false);
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn(loginSettings);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }

    @Test
    public void mustDoNext_optionDisabled3() {
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn((Object) null);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }

    @Test
    public void mustDoNext_noCookie() {
        LoginSettings loginSettings = (LoginSettings) Mockito.mock(LoginSettings.class);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessRememberDeviceEnabled())).thenReturn(true);
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn(loginSettings);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        Mockito.when(this.httpServerRequest.getCookie("cookieName")).thenReturn((Object) null);
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }

    @Test
    public void mustDoNext_failedToDecodeCookie() {
        LoginSettings loginSettings = (LoginSettings) Mockito.mock(LoginSettings.class);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessRememberDeviceEnabled())).thenReturn(true);
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn(loginSettings);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        Mockito.when(this.httpServerRequest.getCookie("cookieName")).thenReturn(Cookie.cookie("cookieName", "cookieValue"));
        Mockito.when(this.webAuthnCookieService.extractUserIdFromRememberDeviceCookieValue("cookieValue")).thenReturn(Single.error(new SignatureException("Invalid payload")));
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }

    @Test
    public void mustExit_nominalCase() {
        LoginSettings loginSettings = (LoginSettings) Mockito.mock(LoginSettings.class);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessRememberDeviceEnabled())).thenReturn(true);
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn(loginSettings);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        Mockito.when(this.httpServerRequest.getCookie("cookieName")).thenReturn(Cookie.cookie("cookieName", "cookieValue"));
        Mockito.when(this.webAuthnCookieService.extractUserIdFromRememberDeviceCookieValue("cookieValue")).thenReturn(Single.just("userId"));
        Mockito.when(this.credentialService.findByUserId(ReferenceType.DOMAIN, "domainId", "userId")).thenReturn(Flowable.just((Credential) Mockito.mock(Credential.class)));
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).doNext(this.routingContext);
    }

    @Test
    public void mustDoNext_noCredentials() {
        LoginSettings loginSettings = (LoginSettings) Mockito.mock(LoginSettings.class);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(loginSettings.isPasswordlessRememberDeviceEnabled())).thenReturn(true);
        Client client = (Client) Mockito.mock(Client.class);
        Mockito.when(client.getLoginSettings()).thenReturn(loginSettings);
        Mockito.when(this.routingContext.get("client")).thenReturn(client);
        Mockito.when(this.httpServerRequest.getCookie("cookieName")).thenReturn(Cookie.cookie("cookieName", "cookieValue"));
        Mockito.when(this.webAuthnCookieService.extractUserIdFromRememberDeviceCookieValue("cookieValue")).thenReturn(Single.just("userId"));
        Mockito.when(this.credentialService.findByUserId(ReferenceType.DOMAIN, "domainId", "userId")).thenReturn(Flowable.empty());
        this.webAuthnLoginStep.execute(this.routingContext, this.authenticationFlowChain);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(0))).exit(this.webAuthnLoginStep);
        ((AuthenticationFlowChain) Mockito.verify(this.authenticationFlowChain, Mockito.times(1))).doNext(this.routingContext);
    }
}
