package org.apereo.cas.support.saml.util;

import java.security.PrivateKey;
import java.security.PublicKey;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.xerces.xs.XSObject;
import org.apereo.cas.authentication.CoreAuthenticationTestUtils;
import org.apereo.cas.config.CoreSamlConfigurationTests;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.SamlUtils;
import org.apereo.cas.ticket.expiration.TicketGrantingTicketExpirationPolicy;
import org.apereo.cas.util.EncodingUtils;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;
import org.opensaml.core.xml.schema.XSBase64Binary;
import org.opensaml.core.xml.schema.XSBoolean;
import org.opensaml.core.xml.schema.XSDateTime;
import org.opensaml.core.xml.schema.XSInteger;
import org.opensaml.core.xml.schema.XSString;
import org.opensaml.core.xml.schema.XSURI;
import org.opensaml.saml.saml2.core.Attribute;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;

@Tag("SAML2")
@SpringBootTest(classes = {CoreSamlConfigurationTests.SharedTestConfiguration.class})
/* loaded from: input_file:org/apereo/cas/support/saml/util/NonInflatingSaml20ObjectBuilderTests.class */
public class NonInflatingSaml20ObjectBuilderTests {

    @Autowired
    @Qualifier("shibboleth.OpenSAMLConfig")
    private OpenSamlConfigBean openSamlConfigBean;

    @Test
    public void verifyAttrValueTypeString() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of("cas@example.org"), Map.of("mail", "basic"), "basic", Map.of("mail", XSString.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeUri() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of("cas@example.org"), Map.of("mail", "basic"), "basic", Map.of("mail", XSURI.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeXSBoolean() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of("false"), Map.of("mail", "basic"), "basic", Map.of("mail", XSBoolean.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeXSInteger() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of("12345678"), Map.of("mail", "basic"), "basic", Map.of("mail", XSInteger.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeXSDateTime() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of(ZonedDateTime.now(ZoneOffset.UTC).toString()), Map.of("mail", "basic"), "basic", Map.of("mail", XSDateTime.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeXSBinary() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of(EncodingUtils.encodeBase64("values")), Map.of("mail", "basic"), "basic", Map.of("mail", XSBase64Binary.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeXSObject() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of(new TicketGrantingTicketExpirationPolicy(100L, 100L)), Map.of("mail", "basic"), "basic", Map.of("mail", XSObject.class.getSimpleName())));
    }

    @Test
    public void verifyAttrValueTypeNone() {
        Assertions.assertNotNull(new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean).newAttribute("email", "mail", List.of(), Map.of("mail", "basic"), "basic", Map.of("mail", XSObject.class.getSimpleName())));
    }

    @Test
    public void verifyAttributes() {
        NonInflatingSaml20ObjectBuilder nonInflatingSaml20ObjectBuilder = new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean);
        Map of = Map.of("mail", "basic", "name", "unspecified", "cn", "");
        Assertions.assertNotNull(nonInflatingSaml20ObjectBuilder.newAttribute("email", "mail", List.of("cas@example.org"), of, "basic", Map.of()));
        Assertions.assertNotNull(nonInflatingSaml20ObjectBuilder.newAttribute("common-name", "name", List.of("casuser"), of, "basic", Map.of()));
        Attribute newAttribute = nonInflatingSaml20ObjectBuilder.newAttribute("cn-name", "cn", List.of("casuser"), of, "basic", Map.of());
        Assertions.assertNotNull(newAttribute);
        Assertions.assertNull(newAttribute.getNameFormat());
    }

    @Test
    public void verifySubject() {
        NonInflatingSaml20ObjectBuilder nonInflatingSaml20ObjectBuilder = new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean);
        Assertions.assertNotNull(nonInflatingSaml20ObjectBuilder.newSubject(nonInflatingSaml20ObjectBuilder.getNameID("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "casuser"), nonInflatingSaml20ObjectBuilder.getNameID("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "casuser"), "cas", ZonedDateTime.now(ZoneOffset.UTC), "https://github.com", ZonedDateTime.now(ZoneOffset.UTC)));
    }

    @Test
    public void verifyQName() {
        NonInflatingSaml20ObjectBuilder nonInflatingSaml20ObjectBuilder = new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean);
        Assertions.assertThrows(IllegalStateException.class, () -> {
            nonInflatingSaml20ObjectBuilder.getSamlObjectQName(Object.class);
        });
    }

    @Test
    public void failSign() {
        NonInflatingSaml20ObjectBuilder nonInflatingSaml20ObjectBuilder = new NonInflatingSaml20ObjectBuilder(this.openSamlConfigBean);
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            NonInflatingSaml20ObjectBuilder.signSamlResponse("bad-response", (PrivateKey) Mockito.mock(PrivateKey.class), (PublicKey) Mockito.mock(PublicKey.class));
        });
        String stringWriter = SamlUtils.transformSamlObject(this.openSamlConfigBean, nonInflatingSaml20ObjectBuilder.newResponse(UUID.randomUUID().toString(), ZonedDateTime.now(ZoneOffset.UTC), "cas", CoreAuthenticationTestUtils.getWebApplicationService()), true).toString();
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            NonInflatingSaml20ObjectBuilder.signSamlResponse(stringWriter, (PrivateKey) Mockito.mock(PrivateKey.class), (PublicKey) Mockito.mock(PublicKey.class));
        });
        Assertions.assertThrows(IllegalArgumentException.class, () -> {
            PublicKey publicKey = (PublicKey) Mockito.mock(PublicKey.class);
            Mockito.when(publicKey.getAlgorithm()).thenReturn("RSA");
            NonInflatingSaml20ObjectBuilder.signSamlResponse(stringWriter, (PrivateKey) Mockito.mock(PrivateKey.class), publicKey);
        });
    }
}
