package org.apereo.cas.support.wsfederation;

import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import lombok.Generated;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.support.wsfederation.authentication.principal.WsFederationCredential;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.opensaml.saml.saml1.core.Assertion;
import org.opensaml.security.credential.Credential;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.core.io.Resource;
import org.springframework.test.annotation.DirtiesContext;

/* loaded from: input_file:org/apereo/cas/support/wsfederation/WsFederationHelperTests.class */
public class WsFederationHelperTests extends AbstractWsFederationTests {
    private static final String GOOD_TOKEN = "goodToken";

    @Autowired
    private HashMap<String, String> testTokens;

    @Autowired
    private ApplicationContext ctx;

    @Test
    public void verifyParseTokenString() {
        Assertions.assertNotNull(this.wsFederationHelper.buildAndVerifyAssertion(this.wsFederationHelper.getRequestSecurityTokenFromResult(this.testTokens.get(GOOD_TOKEN)), this.wsFederationConfigurations), "testParseTokenString() - Not null");
    }

    @Test
    public void verifyCreateCredentialFromToken() {
        Pair buildAndVerifyAssertion = this.wsFederationHelper.buildAndVerifyAssertion(this.wsFederationHelper.getRequestSecurityTokenFromResult(this.testTokens.get(GOOD_TOKEN)), this.wsFederationConfigurations);
        WsFederationCredential wsFederationCredential = new WsFederationCredential();
        wsFederationCredential.setIssuedOn(ZonedDateTime.parse("2014-02-26T22:51:16.504Z"));
        wsFederationCredential.setNotBefore(ZonedDateTime.parse("2014-02-26T22:51:16.474Z"));
        wsFederationCredential.setNotOnOrAfter(ZonedDateTime.parse("2014-02-26T23:51:16.474Z"));
        wsFederationCredential.setIssuer("http://adfs.example.com/adfs/services/trust");
        wsFederationCredential.setAudience("urn:federation:cas");
        wsFederationCredential.setId("_6257b2bf-7361-4081-ae1f-ec58d4310f61");
        WsFederationCredential createCredentialFromToken = this.wsFederationHelper.createCredentialFromToken((Assertion) buildAndVerifyAssertion.getKey());
        Assertions.assertNotNull(createCredentialFromToken);
        Assertions.assertEquals(wsFederationCredential.getIssuedOn(), createCredentialFromToken.getIssuedOn());
        Assertions.assertEquals(wsFederationCredential.getNotBefore(), createCredentialFromToken.getNotBefore());
        Assertions.assertEquals(wsFederationCredential.getNotOnOrAfter(), createCredentialFromToken.getNotOnOrAfter());
        Assertions.assertEquals(wsFederationCredential.getIssuer(), createCredentialFromToken.getIssuer());
        Assertions.assertEquals(wsFederationCredential.getAudience(), createCredentialFromToken.getAudience());
        Assertions.assertEquals(wsFederationCredential.getId(), createCredentialFromToken.getId());
    }

    @Test
    public void verifyGetSigningCredential() {
        Assertions.assertNotNull((Credential) this.wsFederationConfigurations.iterator().next().getSigningWallet().iterator().next());
    }

    @Test
    public void verifyValidateSignatureGoodToken() {
        Assertions.assertTrue(this.wsFederationHelper.validateSignature(this.wsFederationHelper.buildAndVerifyAssertion(this.wsFederationHelper.getRequestSecurityTokenFromResult(this.testTokens.get(GOOD_TOKEN)), this.wsFederationConfigurations)));
    }

    @Test
    public void verifyValidateSignatureModifiedAttribute() {
        Assertions.assertFalse(this.wsFederationHelper.validateSignature(this.wsFederationHelper.buildAndVerifyAssertion(this.wsFederationHelper.getRequestSecurityTokenFromResult(this.testTokens.get("badTokenModifiedAttribute")), this.wsFederationConfigurations)));
    }

    @Test
    @DirtiesContext
    public void verifyValidateSignatureBadKey() {
        WsFederationConfiguration wsFederationConfiguration = new WsFederationConfiguration();
        wsFederationConfiguration.setSigningCertificateResources(new Resource[]{this.ctx.getResource("classpath:bad-signing.crt")});
        ArrayList arrayList = new ArrayList(wsFederationConfiguration.getSigningWallet());
        Pair buildAndVerifyAssertion = this.wsFederationHelper.buildAndVerifyAssertion(this.wsFederationHelper.getRequestSecurityTokenFromResult(this.testTokens.get(GOOD_TOKEN)), this.wsFederationConfigurations);
        List signingWallet = ((WsFederationConfiguration) buildAndVerifyAssertion.getValue()).getSigningWallet();
        signingWallet.clear();
        signingWallet.addAll(arrayList);
        Assertions.assertFalse(this.wsFederationHelper.validateSignature(buildAndVerifyAssertion));
    }

    @Test
    public void verifyValidateSignatureModifiedSignature() {
        Assertions.assertFalse(this.wsFederationHelper.validateSignature(this.wsFederationHelper.buildAndVerifyAssertion(this.wsFederationHelper.getRequestSecurityTokenFromResult(this.testTokens.get("badTokenModifiedSignature")), this.wsFederationConfigurations)));
    }

    @Generated
    public void setTestTokens(HashMap<String, String> hashMap) {
        this.testTokens = hashMap;
    }

    @Generated
    public void setCtx(ApplicationContext applicationContext) {
        this.ctx = applicationContext;
    }
}
