package net.shibboleth.idp.test.flows.saml1;

import java.security.cert.X509Certificate;
import java.time.Instant;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.test.flows.AbstractFlowTest;
import net.shibboleth.shared.security.IdentifierGenerationStrategy;
import net.shibboleth.shared.xml.SerializeSupport;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.Marshaller;
import org.opensaml.saml.common.SAMLObjectBuilder;
import org.opensaml.saml.saml1.core.AttributeDesignator;
import org.opensaml.saml.saml1.core.AttributeQuery;
import org.opensaml.saml.saml1.core.NameIdentifier;
import org.opensaml.saml.saml1.core.Request;
import org.opensaml.saml.saml1.core.StatusCode;
import org.opensaml.saml.saml1.testing.SAML1ActionTestingSupport;
import org.opensaml.soap.soap11.Envelope;
import org.springframework.webflow.core.collection.MutableAttributeMap;
import org.springframework.webflow.executor.FlowExecutionResult;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/test/flows/saml1/SAML1AttributeQueryFlowTest.class */
public class SAML1AttributeQueryFlowTest extends AbstractSAML1FlowTest {

    @Nonnull
    public static final String FLOW_ID = "SAML1/SOAP/AttributeQuery";

    @Nullable
    private SAML1TestResponseValidator validator;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeClass
    void setupValidator() {
        NameIdentifier buildObject = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(NameIdentifier.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject.setValue("jdoe");
        buildObject.setFormat((String) null);
        buildObject.setNameQualifier((String) null);
        SAML1TestResponseValidator sAML1TestResponseValidator = new SAML1TestResponseValidator();
        this.validator = sAML1TestResponseValidator;
        sAML1TestResponseValidator.validateAuthenticationStatements = false;
        sAML1TestResponseValidator.nameIdentifier = buildObject;
        sAML1TestResponseValidator.confirmationMethod = "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches";
    }

    @Test
    public void testSAML1AttributeQueryFlow() throws Exception {
        buildRequest(false);
        this.request.setAttribute("javax.servlet.request.X509Certificate", new X509Certificate[]{this.certFactoryBean.getObject()});
        overrideEndStateOutput(FLOW_ID);
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        SAML1TestResponseValidator sAML1TestResponseValidator = this.validator;
        if (!$assertionsDisabled && sAML1TestResponseValidator == null) {
            throw new AssertionError();
        }
        sAML1TestResponseValidator.statusCode = StatusCode.SUCCESS;
        sAML1TestResponseValidator.usedAttributeDesignators = false;
        validateResult(launchExecution, FLOW_ID, sAML1TestResponseValidator);
    }

    @Test
    public void testSAML1AttributeQueryFlowWithDesignators() throws Exception {
        buildRequest(true);
        this.request.setAttribute("javax.servlet.request.X509Certificate", new X509Certificate[]{this.certFactoryBean.getObject()});
        overrideEndStateOutput(FLOW_ID);
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        SAML1TestResponseValidator sAML1TestResponseValidator = this.validator;
        if (!$assertionsDisabled && sAML1TestResponseValidator == null) {
            throw new AssertionError();
        }
        sAML1TestResponseValidator.statusCode = StatusCode.SUCCESS;
        sAML1TestResponseValidator.usedAttributeDesignators = true;
        validateResult(launchExecution, FLOW_ID, sAML1TestResponseValidator);
    }

    @Test
    public void testSAML1AttributeQueryFlowNoCredential() throws Exception {
        buildRequest(false);
        overrideEndStateOutput(FLOW_ID);
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        SAML1TestResponseValidator sAML1TestResponseValidator = this.validator;
        if (!$assertionsDisabled && sAML1TestResponseValidator == null) {
            throw new AssertionError();
        }
        sAML1TestResponseValidator.statusCode = StatusCode.REQUESTER;
        sAML1TestResponseValidator.usedAttributeDesignators = false;
        validateResult(launchExecution, FLOW_ID, sAML1TestResponseValidator);
    }

    public void buildRequest(boolean z) throws Exception {
        Request buildAttributeQueryRequest = SAML1ActionTestingSupport.buildAttributeQueryRequest(SAML1ActionTestingSupport.buildSubject("jdoe"));
        AttributeQuery attributeQuery = buildAttributeQueryRequest.getAttributeQuery();
        if (!$assertionsDisabled && attributeQuery == null) {
            throw new AssertionError();
        }
        buildAttributeQueryRequest.setIssueInstant(Instant.now());
        attributeQuery.setResource(AbstractFlowTest.SP_ENTITY_ID);
        buildAttributeQueryRequest.setID(IdentifierGenerationStrategy.getInstance(IdentifierGenerationStrategy.ProviderType.SECURE).generateIdentifier());
        if (z) {
            SAMLObjectBuilder ensureBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(AttributeDesignator.DEFAULT_ELEMENT_NAME);
            AttributeDesignator buildObject = ensureBuilder.buildObject();
            buildObject.setAttributeNamespace("urn:mace:shibboleth:1.0:attributeNamespace:uri");
            buildObject.setAttributeName("urn:mace:dir:attribute-def:eduPersonScopedAffiliation");
            attributeQuery.getAttributeDesignators().add(buildObject);
            AttributeDesignator buildObject2 = ensureBuilder.buildObject();
            buildObject2.setAttributeNamespace("urn:mace:shibboleth:1.0:attributeNamespace:uri");
            buildObject2.setAttributeName("urn:mace:dir:attribute-def:mail");
            attributeQuery.getAttributeDesignators().add(buildObject2);
            AttributeDesignator buildObject3 = ensureBuilder.buildObject();
            buildObject3.setAttributeNamespace("urn:mace:shibboleth:1.0:attributeNamespace:uri");
            buildObject3.setAttributeName("urn:mace:dir:attribute-def:foo");
            attributeQuery.getAttributeDesignators().add(buildObject3);
        }
        Envelope buildSOAP11Envelope = buildSOAP11Envelope(buildAttributeQueryRequest);
        Marshaller marshaller = marshallerFactory.getMarshaller(buildSOAP11Envelope);
        if (!$assertionsDisabled && marshaller == null) {
            throw new AssertionError();
        }
        String nodeToString = SerializeSupport.nodeToString(marshaller.marshall(buildSOAP11Envelope, parserPool.newDocument()));
        this.request.setMethod("POST");
        this.request.setContentType("text/xml");
        this.request.setContent(nodeToString.getBytes("UTF-8"));
    }

    static {
        $assertionsDisabled = !SAML1AttributeQueryFlowTest.class.desiredAssertionStatus();
    }
}
