package org.keycloak.testsuite.saml;

import com.google.common.collect.Collections2;
import java.io.IOException;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;
import org.keycloak.dom.saml.v2.assertion.ConditionsType;
import org.keycloak.dom.saml.v2.assertion.OneTimeUseType;
import org.keycloak.dom.saml.v2.protocol.ResponseType;
import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;
import org.keycloak.testsuite.updaters.ClientAttributeUpdater;
import org.keycloak.testsuite.updaters.ServerResourceUpdater;
import org.keycloak.testsuite.util.SamlClient;
import org.keycloak.testsuite.util.SamlClientBuilder;

/* loaded from: input_file:org/keycloak/testsuite/saml/IncludeOneTimeUseConditionTest.class */
public class IncludeOneTimeUseConditionTest extends AbstractSamlTest {
    @Test
    public void testOneTimeUseConditionIsAdded() throws Exception {
        testOneTimeUseConditionIncluded(Boolean.TRUE);
    }

    @Test
    public void testOneTimeUseConditionIsNotAdded() throws Exception {
        testOneTimeUseConditionIncluded(Boolean.FALSE);
    }

    private void testOneTimeUseConditionIncluded(Boolean bool) throws IOException {
        ServerResourceUpdater update = ClientAttributeUpdater.forClient(this.adminClient, AbstractSamlTest.REALM_NAME, AbstractSamlTest.SAML_CLIENT_ID_SALES_POST).setAttribute("saml.onetimeuse.condition", bool.toString()).update();
        Throwable th = null;
        try {
            try {
                SAMLDocumentHolder samlResponse = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(AbstractSamlTest.REALM_NAME), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, SamlClient.Binding.POST).build().login().user(this.bburkeUser).build().getSamlResponse(SamlClient.Binding.POST);
                Assert.assertThat(samlResponse.getSamlObject(), Matchers.notNullValue());
                Assert.assertThat(samlResponse.getSamlObject(), Matchers.instanceOf(ResponseType.class));
                ResponseType samlObject = samlResponse.getSamlObject();
                Assert.assertThat(samlObject.getAssertions(), Matchers.not(Matchers.empty()));
                ConditionsType conditions = ((ResponseType.RTChoiceType) samlObject.getAssertions().get(0)).getAssertion().getConditions();
                Assert.assertThat(conditions, Matchers.notNullValue());
                Assert.assertThat(conditions.getConditions(), Matchers.not(Matchers.empty()));
                Assert.assertThat(Boolean.valueOf(!Collections2.filter(conditions.getConditions(), conditionAbstractType -> {
                    return conditionAbstractType instanceof OneTimeUseType;
                }).isEmpty()), Matchers.is(bool));
                if (update != null) {
                    if (0 == 0) {
                        update.close();
                        return;
                    }
                    try {
                        update.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (update != null) {
                if (th != null) {
                    try {
                        update.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    update.close();
                }
            }
            throw th4;
        }
    }
}
