package org.keycloak.testsuite.saml;

import java.io.ByteArrayInputStream;
import java.util.Base64;
import java.util.concurrent.atomic.AtomicReference;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.saml.common.constants.JBossSAMLURIConstants;
import org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude;
import org.keycloak.testsuite.arquillian.annotation.SetDefaultProvider;
import org.keycloak.testsuite.authentication.CustomTestingSamlArtifactResolver;
import org.keycloak.testsuite.util.ContainerAssume;
import org.keycloak.testsuite.util.SamlClient;
import org.keycloak.testsuite.util.SamlClientBuilder;

@AuthServerContainerExclude({AuthServerContainerExclude.AuthServer.QUARKUS, AuthServerContainerExclude.AuthServer.REMOTE})
@SetDefaultProvider(spi = "saml-artifact-resolver", providerId = "0005")
/* loaded from: input_file:org/keycloak/testsuite/saml/ArtifactBindingCustomResolverTest.class */
public class ArtifactBindingCustomResolverTest extends ArtifactBindingTest {
    @Override // org.keycloak.testsuite.saml.ArtifactBindingTest
    @Test
    @Ignore
    public void testArtifactBindingLogoutSingleClientCheckArtifact() {
    }

    @Override // org.keycloak.testsuite.saml.ArtifactBindingTest
    @Test
    @Ignore
    public void testArtifactBindingLoginCheckArtifactWithPost() {
    }

    @Test
    public void testCustomArtifact() {
        AtomicReference atomicReference = new AtomicReference();
        new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(AbstractSamlTest.REALM_NAME), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, SamlClient.Binding.POST).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_ARTIFACT_BINDING.getUri()).build().login().user(this.bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(AbstractSamlTest.REALM_NAME), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST).storeArtifact(atomicReference).build().execute();
        byte[] decode = Base64.getDecoder().decode((String) atomicReference.get());
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
        byteArrayInputStream.skip(2L);
        int read = byteArrayInputStream.read();
        Assert.assertThat(Byte.valueOf(decode[0]), Matchers.is((byte) 0));
        Assert.assertThat(Byte.valueOf(decode[1]), Matchers.is((byte) 5));
        if (this.suiteContext.getAuthServerInfo().isUndertow()) {
            String str = (String) CustomTestingSamlArtifactResolver.list.get(read);
            Assert.assertThat(str, Matchers.notNullValue());
            Assert.assertThat(str, Matchers.containsString("samlp:Response"));
        }
    }

    @Test
    public void testArtifactDoesntContainSignature() {
        ContainerAssume.assumeAuthServerUndertow();
        AtomicReference atomicReference = new AtomicReference();
        new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(AbstractSamlTest.REALM_NAME), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST_ASSERTION_AND_RESPONSE_SIG, SAML_ASSERTION_CONSUMER_URL_SALES_POST_ASSERTION_AND_RESPONSE_SIG, SamlClient.Binding.POST).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_ARTIFACT_BINDING.getUri()).signWith(AbstractSamlTest.SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, AbstractSamlTest.SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).build().login().user(this.bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(AbstractSamlTest.REALM_NAME), AbstractSamlTest.SAML_CLIENT_ID_SALES_POST_ASSERTION_AND_RESPONSE_SIG).storeArtifact(atomicReference).signWith(AbstractSamlTest.SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, AbstractSamlTest.SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).build().execute();
        byte[] decode = Base64.getDecoder().decode((String) atomicReference.get());
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
        byteArrayInputStream.skip(2L);
        int read = byteArrayInputStream.read();
        Assert.assertThat(Byte.valueOf(decode[0]), Matchers.is((byte) 0));
        Assert.assertThat(Byte.valueOf(decode[1]), Matchers.is((byte) 5));
        String str = (String) CustomTestingSamlArtifactResolver.list.get(read);
        Assert.assertThat(str, Matchers.notNullValue());
        Assert.assertThat(str, Matchers.containsString("samlp:Response"));
        Assert.assertThat(str, Matchers.not(Matchers.containsString("Signature")));
    }
}
