package org.apache.cxf.systest.jaxrs.security.xml;

import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.ProcessingException;
import javax.ws.rs.WebApplicationException;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.xml.EncryptionProperties;
import org.apache.cxf.rs.security.xml.SignatureProperties;
import org.apache.cxf.rs.security.xml.XmlEncInInterceptor;
import org.apache.cxf.rs.security.xml.XmlEncOutInterceptor;
import org.apache.cxf.rs.security.xml.XmlSecInInterceptor;
import org.apache.cxf.rs.security.xml.XmlSecOutInterceptor;
import org.apache.cxf.rs.security.xml.XmlSigInInterceptor;
import org.apache.cxf.rs.security.xml.XmlSigOutInterceptor;
import org.apache.cxf.systest.jaxrs.security.Book;
import org.apache.cxf.systest.jaxrs.security.BookStore;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.class */
public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase {
    public static final String PORT = BookServerXmlSec.PORT;
    public static final String STAX_PORT = StaxBookServerXmlSec.PORT;
    final TestParam test;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest$TestParam.class */
    public static final class TestParam {
        final String port;
        final boolean streaming;

        TestParam(String str, boolean z) {
            this.port = str;
            this.streaming = z;
        }

        public String toString() {
            return this.port + ":" + (this.streaming ? "streaming" : "dom");
        }
    }

    public JAXRSXmlSecTest(TestParam testParam) {
        this.test = testParam;
    }

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("server did not launch correctly", launchServer(BookServerXmlSec.class, true));
        assertTrue("server did not launch correctly", launchServer(StaxBookServerXmlSec.class, true));
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Parameterized.Parameters(name = "{0}")
    public static Collection<TestParam[]> data() {
        return Arrays.asList(new TestParam[]{new TestParam(PORT, false)}, new TestParam[]{new TestParam(STAX_PORT, false)}, new TestParam[]{new TestParam(PORT, true)}, new TestParam[]{new TestParam(STAX_PORT, true)});
    }

    @Test
    public void testPostBookWithEnvelopedSigAndProxy() throws Exception {
        doTestSignatureProxy("https://localhost:" + this.test.port + "/xmlsig", false, null, this.test.streaming);
    }

    @Test
    public void testOldConfiguration() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsig";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        if (this.test.streaming) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
        } else {
            jAXRSClientFactoryBean.getOutInterceptors().add(new XmlSigOutInterceptor());
        }
        jAXRSClientFactoryBean.setServiceClass(BookStore.class);
        assertEquals(126L, ((BookStore) jAXRSClientFactoryBean.create(BookStore.class, new Object[0])).addBook(new Book("CXF", 126L)).getId());
    }

    @Test
    public void testPostBookWithEnvelopedSigAndProxy2() throws Exception {
        doTestSignatureProxy("https://localhost:" + this.test.port + "/xmlsig", false, "", this.test.streaming);
    }

    @Test
    public void testPostBookEnvelopingSigAndProxy() throws Exception {
        if (this.test.streaming || STAX_PORT.equals(this.test.port)) {
            return;
        }
        doTestSignatureProxy("https://localhost:" + this.test.port + "/xmlsig", true, "file:", this.test.streaming);
    }

    @Test
    public void testCertConstraints() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsigconstraints";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "bob");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        doTestSignatureProxy(str, false, null, this.test.streaming, hashMap);
        hashMap.clear();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        try {
            doTestSignatureProxy(str, false, null, this.test.streaming, hashMap);
            fail("Failure expected on a failing cert constraint");
        } catch (Exception e) {
        }
    }

    private void doTestSignatureProxy(String str, boolean z, String str2, boolean z2) throws Exception {
        doTestSignatureProxy(str, z, str2, z2, new HashMap());
    }

    private void doTestSignatureProxy(String str, boolean z, String str2, boolean z2, Map<String, Object> map) throws Exception {
        String str3;
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap(map);
        if (hashMap.isEmpty()) {
            hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
            hashMap.put("security.signature.username", "alice");
            str3 = "org/apache/cxf/systest/jaxrs/security/alice.properties";
            hashMap.put("security.signature.properties", str2 != null ? str2 + getClass().getResource("/" + str3).toURI().getPath() : "org/apache/cxf/systest/jaxrs/security/alice.properties");
        }
        jAXRSClientFactoryBean.setProperties(hashMap);
        if (z2) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
        } else {
            XmlSigOutInterceptor xmlSigOutInterceptor = new XmlSigOutInterceptor();
            if (z) {
                xmlSigOutInterceptor.setStyle("enveloping");
            }
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSigOutInterceptor);
        }
        jAXRSClientFactoryBean.setServiceClass(BookStore.class);
        assertEquals(126L, ((BookStore) jAXRSClientFactoryBean.create(BookStore.class, new Object[0])).addBook(new Book("CXF", 126L)).getId());
    }

    @Test
    public void testPostBookWithEnvelopedSig() throws Exception {
        doTestSignature("https://localhost:" + this.test.port + "/xmlsig/bookstore/books", false, false, true, this.test.streaming);
    }

    @Test
    public void testPostBookWithEnvelopedSigNoKeyInfo() throws Exception {
        doTestSignature("https://localhost:" + this.test.port + "/xmlsignokeyinfo/bookstore/books", false, false, false, this.test.streaming);
    }

    @Test
    public void testPostBookWithEnvelopingSig() throws Exception {
        if (this.test.streaming || STAX_PORT.equals(this.test.port)) {
            return;
        }
        doTestSignature("https://localhost:" + this.test.port + "/xmlsig/bookstore/books", true, false, true, this.test.streaming);
    }

    @Test
    public void testPostBookWithEnvelopingSigFromResponse() throws Exception {
        if (STAX_PORT.equals(this.test.port)) {
            return;
        }
        doTestSignature("https://localhost:" + this.test.port + "/xmlsig/bookstore/books", true, true, true, this.test.streaming);
    }

    private void doTestSignature(String str, boolean z, boolean z2, boolean z3, boolean z4) {
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        if (z4) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            xmlSecOutInterceptor.setKeyInfoMustBeAvailable(z3);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
            XmlSecInInterceptor xmlSecInInterceptor = new XmlSecInInterceptor();
            xmlSecInInterceptor.setRequireSignature(true);
            if (!z3) {
                xmlSecInInterceptor.setSignatureVerificationAlias("alice");
            }
            jAXRSClientFactoryBean.setProvider(xmlSecInInterceptor);
        } else {
            XmlSigOutInterceptor xmlSigOutInterceptor = new XmlSigOutInterceptor();
            if (z) {
                xmlSigOutInterceptor.setStyle("enveloping");
            }
            xmlSigOutInterceptor.setKeyInfoMustBeAvailable(z3);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSigOutInterceptor);
            XmlSigInInterceptor xmlSigInInterceptor = new XmlSigInInterceptor();
            xmlSigInInterceptor.setKeyInfoMustBeAvailable(z3);
            jAXRSClientFactoryBean.getInInterceptors().add(xmlSigInInterceptor);
        }
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        WebClient.getConfig(createWebClient).getHttpConduit().getClient().setReceiveTimeout(10000000L);
        assertEquals(126L, (!z2 ? (Book) createWebClient.post(new Book("CXF", 126L), Book.class) : (Book) createWebClient.post(new Book("CXF", 126L)).readEntity(Book.class)).getId());
    }

    @Test
    public void testSignatureNegativeServer() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsignegativeserver/bookstore/books";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "bethal");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/bethal.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        if (this.test.streaming) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
            XmlSecInInterceptor xmlSecInInterceptor = new XmlSecInInterceptor();
            xmlSecInInterceptor.setRequireSignature(true);
            jAXRSClientFactoryBean.setProvider(xmlSecInInterceptor);
        } else {
            jAXRSClientFactoryBean.getOutInterceptors().add(new XmlSigOutInterceptor());
            jAXRSClientFactoryBean.getInInterceptors().add(new XmlSigInInterceptor());
        }
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        WebClient.getConfig(createWebClient).getHttpConduit().getClient().setReceiveTimeout(10000000L);
        try {
            createWebClient.post(new Book("CXF", 126L), Book.class);
            fail("Failure expected on signature trust failure");
        } catch (WebApplicationException e) {
            assertTrue(e.getMessage().contains("400 Bad Request"));
        }
    }

    @Test
    public void testSignatureNegativeClient() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsignegativeclient/bookstore/books";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "bethal");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/bethal.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        if (this.test.streaming) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
            XmlSecInInterceptor xmlSecInInterceptor = new XmlSecInInterceptor();
            xmlSecInInterceptor.setRequireSignature(true);
            jAXRSClientFactoryBean.setProvider(xmlSecInInterceptor);
        } else {
            jAXRSClientFactoryBean.getOutInterceptors().add(new XmlSigOutInterceptor());
            jAXRSClientFactoryBean.getInInterceptors().add(new XmlSigInInterceptor());
        }
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        WebClient.getConfig(createWebClient).getHttpConduit().getClient().setReceiveTimeout(10000000L);
        try {
            createWebClient.post(new Book("CXF", 126L), Book.class);
            fail("Failure expected on signature trust failure");
        } catch (ProcessingException e) {
            assertTrue(e.getCause() instanceof BadRequestException);
        }
    }

    @Test
    public void testUnsignedServerResponse() throws Exception {
        if (STAX_PORT.equals(this.test.port)) {
            return;
        }
        String str = "https://localhost:" + this.test.port + "/xmlnosigresponse/bookstore/books";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        if (this.test.streaming) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
            XmlSecInInterceptor xmlSecInInterceptor = new XmlSecInInterceptor();
            xmlSecInInterceptor.setRequireSignature(true);
            jAXRSClientFactoryBean.setProvider(xmlSecInInterceptor);
        } else {
            jAXRSClientFactoryBean.getOutInterceptors().add(new XmlSigOutInterceptor());
            jAXRSClientFactoryBean.getInInterceptors().add(new XmlSigInInterceptor());
        }
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        WebClient.getConfig(createWebClient).getHttpConduit().getClient().setReceiveTimeout(10000000L);
        try {
            createWebClient.post(new Book("CXF", 126L), Book.class);
            fail("Failure expected on an unsigned response message");
        } catch (ProcessingException e) {
            assertTrue(e.getCause() instanceof BadRequestException);
        }
    }

    @Test
    public void testPostBookWithEnvelopedSigKeyName() throws Exception {
        if (this.test.streaming && STAX_PORT.equals(this.test.port)) {
            String str = "https://localhost:" + this.test.port + "/xmlsigkeyname/bookstore/books";
            JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
            jAXRSClientFactoryBean.setAddress(str);
            jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
            HashMap hashMap = new HashMap();
            hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
            hashMap.put("security.signature.username", "alice");
            hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
            jAXRSClientFactoryBean.setProperties(hashMap);
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setSignRequest(true);
            xmlSecOutInterceptor.setKeyInfoMustBeAvailable(true);
            SignatureProperties signatureProperties = new SignatureProperties();
            signatureProperties.setSignatureKeyName("alice-kn");
            signatureProperties.setSignatureKeyIdType("KeyName");
            xmlSecOutInterceptor.setSignatureProperties(signatureProperties);
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
            XmlSecInInterceptor xmlSecInInterceptor = new XmlSecInInterceptor();
            xmlSecInInterceptor.setRequireSignature(true);
            jAXRSClientFactoryBean.setProvider(xmlSecInInterceptor);
            WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
            WebClient.getConfig(createWebClient).getHttpConduit().getClient().setReceiveTimeout(10000000L);
            assertEquals(126L, ((Book) createWebClient.post(new Book("CXF", 126L), Book.class)).getId());
        }
    }

    @Test
    public void testPostEncryptedBook() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlenc/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        doTestPostEncryptedBook(str, false, hashMap, this.test.streaming);
    }

    @Test
    public void testPostEncryptedBookGCM() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor")) && System.getProperty("java.version") != null && System.getProperty("java.version").startsWith("1.7")) {
            return;
        }
        String str = "https://localhost:" + this.test.port + "/xmlenc/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        EncryptionProperties encryptionProperties = new EncryptionProperties();
        encryptionProperties.setEncryptionSymmetricKeyAlgo("http://www.w3.org/2009/xmlenc11#aes128-gcm");
        encryptionProperties.setEncryptionKeyIdType("X509Certificate");
        doTestPostEncryptedBook(str, false, hashMap, encryptionProperties, false, this.test.streaming);
    }

    @Test
    public void testPostEncryptedBookSHA256() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlenc/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        EncryptionProperties encryptionProperties = new EncryptionProperties();
        encryptionProperties.setEncryptionSymmetricKeyAlgo("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionProperties.setEncryptionKeyIdType("X509Certificate");
        encryptionProperties.setEncryptionDigestAlgo("http://www.w3.org/2001/04/xmlenc#sha256");
        doTestPostEncryptedBook(str, false, hashMap, encryptionProperties, false, this.test.streaming);
    }

    @Test
    public void testPostEncryptedBookIssuerSerial() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlenc/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        EncryptionProperties encryptionProperties = new EncryptionProperties();
        encryptionProperties.setEncryptionSymmetricKeyAlgo("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionProperties.setEncryptionKeyIdType("X509IssuerSerial");
        doTestPostEncryptedBook(str, false, hashMap, encryptionProperties, false, this.test.streaming);
    }

    @Test
    public void testPostEncryptedSignedBook() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsec-validate/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        doTestPostEncryptedBook(str, true, hashMap, this.test.streaming);
    }

    @Test
    public void testPostEncryptedSignedBookInvalid() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsec-validate/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        EncryptionProperties encryptionProperties = new EncryptionProperties();
        encryptionProperties.setEncryptionSymmetricKeyAlgo("http://www.w3.org/2009/xmlenc11#aes128-gcm");
        encryptionProperties.setEncryptionKeyIdType("X509Certificate");
        try {
            doTestPostEncryptedBook(str, true, hashMap, encryptionProperties, true, this.test.streaming);
        } catch (BadRequestException e) {
            assertEquals(400L, e.getResponse().getStatus());
        }
    }

    @Test
    public void testPostEncryptedSignedBookUseReqSigCert() throws Exception {
        String str = "https://localhost:" + this.test.port + "/xmlsec-useReqSigCert/bookstore/books";
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        hashMap.put("security.signature.username", "alice");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        doTestPostEncryptedBook(str, true, hashMap, this.test.streaming);
    }

    public void doTestPostEncryptedBook(String str, boolean z, Map<String, Object> map, boolean z2) throws Exception {
        EncryptionProperties encryptionProperties = new EncryptionProperties();
        encryptionProperties.setEncryptionSymmetricKeyAlgo("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        encryptionProperties.setEncryptionKeyIdType("X509Certificate");
        doTestPostEncryptedBook(str, z, map, encryptionProperties, false, this.test.streaming);
    }

    public void doTestPostEncryptedBook(String str, boolean z, Map<String, Object> map, EncryptionProperties encryptionProperties, boolean z2, boolean z3) throws Exception {
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        jAXRSClientFactoryBean.setProperties(map);
        if (z3) {
            XmlSecOutInterceptor xmlSecOutInterceptor = new XmlSecOutInterceptor();
            xmlSecOutInterceptor.setEncryptionKeyIdentifierType(encryptionProperties.getEncryptionKeyIdType());
            xmlSecOutInterceptor.setSymmetricEncAlgorithm(encryptionProperties.getEncryptionSymmetricKeyAlgo());
            xmlSecOutInterceptor.setEncryptionDigestAlgorithm(encryptionProperties.getEncryptionDigestAlgo());
            xmlSecOutInterceptor.setEncryptRequest(true);
            if (z) {
                xmlSecOutInterceptor.setSignRequest(true);
            }
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlSecOutInterceptor);
            XmlSecInInterceptor xmlSecInInterceptor = new XmlSecInInterceptor();
            xmlSecInInterceptor.setRequireEncryption(true);
            jAXRSClientFactoryBean.setProvider(xmlSecInInterceptor);
        } else {
            if (z) {
                jAXRSClientFactoryBean.getOutInterceptors().add(new XmlSigOutInterceptor());
            }
            XmlEncOutInterceptor xmlEncOutInterceptor = new XmlEncOutInterceptor();
            xmlEncOutInterceptor.setKeyIdentifierType(encryptionProperties.getEncryptionKeyIdType());
            xmlEncOutInterceptor.setSymmetricEncAlgorithm(encryptionProperties.getEncryptionSymmetricKeyAlgo());
            xmlEncOutInterceptor.setDigestAlgorithm(encryptionProperties.getEncryptionDigestAlgo());
            jAXRSClientFactoryBean.getOutInterceptors().add(xmlEncOutInterceptor);
            jAXRSClientFactoryBean.getInInterceptors().add(new XmlEncInInterceptor());
            if (z) {
                jAXRSClientFactoryBean.getInInterceptors().add(new XmlSigInInterceptor());
            }
        }
        WebClient createWebClient = jAXRSClientFactoryBean.createWebClient();
        WebClient.getConfig(createWebClient).getHttpConduit().getClient().setReceiveTimeout(10000000L);
        try {
            assertEquals(126L, ((Book) createWebClient.post(new Book("CXF", 126L), Book.class)).getId());
        } catch (ProcessingException e) {
            assertTrue(e.getCause() instanceof BadRequestException);
        } catch (WebApplicationException e2) {
            if (z2) {
                throw e2;
            }
            fail(e2.getMessage());
        }
    }

    @Test
    public void testPostBookWithNoSig() throws Exception {
        if (this.test.streaming) {
            return;
        }
        String str = "https://localhost:" + this.test.port + "/xmlsig";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        jAXRSClientFactoryBean.setServiceClass(BookStore.class);
        try {
            ((BookStore) jAXRSClientFactoryBean.create(BookStore.class, new Object[0])).addBook(new Book("CXF", 126L));
            fail("Failure expected on no Signature");
        } catch (WebApplicationException e) {
        }
    }

    @Test
    public void testEncryptionNoSignature() throws Exception {
        if (this.test.streaming) {
            return;
        }
        String str = "https://localhost:" + this.test.port + "/xmlsec-validate";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        XmlEncOutInterceptor xmlEncOutInterceptor = new XmlEncOutInterceptor();
        xmlEncOutInterceptor.setKeyIdentifierType("X509Certificate");
        xmlEncOutInterceptor.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        jAXRSClientFactoryBean.getOutInterceptors().add(xmlEncOutInterceptor);
        jAXRSClientFactoryBean.getInInterceptors().add(new XmlEncInInterceptor());
        jAXRSClientFactoryBean.getInInterceptors().add(new XmlSigInInterceptor());
        jAXRSClientFactoryBean.setServiceClass(BookStore.class);
        try {
            ((BookStore) jAXRSClientFactoryBean.create(BookStore.class, new Object[0])).addBook(new Book("CXF", 126L));
            fail("Failure expected on no Signature");
        } catch (WebApplicationException e) {
        }
    }

    @Test
    public void testSignatureNoEncryption() throws Exception {
        if (this.test.streaming) {
            return;
        }
        String str = "https://localhost:" + this.test.port + "/xmlsec-validate";
        JAXRSClientFactoryBean jAXRSClientFactoryBean = new JAXRSClientFactoryBean();
        jAXRSClientFactoryBean.setAddress(str);
        jAXRSClientFactoryBean.setBus(new SpringBusFactory().createBus(JAXRSXmlSecTest.class.getResource("client.xml").toString()));
        HashMap hashMap = new HashMap();
        hashMap.put("security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
        hashMap.put("security.encryption.username", "bob");
        hashMap.put("security.encryption.properties", "org/apache/cxf/systest/jaxrs/security/bob.properties");
        hashMap.put("security.signature.properties", "org/apache/cxf/systest/jaxrs/security/alice.properties");
        jAXRSClientFactoryBean.setProperties(hashMap);
        jAXRSClientFactoryBean.getOutInterceptors().add(new XmlSigOutInterceptor());
        jAXRSClientFactoryBean.getInInterceptors().add(new XmlEncInInterceptor());
        jAXRSClientFactoryBean.getInInterceptors().add(new XmlSigInInterceptor());
        jAXRSClientFactoryBean.setServiceClass(BookStore.class);
        try {
            ((BookStore) jAXRSClientFactoryBean.create(BookStore.class, new Object[0])).addBook(new Book("CXF", 126L));
            fail("Failure expected on no Encryption");
        } catch (WebApplicationException e) {
        }
    }
}
