package net.shibboleth.idp.authn.impl;

import com.google.common.base.Predicates;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.URISyntaxException;
import java.security.Principal;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Collections;
import java.util.List;
import javax.security.auth.Subject;
import net.shibboleth.idp.attribute.ByteAttributeValue;
import net.shibboleth.idp.attribute.EmptyAttributeValue;
import net.shibboleth.idp.attribute.IdPAttribute;
import net.shibboleth.idp.attribute.ScopedStringAttributeValue;
import net.shibboleth.idp.attribute.StringAttributeValue;
import net.shibboleth.idp.authn.AuthenticationFlowDescriptor;
import net.shibboleth.idp.authn.AuthenticationResult;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.principal.AuthenticationResultPrincipal;
import net.shibboleth.idp.authn.principal.GenericPrincipalSerializer;
import net.shibboleth.idp.authn.principal.GenericPrincipalService;
import net.shibboleth.idp.authn.principal.IdPAttributePrincipal;
import net.shibboleth.idp.authn.principal.PasswordPrincipal;
import net.shibboleth.idp.authn.principal.PrincipalServiceManager;
import net.shibboleth.idp.authn.principal.ProxyAuthenticationPrincipal;
import net.shibboleth.idp.authn.principal.SealedPrincipalSerializer;
import net.shibboleth.idp.authn.principal.SimplePrincipalSerializer;
import net.shibboleth.idp.authn.principal.UsernamePrincipal;
import net.shibboleth.idp.authn.principal.impl.IdPAttributePrincipalSerializer;
import net.shibboleth.idp.authn.principal.impl.LDAPPrincipalSerializer;
import net.shibboleth.idp.authn.principal.impl.ProxyAuthenticationPrincipalSerializer;
import net.shibboleth.idp.authn.testing.TestPrincipal;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.security.DataSealer;
import net.shibboleth.utilities.java.support.security.impl.BasicKeystoreKeyStrategy;
import net.shibboleth.utilities.java.support.test.resource.TestResourceConverter;
import org.ldaptive.LdapAttribute;
import org.ldaptive.LdapEntry;
import org.ldaptive.SortBehavior;
import org.ldaptive.jaas.LdapPrincipal;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.profile.testing.RequestContextBuilder;
import org.opensaml.security.x509.X509Support;
import org.springframework.core.io.ClassPathResource;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/authn/impl/DefaultAuthenticationResultSerializerTest.class */
public class DefaultAuthenticationResultSerializerTest {
    private static final String DATAPATH = "/net/shibboleth/idp/authn/impl/";
    private static final String CONTEXT = "_context";
    private static final String KEY = "_key";
    private static final Instant INSTANT = Instant.ofEpochMilli(1378827849463L);
    private static final long ACTIVITY = 1378827556778L;
    private static final String entityCertBase64 = "MIIDjDCCAnSgAwIBAgIBKjANBgkqhkiG9w0BAQUFADAtMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDmNhLmV4YW1wbGUub3JnMB4XDTA3MDQwOTA2MTIwOVoXDTE3MDQwNjA2MTIwOVowMTESMBAGA1UEChMJSW50ZXJuZXQyMRswGQYDVQQDExJmb29iYXIuZXhhbXBsZS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNWnkFmhy1vYa6gN/xBRKkZxFy3sUq2V0LsYb6Q3pe9Qlb6+BzaM5DrN8uIqqroBE3Wp0LtrgKuQTpDpNFBdS2p5afiUtOYLWBDtizTOzs3Z36MGMjIPUYQ4s03IP3yPh2ud6EKpDPiYqzNbkRaiIwmYSit5r+RMYvd6fuKvTOn6h7PZI5AD7Rda7VWh5OVSoZXlRx3qxFho+mZhW0q4fUfTi5lWwf4EhkfBlzgw/k5gf4cOi6rrGpRS1zxmbtX1RAg+I20z6d04g0N2WsK5stszgYKoIROJCiXwjraa8/SoFcILolWQpttVHBIUYlyDlm8mIFleZf4ReFpfm+nUYxAgMBAAGjgbIwga8wCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDgRgTkjaKoK6DoZfUZ4g9LDJUWuMFUGA1UdIwROMEyAFNXuZVPeUdqHrULqQW7yr9buRpQLoTGkLzAtMRIwEAYDVQQKEwlJbnRlcm5ldDIxFzAVBgNVBAMTDmNhLmV4YW1wbGUub3JnggEBMA0GCSqGSIb3DQEBBQUAA4IBAQCPj3Si4Eiw9abNgPBUhBXWd6eRYlIHaHcnez6j6g7foAOyuVIUso9Q5c6pvL87lmasK55l09YPXw1qmiH+bHMcrwEPODpLx7xd3snlOCi7FyxahxwSs8yfTu8Pq95rWt0LNcfHxQK938Cpnav6jgDo2uH/ywAOFFSnoBzGHAfScHMfj8asZ6THosYsklII7FSU8j49GV2utkvGB3mcu4STuLdeRCZmi93vq1D4JVGsXC4UaHjg114+a+9q0XZdz6a1UW4pt1ryXIPotCS62M71pkJf5neHUinKAqgoRfPXowudZg1Zl8DjzoOBn+MNHRrR5KYbVGvdHcxoJLCwVB/v";
    private PrincipalServiceManager manager;
    private DefaultAuthenticationResultSerializer serializer;
    private AuthenticationFlowDescriptor flowDescriptor;

    @BeforeMethod
    public void setUp() throws ComponentInitializationException, NoSuchMethodException, SecurityException {
        SimplePrincipalSerializer simplePrincipalSerializer = new SimplePrincipalSerializer(UsernamePrincipal.class, "U");
        simplePrincipalSerializer.initialize();
        GenericPrincipalService genericPrincipalService = new GenericPrincipalService(UsernamePrincipal.class, simplePrincipalSerializer);
        genericPrincipalService.setId("username");
        genericPrincipalService.initialize();
        LDAPPrincipalSerializer lDAPPrincipalSerializer = new LDAPPrincipalSerializer();
        lDAPPrincipalSerializer.initialize();
        GenericPrincipalService genericPrincipalService2 = new GenericPrincipalService(LdapPrincipal.class, lDAPPrincipalSerializer);
        genericPrincipalService2.setId("ldap");
        genericPrincipalService2.initialize();
        IdPAttributePrincipalSerializer idPAttributePrincipalSerializer = new IdPAttributePrincipalSerializer();
        idPAttributePrincipalSerializer.initialize();
        GenericPrincipalService genericPrincipalService3 = new GenericPrincipalService(IdPAttributePrincipal.class, idPAttributePrincipalSerializer);
        genericPrincipalService3.setId("attr");
        genericPrincipalService3.initialize();
        ProxyAuthenticationPrincipalSerializer proxyAuthenticationPrincipalSerializer = new ProxyAuthenticationPrincipalSerializer();
        proxyAuthenticationPrincipalSerializer.initialize();
        GenericPrincipalService genericPrincipalService4 = new GenericPrincipalService(ProxyAuthenticationPrincipal.class, proxyAuthenticationPrincipalSerializer);
        genericPrincipalService4.setId("proxy");
        genericPrincipalService4.initialize();
        ClassPathResource classPathResource = new ClassPathResource("/net/shibboleth/idp/authn/impl/SealerKeyStore.jks");
        ClassPathResource classPathResource2 = new ClassPathResource("/net/shibboleth/idp/authn/impl/SealerKeyStore.kver");
        BasicKeystoreKeyStrategy basicKeystoreKeyStrategy = new BasicKeystoreKeyStrategy();
        basicKeystoreKeyStrategy.setKeyAlias("secret");
        basicKeystoreKeyStrategy.setKeyPassword("kpassword");
        basicKeystoreKeyStrategy.setKeystorePassword("password");
        basicKeystoreKeyStrategy.setKeystoreResource(TestResourceConverter.of(classPathResource));
        basicKeystoreKeyStrategy.setKeyVersionResource(TestResourceConverter.of(classPathResource2));
        DataSealer dataSealer = new DataSealer();
        dataSealer.setKeyStrategy(basicKeystoreKeyStrategy);
        try {
            basicKeystoreKeyStrategy.initialize();
            dataSealer.initialize();
        } catch (ComponentInitializationException e) {
            Assert.fail(e.getMessage());
        }
        SealedPrincipalSerializer sealedPrincipalSerializer = new SealedPrincipalSerializer(PasswordPrincipal.class, "PW");
        sealedPrincipalSerializer.setDataSealer(dataSealer);
        sealedPrincipalSerializer.initialize();
        GenericPrincipalService genericPrincipalService5 = new GenericPrincipalService(PasswordPrincipal.class, sealedPrincipalSerializer);
        genericPrincipalService5.setId("password");
        genericPrincipalService5.initialize();
        this.manager = new PrincipalServiceManager(List.of(genericPrincipalService, genericPrincipalService5, genericPrincipalService2, genericPrincipalService3, genericPrincipalService4));
        GenericPrincipalSerializer genericPrincipalSerializer = new GenericPrincipalSerializer();
        genericPrincipalSerializer.initialize();
        this.serializer = new DefaultAuthenticationResultSerializer(this.manager, genericPrincipalSerializer);
        this.flowDescriptor = new AuthenticationFlowDescriptor();
        this.flowDescriptor.setId("test");
        this.flowDescriptor.setResultSerializer(this.serializer);
        this.flowDescriptor.setReuseCondition(Predicates.alwaysTrue());
    }

    @Test
    public void testInvalid() throws Exception {
        this.serializer.initialize();
        try {
            this.serializer.deserialize(1L, CONTEXT, KEY, fileToString("/net/shibboleth/idp/authn/impl/invalid.json"), Long.valueOf(ACTIVITY));
            Assert.fail();
        } catch (IOException e) {
        }
        try {
            this.serializer.deserialize(1L, CONTEXT, KEY, fileToString("/net/shibboleth/idp/authn/impl/noFlowId.json"), Long.valueOf(ACTIVITY));
            Assert.fail();
        } catch (IOException e2) {
        }
        try {
            this.serializer.deserialize(1L, CONTEXT, KEY, fileToString("/net/shibboleth/idp/authn/impl/noInstant.json"), Long.valueOf(ACTIVITY));
            Assert.fail();
        } catch (IOException e3) {
        }
        try {
            this.serializer.deserialize(1L, CONTEXT, KEY, fileToString("/net/shibboleth/idp/authn/impl/invalidAdditional.json"), Long.valueOf(ACTIVITY));
            Assert.fail();
        } catch (IOException e4) {
        }
    }

    @Test
    public void testSimple() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        createResult.getAdditionalData().put("foo", "bar");
        createResult.getAdditionalData().put("frobnitz", "zorkmid");
        createResult.getSubject().getPrincipals().add(new UsernamePrincipal("bob"));
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        this.flowDescriptor.serialize(createResult);
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString("/net/shibboleth/idp/authn/impl/simpleAuthenticationResult.json"), Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertEquals(createResult.getAdditionalData(), deserialize.getAdditionalData());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
    }

    @Test
    public void testComplex() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        createResult.getSubject().getPrincipals().add(new UsernamePrincipal("bob"));
        createResult.getSubject().getPrincipals().add(new TestPrincipal("foo"));
        createResult.getSubject().getPrincipals().add(new TestPrincipal("bar"));
        String serialize = this.flowDescriptor.serialize(createResult);
        String fileToString = fileToString("/net/shibboleth/idp/authn/impl/complexAuthenticationResult.json");
        Assert.assertEquals(serialize, fileToString);
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString, Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
    }

    @Test
    public void testCreds() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        createResult.getSubject().getPrincipals().add(new UsernamePrincipal("bob"));
        createResult.getSubject().getPublicCredentials().add(X509Support.decodeCertificate(entityCertBase64));
        createResult.getSubject().getPrivateCredentials().add(new PasswordPrincipal("bar"));
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, this.flowDescriptor.serialize(createResult), Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
    }

    @Test
    public void testSymbolic() throws Exception {
        GenericPrincipalSerializer genericPrincipalSerializer = new GenericPrincipalSerializer();
        genericPrincipalSerializer.setSymbolics(Collections.singletonMap(TestPrincipal.class.getName(), 1));
        genericPrincipalSerializer.initialize();
        this.serializer = new DefaultAuthenticationResultSerializer(this.manager, genericPrincipalSerializer);
        this.serializer.initialize();
        this.flowDescriptor.setResultSerializer(this.serializer);
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        createResult.getSubject().getPrincipals().add(new UsernamePrincipal("bob"));
        createResult.getSubject().getPrincipals().add(new TestPrincipal("foo"));
        createResult.getSubject().getPrincipals().add(new TestPrincipal("bar"));
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        String serialize = this.flowDescriptor.serialize(createResult);
        String fileToString = fileToString("/net/shibboleth/idp/authn/impl/symbolicAuthenticationResult.json");
        Assert.assertEquals(serialize, fileToString);
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString, Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
    }

    @Test
    public void testLdap() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        LdapEntry ldapEntry = new LdapEntry(SortBehavior.SORTED);
        ldapEntry.setDn("uid=1234,ou=people,dc=shibboleth,dc=net");
        LdapAttribute ldapAttribute = new LdapAttribute(SortBehavior.SORTED);
        ldapAttribute.setName("givenName");
        ldapAttribute.addStringValue(new String[]{"Bob", "Robert"});
        ldapEntry.addAttribute(new LdapAttribute[]{new LdapAttribute("cn", new String[]{"Bob Cobb"}), ldapAttribute, new LdapAttribute("sn", new String[]{"Cobb"}), new LdapAttribute("mail", new String[]{"bob@shibboleth.net"})});
        createResult.getSubject().getPrincipals().add(new LdapPrincipal("bob", ldapEntry));
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        String serialize = this.flowDescriptor.serialize(createResult);
        String fileToString = fileToString("/net/shibboleth/idp/authn/impl/LDAPAuthenticationResult.json");
        Assert.assertEquals(serialize, fileToString);
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString, Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertEquals(createResult.getSubject().getPrincipals().iterator().next().getLdapEntry(), deserialize.getSubject().getPrincipals().iterator().next().getLdapEntry());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
    }

    @Test
    public void testIdPAttribute() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        Principal idPAttributePrincipal = new IdPAttributePrincipal(new IdPAttribute("foo"));
        idPAttributePrincipal.getAttribute().setValues(List.of(new StringAttributeValue("bar"), new ScopedStringAttributeValue("bar2", "scope"), EmptyAttributeValue.ZERO_LENGTH, new ByteAttributeValue("foo".getBytes())));
        createResult.getSubject().getPrincipals().add(idPAttributePrincipal);
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        String serialize = this.flowDescriptor.serialize(createResult);
        String fileToString = fileToString("/net/shibboleth/idp/authn/impl/IdPAttributeAuthenticationResult.json");
        Assert.assertEquals(serialize, fileToString);
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString, Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
        IdPAttribute attribute = deserialize.getSubject().getPrincipals().iterator().next().getAttribute();
        Assert.assertEquals(attribute.getValues().size(), 3);
        Assert.assertEquals(((StringAttributeValue) attribute.getValues().get(0)).getValue(), "bar");
        Assert.assertEquals(((StringAttributeValue) attribute.getValues().get(1)).getValue(), "bar2");
        Assert.assertEquals(((ScopedStringAttributeValue) attribute.getValues().get(1)).getScope(), "scope");
        Assert.assertEquals(attribute.getValues().get(2), EmptyAttributeValue.ZERO_LENGTH);
    }

    @Test
    public void testProxyAuthentication() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        Principal proxyAuthenticationPrincipal = new ProxyAuthenticationPrincipal(List.of("foo", "bar", "baz"));
        proxyAuthenticationPrincipal.setProxyCount(10);
        proxyAuthenticationPrincipal.getAudiences().add("zorkmid");
        createResult.getSubject().getPrincipals().add(proxyAuthenticationPrincipal);
        ProfileRequestContext profileRequestContext = getProfileRequestContext(Collections.singletonList(this.flowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        String serialize = this.flowDescriptor.serialize(createResult);
        String fileToString = fileToString("/net/shibboleth/idp/authn/impl/ProxyAuthenticationResult.json");
        Assert.assertEquals(serialize, fileToString);
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString, Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
        ProxyAuthenticationPrincipal next = deserialize.getSubject().getPrincipals().iterator().next();
        Assert.assertEquals(proxyAuthenticationPrincipal.getAuthorities(), next.getAuthorities());
        Assert.assertEquals(proxyAuthenticationPrincipal.getProxyCount(), next.getProxyCount());
        Assert.assertEquals(proxyAuthenticationPrincipal.getAudiences(), next.getAudiences());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
    }

    @Test
    public void testNestedAuthenticationResult() throws Exception {
        this.serializer.initialize();
        this.flowDescriptor.initialize();
        AuthenticationResult createResult = createResult(this.flowDescriptor, new Subject());
        AuthenticationFlowDescriptor authenticationFlowDescriptor = new AuthenticationFlowDescriptor();
        authenticationFlowDescriptor.setId("nested");
        authenticationFlowDescriptor.setResultSerializer(this.serializer);
        authenticationFlowDescriptor.initialize();
        AuthenticationResult createResult2 = createResult(authenticationFlowDescriptor, new Subject());
        createResult2.setLastActivityInstant(INSTANT);
        createResult2.getSubject().getPrincipals().add(new UsernamePrincipal("bob"));
        createResult.getSubject().getPrincipals().add(new AuthenticationResultPrincipal(createResult2));
        ProfileRequestContext profileRequestContext = getProfileRequestContext(List.of(this.flowDescriptor, authenticationFlowDescriptor));
        Assert.assertTrue(createResult.getReuseCondition().test(profileRequestContext));
        String serialize = this.flowDescriptor.serialize(createResult);
        String fileToString = fileToString("/net/shibboleth/idp/authn/impl/NestedAuthenticationResult.json");
        Assert.assertEquals(serialize, fileToString);
        AuthenticationResult deserialize = this.flowDescriptor.deserialize(1L, CONTEXT, KEY, fileToString, Long.valueOf(Instant.ofEpochMilli(ACTIVITY).plus((TemporalAmount) this.flowDescriptor.getInactivityTimeout()).plus((TemporalAmount) AuthenticationFlowDescriptor.STORAGE_EXPIRATION_OFFSET).toEpochMilli()));
        Assert.assertEquals(createResult.getAuthenticationFlowId(), deserialize.getAuthenticationFlowId());
        Assert.assertEquals(createResult.getAuthenticationInstant(), deserialize.getAuthenticationInstant());
        Assert.assertEquals(createResult.getLastActivityInstant(), deserialize.getLastActivityInstant());
        Assert.assertEquals(createResult.getSubject(), deserialize.getSubject());
        Assert.assertTrue(deserialize.getReuseCondition().test(profileRequestContext));
        AuthenticationResult authenticationResult = deserialize.getSubject().getPrincipals().iterator().next().getAuthenticationResult();
        Assert.assertEquals(createResult2.getAuthenticationFlowId(), authenticationResult.getAuthenticationFlowId());
        Assert.assertEquals(createResult2.getAuthenticationInstant(), authenticationResult.getAuthenticationInstant());
        Assert.assertEquals(createResult2.getLastActivityInstant(), authenticationResult.getLastActivityInstant());
        Assert.assertEquals(createResult2.getSubject(), authenticationResult.getSubject());
        Assert.assertTrue(authenticationResult.getReuseCondition().test(profileRequestContext));
    }

    private AuthenticationResult createResult(AuthenticationFlowDescriptor authenticationFlowDescriptor, Subject subject) {
        AuthenticationResult newAuthenticationResult = authenticationFlowDescriptor.newAuthenticationResult(subject);
        newAuthenticationResult.setAuthenticationInstant(INSTANT);
        newAuthenticationResult.setLastActivityInstant(Instant.ofEpochMilli(ACTIVITY));
        return newAuthenticationResult;
    }

    private ProfileRequestContext getProfileRequestContext(List<AuthenticationFlowDescriptor> list) {
        ProfileRequestContext buildProfileRequestContext = new RequestContextBuilder().buildProfileRequestContext();
        AuthenticationContext subcontext = buildProfileRequestContext.getSubcontext(AuthenticationContext.class, true);
        for (AuthenticationFlowDescriptor authenticationFlowDescriptor : list) {
            subcontext.getAvailableFlows().put(authenticationFlowDescriptor.getId(), authenticationFlowDescriptor);
        }
        return buildProfileRequestContext;
    }

    private String fileToString(String str) throws URISyntaxException, IOException {
        int read;
        FileInputStream fileInputStream = new FileInputStream(new File(DefaultAuthenticationResultSerializerTest.class.getResource(str).toURI()));
        try {
            int available = fileInputStream.available();
            byte[] bArr = new byte[available];
            int i = 0;
            do {
                if (i + available > bArr.length) {
                    byte[] bArr2 = new byte[i + available];
                    System.arraycopy(bArr, 0, bArr2, 0, i);
                    bArr = bArr2;
                }
                read = fileInputStream.read(bArr, i, available);
                if (read >= 0) {
                    i += read;
                }
                available = fileInputStream.available();
                if (available <= 0) {
                    break;
                }
            } while (read >= 0);
            String trim = new String(bArr, 0, i, "UTF-8").trim();
            fileInputStream.close();
            return trim;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
