package net.shibboleth.idp.test.flows;

import com.unboundid.ldap.sdk.LDAPException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.ext.spring.factory.X509CertificateFactoryBean;
import net.shibboleth.idp.spring.IdPPropertiesApplicationContextInitializer;
import net.shibboleth.idp.test.InMemoryDirectory;
import net.shibboleth.idp.test.PreferFileSystemContextLoader;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.net.HttpServletRequestResponseContext;
import net.shibboleth.utilities.java.support.net.IPRange;
import net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy;
import net.shibboleth.utilities.java.support.security.Type4UUIDIdentifierGenerationStrategy;
import net.shibboleth.utilities.java.support.xml.ParserPool;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.XMLObjectBuilderFactory;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.MarshallerFactory;
import org.opensaml.core.xml.io.UnmarshallerFactory;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.security.credential.Credential;
import org.opensaml.soap.soap11.Body;
import org.opensaml.soap.soap11.Envelope;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.binding.expression.support.FluentParserContext;
import org.springframework.binding.mapping.impl.DefaultMapper;
import org.springframework.binding.mapping.impl.DefaultMapping;
import org.springframework.core.io.ClassPathResource;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.testng.AbstractTestNGSpringContextTests;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.webflow.core.collection.MutableAttributeMap;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.execution.FlowExecutionOutcome;
import org.springframework.webflow.execution.RequestContext;
import org.springframework.webflow.executor.FlowExecutionResult;
import org.springframework.webflow.executor.FlowExecutor;
import org.springframework.webflow.executor.FlowExecutorImpl;
import org.springframework.webflow.expression.spel.WebFlowSpringELExpressionParser;
import org.springframework.webflow.test.MockExternalContext;
import org.testng.Assert;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.AfterTest;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.BeforeTest;

@WebAppConfiguration
@ContextConfiguration(locations = {"/system/conf/global-system.xml", "/system/conf/mvc-beans.xml", "/system/conf/webflow-config.xml", "/test/test-beans.xml", "/test/override-beans.xml"}, initializers = {IdPPropertiesApplicationContextInitializer.class}, loader = PreferFileSystemContextLoader.class)
/* loaded from: input_file:net/shibboleth/idp/test/flows/AbstractFlowTest.class */
public abstract class AbstractFlowTest extends AbstractTestNGSpringContextTests {

    @Nonnull
    private static final Logger log = LoggerFactory.getLogger(AbstractFlowTest.class);

    @Nonnull
    public static final String LDIF_FILE = "/test/test-ldap.ldif";

    @Nonnull
    public static final String KEYSTORE_FILE = "/test/test-ldap.keystore";

    @Nonnull
    public static final String IDP_ENTITY_ID = "https://idp.example.org";

    @Nonnull
    public static final String SP_ENTITY_ID = "https://sp.example.org";

    @Nonnull
    public static final String SP_ACS_URL = "https://localhost:8443/sp/SAML1/POST/ACS";

    @Nonnull
    public static final String SP_RELAY_STATE = "myRelayState";

    @Nonnull
    public static final String END_STATE_ID = "end";

    @Nonnull
    public static final String END_STATE_OUTPUT_ATTR_EXPR = "flowRequestContext.getConversationScope().get('opensamlProfileRequestContext')";

    @Nonnull
    public static final String END_STATE_OUTPUT_ATTR_NAME = "ProfileRequestContext";

    @Nonnull
    public static final String IP_ADDRESS_AUTHN_MAP_BEAN_NAME = "shibboleth.authn.IPAddress.Mappings";

    @Nonnull
    public static final String IP_ADDRESS_AUTHN_FLOW_ID = "authn/IPAddress";

    @Nonnull
    public static final String SAML1_TRANSFORM_C14N_BEAN_NAME = "c14n/SAML1Transform";

    @Nonnull
    public static final String SAML2_TRANSFORM_C14N_BEAN_NAME = "c14n/SAML2Transform";

    @NonnullAfterInit
    protected InMemoryDirectory directoryServer;

    @Nonnull
    protected MockExternalContext externalContext;

    @Nonnull
    protected FlowExecutor flowExecutor;

    @Nonnull
    protected MockHttpServletRequest request;

    @Nonnull
    protected MockHttpServletResponse response;

    @NonnullAfterInit
    protected static ParserPool parserPool;

    @NonnullAfterInit
    protected static XMLObjectBuilderFactory builderFactory;

    @NonnullAfterInit
    protected static MarshallerFactory marshallerFactory;

    @NonnullAfterInit
    protected static UnmarshallerFactory unmarshallerFactory;

    @Nonnull
    protected IdentifierGenerationStrategy idGenerator = new Type4UUIDIdentifierGenerationStrategy();

    @Autowired
    @Qualifier("test.idp.Credential")
    protected Credential idpCredential;

    @Autowired
    @Qualifier("test.sp.Credential")
    protected Credential spCredential;

    @Autowired
    @Qualifier("test.sp.X509Certificate")
    protected X509CertificateFactoryBean certFactoryBean;

    public static void setIdPHomeProperty() {
        System.setProperty("idp.home", "classpath:");
    }

    @AfterMethod
    public void clearThreadLocals() {
        HttpServletRequestResponseContext.clearCurrent();
    }

    @BeforeMethod
    public void initializeFlowExecutor() {
        this.flowExecutor = (FlowExecutor) this.applicationContext.getBean("flowExecutor", FlowExecutor.class);
        Assert.assertNotNull(this.flowExecutor);
    }

    @BeforeMethod
    public void initializeMocks() {
        this.request = new MockHttpServletRequest();
        this.response = new MockHttpServletResponse();
        this.externalContext = new MockExternalContext();
        this.externalContext.setNativeRequest(this.request);
        this.externalContext.setNativeResponse(this.response);
    }

    @BeforeMethod
    public void initializeThreadLocals() {
        HttpServletRequestResponseContext.loadCurrent(this.request, this.response);
    }

    @BeforeClass
    public void initializeXMLObjectSupport() {
        parserPool = XMLObjectProviderRegistrySupport.getParserPool();
        builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
        marshallerFactory = XMLObjectProviderRegistrySupport.getMarshallerFactory();
        unmarshallerFactory = XMLObjectProviderRegistrySupport.getUnmarshallerFactory();
    }

    @BeforeTest
    public void setupDirectoryServer() throws LDAPException, IOException {
        this.directoryServer = new InMemoryDirectory(new ClassPathResource(LDIF_FILE), new ClassPathResource(KEYSTORE_FILE));
        this.directoryServer.start();
    }

    @AfterTest(alwaysRun = true)
    public void teardownDirectoryServer() {
        if (this.directoryServer != null) {
            this.directoryServer.stop();
        }
    }

    public void assertFlowExecutionResult(@Nullable FlowExecutionResult flowExecutionResult, @Nonnull String str) {
        Assert.assertNotNull(flowExecutionResult);
        Assert.assertEquals(flowExecutionResult.getFlowId(), str);
        Assert.assertTrue(flowExecutionResult.isEnded());
    }

    public void assertFlowExecutionOutcome(@Nullable FlowExecutionOutcome flowExecutionOutcome) {
        assertFlowExecutionOutcome(flowExecutionOutcome, END_STATE_ID);
    }

    public void assertFlowExecutionOutcome(@Nullable FlowExecutionOutcome flowExecutionOutcome, @Nullable String str) {
        Assert.assertNotNull(flowExecutionOutcome, "Flow ended with an error");
        Assert.assertEquals(flowExecutionOutcome.getId(), str);
        Assert.assertTrue(flowExecutionOutcome.getOutput().contains(END_STATE_OUTPUT_ATTR_NAME));
        Assert.assertTrue(flowExecutionOutcome.getOutput().get(END_STATE_OUTPUT_ATTR_NAME) instanceof ProfileRequestContext);
    }

    public void assertProfileRequestContext(@Nullable ProfileRequestContext profileRequestContext) {
        Assert.assertNotNull(profileRequestContext);
        Assert.assertNotNull(profileRequestContext.getOutboundMessageContext());
        Assert.assertNotNull(profileRequestContext.getOutboundMessageContext().getMessage());
    }

    @Nonnull
    public static Envelope buildSOAP11Envelope(@Nonnull XMLObject xMLObject) {
        Envelope buildObject = builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME).buildObject(Envelope.DEFAULT_ELEMENT_NAME);
        Body buildObject2 = builderFactory.getBuilder(Body.DEFAULT_ELEMENT_NAME).buildObject(Body.DEFAULT_ELEMENT_NAME);
        buildObject2.getUnknownXMLObjects().add(xMLObject);
        buildObject.setBody(buildObject2);
        return buildObject;
    }

    @Nonnull
    public Flow getFlow(@Nonnull String str) {
        Constraint.isNotNull(str, "Flow ID can not be null");
        Constraint.isTrue(this.flowExecutor instanceof FlowExecutorImpl, "The flow executor must be an instance of " + FlowExecutorImpl.class);
        Flow flowDefinition = this.flowExecutor.getDefinitionLocator().getFlowDefinition(str);
        Constraint.isTrue(flowDefinition instanceof Flow, "The flow definition must be an instance of " + Flow.class);
        return flowDefinition;
    }

    public void overrideEndStateOutput(@Nonnull String str) {
        overrideEndStateOutput(str, END_STATE_ID);
    }

    public void overrideEndStateOutput(@Nonnull String str, @Nonnull String str2) {
        Flow flow = getFlow(str);
        WebFlowSpringELExpressionParser webFlowSpringELExpressionParser = new WebFlowSpringELExpressionParser(new SpelExpressionParser());
        DefaultMapping defaultMapping = new DefaultMapping(webFlowSpringELExpressionParser.parseExpression(END_STATE_OUTPUT_ATTR_EXPR, new FluentParserContext().evaluate(RequestContext.class)), webFlowSpringELExpressionParser.parseExpression(END_STATE_OUTPUT_ATTR_NAME, new FluentParserContext().evaluate(MutableAttributeMap.class)));
        DefaultMapper defaultMapper = new DefaultMapper();
        defaultMapper.addMapping(defaultMapping);
        flow.getState(str2).setOutputMapper(defaultMapper);
    }

    @BeforeMethod(dependsOnMethods = {"initializeFlowExecutor"})
    public void overrideIPBasedAuthn() {
        System.setProperty("idp.authn.flows", "IPAddress|Password");
        Map map = (Map) getFlow(IP_ADDRESS_AUTHN_FLOW_ID).getApplicationContext().getBean(IP_ADDRESS_AUTHN_MAP_BEAN_NAME, Map.class);
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(IPRange.parseCIDRBlock("127.0.0.1/24"));
        arrayList.add(IPRange.parseCIDRBlock("::1/128"));
        map.put("jdoe", arrayList);
    }

    public void registerFlowsInParentRegistry(@Nonnull String str, @Nonnull String str2) {
        Constraint.isNotNull(str, "Flow ID can not be null");
        Constraint.isNotNull(str2, "Flow registry ID can not be null");
        FlowDefinitionRegistry flowDefinitionRegistry = (FlowDefinitionRegistry) getFlow(str).getApplicationContext().getBean(str2, FlowDefinitionRegistry.class);
        Constraint.isNotNull(flowDefinitionRegistry.getParent(), "Child flow registry must have a parent");
        for (String str3 : flowDefinitionRegistry.getFlowDefinitionIds()) {
            log.debug("Adding flow '{}' from child registry to parent registry", str3);
            flowDefinitionRegistry.getParent().registerFlowDefinition(flowDefinitionRegistry.getFlowDefinition(str3));
        }
    }

    @Nullable
    public ProfileRequestContext retrieveProfileRequestContext(@Nonnull FlowExecutionResult flowExecutionResult) {
        Constraint.isNotNull(flowExecutionResult, "Result can not be null");
        return (ProfileRequestContext) flowExecutionResult.getOutcome().getOutput().get(END_STATE_OUTPUT_ATTR_NAME);
    }

    static {
        setIdPHomeProperty();
    }
}
