package net.shibboleth.idp.saml.attribute.principalconnector.impl;

import java.util.Collections;
import javax.annotation.Nonnull;
import net.shibboleth.idp.authn.SubjectCanonicalizationException;
import net.shibboleth.idp.authn.context.SubjectCanonicalizationContext;
import net.shibboleth.idp.saml.nameid.NameDecoderException;
import net.shibboleth.idp.saml.nameid.NameIDDecoder;
import net.shibboleth.idp.saml.nameid.NameIdentifierDecoder;
import net.shibboleth.idp.saml.nameid.impl.TransformingNameIDDecoder;
import net.shibboleth.idp.saml.nameid.impl.TransformingNameIdentifierDecoder;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.component.UnmodifiableComponentException;
import org.opensaml.core.OpenSAMLInitBaseTestCase;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.saml.saml1.core.NameIdentifier;
import org.opensaml.saml.saml2.core.NameID;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/attribute/principalconnector/impl/PrincipalConnectorTest.class */
public class PrincipalConnectorTest extends OpenSAMLInitBaseTestCase {
    private static final String NAMEID_TEXT = "NAMEID_TEXT";
    private static final String NAMEIDENTIFIER_TEXT = "SAML1_TEXT";
    private static final String RP1 = "https://shibboleth.net/rp1";
    private static final String RP2 = "https://shibboleth.net/rp2";
    private final TransformingNameIDDecoder nameIDDecoder = new TransformingNameIDDecoder();
    private final TransformingNameIdentifierDecoder nameIdentifierDecoder = new TransformingNameIdentifierDecoder();

    @BeforeClass
    public void setup() throws ComponentInitializationException {
        this.nameIDDecoder.setId("nameIDDecoder");
        ComponentSupport.initialize(this.nameIDDecoder);
        this.nameIdentifierDecoder.setId("nameIdentifierDecoder");
        ComponentSupport.initialize(this.nameIdentifierDecoder);
    }

    @Test
    public void format() {
        Assert.assertEquals(newPrincipalConnector(this.nameIDDecoder, this.nameIdentifierDecoder, "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos").getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos");
    }

    @Test
    public void relyingParties() throws ComponentInitializationException {
        PrincipalConnector newPrincipalConnector = newPrincipalConnector(this.nameIDDecoder, this.nameIdentifierDecoder, "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos");
        newPrincipalConnector.setId("relyingParties");
        newPrincipalConnector.initialize();
        Assert.assertTrue(newPrincipalConnector.requesterMatches((String) null));
        Assert.assertTrue(newPrincipalConnector.requesterMatches(RP1));
        Assert.assertTrue(newPrincipalConnector.requesterMatches(RP2));
        try {
            newPrincipalConnector.setRelyingParties(Collections.singleton(RP1));
            Assert.fail();
        } catch (UnmodifiableComponentException e) {
        }
        PrincipalConnector newPrincipalConnector2 = newPrincipalConnector(this.nameIDDecoder, this.nameIdentifierDecoder, "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos");
        newPrincipalConnector2.setId("relyingParties");
        newPrincipalConnector2.setRelyingParties(Collections.singleton(RP1));
        newPrincipalConnector2.initialize();
        Assert.assertTrue(newPrincipalConnector2.requesterMatches((String) null));
        Assert.assertTrue(newPrincipalConnector2.requesterMatches(RP1));
        Assert.assertFalse(newPrincipalConnector2.requesterMatches(RP2));
    }

    @Test
    public void saml1() throws ComponentInitializationException, SubjectCanonicalizationException, NameDecoderException {
        PrincipalConnector newPrincipalConnector = newPrincipalConnector(this.nameIDDecoder, this.nameIdentifierDecoder, "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos");
        newPrincipalConnector.setId("saml1");
        newPrincipalConnector.initialize();
        NameIdentifier buildObject = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(NameIdentifier.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject.setValue(NAMEIDENTIFIER_TEXT);
        SubjectCanonicalizationContext subjectCanonicalizationContext = new SubjectCanonicalizationContext();
        subjectCanonicalizationContext.setRequesterId(RP1);
        Assert.assertEquals(newPrincipalConnector.decode(subjectCanonicalizationContext, buildObject), NAMEIDENTIFIER_TEXT);
    }

    @Test
    public void saml2() throws ComponentInitializationException, SubjectCanonicalizationException, NameDecoderException {
        PrincipalConnector newPrincipalConnector = newPrincipalConnector(this.nameIDDecoder, this.nameIdentifierDecoder, "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos");
        newPrincipalConnector.setId("saml1");
        newPrincipalConnector.initialize();
        NameID buildObject = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(NameID.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject.setValue(NAMEID_TEXT);
        SubjectCanonicalizationContext subjectCanonicalizationContext = new SubjectCanonicalizationContext();
        subjectCanonicalizationContext.setRequesterId(RP1);
        Assert.assertEquals(newPrincipalConnector.decode(subjectCanonicalizationContext, buildObject), NAMEID_TEXT);
    }

    public static PrincipalConnector newPrincipalConnector(@Nonnull NameIDDecoder nameIDDecoder, @Nonnull NameIdentifierDecoder nameIdentifierDecoder, @Nonnull String str) {
        PrincipalConnector principalConnector = new PrincipalConnector();
        principalConnector.setFormat(str);
        principalConnector.setNameIDDecoder(nameIDDecoder);
        principalConnector.setNameIdentifierDecoder(nameIdentifierDecoder);
        return principalConnector;
    }
}
