package net.shibboleth.idp.saml.nameid.impl;

import java.io.IOException;
import java.sql.SQLException;
import java.util.Collections;
import javax.sql.DataSource;
import net.shibboleth.idp.attribute.IdPAttribute;
import net.shibboleth.idp.attribute.StringAttributeValue;
import net.shibboleth.idp.attribute.context.AttributeContext;
import net.shibboleth.idp.authn.context.SubjectCanonicalizationContext;
import net.shibboleth.idp.authn.context.SubjectContext;
import net.shibboleth.idp.profile.RequestContextBuilder;
import net.shibboleth.idp.profile.context.RelyingPartyContext;
import net.shibboleth.idp.saml.impl.TestSources;
import net.shibboleth.idp.saml.nameid.NameDecoderException;
import net.shibboleth.idp.testing.DatabaseTestingSupport;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.core.OpenSAMLInitBaseTestCase;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.profile.SAML2ActionTestingSupport;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/nameid/impl/StoredPersistentIdDecoderTest.class */
public class StoredPersistentIdDecoderTest extends OpenSAMLInitBaseTestCase {
    private DataSource testSource;
    private ProfileRequestContext prc;
    private PersistentSAML2NameIDGenerator generator;
    private StoredPersistentIdDecoder decoder;

    @BeforeClass
    public void setUpSource() {
        this.testSource = DatabaseTestingSupport.GetMockDataSource(PersistentSAML2NameIDGeneratorTest.INIT_FILE, "StoredIDDataConnectorStore");
    }

    @AfterClass
    public void teardown() {
        DatabaseTestingSupport.InitializeDataSource(PersistentSAML2NameIDGeneratorTest.DELETE_FILE, this.testSource);
    }

    @BeforeMethod
    public void setUp() throws SQLException, IOException, ComponentInitializationException {
        JDBCPersistentIdStore jDBCPersistentIdStore = new JDBCPersistentIdStore();
        jDBCPersistentIdStore.setDataSource(this.testSource);
        jDBCPersistentIdStore.initialize();
        StoredPersistentIdGenerationStrategy storedPersistentIdGenerationStrategy = new StoredPersistentIdGenerationStrategy();
        storedPersistentIdGenerationStrategy.setIDStore(jDBCPersistentIdStore);
        storedPersistentIdGenerationStrategy.initialize();
        this.generator = new PersistentSAML2NameIDGenerator();
        this.generator.setId("test");
        this.generator.setPersistentIdGenerator(storedPersistentIdGenerationStrategy);
        this.generator.setAttributeSourceIds(Collections.singletonList("SOURCE"));
        this.decoder = new StoredPersistentIdDecoder();
        this.decoder.setId("test");
        this.decoder.setPersistentIdStore(jDBCPersistentIdStore);
        this.decoder.initialize();
        this.prc = new RequestContextBuilder().setInboundMessageIssuer(TestSources.SP_ENTITY_ID).setOutboundMessageIssuer(TestSources.IDP_ENTITY_ID).buildProfileRequestContext();
    }

    @Test
    public void testMissingID() throws Exception {
        SubjectCanonicalizationContext subcontext = this.prc.getSubcontext(SubjectCanonicalizationContext.class, true);
        subcontext.setRequesterId(TestSources.SP_ENTITY_ID);
        subcontext.setResponderId(TestSources.IDP_ENTITY_ID);
        Assert.assertNull(this.decoder.decode(subcontext, SAML2ActionTestingSupport.buildSubject("foo").getNameID()));
    }

    @Test(expectedExceptions = {NameDecoderException.class})
    public void testNoQualifiers() throws Exception {
        this.decoder.decode(this.prc.getSubcontext(SubjectCanonicalizationContext.class, true), SAML2ActionTestingSupport.buildSubject("foo").getNameID());
    }

    @Test
    public void testBadQualifier() throws Exception {
        this.generator.initialize();
        this.prc.getSubcontext(SubjectContext.class, true).setPrincipalName("foo");
        Assert.assertNull(this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
        IdPAttribute idPAttribute = new IdPAttribute("SOURCE");
        idPAttribute.setValues(Collections.singleton(new StringAttributeValue(TestSources.COMMON_ATTRIBUTE_VALUE_STRING)));
        this.prc.getSubcontext(RelyingPartyContext.class).getSubcontext(AttributeContext.class, true).setUnfilteredIdPAttributes(Collections.singleton(idPAttribute));
        NameID generate = this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertNotNull(generate);
        Assert.assertNotNull(generate.getValue());
        Assert.assertEquals(generate.getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        generate.setNameQualifier((String) null);
        generate.setSPNameQualifier((String) null);
        SubjectCanonicalizationContext subcontext = this.prc.getSubcontext(SubjectCanonicalizationContext.class, true);
        subcontext.setRequesterId("Bad");
        subcontext.setResponderId(TestSources.IDP_ENTITY_ID);
        Assert.assertNull(this.decoder.decode(subcontext, generate));
    }

    @Test
    public void testStoredIdDecode() throws Exception {
        this.generator.initialize();
        this.prc.getSubcontext(SubjectContext.class, true).setPrincipalName("foo");
        Assert.assertNull(this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
        IdPAttribute idPAttribute = new IdPAttribute("SOURCE");
        idPAttribute.setValues(Collections.singleton(new StringAttributeValue(TestSources.COMMON_ATTRIBUTE_VALUE_STRING)));
        this.prc.getSubcontext(RelyingPartyContext.class).getSubcontext(AttributeContext.class, true).setUnfilteredIdPAttributes(Collections.singleton(idPAttribute));
        NameID generate = this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertNotNull(generate);
        Assert.assertNotNull(generate.getValue());
        Assert.assertEquals(generate.getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertEquals(generate.getNameQualifier(), TestSources.IDP_ENTITY_ID);
        Assert.assertEquals(generate.getSPNameQualifier(), TestSources.SP_ENTITY_ID);
        SubjectCanonicalizationContext subcontext = this.prc.getSubcontext(SubjectCanonicalizationContext.class, true);
        subcontext.setRequesterId(TestSources.SP_ENTITY_ID);
        subcontext.setResponderId(TestSources.IDP_ENTITY_ID);
        Assert.assertEquals(this.decoder.decode(subcontext, generate), "foo");
    }

    @Test
    public void testAffiliation() throws Exception {
        this.generator.setSPNameQualifier("http://affiliation.org");
        this.generator.initialize();
        this.prc.getSubcontext(SubjectContext.class, true).setPrincipalName("foo");
        Assert.assertNull(this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
        IdPAttribute idPAttribute = new IdPAttribute("SOURCE");
        idPAttribute.setValues(Collections.singleton(new StringAttributeValue(TestSources.COMMON_ATTRIBUTE_VALUE_STRING)));
        this.prc.getSubcontext(RelyingPartyContext.class).getSubcontext(AttributeContext.class, true).setUnfilteredIdPAttributes(Collections.singleton(idPAttribute));
        NameID generate = this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertNotNull(generate);
        Assert.assertNotNull(generate.getValue());
        Assert.assertEquals(generate.getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertEquals(generate.getNameQualifier(), TestSources.IDP_ENTITY_ID);
        Assert.assertEquals(generate.getSPNameQualifier(), "http://affiliation.org");
        SubjectCanonicalizationContext subcontext = this.prc.getSubcontext(SubjectCanonicalizationContext.class, true);
        subcontext.setRequesterId(TestSources.SP_ENTITY_ID);
        subcontext.setResponderId(TestSources.IDP_ENTITY_ID);
        Assert.assertEquals(this.decoder.decode(subcontext, generate), "foo");
    }
}
