package net.shibboleth.idp.saml.saml2.profile.delegation.impl;

import com.google.common.base.Predicates;
import java.util.Objects;
import net.shibboleth.idp.profile.context.navigate.WebflowRequestContextProfileRequestContextLookup;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.idp.saml.saml2.profile.SAML2ActionTestingSupport;
import net.shibboleth.idp.saml.saml2.profile.delegation.LibertySSOSContext;
import net.shibboleth.idp.saml.saml2.profile.delegation.impl.PopulateLibertyContext;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.logic.FunctionSupport;
import org.opensaml.core.testing.OpenSAMLInitBaseTestCase;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Response;
import org.opensaml.saml.saml2.core.SubjectConfirmation;
import org.opensaml.saml.saml2.wssecurity.SAML20AssertionToken;
import org.opensaml.soap.wssecurity.messaging.Token;
import org.opensaml.soap.wssecurity.messaging.WSSecurityContext;
import org.springframework.webflow.execution.RequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/saml2/profile/delegation/impl/PopulateLibertyContextTest.class */
public class PopulateLibertyContextTest extends OpenSAMLInitBaseTestCase {
    private PopulateLibertyContext action;
    private RequestContext rc;
    private ProfileRequestContext prc;
    private SAML20AssertionToken delegatedToken;
    private Assertion delegatedAssertion;
    private String delegatedConfirmationMethod;

    @BeforeMethod
    public void setUp() throws ComponentInitializationException {
        Response buildResponse = SAML2ActionTestingSupport.buildResponse();
        buildResponse.getAssertions().add(SAML2ActionTestingSupport.buildAssertion());
        this.rc = new RequestContextBuilder().setInboundMessage(SAML2ActionTestingSupport.buildAuthnRequest()).setOutboundMessage(buildResponse).buildRequestContext();
        this.prc = new WebflowRequestContextProfileRequestContextLookup().apply(this.rc);
        Assertion buildAssertion = SAML2ActionTestingSupport.buildAssertion();
        buildAssertion.setSubject(SAML2ActionTestingSupport.buildSubject("neo"));
        SubjectConfirmation buildXMLObject = XMLObjectSupport.buildXMLObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
        buildAssertion.getSubject().getSubjectConfirmations().add(buildXMLObject);
        this.delegatedConfirmationMethod = "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key";
        this.delegatedAssertion = SAML2ActionTestingSupport.buildAssertion();
        this.delegatedAssertion.setSubject(SAML2ActionTestingSupport.buildSubject("morpheus"));
        SubjectConfirmation buildXMLObject2 = XMLObjectSupport.buildXMLObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
        buildXMLObject2.setMethod(this.delegatedConfirmationMethod);
        this.delegatedAssertion.getSubject().getSubjectConfirmations().add(buildXMLObject2);
        WSSecurityContext subcontext = this.prc.getInboundMessageContext().getSubcontext(WSSecurityContext.class, true);
        SAML20AssertionToken sAML20AssertionToken = new SAML20AssertionToken(buildAssertion);
        sAML20AssertionToken.setSubjectConfirmation(buildXMLObject);
        sAML20AssertionToken.setValidationStatus(Token.ValidationStatus.INVALID);
        subcontext.getTokens().add(sAML20AssertionToken);
        this.delegatedToken = new SAML20AssertionToken(this.delegatedAssertion);
        this.delegatedToken.setSubjectConfirmation(buildXMLObject2);
        this.delegatedToken.setValidationStatus(Token.ValidationStatus.VALID);
        subcontext.getTokens().add(this.delegatedToken);
        this.action = new PopulateLibertyContext();
    }

    @Test
    public void testDefaultTokenStrategySuccess() throws ComponentInitializationException {
        this.action.initialize();
        PopulateLibertyContext populateLibertyContext = this.action;
        Objects.requireNonNull(populateLibertyContext);
        Assert.assertSame(new PopulateLibertyContext.TokenStrategy(populateLibertyContext).apply(this.prc), this.delegatedToken);
    }

    @Test
    public void testDefaultTokenStrategyNullInput() throws ComponentInitializationException {
        this.action.initialize();
        PopulateLibertyContext populateLibertyContext = this.action;
        Objects.requireNonNull(populateLibertyContext);
        Assert.assertNull(new PopulateLibertyContext.TokenStrategy(populateLibertyContext).apply((ProfileRequestContext) null));
    }

    @Test
    public void testDefaultTokenStrategyNoWSSContext() throws ComponentInitializationException {
        this.action.initialize();
        this.prc.getInboundMessageContext().removeSubcontext(WSSecurityContext.class);
        PopulateLibertyContext populateLibertyContext = this.action;
        Objects.requireNonNull(populateLibertyContext);
        Assert.assertNull(new PopulateLibertyContext.TokenStrategy(populateLibertyContext).apply(this.prc));
    }

    @Test
    public void testDefaultTokenStrategyNoTokens() throws ComponentInitializationException {
        this.action.initialize();
        this.prc.getInboundMessageContext().getSubcontext(WSSecurityContext.class).getTokens().clear();
        PopulateLibertyContext populateLibertyContext = this.action;
        Objects.requireNonNull(populateLibertyContext);
        Assert.assertNull(new PopulateLibertyContext.TokenStrategy(populateLibertyContext).apply(this.prc));
    }

    @Test
    public void testSuccess() throws ComponentInitializationException {
        this.action.initialize();
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        LibertySSOSContext subcontext = this.prc.getSubcontext(LibertySSOSContext.class);
        Assert.assertNotNull(subcontext);
        Assert.assertNotNull(subcontext.getAttestedToken());
        Assert.assertSame(subcontext.getAttestedToken(), this.delegatedAssertion);
        Assert.assertNotNull(subcontext.getAttestedSubjectConfirmationMethod());
        Assert.assertEquals(subcontext.getAttestedSubjectConfirmationMethod(), this.delegatedConfirmationMethod);
    }

    @Test
    public void testNoResolvedAssertionToken() throws ComponentInitializationException {
        this.action.setAssertionTokenStrategy(FunctionSupport.constant((Object) null));
        this.action.initialize();
        ActionTestingSupport.assertEvent(this.action.execute(this.rc), "NoCredentials");
        Assert.assertNull(this.prc.getSubcontext(LibertySSOSContext.class));
    }

    @Test
    public void testActivationCondition() throws ComponentInitializationException {
        this.action.setAssertionTokenStrategy(FunctionSupport.constant((Object) null));
        this.action.setActivationCondition(Predicates.alwaysFalse());
        this.action.initialize();
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        Assert.assertNull(this.prc.getSubcontext(LibertySSOSContext.class));
    }
}
