package net.shibboleth.idp.saml.saml2.profile.impl;

import java.security.Principal;
import java.util.Set;
import java.util.stream.Collectors;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.context.RequestedPrincipalContext;
import net.shibboleth.idp.authn.testing.TestPrincipal;
import net.shibboleth.idp.profile.context.navigate.WebflowRequestContextProfileRequestContextLookup;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.idp.saml.authn.principal.AuthenticationMethodPrincipal;
import net.shibboleth.idp.saml.authn.principal.AuthnContextClassRefPrincipal;
import net.shibboleth.idp.saml.authn.principal.AuthnContextDeclRefPrincipal;
import net.shibboleth.idp.saml.saml2.profile.config.impl.BrowserSSOProfileConfiguration;
import net.shibboleth.profile.context.RelyingPartyContext;
import net.shibboleth.profile.context.navigate.IssuerLookupFunction;
import net.shibboleth.profile.relyingparty.BasicRelyingPartyConfiguration;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import org.opensaml.core.testing.OpenSAMLInitBaseTestCase;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.context.navigate.ChildContextLookup;
import org.opensaml.messaging.context.navigate.ParentContextLookup;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.common.SAMLObjectBuilder;
import org.opensaml.saml.ext.reqattr.RequestedAttributes;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnContextDeclRef;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.Extensions;
import org.opensaml.saml.saml2.core.IDPList;
import org.opensaml.saml.saml2.core.Issuer;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.NameIDPolicy;
import org.opensaml.saml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml.saml2.core.RequesterID;
import org.opensaml.saml.saml2.core.Scoping;
import org.opensaml.saml.saml2.core.Subject;
import org.opensaml.saml.saml2.metadata.RequestedAttribute;
import org.opensaml.xmlsec.config.BasicXMLSecurityConfiguration;
import org.springframework.webflow.execution.RequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/saml2/profile/impl/AddAuthnRequestTest.class */
public class AddAuthnRequestTest extends OpenSAMLInitBaseTestCase {
    private RequestContext rc;
    private AuthenticationContext ac;
    private ProfileRequestContext prc1;
    private ProfileRequestContext prc2;
    private RelyingPartyContext rpc;
    private AddAuthnRequest action;
    private NameID nameID;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeMethod
    public void setUp() throws ComponentInitializationException {
        this.rc = new RequestContextBuilder().buildRequestContext();
        this.prc1 = new WebflowRequestContextProfileRequestContextLookup().apply(this.rc);
        this.ac = this.prc1.ensureSubcontext(AuthenticationContext.class);
        this.prc2 = this.ac.ensureSubcontext(ProfileRequestContext.class);
        this.prc2.setOutboundMessageContext(new MessageContext());
        this.rpc = this.prc2.ensureSubcontext(RelyingPartyContext.class);
        this.rpc.setRelyingPartyId("http://sp.example.org");
        BasicRelyingPartyConfiguration basicRelyingPartyConfiguration = new BasicRelyingPartyConfiguration();
        basicRelyingPartyConfiguration.setId("mock");
        basicRelyingPartyConfiguration.setIssuer("http://idp.example.org");
        basicRelyingPartyConfiguration.setDetailedErrors(true);
        basicRelyingPartyConfiguration.initialize();
        this.rpc.setConfiguration(basicRelyingPartyConfiguration);
        this.rpc.setProfileConfig(new BrowserSSOProfileConfiguration());
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setSecurityConfiguration(new BasicXMLSecurityConfiguration());
        this.nameID = null;
        this.action = new AddAuthnRequest();
        this.action.setProfileContextLookupStrategy(new ChildContextLookup(ProfileRequestContext.class).compose(new ChildContextLookup(AuthenticationContext.class).compose(new WebflowRequestContextProfileRequestContextLookup())));
        this.action.setAuthenticationContextLookupStrategy(new ParentContextLookup(AuthenticationContext.class));
        this.action.setIssuerLookupStrategy(new IssuerLookupFunction());
        this.action.setNameIDLookupStrategy(profileRequestContext -> {
            return this.nameID;
        });
        this.action.setConvertUnknownRequestedPrincipals(true);
        this.action.initialize();
    }

    @Test
    public void testNoRelyingPartyContext() {
        this.prc2.removeSubcontext(RelyingPartyContext.class);
        ActionTestingSupport.assertEvent(this.action.execute(this.rc), "InvalidProfileConfiguration");
    }

    @Test
    public void testNoMessageContext() {
        this.prc2.setOutboundMessageContext((MessageContext) null);
        ActionTestingSupport.assertEvent(this.action.execute(this.rc), "InvalidMessageContext");
    }

    @Test
    public void testExistingMessage() {
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        outboundMessageContext.setMessage(SAML2ActionTestingSupport.buildAuthnRequest());
        ActionTestingSupport.assertEvent(this.action.execute(this.rc), "InvalidMessageContext");
    }

    @Test
    public void testSimple() {
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Issuer issuer = authnRequest.getIssuer();
        if (!$assertionsDisabled && issuer == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(issuer.getValue(), "http://idp.example.org");
        Boolean isForceAuthn = authnRequest.isForceAuthn();
        Assert.assertFalse(isForceAuthn == null || isForceAuthn.booleanValue());
        Boolean isPassive = authnRequest.isPassive();
        Assert.assertFalse(isPassive == null || isPassive.booleanValue());
        Assert.assertNull(authnRequest.getAttributeConsumingServiceIndex());
        Assert.assertNull(authnRequest.getExtensions());
        NameIDPolicy nameIDPolicy = authnRequest.getNameIDPolicy();
        if (!$assertionsDisabled && nameIDPolicy == null) {
            throw new AssertionError();
        }
        Assert.assertNull(nameIDPolicy.getFormat());
        Assert.assertNull(nameIDPolicy.getSPNameQualifier());
        Boolean allowCreate = nameIDPolicy.getAllowCreate();
        Assert.assertTrue(allowCreate != null && allowCreate.booleanValue());
        Assert.assertNull(authnRequest.getRequestedAuthnContext());
        Assert.assertNull(authnRequest.getSubject());
        Scoping scoping = authnRequest.getScoping();
        if (!$assertionsDisabled && scoping == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(((RequesterID) scoping.getRequesterIDs().get(0)).getURI(), "http://sp.example.org");
    }

    @Test
    public void testFlags() {
        this.ac.setIsPassive(true);
        this.ac.setForceAuthn(true);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Issuer issuer = authnRequest.getIssuer();
        if (!$assertionsDisabled && issuer == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(issuer.getValue(), "http://idp.example.org");
        Boolean isForceAuthn = authnRequest.isForceAuthn();
        Assert.assertTrue(isForceAuthn != null && isForceAuthn.booleanValue());
        Boolean isPassive = authnRequest.isPassive();
        Assert.assertTrue(isPassive != null && isPassive.booleanValue());
        outboundMessageContext.setMessage((Object) null);
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setForceAuthn(false);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        AuthnRequest authnRequest2 = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest2 == null) {
            throw new AssertionError();
        }
        Boolean isForceAuthn2 = authnRequest2.isForceAuthn();
        Assert.assertFalse(isForceAuthn2 == null || isForceAuthn2.booleanValue());
    }

    @Test
    public void testNameIDFormat() {
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setNameIDFormatPrecedence(CollectionSupport.listOf("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos"));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        NameIDPolicy nameIDPolicy = authnRequest.getNameIDPolicy();
        if (!$assertionsDisabled && nameIDPolicy == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(nameIDPolicy.getFormat(), "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");
        Boolean allowCreate = nameIDPolicy.getAllowCreate();
        Assert.assertTrue(allowCreate != null && allowCreate.booleanValue());
    }

    @Test
    public void testSPNameQualifier() {
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setSPNameQualifier("http://sp.example.org");
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        NameIDPolicy nameIDPolicy = authnRequest.getNameIDPolicy();
        if (!$assertionsDisabled && nameIDPolicy == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(nameIDPolicy.getSPNameQualifier(), "http://sp.example.org");
    }

    @Test
    public void testAttributeIndex() {
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setAttributeIndex(42);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(authnRequest.getAttributeConsumingServiceIndex(), 42);
    }

    @Test
    public void testRequestedAttributes() {
        SAMLObjectBuilder ensureBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(RequestedAttribute.DEFAULT_ELEMENT_NAME);
        RequestedAttribute buildObject = ensureBuilder.buildObject();
        buildObject.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:uri");
        buildObject.setName("https://attr1.example.org");
        RequestedAttribute buildObject2 = ensureBuilder.buildObject();
        buildObject2.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:uri");
        buildObject2.setName("https://attr2.example.org");
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setRequestedAttributes(CollectionSupport.listOf(buildObject, buildObject2));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Extensions extensions = authnRequest.getExtensions();
        if (!$assertionsDisabled && extensions == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(extensions.getUnknownXMLObjects(RequestedAttributes.DEFAULT_ELEMENT_NAME).size(), 1);
        Assert.assertEquals(((RequestedAttributes) extensions.getUnknownXMLObjects(RequestedAttributes.DEFAULT_ELEMENT_NAME).get(0)).getRequestedAttributes().size(), 2);
    }

    @Test
    public void testNameIDForSubject() {
        this.nameID = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject();
        this.nameID.setValue("foo");
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Subject subject = authnRequest.getSubject();
        if (!$assertionsDisabled && subject == null) {
            throw new AssertionError();
        }
        NameID nameID = subject.getNameID();
        if (!$assertionsDisabled && nameID == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(nameID.getValue(), "foo");
    }

    @Test
    public void testScopingNoCount() {
        this.ac.getProxiableAuthorities().add("foo");
        this.ac.getProxiableAuthorities().add("bar");
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Scoping scoping = authnRequest.getScoping();
        if (!$assertionsDisabled && scoping == null) {
            throw new AssertionError();
        }
        Assert.assertNull(scoping.getProxyCount());
        Assert.assertNotNull(scoping.getIDPList());
        Assert.assertEquals(((RequesterID) scoping.getRequesterIDs().get(0)).getURI(), "http://sp.example.org");
        IDPList iDPList = scoping.getIDPList();
        if (!$assertionsDisabled && iDPList == null) {
            throw new AssertionError();
        }
        Assert.assertEquals((Set) iDPList.getIDPEntrys().stream().map((v0) -> {
            return v0.getProviderID();
        }).filter(str -> {
            return str != null;
        }).collect(Collectors.toUnmodifiableSet()), this.ac.getProxiableAuthorities());
    }

    @Test
    public void testScopingCount1() {
        this.ac.setProxyCount(1);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Scoping scoping = authnRequest.getScoping();
        if (!$assertionsDisabled && scoping == null) {
            throw new AssertionError();
        }
        Assert.assertNull(scoping.getIDPList());
        Assert.assertEquals(scoping.getProxyCount(), 0);
        Assert.assertEquals(((RequesterID) scoping.getRequesterIDs().get(0)).getURI(), "http://sp.example.org");
    }

    @Test
    public void testScopingCount5() {
        this.ac.setProxyCount(5);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Scoping scoping = authnRequest.getScoping();
        if (!$assertionsDisabled && scoping == null) {
            throw new AssertionError();
        }
        Assert.assertNull(scoping.getIDPList());
        Assert.assertEquals(scoping.getProxyCount(), 4);
        Assert.assertEquals(((RequesterID) scoping.getRequesterIDs().get(0)).getURI(), "http://sp.example.org");
    }

    @Test
    public void testScopingCount0() {
        this.ac.setProxyCount(0);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        Scoping scoping = authnRequest.getScoping();
        if (!$assertionsDisabled && scoping == null) {
            throw new AssertionError();
        }
        Assert.assertNull(scoping.getIDPList());
        Assert.assertEquals(scoping.getProxyCount(), 0);
        Assert.assertEquals(((RequesterID) scoping.getRequesterIDs().get(0)).getURI(), "http://sp.example.org");
    }

    @Test
    public void testAuthnContext() {
        RequestedPrincipalContext ensureSubcontext = this.ac.ensureSubcontext(RequestedPrincipalContext.class);
        ensureSubcontext.setOperator("exact");
        ensureSubcontext.setRequestedPrincipals(CollectionSupport.listOf(new Principal[]{new AuthnContextClassRefPrincipal("urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"), new AuthenticationMethodPrincipal("urn:ietf:rfc:1510"), new AuthnContextClassRefPrincipal("urn:oasis:names:tc:SAML:2.0:ac:classes:X509")}));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
        if (!$assertionsDisabled && requestedAuthnContext == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(requestedAuthnContext.getComparison(), AuthnContextComparisonTypeEnumeration.EXACT);
        Assert.assertEquals(requestedAuthnContext.getAuthnContextClassRefs().size(), 2);
        Assert.assertEquals(((AuthnContextClassRef) requestedAuthnContext.getAuthnContextClassRefs().get(0)).getURI(), "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos");
        Assert.assertEquals(((AuthnContextClassRef) requestedAuthnContext.getAuthnContextClassRefs().get(1)).getURI(), "urn:oasis:names:tc:SAML:2.0:ac:classes:X509");
        BrowserSSOProfileConfiguration profileConfig = this.rpc.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setAuthnContextComparison(AuthnContextComparisonTypeEnumeration.EXACT);
        profileConfig.setDefaultAuthenticationMethods(CollectionSupport.listOf(new AuthnContextClassRefPrincipal("urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos"), new AuthnContextClassRefPrincipal("urn:oasis:names:tc:SAML:2.0:ac:classes:X509")));
        outboundMessageContext.setMessage((Object) null);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        AuthnRequest authnRequest2 = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest2 == null) {
            throw new AssertionError();
        }
        RequestedAuthnContext requestedAuthnContext2 = authnRequest2.getRequestedAuthnContext();
        if (!$assertionsDisabled && requestedAuthnContext2 == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(requestedAuthnContext2.getComparison(), AuthnContextComparisonTypeEnumeration.EXACT);
        Assert.assertEquals(requestedAuthnContext2.getAuthnContextClassRefs().size(), 2);
        Assert.assertEquals(((AuthnContextClassRef) requestedAuthnContext2.getAuthnContextClassRefs().get(0)).getURI(), "urn:oasis:names:tc:SAML:2.0:ac:classes:Kerberos");
        Assert.assertEquals(((AuthnContextClassRef) requestedAuthnContext2.getAuthnContextClassRefs().get(1)).getURI(), "urn:oasis:names:tc:SAML:2.0:ac:classes:X509");
    }

    @Test
    public void testDeclRefs() {
        RequestedPrincipalContext ensureSubcontext = this.ac.ensureSubcontext(RequestedPrincipalContext.class);
        ensureSubcontext.setOperator("exact");
        ensureSubcontext.setRequestedPrincipals(CollectionSupport.listOf(new AuthnContextDeclRefPrincipal("https://example.org/ac1"), new AuthnContextDeclRefPrincipal("https://example.org/ac2")));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
        if (!$assertionsDisabled && requestedAuthnContext == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(requestedAuthnContext.getComparison(), AuthnContextComparisonTypeEnumeration.EXACT);
        Assert.assertEquals(requestedAuthnContext.getAuthnContextDeclRefs().size(), 2);
        Assert.assertEquals(((AuthnContextDeclRef) requestedAuthnContext.getAuthnContextDeclRefs().get(0)).getURI(), "https://example.org/ac1");
        Assert.assertEquals(((AuthnContextDeclRef) requestedAuthnContext.getAuthnContextDeclRefs().get(1)).getURI(), "https://example.org/ac2");
    }

    @Test
    public void testUnknownPrincipals() {
        RequestedPrincipalContext ensureSubcontext = this.ac.ensureSubcontext(RequestedPrincipalContext.class);
        ensureSubcontext.setOperator("exact");
        ensureSubcontext.setRequestedPrincipals(CollectionSupport.listOf(new TestPrincipal("https://example.org/ac1"), new AuthenticationMethodPrincipal("https://example.org/ac2")));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        MessageContext outboundMessageContext = this.prc2.getOutboundMessageContext();
        if (!$assertionsDisabled && outboundMessageContext == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(outboundMessageContext.getMessage());
        Assert.assertTrue(outboundMessageContext.getMessage() instanceof AuthnRequest);
        AuthnRequest authnRequest = (AuthnRequest) outboundMessageContext.getMessage();
        if (!$assertionsDisabled && authnRequest == null) {
            throw new AssertionError();
        }
        RequestedAuthnContext requestedAuthnContext = authnRequest.getRequestedAuthnContext();
        if (!$assertionsDisabled && requestedAuthnContext == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(requestedAuthnContext.getComparison(), AuthnContextComparisonTypeEnumeration.EXACT);
        Assert.assertEquals(requestedAuthnContext.getAuthnContextClassRefs().size(), 2);
        Assert.assertEquals(((AuthnContextClassRef) requestedAuthnContext.getAuthnContextClassRefs().get(0)).getURI(), "https://example.org/ac1");
        Assert.assertEquals(((AuthnContextClassRef) requestedAuthnContext.getAuthnContextClassRefs().get(1)).getURI(), "https://example.org/ac2");
    }

    static {
        $assertionsDisabled = !AddAuthnRequestTest.class.desiredAssertionStatus();
    }
}
