package net.shibboleth.idp.saml.saml2.profile.impl;

import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.profile.context.navigate.WebflowRequestContextProfileRequestContextLookup;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.idp.saml.saml2.profile.config.impl.BrowserSSOProfileConfiguration;
import net.shibboleth.profile.config.ProfileConfiguration;
import net.shibboleth.profile.context.RelyingPartyContext;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.resolver.CriteriaSet;
import net.shibboleth.shared.resolver.ResolverException;
import org.opensaml.core.testing.OpenSAMLInitBaseTestCase;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.saml2.profile.context.EncryptionContext;
import org.opensaml.xmlsec.EncryptionParameters;
import org.opensaml.xmlsec.EncryptionParametersResolver;
import org.opensaml.xmlsec.criterion.EncryptionConfigurationCriterion;
import org.springframework.webflow.execution.RequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/saml2/profile/impl/PopulateEncryptionParametersTest.class */
public class PopulateEncryptionParametersTest extends OpenSAMLInitBaseTestCase {
    private RequestContext rc;
    private ProfileRequestContext prc;
    private PopulateEncryptionParameters action;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:net/shibboleth/idp/saml/saml2/profile/impl/PopulateEncryptionParametersTest$MockResolver.class */
    private class MockResolver implements EncryptionParametersResolver {
        private boolean throwException;
        static final /* synthetic */ boolean $assertionsDisabled;

        public MockResolver(boolean z) {
            this.throwException = z;
        }

        @Nonnull
        public Iterable<EncryptionParameters> resolve(@Nullable CriteriaSet criteriaSet) throws ResolverException {
            return CollectionSupport.singletonList(resolveSingle(criteriaSet));
        }

        @Nonnull
        public EncryptionParameters resolveSingle(@Nullable CriteriaSet criteriaSet) throws ResolverException {
            if (this.throwException) {
                throw new ResolverException();
            }
            if (!$assertionsDisabled && criteriaSet == null) {
                throw new AssertionError();
            }
            Constraint.isNotNull((EncryptionConfigurationCriterion) criteriaSet.get(EncryptionConfigurationCriterion.class), "Criterion was null");
            return new EncryptionParameters();
        }

        static {
            $assertionsDisabled = !PopulateEncryptionParametersTest.class.desiredAssertionStatus();
        }
    }

    @BeforeMethod
    public void setUp() throws ComponentInitializationException {
        this.rc = new RequestContextBuilder().setRelyingPartyProfileConfigurations(CollectionSupport.singletonList(new BrowserSSOProfileConfiguration())).buildRequestContext();
        this.prc = new WebflowRequestContextProfileRequestContextLookup().apply(this.rc);
        this.action = new PopulateEncryptionParameters();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void testConfig() throws ComponentInitializationException {
        this.action.initialize();
    }

    @Test
    public void testNoContext() throws Exception {
        this.action.setEncryptionParametersResolver(new MockResolver(false));
        this.action.initialize();
        this.prc.removeSubcontext(RelyingPartyContext.class);
        ActionTestingSupport.assertEvent(this.action.execute(this.rc), "InvalidRelyingPartyContext");
    }

    @Test
    public void testNoConfig() throws Exception {
        this.action.setEncryptionParametersResolver(new MockResolver(false));
        this.action.initialize();
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        subcontext.setProfileConfig((ProfileConfiguration) null);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
    }

    @Test
    public void testWrongConfig() throws Exception {
        this.action.setEncryptionParametersResolver(new MockResolver(false));
        this.action.initialize();
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        subcontext.setProfileConfig(new net.shibboleth.idp.saml.saml1.profile.config.impl.BrowserSSOProfileConfiguration());
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
    }

    @Test
    public void testResolverError() throws Exception {
        this.action.setEncryptionParametersResolver(new MockResolver(true));
        this.action.initialize();
        ActionTestingSupport.assertEvent(this.action.execute(this.rc), "InvalidSecurityConfiguration");
    }

    @Test
    public void testSuccess() throws Exception {
        this.action.setEncryptionParametersResolver(new MockResolver(false));
        this.action.initialize();
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        EncryptionContext subcontext2 = subcontext.getSubcontext(EncryptionContext.class);
        if (!$assertionsDisabled && subcontext2 == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(subcontext2.getAssertionEncryptionParameters());
        Assert.assertNull(subcontext2.getIdentifierEncryptionParameters());
        Assert.assertNull(subcontext2.getAttributeEncryptionParameters());
    }

    @Test
    public void testOptional() throws Exception {
        this.action.setEncryptionParametersResolver(new MockResolver(true));
        this.action.initialize();
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        BrowserSSOProfileConfiguration profileConfig = subcontext.getProfileConfig();
        if (!$assertionsDisabled && profileConfig == null) {
            throw new AssertionError();
        }
        profileConfig.setEncryptionOptional(true);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.rc));
        EncryptionContext subcontext2 = subcontext.getSubcontext(EncryptionContext.class);
        if (!$assertionsDisabled && subcontext2 == null) {
            throw new AssertionError();
        }
        Assert.assertNull(subcontext2.getAssertionEncryptionParameters());
        Assert.assertNull(subcontext2.getIdentifierEncryptionParameters());
        Assert.assertNull(subcontext2.getAttributeEncryptionParameters());
    }

    static {
        $assertionsDisabled = !PopulateEncryptionParametersTest.class.desiredAssertionStatus();
    }
}
