package net.shibboleth.idp.saml.nameid.impl;

import javax.security.auth.Subject;
import net.shibboleth.idp.authn.context.SubjectCanonicalizationContext;
import net.shibboleth.idp.authn.context.SubjectContext;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.idp.saml.authn.principal.NameIDPrincipal;
import net.shibboleth.idp.saml.nameid.NameDecoderException;
import net.shibboleth.idp.saml.nameid.NameIDCanonicalizationFlowDescriptor;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import org.opensaml.core.testing.OpenSAMLInitBaseTestCase;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.profile.testing.ActionTestingSupport;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.storage.impl.MemoryStorageService;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/nameid/impl/TransientDecoderTest.class */
public class TransientDecoderTest extends OpenSAMLInitBaseTestCase {
    private static final String RECIPIENT = "TheRecipient";
    private static final String PRINCIPAL = "ThePrincipalName";
    private MemoryStorageService store;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeMethod
    void setUp() throws ComponentInitializationException {
        this.store = new MemoryStorageService();
        this.store.setId("test");
        this.store.initialize();
    }

    @Test
    public void testSucess() throws Exception {
        Assert.assertTrue(this.store.create("TransientId", "THE_ID", new TransientIdParameters(RECIPIENT, PRINCIPAL).encode(), Long.valueOf(System.currentTimeMillis() + 50000)), "initial store");
        BaseTransientDecoder baseTransientDecoder = new BaseTransientDecoder() { // from class: net.shibboleth.idp.saml.nameid.impl.TransientDecoderTest.1
        };
        baseTransientDecoder.setId("decoder");
        baseTransientDecoder.setIdStore(this.store);
        baseTransientDecoder.initialize();
        Assert.assertEquals(baseTransientDecoder.decode("THE_ID", RECIPIENT), PRINCIPAL);
    }

    @Test
    public void testExpired() throws Exception {
        Assert.assertTrue(this.store.create("TransientId", "THE_ID", new TransientIdParameters(RECIPIENT, PRINCIPAL).encode(), Long.valueOf(System.currentTimeMillis() - 50000)), "initial store");
        BaseTransientDecoder baseTransientDecoder = new BaseTransientDecoder() { // from class: net.shibboleth.idp.saml.nameid.impl.TransientDecoderTest.2
        };
        baseTransientDecoder.setId("decoder");
        baseTransientDecoder.setIdStore(this.store);
        baseTransientDecoder.initialize();
        Assert.assertNull(baseTransientDecoder.decode("THE_ID", RECIPIENT));
    }

    @Test
    public void testNotFound() throws Exception {
        BaseTransientDecoder baseTransientDecoder = new BaseTransientDecoder() { // from class: net.shibboleth.idp.saml.nameid.impl.TransientDecoderTest.3
        };
        baseTransientDecoder.setId("decoder");
        baseTransientDecoder.setIdStore(this.store);
        baseTransientDecoder.initialize();
        Assert.assertNull(baseTransientDecoder.decode("THE_ID", RECIPIENT));
    }

    @Test(expectedExceptions = {NameDecoderException.class})
    public void testBadRecipient() throws Exception {
        Assert.assertTrue(this.store.create("TransientId", "THE_ID", new TransientIdParameters(RECIPIENT, PRINCIPAL).encode(), Long.valueOf(System.currentTimeMillis() + 50000)), "initial store");
        BaseTransientDecoder baseTransientDecoder = new BaseTransientDecoder() { // from class: net.shibboleth.idp.saml.nameid.impl.TransientDecoderTest.4
        };
        baseTransientDecoder.setId("decoder");
        baseTransientDecoder.setIdStore(this.store);
        baseTransientDecoder.initialize();
        baseTransientDecoder.decode("THE_ID", PRINCIPAL);
    }

    @Test
    public void decode() throws Exception {
        StoredTransientIdGenerationStrategy storedTransientIdGenerationStrategy = new StoredTransientIdGenerationStrategy();
        storedTransientIdGenerationStrategy.setId("strategy");
        storedTransientIdGenerationStrategy.setIdStore(this.store);
        storedTransientIdGenerationStrategy.initialize();
        TransientSAML2NameIDGenerator transientSAML2NameIDGenerator = new TransientSAML2NameIDGenerator();
        transientSAML2NameIDGenerator.setId("id");
        transientSAML2NameIDGenerator.setTransientIdGenerator(storedTransientIdGenerationStrategy);
        transientSAML2NameIDGenerator.initialize();
        ProfileRequestContext buildProfileRequestContext = new RequestContextBuilder().setInboundMessageIssuer("https://sp.example.org/sp").buildProfileRequestContext();
        buildProfileRequestContext.ensureSubcontext(SubjectContext.class).setPrincipalName("PETER_THE_PRINCIPAL");
        NameID generate = transientSAML2NameIDGenerator.generate(buildProfileRequestContext, transientSAML2NameIDGenerator.getFormat());
        if (!$assertionsDisabled && generate == null) {
            throw new AssertionError();
        }
        NameIDCanonicalizationFlowDescriptor nameIDCanonicalizationFlowDescriptor = new NameIDCanonicalizationFlowDescriptor();
        nameIDCanonicalizationFlowDescriptor.setFormats(CollectionSupport.singleton(transientSAML2NameIDGenerator.getFormat()));
        nameIDCanonicalizationFlowDescriptor.setId("NameIdFlowDescriptor");
        nameIDCanonicalizationFlowDescriptor.initialize();
        NameIDCanonicalization nameIDCanonicalization = new NameIDCanonicalization();
        TransientNameIDDecoder transientNameIDDecoder = new TransientNameIDDecoder();
        transientNameIDDecoder.setId("decoder");
        transientNameIDDecoder.setIdStore(this.store);
        transientNameIDDecoder.initialize();
        nameIDCanonicalization.setDecoder(transientNameIDDecoder);
        nameIDCanonicalization.initialize();
        ProfileRequestContext profileRequestContext = new ProfileRequestContext();
        SubjectCanonicalizationContext ensureSubcontext = profileRequestContext.ensureSubcontext(SubjectCanonicalizationContext.class);
        Subject subject = new Subject();
        subject.getPrincipals().add(new NameIDPrincipal(generate));
        ensureSubcontext.setSubject(subject);
        ensureSubcontext.setAttemptedFlow(nameIDCanonicalizationFlowDescriptor);
        ensureSubcontext.setRequesterId("https://sp.example.org/sp");
        ensureSubcontext.setResponderId("https://idp.example.org/idp");
        nameIDCanonicalization.execute(profileRequestContext);
        ActionTestingSupport.assertProceedEvent(profileRequestContext);
        Assert.assertEquals(ensureSubcontext.getPrincipalName(), "PETER_THE_PRINCIPAL");
    }

    static {
        $assertionsDisabled = !TransientDecoderTest.class.desiredAssertionStatus();
    }
}
