package net.shibboleth.idp.saml.nameid.impl;

import java.io.IOException;
import java.sql.SQLException;
import javax.sql.DataSource;
import net.shibboleth.idp.attribute.IdPAttribute;
import net.shibboleth.idp.attribute.StringAttributeValue;
import net.shibboleth.idp.attribute.context.AttributeContext;
import net.shibboleth.idp.attribute.impl.JDBCPairwiseIdStore;
import net.shibboleth.idp.authn.context.SubjectCanonicalizationContext;
import net.shibboleth.idp.authn.context.SubjectContext;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.idp.saml.nameid.NameDecoderException;
import net.shibboleth.profile.context.RelyingPartyContext;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.testing.DatabaseTestingSupport;
import org.opensaml.core.testing.OpenSAMLInitBaseTestCase;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.testing.SAML2ActionTestingSupport;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/saml/nameid/impl/StoredPersistentIdDecoderTest.class */
public class StoredPersistentIdDecoderTest extends OpenSAMLInitBaseTestCase {
    private DataSource testSource;
    private ProfileRequestContext prc;
    private PersistentSAML2NameIDGenerator generator;
    private StoredPersistentIdDecoder decoder;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeClass
    public void setUpSource() {
        this.testSource = DatabaseTestingSupport.GetMockDataSource(PersistentSAML2NameIDGeneratorTest.INIT_FILE, "StoredIDDataConnectorStore");
    }

    @AfterClass
    public void teardown() {
        DatabaseTestingSupport.InitializeDataSource(PersistentSAML2NameIDGeneratorTest.DELETE_FILE, this.testSource);
    }

    @BeforeMethod
    public void setUp() throws SQLException, IOException, ComponentInitializationException {
        JDBCPairwiseIdStore jDBCPairwiseIdStore = new JDBCPairwiseIdStore();
        jDBCPairwiseIdStore.setDataSource(this.testSource);
        jDBCPairwiseIdStore.initialize();
        this.generator = new PersistentSAML2NameIDGenerator();
        this.generator.setId("test");
        this.generator.setPersistentIdStore(jDBCPairwiseIdStore);
        this.generator.setAttributeSourceIds(CollectionSupport.singletonList("SOURCE"));
        this.decoder = new StoredPersistentIdDecoder();
        this.decoder.setId("test");
        this.decoder.setPersistentIdStore(jDBCPairwiseIdStore);
        this.decoder.initialize();
        this.prc = new RequestContextBuilder().setInboundMessageIssuer("https://sp.example.org/sp").setOutboundMessageIssuer("https://idp.example.org/idp").buildProfileRequestContext();
    }

    @Test
    public void testMissingID() throws Exception {
        SubjectCanonicalizationContext ensureSubcontext = this.prc.ensureSubcontext(SubjectCanonicalizationContext.class);
        ensureSubcontext.setRequesterId("https://sp.example.org/sp");
        ensureSubcontext.setResponderId("https://idp.example.org/idp");
        NameID nameID = SAML2ActionTestingSupport.buildSubject("foo").getNameID();
        if (!$assertionsDisabled && nameID == null) {
            throw new AssertionError();
        }
        Assert.assertNull(this.decoder.decode(ensureSubcontext, nameID));
    }

    @Test(expectedExceptions = {NameDecoderException.class})
    public void testNoQualifiers() throws Exception {
        SubjectCanonicalizationContext ensureSubcontext = this.prc.ensureSubcontext(SubjectCanonicalizationContext.class);
        NameID nameID = SAML2ActionTestingSupport.buildSubject("foo").getNameID();
        if (!$assertionsDisabled && nameID == null) {
            throw new AssertionError();
        }
        this.decoder.decode(ensureSubcontext, nameID);
    }

    @Test
    public void testBadQualifier() throws Exception {
        this.generator.initialize();
        this.prc.ensureSubcontext(SubjectContext.class).setPrincipalName("foo");
        Assert.assertNull(this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
        IdPAttribute idPAttribute = new IdPAttribute("SOURCE");
        idPAttribute.setValues(CollectionSupport.singletonList(new StringAttributeValue("at1-Data")));
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        subcontext.ensureSubcontext(AttributeContext.class).setUnfilteredIdPAttributes(CollectionSupport.singleton(idPAttribute));
        NameID generate = this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        if (!$assertionsDisabled && generate == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(generate.getValue());
        Assert.assertEquals(generate.getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        generate.setNameQualifier((String) null);
        generate.setSPNameQualifier((String) null);
        SubjectCanonicalizationContext ensureSubcontext = this.prc.ensureSubcontext(SubjectCanonicalizationContext.class);
        ensureSubcontext.setRequesterId("Bad");
        ensureSubcontext.setResponderId("https://idp.example.org/idp");
        Assert.assertNull(this.decoder.decode(ensureSubcontext, generate));
    }

    @Test
    public void testStoredIdDecode() throws Exception {
        this.generator.initialize();
        this.prc.ensureSubcontext(SubjectContext.class).setPrincipalName("foo");
        Assert.assertNull(this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
        IdPAttribute idPAttribute = new IdPAttribute("SOURCE");
        idPAttribute.setValues(CollectionSupport.singletonList(new StringAttributeValue("at1-Data")));
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        subcontext.ensureSubcontext(AttributeContext.class).setUnfilteredIdPAttributes(CollectionSupport.singleton(idPAttribute));
        NameID generate = this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        if (!$assertionsDisabled && generate == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(generate.getValue());
        Assert.assertEquals(generate.getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertEquals(generate.getNameQualifier(), "https://idp.example.org/idp");
        Assert.assertEquals(generate.getSPNameQualifier(), "https://sp.example.org/sp");
        SubjectCanonicalizationContext ensureSubcontext = this.prc.ensureSubcontext(SubjectCanonicalizationContext.class);
        ensureSubcontext.setRequesterId("https://sp.example.org/sp");
        ensureSubcontext.setResponderId("https://idp.example.org/idp");
        Assert.assertEquals(this.decoder.decode(ensureSubcontext, generate), "foo");
    }

    @Test
    public void testAffiliation() throws Exception {
        this.generator.setSPNameQualifier("http://affiliation.org");
        this.generator.initialize();
        this.prc.ensureSubcontext(SubjectContext.class).setPrincipalName("foo");
        Assert.assertNull(this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"));
        IdPAttribute idPAttribute = new IdPAttribute("SOURCE");
        idPAttribute.setValues(CollectionSupport.singletonList(new StringAttributeValue("at1-Data")));
        RelyingPartyContext subcontext = this.prc.getSubcontext(RelyingPartyContext.class);
        if (!$assertionsDisabled && subcontext == null) {
            throw new AssertionError();
        }
        subcontext.ensureSubcontext(AttributeContext.class).setUnfilteredIdPAttributes(CollectionSupport.singleton(idPAttribute));
        NameID generate = this.generator.generate(this.prc, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        if (!$assertionsDisabled && generate == null) {
            throw new AssertionError();
        }
        Assert.assertNotNull(generate.getValue());
        Assert.assertEquals(generate.getFormat(), "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        Assert.assertEquals(generate.getNameQualifier(), "https://idp.example.org/idp");
        Assert.assertEquals(generate.getSPNameQualifier(), "http://affiliation.org");
        SubjectCanonicalizationContext ensureSubcontext = this.prc.ensureSubcontext(SubjectCanonicalizationContext.class);
        ensureSubcontext.setRequesterId("https://sp.example.org/sp");
        ensureSubcontext.setResponderId("https://idp.example.org/idp");
        Assert.assertEquals(this.decoder.decode(ensureSubcontext, generate), "foo");
    }

    static {
        $assertionsDisabled = !StoredPersistentIdDecoderTest.class.desiredAssertionStatus();
    }
}
