package net.shibboleth.idp.plugin.authn.webauthn.admin.impl;

import com.yubico.webauthn.RegisteredCredential;
import com.yubico.webauthn.data.AttestedCredentialData;
import com.yubico.webauthn.data.AuthenticatorAttestationResponse;
import com.yubico.webauthn.data.ByteArray;
import com.yubico.webauthn.data.ClientRegistrationExtensionOutputs;
import com.yubico.webauthn.data.PublicKeyCredential;
import com.yubico.webauthn.data.UserIdentity;
import java.time.Instant;
import java.util.Arrays;
import java.util.Optional;
import java.util.TreeSet;
import net.shibboleth.idp.plugin.authn.webauthn.context.WebAuthnRegistrationContext;
import net.shibboleth.idp.plugin.authn.webauthn.impl.AbstractWebAuthnTest;
import net.shibboleth.idp.plugin.authn.webauthn.storage.CredentialRegistration;
import net.shibboleth.idp.plugin.authn.webauthn.storage.impl.MockAuthenticator;
import net.shibboleth.shared.codec.Base64Support;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import org.springframework.webflow.execution.Event;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/authn/webauthn/admin/impl/DeletePublicKeyCredentialTest.class */
public class DeletePublicKeyCredentialTest extends AbstractWebAuthnTest {
    private DeletePublicKeyCredential action;
    private WebAuthnRegistrationContext context;
    private RegisteredCredential credential;
    private CredentialRegistration reg;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Override // net.shibboleth.idp.plugin.authn.webauthn.impl.AbstractWebAuthnTest
    @BeforeMethod
    public void setup() throws Exception {
        super.setup();
        this.context = addWebAuthnRegistrationContext();
        this.action = new DeletePublicKeyCredential();
        this.action.setWebAuthnClient(this.client);
        this.mockAuthenticator = new MockAuthenticator("idp.example.com");
        UserIdentity build = UserIdentity.builder().name("jdoe").displayName("John Doe").id(ByteArray.fromBase64("dGhpc2lzYWNoYWxsZW5nZQ==")).build();
        PublicKeyCredential<AuthenticatorAttestationResponse, ClientRegistrationExtensionOutputs> createAuthenticatorAttestationResponse = this.mockAuthenticator.createAuthenticatorAttestationResponse("dGhpc2lzBaNoYWxsZW5nZQ==", createClientData("webauthn.create", "https://idp.example.com", "dGhpc2lzBaNoYWxsZW5nZQ=="), Base64Support.decode("dGhpc2lzYWNoYWxsZW5nZQ=="));
        ByteArray fromBase64 = ByteArray.fromBase64("dGhpc2lzYWNoYWxsZW5nZQ==");
        if (!$assertionsDisabled && !fromBase64.getBase64().equals("dGhpc2lzYWNoYWxsZW5nZQ==")) {
            throw new AssertionError();
        }
        if (!$assertionsDisabled && !Arrays.equals(fromBase64.getBytes(), Base64Support.decode("dGhpc2lzYWNoYWxsZW5nZQ=="))) {
            throw new AssertionError();
        }
        this.credential = RegisteredCredential.builder().credentialId(createAuthenticatorAttestationResponse.getId()).userHandle(ByteArray.fromBase64("dGhpc2lzYWNoYWxsZW5nZQ==")).publicKeyCose(((AttestedCredentialData) createAuthenticatorAttestationResponse.getResponse().getParsedAuthenticatorData().getAttestedCredentialData().get()).getCredentialPublicKey()).build();
        this.reg = CredentialRegistration.builder().withUserIdentity(build).withTransports(new TreeSet()).withRegistrationTime(Instant.now()).withCredential(this.credential).withAttestationMetadata(CollectionSupport.emptySet()).withCredentialNickname("nickname").withDiscoverable(Optional.of(Boolean.TRUE)).withUserVerified(true).build();
        this.credentialRepo.addRegistrationByUsername("jdoe", this.reg);
        this.action.setCredentialRepository(this.credentialRepo);
    }

    @Test
    public void testDeleteKey() throws ComponentInitializationException {
        this.context.setUsername("jdoe");
        this.context.setCredentialIdToRemove(this.credential.getCredentialId().getBytes());
        this.action.initialize();
        Assert.assertNull(this.action.execute(this.src));
        Assert.assertEquals(this.credentialRepo.getCredentialIdsForUsername("jdoe").size(), 0);
    }

    @Test
    public void testDeleteKey_NoCredentialIdInContext() throws ComponentInitializationException {
        this.context.setUsername("jdoe");
        this.action.initialize();
        Event execute = this.action.execute(this.src);
        Assert.assertNotNull(execute);
        if (!$assertionsDisabled && execute == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(execute.getId(), "InvalidRegistrationContext");
    }

    @Test
    public void testDeleteKey_NoUsernameInContext() throws ComponentInitializationException {
        this.context.setCredentialIdToRemove(this.credential.getCredentialId().getBytes());
        this.action.initialize();
        Event execute = this.action.execute(this.src);
        Assert.assertNotNull(execute);
        if (!$assertionsDisabled && execute == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(execute.getId(), "InvalidRegistrationContext");
    }

    @Test
    public void testDeleteKey_NoCredentialToRemove() throws ComponentInitializationException {
        this.credentialRepo.removeRegistrationByUsername("jdoe", this.reg);
        this.context.setUsername("jdoe");
        this.context.setCredentialIdToRemove(this.credential.getCredentialId().getBytes());
        this.action.initialize();
        Assert.assertNull(this.action.execute(this.src));
        Assert.assertEquals(this.credentialRepo.getCredentialIdsForUsername("jdoe").size(), 0);
    }

    @Test
    public void testDeleteKey_CrentialNotFound() throws ComponentInitializationException {
        this.context.setUsername("jdoe");
        this.context.setCredentialIdToRemove(new byte[]{-1});
        this.action.initialize();
        Assert.assertNull(this.action.execute(this.src));
        Assert.assertEquals(this.credentialRepo.getCredentialIdsForUsername("jdoe").size(), 1);
    }

    static {
        $assertionsDisabled = !DeletePublicKeyCredentialTest.class.desiredAssertionStatus();
    }
}
