package net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl;

import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientInformation;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadata;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Date;
import java.util.Set;
import net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.oidc.metadata.context.OIDCMetadataContext;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/oidc/op/oauth2/profile/impl/ValidateRedirectURITest.class */
public class ValidateRedirectURITest extends BaseOIDCResponseActionTest {
    private ValidateRedirectURI action;
    private String requestUri = "https://client.example.org/cb";

    private void init() throws ComponentInitializationException, URISyntaxException {
        init(true, new URI(this.requestUri), null, null);
    }

    private void init(boolean z, URI uri, Set<URI> set, Set<URI> set2) throws ComponentInitializationException {
        this.action = new ValidateRedirectURI();
        this.action.setRequireRequestedValue(z);
        this.action.setRedirectURILookupStrategy(profileRequestContext -> {
            return uri;
        });
        if (set != null) {
            this.action.setValidRedirectURIsLookupStrategy(profileRequestContext2 -> {
                return set;
            });
        }
        if (set2 != null) {
            this.action.setRegisteredRedirectURIsLookupStrategy(profileRequestContext3 -> {
                return set2;
            });
        }
        this.action.initialize();
    }

    @Test
    public void testNoCtx() throws ComponentInitializationException, URISyntaxException {
        init();
        this.profileRequestCtx.getInboundMessageContext().removeSubcontext(OIDCMetadataContext.class);
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRedirectionURI");
    }

    @Test
    public void testNoMatch() throws ComponentInitializationException, URISyntaxException {
        init();
        OIDCMetadataContext subcontext = this.profileRequestCtx.getInboundMessageContext().getSubcontext(OIDCMetadataContext.class, true);
        OIDCClientMetadata oIDCClientMetadata = new OIDCClientMetadata();
        oIDCClientMetadata.setRedirectionURI(new URI("https://notmatching.org"));
        subcontext.setClientInformation(new OIDCClientInformation(new ClientID("test"), (Date) null, oIDCClientMetadata, (Secret) null, (URI) null, (BearerAccessToken) null));
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRedirectionURI");
        Assert.assertNull(this.respCtx.getRedirectURI());
    }

    @Test
    public void testMatch() throws ComponentInitializationException, URISyntaxException {
        init();
        OIDCMetadataContext subcontext = this.profileRequestCtx.getInboundMessageContext().getSubcontext(OIDCMetadataContext.class, true);
        OIDCClientMetadata oIDCClientMetadata = new OIDCClientMetadata();
        oIDCClientMetadata.setRedirectionURI(new URI("https://client.example.org/cb"));
        subcontext.setClientInformation(new OIDCClientInformation(new ClientID("test"), (Date) null, oIDCClientMetadata, (Secret) null, (URI) null, (BearerAccessToken) null));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertNotNull(this.respCtx.getRedirectURI());
    }

    @Test
    public void testNullRequesNotAllowed() throws ComponentInitializationException, URISyntaxException {
        init(true, null, Set.of(new URI(this.requestUri)), Set.of(new URI(this.requestUri)));
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRedirectionURI");
        Assert.assertNull(this.respCtx.getRedirectURI());
    }

    @Test
    public void testNullRequesAllowedNotSingleValidUri() throws ComponentInitializationException, URISyntaxException {
        init(false, null, Set.of(new URI(this.requestUri), new URI("https://another.example.org")), Set.of(new URI(this.requestUri)));
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRedirectionURI");
        Assert.assertNull(this.respCtx.getRedirectURI());
    }

    @Test
    public void testNullRequesAllowedNotSingleRegisteredUri() throws ComponentInitializationException, URISyntaxException {
        init(false, null, Set.of(new URI(this.requestUri)), Set.of(new URI(this.requestUri), new URI("https://another.example.org")));
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRedirectionURI");
        Assert.assertNull(this.respCtx.getRedirectURI());
    }

    @Test
    public void testNullRequesAllowedNoRegisteredUris() throws ComponentInitializationException, URISyntaxException {
        init(false, null, Set.of(new URI(this.requestUri)), null);
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRedirectionURI");
        Assert.assertNull(this.respCtx.getRedirectURI());
    }

    @Test
    public void testNullRequesAllowed() throws ComponentInitializationException, URISyntaxException {
        init(false, null, Set.of(new URI(this.requestUri)), Set.of(new URI(this.requestUri)));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertNotNull(this.respCtx.getRedirectURI());
        Assert.assertEquals(this.respCtx.getRedirectURI(), new URI(this.requestUri));
    }
}
