package net.shibboleth.idp.plugin.oidc.op.profile.impl;

import com.nimbusds.openid.connect.sdk.claims.ACR;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.security.auth.Subject;
import net.shibboleth.idp.authn.AuthenticationFlowDescriptor;
import net.shibboleth.idp.authn.AuthenticationResult;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.context.PreferredPrincipalContext;
import net.shibboleth.idp.authn.context.RequestedPrincipalContext;
import net.shibboleth.idp.authn.impl.DefaultAuthenticationResultSerializer;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.oidc.authn.principal.AuthenticationContextClassReferencePrincipal;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/oidc/op/profile/impl/SetAuthenticationContextClassReferenceToResponseContextTest.class */
public class SetAuthenticationContextClassReferenceToResponseContextTest extends BaseOIDCResponseActionTest {
    private SetAuthenticationContextClassReferenceToResponseContext action;
    private List<Principal> principals;

    @BeforeMethod
    private void init() throws ComponentInitializationException {
        this.action = new SetAuthenticationContextClassReferenceToResponseContext();
        this.action.initialize();
        this.profileRequestCtx.addSubcontext(new AuthenticationContext());
        this.principals = new ArrayList();
        this.principals.add(new AuthenticationContextClassReferencePrincipal("1"));
        this.principals.add(new AuthenticationContextClassReferencePrincipal("2"));
        this.principals.add(new AuthenticationContextClassReferencePrincipal("3"));
        RequestedPrincipalContext requestedPrincipalContext = new RequestedPrincipalContext();
        requestedPrincipalContext.setOperator(AuthnContextComparisonTypeEnumeration.EXACT.toString());
        requestedPrincipalContext.setRequestedPrincipals(this.principals);
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class, true).addSubcontext(requestedPrincipalContext, true);
        Subject subject = new Subject();
        subject.getPrincipals().add(new AuthenticationContextClassReferencePrincipal("2"));
        subject.getPrincipals().add(new AuthenticationContextClassReferencePrincipal("4"));
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class).setAuthenticationResult(new AuthenticationResult("flowId", subject));
        AuthenticationFlowDescriptor authenticationFlowDescriptor = new AuthenticationFlowDescriptor();
        authenticationFlowDescriptor.setId("flowId");
        authenticationFlowDescriptor.setPrincipalWeightMap(Collections.singletonMap(new AuthenticationContextClassReferencePrincipal("2"), 10));
        authenticationFlowDescriptor.setResultSerializer(new DefaultAuthenticationResultSerializer());
        authenticationFlowDescriptor.initialize();
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class).getAvailableFlows().put("flowId", authenticationFlowDescriptor);
    }

    @Test
    public void testSuccessRequestedACR() {
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertEquals(this.respCtx.getAcr(), new ACR("2"));
    }

    @Test
    public void testSuccessPreferredACR() {
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class).removeSubcontext(RequestedPrincipalContext.class);
        PreferredPrincipalContext preferredPrincipalContext = new PreferredPrincipalContext();
        preferredPrincipalContext.setPreferredPrincipals(this.principals);
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class, true).addSubcontext(preferredPrincipalContext, true);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertEquals(this.respCtx.getAcr(), new ACR("2"));
    }

    @Test
    public void testSuccessPreferredACRNotMatching() {
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class).removeSubcontext(RequestedPrincipalContext.class);
        PreferredPrincipalContext preferredPrincipalContext = new PreferredPrincipalContext();
        this.principals.clear();
        this.principals.add(new AuthenticationContextClassReferencePrincipal("1"));
        preferredPrincipalContext.setPreferredPrincipals(this.principals);
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class, true).addSubcontext(preferredPrincipalContext, true);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertTrue(this.respCtx.getAcr().equals(new ACR("2")));
    }

    @Test
    public void testSuccessPreferredACRNotMatching2() {
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class).removeSubcontext(RequestedPrincipalContext.class);
        PreferredPrincipalContext preferredPrincipalContext = new PreferredPrincipalContext();
        this.principals.clear();
        this.principals.add(new AuthenticationContextClassReferencePrincipal("1"));
        preferredPrincipalContext.setPreferredPrincipals(this.principals);
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class, true).addSubcontext(preferredPrincipalContext, true);
        this.profileRequestCtx.getSubcontext(AuthenticationContext.class).setAuthenticationResult(new AuthenticationResult("flowId", new Subject()));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertNull(this.respCtx.getAcr());
    }

    @Test
    public void testFailNoAuthContext() {
        this.profileRequestCtx.removeSubcontext(AuthenticationContext.class);
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidAuthenticationContext");
    }
}
