package net.shibboleth.idp.plugin.oidc.op.oauth2.profile.impl;

import com.google.common.net.UrlEscapers;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.PlainJWT;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.openid.connect.sdk.AuthenticationRequest;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Set;
import java.util.function.Predicate;
import net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.utilities.java.support.httpclient.HttpClientBuilder;
import net.shibboleth.utilities.java.support.httpclient.HttpClientSupport;
import net.shibboleth.utilities.java.support.test.repository.RepositorySupport;
import org.mockito.Mockito;
import org.opensaml.profile.context.ProfileRequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/oidc/op/oauth2/profile/impl/SetRequestObjectToResponseContextTest.class */
public class SetRequestObjectToResponseContextTest extends BaseOIDCResponseActionTest {
    private SetRequestObjectToResponseContext action;
    private Predicate<ProfileRequestContext> enforceRequestObjects = (Predicate) Mockito.mock(Predicate.class);

    @Override // net.shibboleth.idp.plugin.oidc.op.profile.impl.BaseOIDCResponseActionTest
    @BeforeMethod
    public void setUp() throws Exception {
        super.setUp();
        this.action = new SetRequestObjectToResponseContext();
        HttpClientBuilder httpClientBuilder = new HttpClientBuilder();
        httpClientBuilder.setTLSSocketFactory(HttpClientSupport.buildNoTrustTLSSocketFactory());
        this.action.setHttpClient(httpClientBuilder.buildClient());
        this.action.setRequestObjectEnforcedPredicate(this.enforceRequestObjects);
        this.action.initialize();
    }

    @Test
    public void testNothingToDo() {
        Mockito.when(Boolean.valueOf(this.enforceRequestObjects.test((ProfileRequestContext) Mockito.any()))).thenReturn(false);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
    }

    @Test
    public void testMandatoryMissing() {
        Mockito.when(Boolean.valueOf(this.enforceRequestObjects.test((ProfileRequestContext) Mockito.any()))).thenReturn(true);
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "MissingMandatoryRequestObject");
    }

    @Test
    public void testRequestObject() throws ParseException {
        setAuthenticationRequest(AuthenticationRequest.parse("client_id=mockClientId&request=" + new PlainJWT(new JWTClaimsSet.Builder().claim("redirect_uri", "https://rp.example.org/redirect_uri").build()).serialize()));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertNotNull(this.respCtx.getRequestObject());
    }

    @Test
    public void testInvalidRequestURI() throws ParseException, URISyntaxException {
        this.metadataCtx.getClientInformation().getOIDCMetadata().setRequestObjectURIs(Set.of(new URI("https://localhost/foobar")));
        setAuthenticationRequest(AuthenticationRequest.parse("client_id=mockClientId&request_uri=http://localhost/foo"));
        ActionTestingSupport.assertEvent(this.action.execute(this.requestCtx), "InvalidRequestUri");
    }

    @Test
    public void testRequestURI() throws URISyntaxException, ParseException {
        String buildHTTPSResourceURL = RepositorySupport.buildHTTPSResourceURL("java-idp-oidc", "idp-oidc-extension-impl/src/test/resources/net/shibboleth/idp/oidc/profile/impl/oidc-authreq.json");
        this.metadataCtx.getClientInformation().getOIDCMetadata().setRequestObjectURIs(Set.of(new URI(buildHTTPSResourceURL)));
        setAuthenticationRequest(AuthenticationRequest.parse("client_id=" + this.clientId + "&request_uri=" + UrlEscapers.urlFormParameterEscaper().escape(buildHTTPSResourceURL)));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        Assert.assertNotNull(this.respCtx.getRequestObject());
        Assert.assertTrue(this.respCtx.getRequestObject() instanceof SignedJWT);
    }
}
