package net.shibboleth.idp.plugin.oidc.op.profile.impl;

import com.google.common.base.Predicates;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.openid.connect.sdk.AuthenticationRequest;
import com.nimbusds.openid.connect.sdk.Prompt;
import java.net.URI;
import java.time.Duration;
import java.util.function.Function;
import javax.security.auth.Subject;
import net.shibboleth.idp.authn.AuthenticationResult;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.plugin.oidc.op.messaging.context.OIDCAuthenticationResponseContext;
import net.shibboleth.idp.profile.context.navigate.WebflowRequestContextProfileRequestContextLookup;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.logic.ConstraintViolationException;
import org.opensaml.profile.context.ProfileRequestContext;
import org.springframework.webflow.execution.RequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/oidc/op/profile/impl/InitializeAuthenticationContextTest.class */
public class InitializeAuthenticationContextTest {
    private InitializeAuthenticationContext action;
    private RequestContext requestCtx;
    private ProfileRequestContext prc;

    @BeforeMethod
    public void init() throws ComponentInitializationException, ParseException {
        this.action = new InitializeAuthenticationContext();
        this.action.initialize();
        this.requestCtx = new RequestContextBuilder().setInboundMessage(new AuthenticationRequest.Builder(new ResponseType(new String[]{"code"}), new Scope(new String[]{"openid"}), new ClientID("000123"), URI.create("https://example.com/callback")).state(new State()).prompt(new Prompt(new Prompt.Type[]{Prompt.Type.LOGIN})).loginHint("foo").build()).buildRequestContext();
        this.prc = new WebflowRequestContextProfileRequestContextLookup().apply(this.requestCtx);
        AuthenticationContext authenticationContext = new AuthenticationContext();
        authenticationContext.setAuthenticationResult(new AuthenticationResult("flowId", new Subject()));
        this.prc.addSubcontext(authenticationContext);
        this.prc.getOutboundMessageContext().addSubcontext(new OIDCAuthenticationResponseContext());
    }

    @Test
    public void testOIDCAuthnRequestForcedWithHintedName() {
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class);
        Assert.assertNotNull(subcontext);
        Assert.assertTrue(subcontext.isForceAuthn());
        Assert.assertFalse(subcontext.isPassive());
        Assert.assertNull(subcontext.getMaxAge());
        Assert.assertEquals(subcontext.getHintedName(), "foo");
    }

    @Test
    public void testOIDCAuthnRequestPassive() {
        this.prc.getInboundMessageContext().setMessage(new AuthenticationRequest.Builder(new ResponseType(new String[]{"code"}), new Scope(new String[]{"openid"}), new ClientID("000123"), URI.create("https://example.com/callback")).state(new State()).prompt(new Prompt(new Prompt.Type[]{Prompt.Type.NONE})).maxAge(5).build());
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class, false);
        Assert.assertNotNull(subcontext);
        Assert.assertFalse(subcontext.isForceAuthn());
        Assert.assertTrue(subcontext.isPassive());
        Assert.assertEquals(subcontext.getMaxAge(), Duration.ofSeconds(5L));
    }

    @Test
    public void testOIDCAuthnRequestWithoutPrompt() {
        this.prc.getInboundMessageContext().setMessage(new AuthenticationRequest.Builder(new ResponseType(new String[]{"code"}), new Scope(new String[]{"openid"}), new ClientID("000123"), URI.create("https://example.com/callback")).state(new State()).build());
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class, false);
        Assert.assertNotNull(subcontext);
        Assert.assertFalse(subcontext.isForceAuthn());
        Assert.assertFalse(subcontext.isPassive());
        Assert.assertNull(subcontext.getMaxAge());
    }

    @Test
    public void testOIDCAuthnRequestWithoutPromptForceAuthnViaPredicate() throws ComponentInitializationException {
        this.action = new InitializeAuthenticationContext();
        this.action.setForceAuthnPredicate(Predicates.alwaysTrue());
        this.action.initialize();
        this.prc.getInboundMessageContext().setMessage(new AuthenticationRequest.Builder(new ResponseType(new String[]{"code"}), new Scope(new String[]{"openid"}), new ClientID("000123"), URI.create("https://example.com/callback")).state(new State()).build());
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.requestCtx));
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class, false);
        Assert.assertNotNull(subcontext);
        Assert.assertTrue(subcontext.isForceAuthn());
        Assert.assertFalse(subcontext.isPassive());
        Assert.assertNull(subcontext.getMaxAge());
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testSetNullLoginHintLookupStrategy() throws Exception {
        this.action = new InitializeAuthenticationContext();
        this.action.setLoginHintLookupStrategy((Function) null);
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testSetNullPromptLookupStrategy() throws Exception {
        this.action = new InitializeAuthenticationContext();
        this.action.setPromptLookupStrategy((Function) null);
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testSetNullMaxAgeLookupStrategy() throws Exception {
        this.action = new InitializeAuthenticationContext();
        this.action.setMaxAgeLookupStrategy((Function) null);
    }
}
