package net.shibboleth.oidc.metadata.policy.impl;

import java.io.IOException;
import java.time.Duration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import net.shibboleth.oidc.metadata.cache.impl.BatchMetadataCache;
import net.shibboleth.oidc.metadata.cache.impl.BatchMetadataCacheBuilderSpec;
import net.shibboleth.oidc.metadata.cache.impl.DefaultFileLoadingStrategy;
import net.shibboleth.oidc.metadata.cache.impl.DefaultJSONMapParsingStrategy;
import net.shibboleth.oidc.metadata.cache.impl.DefaultSourceMetadataExpirationTimeStrategy;
import net.shibboleth.oidc.metadata.cache.impl.MetadataCacheBuilder;
import net.shibboleth.oidc.metadata.policy.MetadataPolicy;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.logic.ConstraintViolationException;
import net.shibboleth.shared.resolver.CriteriaSet;
import org.springframework.core.io.ClassPathResource;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/oidc/metadata/policy/impl/OIDCMetadataPolicyResolverTest.class */
public class OIDCMetadataPolicyResolverTest {
    OIDCMetadataPolicyResolver resolver;

    public void initTest(String str) throws Exception {
        initTest(str, null);
    }

    public void initTest(String str, CustomMetadataPolicyOperator customMetadataPolicyOperator) throws Exception {
        this.resolver = new OIDCMetadataPolicyResolver(buildCache(str, customMetadataPolicyOperator));
        this.resolver.setId("mockId");
        this.resolver.initialize();
    }

    @Nonnull
    protected BatchMetadataCache<String, Map<String, MetadataPolicy>> buildCache(String str, CustomMetadataPolicyOperator customMetadataPolicyOperator) throws IOException, ComponentInitializationException {
        ClassPathResource classPathResource = (str == null || str.isEmpty()) ? null : new ClassPathResource(str);
        BatchMetadataCacheBuilderSpec batchMetadataCacheBuilderSpec = new BatchMetadataCacheBuilderSpec();
        MetadataCacheBuilder.Builder builder = new MetadataCacheBuilder.Builder();
        batchMetadataCacheBuilderSpec.setLoadingStrategy(new DefaultFileLoadingStrategy(classPathResource));
        batchMetadataCacheBuilderSpec.setParsingStrategy(new DefaultJSONMapParsingStrategy(MetadataPolicy.class));
        batchMetadataCacheBuilderSpec.setMinRefreshDelay(Duration.ofMinutes(5L));
        batchMetadataCacheBuilderSpec.setMaxRefreshDelay(Duration.ofMinutes(10L));
        batchMetadataCacheBuilderSpec.setSourceMetadataExpiryStrategy(new DefaultSourceMetadataExpirationTimeStrategy(Duration.ofMinutes(5L)));
        batchMetadataCacheBuilderSpec.setCriteriaToIdentifierStrategy(criteriaSet -> {
            return "id";
        });
        batchMetadataCacheBuilderSpec.setIdentifierExtractionStrategy(map -> {
            return "id";
        });
        DefaultMetadataPolicyValidator defaultMetadataPolicyValidator = new DefaultMetadataPolicyValidator();
        if (customMetadataPolicyOperator != null) {
            defaultMetadataPolicyValidator.setCustomMetadataPolicyOperators(CollectionSupport.singletonMap("bean", customMetadataPolicyOperator));
        }
        batchMetadataCacheBuilderSpec.setMetadataValidPredicate(defaultMetadataPolicyValidator);
        batchMetadataCacheBuilderSpec.setMatchRequired(true);
        batchMetadataCacheBuilderSpec.setRefreshDelayFactor(Float.valueOf(0.75f));
        batchMetadataCacheBuilderSpec.setMetadataFilterStrategy((map2, metadataFilterContext) -> {
            return map2;
        });
        BatchMetadataCache<String, Map<String, MetadataPolicy>> build = builder.build(batchMetadataCacheBuilderSpec);
        if (build instanceof BatchMetadataCache) {
            return build;
        }
        throw new ComponentInitializationException("Wrong cache type");
    }

    @Test
    public void testNoPolicyFile() throws Exception {
        initTest("");
        Assert.assertFalse(this.resolver.resolve(new CriteriaSet()).iterator().hasNext());
    }

    @Test
    public void testInvalidPolicy() throws Exception {
        initTest("/net/shibboleth/oidc/metadata/impl/metadata-policy-invalid.json");
        Assert.assertFalse(this.resolver.resolve(new CriteriaSet()).iterator().hasNext());
    }

    @Test
    public void testFound() throws Exception {
        initTest("/net/shibboleth/oidc/metadata/impl/metadata-policy1.json");
        Iterator it = this.resolver.resolve(new CriteriaSet()).iterator();
        Assert.assertTrue(it.hasNext());
        Map<String, MetadataPolicy> map = (Map) it.next();
        Assert.assertEquals(map.size(), 6);
        assertStandardOperators(map);
    }

    @Test
    public void testFoundWithCustomFoundAndValid() throws Exception {
        initTest("/net/shibboleth/oidc/metadata/impl/metadata-policy1-custom.json", new CustomMetadataPolicyOperator() { // from class: net.shibboleth.oidc.metadata.policy.impl.OIDCMetadataPolicyResolverTest.1
            public boolean validate(MetadataPolicy metadataPolicy) {
                return true;
            }

            public Object apply(Object obj, MetadataPolicy metadataPolicy) throws ConstraintViolationException {
                return null;
            }
        });
        Iterator it = this.resolver.resolve(new CriteriaSet()).iterator();
        Assert.assertTrue(it.hasNext());
        Map<String, MetadataPolicy> map = (Map) it.next();
        Assert.assertEquals(map.size(), 6);
        assertStandardOperators(map);
        MetadataPolicy metadataPolicy = map.get("client_name");
        Assert.assertFalse(metadataPolicy.getCustomOperators().isEmpty());
        Object obj = metadataPolicy.getCustomOperators().get("bean");
        Assert.assertTrue(obj != null);
        Assert.assertEquals(obj, "customMetadataPolicyOperator");
    }

    @Test
    public void testFoundWithCustomFoundButNotValid() throws Exception {
        initTest("/net/shibboleth/oidc/metadata/impl/metadata-policy1-custom.json", new CustomMetadataPolicyOperator() { // from class: net.shibboleth.oidc.metadata.policy.impl.OIDCMetadataPolicyResolverTest.2
            public boolean validate(MetadataPolicy metadataPolicy) {
                return false;
            }

            public Object apply(Object obj, MetadataPolicy metadataPolicy) throws ConstraintViolationException {
                return null;
            }
        });
        Assert.assertFalse(this.resolver.resolve(new CriteriaSet()).iterator().hasNext());
    }

    @Test
    public void testFoundWithCustomNotFound() throws Exception {
        initTest("/net/shibboleth/oidc/metadata/impl/metadata-policy1-custom.json");
        Assert.assertFalse(this.resolver.resolve(new CriteriaSet()).iterator().hasNext());
    }

    protected void assertStandardOperators(Map<String, MetadataPolicy> map) {
        MetadataPolicy metadataPolicy = map.get("grant_types");
        Assert.assertNotNull(metadataPolicy);
        Assert.assertEquals(metadataPolicy.getOneOfValues(), List.of("authorization_code", "implicit"));
        Assert.assertNull(metadataPolicy.getAdd());
        Assert.assertNull(metadataPolicy.getDefaultValue());
        Assert.assertNull(metadataPolicy.getValue());
        Assert.assertFalse(metadataPolicy.isEssential());
        Assert.assertNull(metadataPolicy.getRegexp());
        Assert.assertNull(metadataPolicy.getSubsetOfValues());
        Assert.assertNull(metadataPolicy.getSupersetOfValues());
        MetadataPolicy metadataPolicy2 = map.get("client_name");
        Assert.assertNotNull(metadataPolicy2);
        Assert.assertNull(metadataPolicy2.getAdd());
        Assert.assertEquals(metadataPolicy2.getDefaultValue(), "A known test application");
        Assert.assertNull(metadataPolicy2.getValue());
        Assert.assertFalse(metadataPolicy2.isEssential());
        Assert.assertNull(metadataPolicy2.getOneOfValues());
        Assert.assertNull(metadataPolicy2.getRegexp());
        Assert.assertNull(metadataPolicy2.getSubsetOfValues());
        Assert.assertNull(metadataPolicy2.getSupersetOfValues());
        MetadataPolicy metadataPolicy3 = map.get("organization_name");
        Assert.assertNotNull(metadataPolicy3);
        Assert.assertNull(metadataPolicy3.getAdd());
        Assert.assertNull(metadataPolicy3.getDefaultValue());
        Assert.assertEquals(metadataPolicy3.getValue(), "A trusted organization");
        Assert.assertFalse(metadataPolicy3.isEssential());
        Assert.assertNull(metadataPolicy3.getOneOfValues());
        Assert.assertNull(metadataPolicy3.getRegexp());
        Assert.assertNull(metadataPolicy3.getSubsetOfValues());
        Assert.assertNull(metadataPolicy3.getSupersetOfValues());
        MetadataPolicy metadataPolicy4 = map.get("redirect_uris");
        Assert.assertNotNull(metadataPolicy4);
        Assert.assertNull(metadataPolicy4.getAdd());
        Assert.assertNull(metadataPolicy4.getDefaultValue());
        Assert.assertNull(metadataPolicy4.getValue());
        Assert.assertTrue(metadataPolicy4.isEssential());
        Assert.assertNull(metadataPolicy4.getOneOfValues());
        Assert.assertEquals(metadataPolicy4.getRegexp(), "^https:\\/\\/(?:([^.]+).)?example.org\\/(.*)");
        Assert.assertNull(metadataPolicy4.getSubsetOfValues());
        Assert.assertNull(metadataPolicy4.getSupersetOfValues());
        MetadataPolicy metadataPolicy5 = map.get("id_token_signing_alg_values_supported");
        Assert.assertNotNull(metadataPolicy5);
        Assert.assertNull(metadataPolicy5.getAdd());
        Assert.assertNull(metadataPolicy5.getDefaultValue());
        Assert.assertNull(metadataPolicy5.getValue());
        Assert.assertFalse(metadataPolicy5.isEssential());
        Assert.assertNull(metadataPolicy5.getOneOfValues());
        Assert.assertNull(metadataPolicy5.getRegexp());
        Assert.assertEquals(metadataPolicy5.getSubsetOfValues(), List.of("RS256", "RS384", "RS512"));
        Assert.assertNull(metadataPolicy5.getSupersetOfValues());
        MetadataPolicy metadataPolicy6 = map.get("scopes");
        Assert.assertNotNull(metadataPolicy6);
        Assert.assertNull(metadataPolicy6.getAdd());
        Assert.assertNull(metadataPolicy6.getDefaultValue());
        Assert.assertNull(metadataPolicy6.getValue());
        Assert.assertFalse(metadataPolicy6.isEssential());
        Assert.assertNull(metadataPolicy6.getOneOfValues());
        Assert.assertNull(metadataPolicy6.getRegexp());
        Assert.assertEquals(metadataPolicy6.getSubsetOfValues(), List.of("openid", "profile", "email", "phone"));
        Assert.assertNull(metadataPolicy6.getSupersetOfValues());
    }
}
