package org.apache.wss4j.stax.test;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.setup.WSSec;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.apache.wss4j.stax.test.utils.XmlReaderToWriter;
import org.apache.xml.security.stax.ext.SecurePart;
import org.apache.xml.security.stax.securityEvent.SecurityEvent;
import org.apache.xml.security.stax.securityEvent.SecurityEventListener;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/HeaderOrderingTest.class */
public class HeaderOrderingTest extends AbstractTestBase {
    @Test
    public void testUsernameTokenSignedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 2);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "UsernameToken");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "Signature");
        Assertions.assertEquals(2, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken");
    }

    @Test
    public void testUsernameTokenSignedLaxHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.USERNAMETOKEN);
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 2);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "Signature");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "UsernameToken");
        Assertions.assertEquals(2, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "UsernameToken Signature");
    }

    @Test
    public void testUsernameTokenSignedWithBSTStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 3);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "UsernameToken");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "Signature");
        Assertions.assertEquals(2, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken");
    }

    @Test
    public void testTimestampSignedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 2);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "Timestamp");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "Signature");
        Assertions.assertEquals(2, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Timestamp");
    }

    @Test
    public void testTimestampSignedLaxHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.TIMESTAMP);
        arrayList.add(WSSConstants.SIGNATURE);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 2);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "Signature");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "Timestamp");
        Assertions.assertEquals(2, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Timestamp Signature");
    }

    @Test
    public void testUsernameTokenPlusTimestampSignedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 3);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "Timestamp");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "UsernameToken");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "Signature");
        Assertions.assertEquals(3, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken Timestamp");
    }

    @Test
    public void testTimestampPlusUsernameTokenSignedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.TIMESTAMP);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 3);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "UsernameToken");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "Timestamp");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "Signature");
        Assertions.assertEquals(3, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature Timestamp UsernameToken");
    }

    @Test
    public void testUsernameTokenPlusTimestampWithBSTSignedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 4);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "Timestamp");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "UsernameToken");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(3).getLocalName(), "Signature");
        Assertions.assertEquals(3, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken Timestamp");
    }

    @Test
    public void testUsernameTokenPlusTimestampSignedAndEncryptedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPTION);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 4);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "EncryptedKey");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "EncryptedData");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "EncryptedData");
        Assertions.assertEquals(childNodes.item(3).getLocalName(), "Signature");
        Assertions.assertEquals(3, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken Timestamp Encryption");
    }

    @Test
    public void testUsernameTokenPlusTimestampWithBSTSignedAndEncryptedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPTION);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 6);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "EncryptedKey");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "EncryptedData");
        Assertions.assertEquals(childNodes.item(3).getLocalName(), "EncryptedData");
        Assertions.assertEquals(childNodes.item(4).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(5).getLocalName(), "Signature");
        Assertions.assertEquals(3, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken Timestamp Encryption");
    }

    @Test
    public void testSignatureConfirmationUsernameTokenTimestampStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.setProperty("enableSignatureConfirmation", "true");
        Map<String, Object> doOutboundSecurityWithWSS4J_1 = doOutboundSecurityWithWSS4J_1(resourceAsStream, "Signature", properties);
        Set set = (Set) doOutboundSecurityWithWSS4J_1.get("_sendSignatureValues_");
        Document document = (Document) doOutboundSecurityWithWSS4J_1.get("securedDocument");
        Assertions.assertEquals(document.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(document), new StreamResult(byteArrayOutputStream));
        final ArrayList arrayList = new ArrayList();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), new ArrayList(), new SecurityEventListener() { // from class: org.apache.wss4j.stax.test.HeaderOrderingTest.1
            public void registerSecurityEvent(SecurityEvent securityEvent) throws WSSecurityException {
                arrayList.add(securityEvent);
            }
        })).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assertions.assertEquals(elementsByTagNameNS.getLength(), 1);
        Assertions.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(WSSConstants.SIGNATURE);
        arrayList2.add(WSSConstants.SIGNATURE_CONFIRMATION);
        arrayList2.add(WSSConstants.USERNAMETOKEN);
        arrayList2.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties2.setActions(arrayList2);
        wSSSecurityProperties2.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties2.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties2.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties2.addSignaturePart(new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, SecurePart.Modifier.Element));
        wSSSecurityProperties2.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties2.loadSignatureKeyStore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties2.setSignatureUser("receiver");
        wSSSecurityProperties2.setTokenUser("transmitter");
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties2).processOutMessage(byteArrayOutputStream2, StandardCharsets.UTF_8.name(), arrayList);
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream2.toByteArray()));
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS2.getLength());
        NodeList childNodes = elementsByTagNameNS2.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 5);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "Timestamp");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "UsernameToken");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "SignatureConfirmation");
        Assertions.assertEquals(childNodes.item(3).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(4).getLocalName(), "Signature");
        Assertions.assertEquals(4, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        Properties properties2 = new Properties();
        properties2.put("_sendSignatureValues_", set);
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream2.toByteArray())), "Signature UsernameToken Timestamp", properties2, true);
    }

    @Test
    public void testUsernameTokenPlusTimestampPlusSignatureWithBSTSignedAndEncryptedStrictHeaderOrdering() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SIGNATURE);
        arrayList.add(WSSConstants.ENCRYPTION);
        arrayList.add(WSSConstants.USERNAMETOKEN);
        arrayList.add(WSSConstants.TIMESTAMP);
        wSSSecurityProperties.setActions(arrayList);
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setTokenUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addSignaturePart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Element));
        wSSSecurityProperties.setEncryptionUser("receiver");
        wSSSecurityProperties.loadEncryptionKeystore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setEncryptionKeyIdentifier(WSSecurityTokenConstants.KEYIDENTIFIER_SECURITY_TOKEN_DIRECT_REFERENCE);
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://www.w3.org/2000/09/xmldsig#", "Signature"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "UsernameToken"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Timestamp"), SecurePart.Modifier.Element));
        wSSSecurityProperties.addEncryptionPart(new SecurePart(new QName("http://schemas.xmlsoap.org/soap/envelope/", "Body"), SecurePart.Modifier.Content));
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, StandardCharsets.UTF_8.name(), new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "Security");
        Assertions.assertEquals(1, elementsByTagNameNS.getLength());
        NodeList childNodes = elementsByTagNameNS.item(0).getChildNodes();
        Assertions.assertEquals(childNodes.getLength(), 6);
        Assertions.assertEquals(childNodes.item(0).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(1).getLocalName(), "EncryptedKey");
        Assertions.assertEquals(childNodes.item(2).getLocalName(), "EncryptedData");
        Assertions.assertEquals(childNodes.item(3).getLocalName(), "EncryptedData");
        Assertions.assertEquals(childNodes.item(4).getLocalName(), "BinarySecurityToken");
        Assertions.assertEquals(childNodes.item(5).getLocalName(), "EncryptedData");
        Assertions.assertEquals(0, parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference").getLength());
        doInboundSecurityWithWSS4J(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature UsernameToken Timestamp Encryption");
    }
}
