package org.picketlink.test.idm.credential;

import java.io.IOException;
import java.io.InputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import org.junit.Assert;
import org.junit.Test;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.credential.Credentials;
import org.picketlink.idm.credential.X509CertificateCredentials;
import org.picketlink.idm.credential.storage.X509CertificateStorage;
import org.picketlink.idm.credential.util.CredentialUtils;
import org.picketlink.idm.model.basic.User;
import org.picketlink.test.idm.AbstractPartitionManagerTestCase;
import org.picketlink.test.idm.Configuration;
import org.picketlink.test.idm.testers.FileStoreConfigurationTester;
import org.picketlink.test.idm.testers.IdentityConfigurationTester;
import org.picketlink.test.idm.testers.JPAStoreConfigurationTester;
import org.picketlink.test.idm.testers.LDAPStoreConfigurationTester;

@Configuration(include = {JPAStoreConfigurationTester.class, FileStoreConfigurationTester.class})
/* loaded from: input_file:org/picketlink/test/idm/credential/CertificateCredentialTestCase.class */
public class CertificateCredentialTestCase extends AbstractPartitionManagerTestCase {
    public CertificateCredentialTestCase(IdentityConfigurationTester identityConfigurationTester) {
        super(identityConfigurationTester);
    }

    @Test
    public void testSuccessfulValidation() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        X509Certificate testingCertificate = getTestingCertificate("servercert.txt");
        X509CertificateCredentials x509CertificateCredentials = new X509CertificateCredentials(testingCertificate);
        identityManager.updateCredential(createUser(x509CertificateCredentials.getUsername()), testingCertificate);
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.VALID, x509CertificateCredentials.getStatus());
        Assert.assertNotNull(x509CertificateCredentials.getValidatedAccount());
    }

    @Test
    public void testTrustedCertSuccessfulValidation() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        X509CertificateCredentials x509CertificateCredentials = new X509CertificateCredentials(getTestingCertificate("servercert.txt"));
        createUser(x509CertificateCredentials.getUsername());
        x509CertificateCredentials.setTrusted(true);
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.VALID, x509CertificateCredentials.getStatus());
        Assert.assertNotNull(x509CertificateCredentials.getValidatedAccount());
    }

    @Test
    public void testUnsuccessfulValidation() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        X509Certificate testingCertificate = getTestingCertificate("servercert.txt");
        User createUser = createUser(new X509CertificateCredentials(testingCertificate).getUsername());
        identityManager.updateCredential(createUser, testingCertificate);
        X509CertificateCredentials x509CertificateCredentials = new X509CertificateCredentials(getTestingCertificate("servercert2.txt"));
        x509CertificateCredentials.setUserName(createUser.getId());
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.INVALID, x509CertificateCredentials.getStatus());
        Assert.assertNull(x509CertificateCredentials.getValidatedAccount());
    }

    @Test
    public void testUserDisabled() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        X509Certificate testingCertificate = getTestingCertificate("servercert.txt");
        X509CertificateCredentials x509CertificateCredentials = new X509CertificateCredentials(testingCertificate);
        User createUser = createUser(x509CertificateCredentials.getUsername());
        identityManager.updateCredential(createUser, testingCertificate);
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.VALID, x509CertificateCredentials.getStatus());
        createUser.setEnabled(false);
        identityManager.update(createUser);
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.ACCOUNT_DISABLED, x509CertificateCredentials.getStatus());
    }

    @Test
    public void testResetCredential() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        X509Certificate testingCertificate = getTestingCertificate("servercert.txt");
        X509CertificateCredentials x509CertificateCredentials = new X509CertificateCredentials(testingCertificate);
        User createUser = createUser(x509CertificateCredentials.getUsername());
        Calendar calendar = Calendar.getInstance();
        calendar.add(12, -1);
        identityManager.updateCredential(createUser, testingCertificate, new Date(), calendar.getTime());
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.EXPIRED, x509CertificateCredentials.getStatus());
        X509CertificateCredentials x509CertificateCredentials2 = new X509CertificateCredentials(getTestingCertificate("servercert2.txt"));
        identityManager.validateCredentials(x509CertificateCredentials2);
        Assert.assertEquals(Credentials.Status.INVALID, x509CertificateCredentials2.getStatus());
        identityManager.updateCredential(createUser, testingCertificate);
        identityManager.validateCredentials(x509CertificateCredentials);
        Assert.assertEquals(Credentials.Status.VALID, x509CertificateCredentials.getStatus());
    }

    @Test
    @Configuration(exclude = {LDAPStoreConfigurationTester.class})
    public void testRetrieveCurrentCredential() throws Exception {
        IdentityManager identityManager = getIdentityManager();
        X509Certificate testingCertificate = getTestingCertificate("servercert.txt");
        User createUser = createUser(new X509CertificateCredentials(testingCertificate).getUsername());
        identityManager.updateCredential(createUser, testingCertificate);
        X509CertificateStorage retrieveCurrentCredential = identityManager.retrieveCurrentCredential(createUser, X509CertificateStorage.class);
        Assert.assertNotNull(retrieveCurrentCredential);
        Assert.assertTrue(CredentialUtils.isCurrentCredential(retrieveCurrentCredential));
        Assert.assertNotNull(retrieveCurrentCredential.getEffectiveDate());
        Assert.assertNotNull(retrieveCurrentCredential.getBase64Cert());
    }

    private X509Certificate getTestingCertificate(String str) {
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("cert/" + str);
        try {
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(resourceAsStream);
                if (resourceAsStream != null) {
                    try {
                        resourceAsStream.close();
                    } catch (IOException e) {
                    }
                }
                return x509Certificate;
            } catch (Exception e2) {
                throw new IllegalStateException("Could not load testing certificate.", e2);
            }
        } catch (Throwable th) {
            if (resourceAsStream != null) {
                try {
                    resourceAsStream.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }
}
