package net.shibboleth.idp.profile.spring.factory;

import java.util.Set;
import net.shibboleth.ext.spring.context.FilesystemGenericApplicationContext;
import net.shibboleth.ext.spring.util.SchemaTypeAwareXMLBeanDefinitionReader;
import org.opensaml.security.SecurityException;
import org.opensaml.security.x509.PKIXTrustEvaluator;
import org.opensaml.security.x509.PKIXValidationInformation;
import org.opensaml.security.x509.PKIXValidationOptions;
import org.opensaml.security.x509.X509Credential;
import org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator;
import org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator;
import org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine;
import org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver;
import org.opensaml.security.x509.impl.X509CredentialNameEvaluator;
import org.springframework.beans.FatalBeanException;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/profile/spring/factory/StaticPKIXFactoryBeanTest.class */
public class StaticPKIXFactoryBeanTest {

    /* loaded from: input_file:net/shibboleth/idp/profile/spring/factory/StaticPKIXFactoryBeanTest$MockPKIXTrustEvaluator.class */
    public static class MockPKIXTrustEvaluator implements PKIXTrustEvaluator {
        public boolean validate(PKIXValidationInformation pKIXValidationInformation, X509Credential x509Credential) throws SecurityException {
            return false;
        }

        public PKIXValidationOptions getPKIXValidationOptions() {
            return null;
        }
    }

    /* loaded from: input_file:net/shibboleth/idp/profile/spring/factory/StaticPKIXFactoryBeanTest$MockX509CredentialNameEvaluator.class */
    public static class MockX509CredentialNameEvaluator implements X509CredentialNameEvaluator {
        public boolean evaluate(X509Credential x509Credential, Set<String> set) throws SecurityException {
            return false;
        }
    }

    @Test
    public void defaults() {
        FilesystemGenericApplicationContext filesystemGenericApplicationContext = new FilesystemGenericApplicationContext();
        filesystemGenericApplicationContext.setDisplayName("ApplicationContext: X509Credential");
        new SchemaTypeAwareXMLBeanDefinitionReader(filesystemGenericApplicationContext).loadBeanDefinitions("net/shibboleth/idp/profile/spring/factory/static-pkix-factory-defaults.xml");
        filesystemGenericApplicationContext.refresh();
        PKIXX509CredentialTrustEngine pKIXX509CredentialTrustEngine = (PKIXX509CredentialTrustEngine) filesystemGenericApplicationContext.getBean("StaticPKIXX509CredentialTrustEngine", PKIXX509CredentialTrustEngine.class);
        Assert.assertNotNull(pKIXX509CredentialTrustEngine);
        Assert.assertTrue(StaticPKIXValidationInformationResolver.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXResolver()));
        Assert.assertTrue(CertPathPKIXTrustEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXTrustEvaluator()));
        Assert.assertTrue(BasicX509CredentialNameEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getX509CredentialNameEvaluator()));
    }

    @Test
    public void customPropertiesSuccess() {
        FilesystemGenericApplicationContext filesystemGenericApplicationContext = new FilesystemGenericApplicationContext();
        filesystemGenericApplicationContext.setDisplayName("ApplicationContext: X509Credential");
        new SchemaTypeAwareXMLBeanDefinitionReader(filesystemGenericApplicationContext).loadBeanDefinitions("net/shibboleth/idp/profile/spring/factory/static-pkix-factory-custom-success.xml");
        filesystemGenericApplicationContext.refresh();
        PKIXX509CredentialTrustEngine pKIXX509CredentialTrustEngine = (PKIXX509CredentialTrustEngine) filesystemGenericApplicationContext.getBean("StaticPKIXX509CredentialTrustEngine", PKIXX509CredentialTrustEngine.class);
        Assert.assertNotNull(pKIXX509CredentialTrustEngine);
        Assert.assertTrue(StaticPKIXValidationInformationResolver.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXResolver()));
        Assert.assertTrue(MockPKIXTrustEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXTrustEvaluator()));
        Assert.assertTrue(MockX509CredentialNameEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getX509CredentialNameEvaluator()));
    }

    @Test(expectedExceptions = {FatalBeanException.class})
    public void customPropertiesFailsValidation() {
        FilesystemGenericApplicationContext filesystemGenericApplicationContext = new FilesystemGenericApplicationContext();
        filesystemGenericApplicationContext.setDisplayName("ApplicationContext: X509Credential");
        new SchemaTypeAwareXMLBeanDefinitionReader(filesystemGenericApplicationContext).loadBeanDefinitions("net/shibboleth/idp/profile/spring/factory/static-pkix-factory-custom-failsValidation.xml");
        filesystemGenericApplicationContext.refresh();
    }
}
