package org.opensaml.security.httpclient;

import com.google.common.collect.Lists;
import java.io.File;
import java.net.URISyntaxException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import net.shibboleth.utilities.java.support.logic.ConstraintViolationException;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.conn.ssl.StrictHostnameVerifier;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.opensaml.security.SecurityException;
import org.opensaml.security.trust.TrustEngine;
import org.opensaml.security.x509.BasicX509Credential;
import org.opensaml.security.x509.X509Credential;
import org.opensaml.security.x509.X509Support;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/security/httpclient/HttpClientSecuritySupportTest.class */
public class HttpClientSecuritySupportTest {
    private X509Certificate cert;
    private String certDERPath = "/data/certificate.der";

    /* loaded from: input_file:org/opensaml/security/httpclient/HttpClientSecuritySupportTest$MockTrustEngine.class */
    public static class MockTrustEngine implements TrustEngine<X509Credential> {
        public boolean validate(X509Credential x509Credential, CriteriaSet criteriaSet) throws SecurityException {
            return false;
        }
    }

    @BeforeClass
    public void generatedTestData() throws NoSuchAlgorithmException, NoSuchProviderException, CertificateException, URISyntaxException {
        this.cert = X509Support.decodeCertificate(new File(HttpClientSecuritySupportTest.class.getResource(this.certDERPath).toURI()));
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testMarshalSecurityParametersNullContext() {
        HttpClientSecuritySupport.marshalSecurityParameters((HttpClientContext) null, new HttpClientSecurityParameters(), false);
    }

    @Test
    public void testMarshalNullSecurityParameters() {
        HttpClientContext create = HttpClientContext.create();
        HttpClientSecuritySupport.marshalSecurityParameters(create, (HttpClientSecurityParameters) null, false);
        Assert.assertNull(create.getCredentialsProvider());
        Assert.assertNull(create.getAttribute("opensaml.TrustEngine"));
        Assert.assertNull(create.getAttribute("opensaml.CriteriaSet"));
        Assert.assertNull(create.getAttribute("javasupport.TLSProtocols"));
        Assert.assertNull(create.getAttribute("javasupport.TLSCipherSuites"));
        Assert.assertNull(create.getAttribute("opensaml.ClientTLSCredential"));
        Assert.assertNull(create.getAttribute("javasupport.HostnameVerifier"));
    }

    @Test
    public void testMarshalSecurityParametersEmptyContext() {
        HttpClientContext create = HttpClientContext.create();
        HttpClientSecurityParameters httpClientSecurityParameters = new HttpClientSecurityParameters();
        httpClientSecurityParameters.setCredentialsProvider(new BasicCredentialsProvider());
        httpClientSecurityParameters.setTLSTrustEngine(new MockTrustEngine());
        httpClientSecurityParameters.setTLSCriteriaSet(new CriteriaSet());
        httpClientSecurityParameters.setTLSProtocols(Lists.newArrayList(new String[]{"foo"}));
        httpClientSecurityParameters.setTLSCipherSuites(Lists.newArrayList(new String[]{"foo"}));
        httpClientSecurityParameters.setClientTLSCredential(new BasicX509Credential(this.cert));
        httpClientSecurityParameters.setHostnameVerifier(new StrictHostnameVerifier());
        HttpClientSecuritySupport.marshalSecurityParameters(create, httpClientSecurityParameters, false);
        Assert.assertSame(create.getCredentialsProvider(), httpClientSecurityParameters.getCredentialsProvider());
        Assert.assertSame(create.getAttribute("opensaml.TrustEngine"), httpClientSecurityParameters.getTLSTrustEngine());
        Assert.assertSame(create.getAttribute("opensaml.CriteriaSet"), httpClientSecurityParameters.getTLSCriteriaSet());
        Assert.assertSame(create.getAttribute("javasupport.TLSProtocols"), httpClientSecurityParameters.getTLSProtocols());
        Assert.assertSame(create.getAttribute("javasupport.TLSCipherSuites"), httpClientSecurityParameters.getTLSCipherSuites());
        Assert.assertSame(create.getAttribute("opensaml.ClientTLSCredential"), httpClientSecurityParameters.getClientTLSCredential());
        Assert.assertSame(create.getAttribute("javasupport.HostnameVerifier"), httpClientSecurityParameters.getHostnameVerifier());
    }

    @Test
    public void testMarshalSecurityParametersWithReplacement() {
        HttpClientContext create = HttpClientContext.create();
        create.setCredentialsProvider(new BasicCredentialsProvider());
        create.setAttribute("opensaml.TrustEngine", new MockTrustEngine());
        create.setAttribute("opensaml.CriteriaSet", new CriteriaSet());
        create.setAttribute("javasupport.TLSProtocols", Lists.newArrayList(new String[]{"foo"}));
        create.setAttribute("javasupport.TLSCipherSuites", Lists.newArrayList(new String[]{"foo"}));
        create.setAttribute("opensaml.ClientTLSCredential", new BasicX509Credential(this.cert));
        create.setAttribute("javasupport.HostnameVerifier", new StrictHostnameVerifier());
        HttpClientSecurityParameters httpClientSecurityParameters = new HttpClientSecurityParameters();
        httpClientSecurityParameters.setCredentialsProvider(new BasicCredentialsProvider());
        httpClientSecurityParameters.setTLSTrustEngine(new MockTrustEngine());
        httpClientSecurityParameters.setTLSCriteriaSet(new CriteriaSet());
        httpClientSecurityParameters.setTLSProtocols(Lists.newArrayList(new String[]{"foo"}));
        httpClientSecurityParameters.setTLSCipherSuites(Lists.newArrayList(new String[]{"foo"}));
        httpClientSecurityParameters.setClientTLSCredential(new BasicX509Credential(this.cert));
        httpClientSecurityParameters.setHostnameVerifier(new StrictHostnameVerifier());
        HttpClientSecuritySupport.marshalSecurityParameters(create, httpClientSecurityParameters, true);
        Assert.assertSame(create.getCredentialsProvider(), httpClientSecurityParameters.getCredentialsProvider());
        Assert.assertSame(create.getAttribute("opensaml.TrustEngine"), httpClientSecurityParameters.getTLSTrustEngine());
        Assert.assertSame(create.getAttribute("opensaml.CriteriaSet"), httpClientSecurityParameters.getTLSCriteriaSet());
        Assert.assertSame(create.getAttribute("javasupport.TLSProtocols"), httpClientSecurityParameters.getTLSProtocols());
        Assert.assertSame(create.getAttribute("javasupport.TLSCipherSuites"), httpClientSecurityParameters.getTLSCipherSuites());
        Assert.assertSame(create.getAttribute("opensaml.ClientTLSCredential"), httpClientSecurityParameters.getClientTLSCredential());
        Assert.assertSame(create.getAttribute("javasupport.HostnameVerifier"), httpClientSecurityParameters.getHostnameVerifier());
    }

    @Test
    public void testMarshalSecurityParametersWithoutReplacement() {
        HttpClientContext create = HttpClientContext.create();
        BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
        MockTrustEngine mockTrustEngine = new MockTrustEngine();
        CriteriaSet criteriaSet = new CriteriaSet();
        ArrayList newArrayList = Lists.newArrayList(new String[]{"foo"});
        ArrayList newArrayList2 = Lists.newArrayList(new String[]{"foo"});
        BasicX509Credential basicX509Credential = new BasicX509Credential(this.cert);
        StrictHostnameVerifier strictHostnameVerifier = new StrictHostnameVerifier();
        create.setCredentialsProvider(basicCredentialsProvider);
        create.setAttribute("opensaml.TrustEngine", mockTrustEngine);
        create.setAttribute("opensaml.CriteriaSet", criteriaSet);
        create.setAttribute("javasupport.TLSProtocols", newArrayList);
        create.setAttribute("javasupport.TLSCipherSuites", newArrayList2);
        create.setAttribute("opensaml.ClientTLSCredential", basicX509Credential);
        create.setAttribute("javasupport.HostnameVerifier", strictHostnameVerifier);
        HttpClientSecurityParameters httpClientSecurityParameters = new HttpClientSecurityParameters();
        httpClientSecurityParameters.setCredentialsProvider(new BasicCredentialsProvider());
        httpClientSecurityParameters.setTLSTrustEngine(new MockTrustEngine());
        httpClientSecurityParameters.setTLSCriteriaSet(new CriteriaSet());
        httpClientSecurityParameters.setTLSProtocols(Lists.newArrayList(new String[]{"foo"}));
        httpClientSecurityParameters.setTLSCipherSuites(Lists.newArrayList(new String[]{"foo"}));
        httpClientSecurityParameters.setClientTLSCredential(new BasicX509Credential(this.cert));
        httpClientSecurityParameters.setHostnameVerifier(new StrictHostnameVerifier());
        HttpClientSecuritySupport.marshalSecurityParameters(create, httpClientSecurityParameters, false);
        Assert.assertSame(create.getCredentialsProvider(), basicCredentialsProvider);
        Assert.assertSame(create.getAttribute("opensaml.TrustEngine"), mockTrustEngine);
        Assert.assertSame(create.getAttribute("opensaml.CriteriaSet"), criteriaSet);
        Assert.assertSame(create.getAttribute("javasupport.TLSProtocols"), newArrayList);
        Assert.assertSame(create.getAttribute("javasupport.TLSCipherSuites"), newArrayList2);
        Assert.assertSame(create.getAttribute("opensaml.ClientTLSCredential"), basicX509Credential);
        Assert.assertSame(create.getAttribute("javasupport.HostnameVerifier"), strictHostnameVerifier);
    }

    @Test
    public void testSetContextValue() {
        HttpClientContext create = HttpClientContext.create();
        HttpClientSecuritySupport.setContextValue(create, "MyAttrib", "foo", false);
        Assert.assertEquals(create.getAttribute("MyAttrib"), "foo");
        HttpClientContext create2 = HttpClientContext.create();
        HttpClientSecuritySupport.setContextValue(create2, "MyAttrib", (Object) null, false);
        Assert.assertNull(create2.getAttribute("MyAttrib"));
        HttpClientContext create3 = HttpClientContext.create();
        create3.setAttribute("MyAttrib", "bar");
        HttpClientSecuritySupport.setContextValue(create3, "MyAttrib", "foo", false);
        Assert.assertEquals(create3.getAttribute("MyAttrib"), "bar");
        HttpClientContext create4 = HttpClientContext.create();
        create4.setAttribute("MyAttrib", "bar");
        HttpClientSecuritySupport.setContextValue(create4, "MyAttrib", "foo", true);
        Assert.assertEquals(create4.getAttribute("MyAttrib"), "foo");
        HttpClientContext create5 = HttpClientContext.create();
        create5.setAttribute("MyAttrib", "bar");
        HttpClientSecuritySupport.setContextValue(create5, "MyAttrib", (Object) null, true);
        Assert.assertEquals(create5.getAttribute("MyAttrib"), "bar");
        try {
            HttpClientSecuritySupport.setContextValue((HttpClientContext) null, "MyAttrib", "foo", false);
            Assert.fail("Null context value");
        } catch (ConstraintViolationException e) {
        }
        try {
            HttpClientSecuritySupport.setContextValue(HttpClientContext.create(), (String) null, "foo", false);
            Assert.fail("Null attribute name");
        } catch (ConstraintViolationException e2) {
        }
    }
}
