package net.shibboleth.idp.cas.ticket.impl;

import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import net.shibboleth.ext.spring.resource.ResourceHelper;
import net.shibboleth.idp.cas.ticket.ProxyGrantingTicket;
import net.shibboleth.idp.cas.ticket.ProxyTicket;
import net.shibboleth.idp.cas.ticket.ServiceTicket;
import net.shibboleth.idp.cas.ticket.TicketState;
import net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategy;
import net.shibboleth.utilities.java.support.security.DataSealer;
import net.shibboleth.utilities.java.support.security.IdentifierGenerationStrategy;
import net.shibboleth.utilities.java.support.security.RandomIdentifierGenerationStrategy;
import org.joda.time.Instant;
import org.opensaml.storage.impl.MemoryStorageService;
import org.springframework.core.io.ClassPathResource;
import org.testng.Assert;
import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/cas/ticket/impl/EncodingTicketServiceTest.class */
public class EncodingTicketServiceTest {
    private EncodingTicketService ticketService;
    private IdentifierGenerationStrategy sessionIdGenerator = new RandomIdentifierGenerationStrategy(32);
    private IdentifierGenerationStrategy pgtIdGenerator = new TicketIdentifierGenerationStrategy("PGT", 32);
    private SecureRandom secureRandom;

    public EncodingTicketServiceTest() {
        try {
            this.secureRandom = SecureRandom.getInstance("SHA1PRNG");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Secure random creation failed", e);
        }
    }

    @BeforeTest
    public void setUp() throws Exception {
        BasicKeystoreKeyStrategy basicKeystoreKeyStrategy = new BasicKeystoreKeyStrategy();
        basicKeystoreKeyStrategy.setKeystoreResource(ResourceHelper.of(new ClassPathResource("credentials/sealer.jks")));
        basicKeystoreKeyStrategy.setKeyVersionResource(ResourceHelper.of(new ClassPathResource("credentials/sealer.kver")));
        basicKeystoreKeyStrategy.setKeystorePassword("password");
        basicKeystoreKeyStrategy.setKeyAlias("secret");
        basicKeystoreKeyStrategy.setKeyPassword("password");
        basicKeystoreKeyStrategy.initialize();
        DataSealer dataSealer = new DataSealer();
        dataSealer.setKeyStrategy(basicKeystoreKeyStrategy);
        dataSealer.setRandom(this.secureRandom);
        dataSealer.initialize();
        this.ticketService = new EncodingTicketService(new MemoryStorageService(), dataSealer);
    }

    @Test
    public void testCreateRemoveServiceTicketSuccess() throws Exception {
        TicketState newState = newState("aloysius");
        Instant plus = new Instant().plus(5000L);
        ServiceTicket createServiceTicket = this.ticketService.createServiceTicket(String.valueOf(System.currentTimeMillis()), plus, "https://www.example.com/s1/", newState, true);
        Assert.assertNotNull(createServiceTicket);
        Assert.assertTrue(createServiceTicket.getId().startsWith("ST-"));
        ServiceTicket removeServiceTicket = this.ticketService.removeServiceTicket(createServiceTicket.getId());
        Assert.assertNotNull(removeServiceTicket);
        Assert.assertEquals(createServiceTicket.getId(), removeServiceTicket.getId());
        Assert.assertEquals(plus, removeServiceTicket.getExpirationInstant());
        Assert.assertEquals("https://www.example.com/s1/", removeServiceTicket.getService());
        Assert.assertTrue(removeServiceTicket.isRenew());
        Assert.assertEquals(newState.getSessionId(), removeServiceTicket.getSessionId());
        Assert.assertEquals(newState, removeServiceTicket.getTicketState());
        ServiceTicket removeServiceTicket2 = this.ticketService.removeServiceTicket(createServiceTicket.getId());
        Assert.assertNotNull(removeServiceTicket2);
        Assert.assertEquals(createServiceTicket.getId(), removeServiceTicket2.getId());
    }

    @Test
    public void testCreateRemoveServiceTicketInvalid() throws Exception {
        Assert.assertNotNull(this.ticketService.createServiceTicket(String.valueOf(System.currentTimeMillis()), new Instant().plus(5000L), "https://www.example.com/s2/", newState("bartholomew"), true));
        Assert.assertNull(this.ticketService.removeServiceTicket("ST-abc123"));
    }

    @Test
    public void testCreateServiceTicketSuccessWithLongID() throws Exception {
        TicketState newState = newState("charlemagne@vt.edu");
        ServiceTicket createServiceTicket = this.ticketService.createServiceTicket(String.valueOf(System.currentTimeMillis()), new Instant().plus(5000L), "https://www.google.com/maps/place/Mountain+Lake+Lodge/@37.3554696,-80.539459,17z/data=!3m1!4b1!4m5!3m4!1s0x884dc6a58faa2119:0x17f3cc6a2c82b614!8m2!3d37.3554696!4d-80.537265", newState, true);
        Assert.assertNotNull(createServiceTicket);
        Assert.assertTrue(createServiceTicket.getId().startsWith("ST-"));
        Assert.assertTrue(createServiceTicket.getId().length() < 500);
    }

    @Test
    public void testCreateRemoveProxyTicketSuccess() throws Exception {
        ProxyGrantingTicket newPGT = newPGT(newState("donegal"), "https://www.example.com/s1/");
        Instant plus = new Instant().plus(5000L);
        ProxyTicket createProxyTicket = this.ticketService.createProxyTicket(String.valueOf(System.currentTimeMillis()), plus, newPGT, "https://www.example.com/s2/");
        Assert.assertNotNull(createProxyTicket);
        Assert.assertTrue(createProxyTicket.getId().startsWith("PT-"));
        ProxyTicket removeProxyTicket = this.ticketService.removeProxyTicket(createProxyTicket.getId());
        Assert.assertNotNull(removeProxyTicket);
        Assert.assertEquals(createProxyTicket.getId(), removeProxyTicket.getId());
        Assert.assertEquals(plus, removeProxyTicket.getExpirationInstant());
        Assert.assertEquals("https://www.example.com/s2/", removeProxyTicket.getService());
        Assert.assertEquals(newPGT.getId(), removeProxyTicket.getPgtId());
        Assert.assertEquals(newPGT.getTicketState(), removeProxyTicket.getTicketState());
        ProxyTicket removeProxyTicket2 = this.ticketService.removeProxyTicket(createProxyTicket.getId());
        Assert.assertNotNull(removeProxyTicket2);
        Assert.assertEquals(createProxyTicket.getId(), removeProxyTicket2.getId());
    }

    @Test
    public void testCreateRemoveProxyTicketInvalid() throws Exception {
        ProxyGrantingTicket newPGT = newPGT(newState("esquire"), "https://www.example.com/s1/");
        Instant plus = new Instant().plus(5000L);
        Assert.assertNotNull(this.ticketService.createProxyTicket(String.valueOf(System.currentTimeMillis()), plus, newPGT, "https://www.example.com/s2/"));
        Assert.assertNull(this.ticketService.removeProxyTicket("PT-123"));
    }

    private TicketState newState(String str) {
        return new TicketState(this.sessionIdGenerator.generateIdentifier(), str, new Instant(), "authn/Password");
    }

    private ProxyGrantingTicket newPGT(TicketState ticketState, String str) {
        ProxyGrantingTicket proxyGrantingTicket = new ProxyGrantingTicket(this.pgtIdGenerator.generateIdentifier(), str, new Instant().plus(300000L), "PGT-12345");
        proxyGrantingTicket.setTicketState(ticketState);
        return proxyGrantingTicket;
    }
}
