package net.shibboleth.idp.test.flows.saml2;

import java.security.cert.X509Certificate;
import java.time.Instant;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.test.flows.AbstractFlowTest;
import net.shibboleth.shared.security.IdentifierGenerationStrategy;
import net.shibboleth.shared.xml.SerializeSupport;
import org.opensaml.core.xml.XMLObjectBuilder;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.Marshaller;
import org.opensaml.core.xml.schema.XSAny;
import org.opensaml.saml.common.SAMLObjectBuilder;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.core.AttributeQuery;
import org.opensaml.saml.saml2.core.AttributeValue;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.testing.SAML2ActionTestingSupport;
import org.opensaml.soap.soap11.Envelope;
import org.springframework.webflow.core.collection.MutableAttributeMap;
import org.springframework.webflow.executor.FlowExecutionResult;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/test/flows/saml2/SAML2AttributeQueryFlowTest.class */
public class SAML2AttributeQueryFlowTest extends AbstractSAML2FlowTest {

    @Nonnull
    public static final String FLOW_ID = "SAML2/SOAP/AttributeQuery";

    @Nullable
    private SAML2TestResponseValidator validator;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeClass
    void setupValidator() {
        NameID buildObject = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject();
        buildObject.setValue("jdoe");
        buildObject.setNameQualifier((String) null);
        buildObject.setSPNameQualifier((String) null);
        buildObject.setFormat((String) null);
        SAML2TestResponseValidator sAML2TestResponseValidator = new SAML2TestResponseValidator();
        this.validator = sAML2TestResponseValidator;
        sAML2TestResponseValidator.nameID = buildObject;
        sAML2TestResponseValidator.spCredential = this.spCredential;
        sAML2TestResponseValidator.subjectConfirmationMethod = "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches";
        sAML2TestResponseValidator.validateAuthnStatements = false;
        sAML2TestResponseValidator.validateSubjectConfirmationData = false;
    }

    @Test
    public void testSAML2AttributeQueryFlow() throws Exception {
        buildRequest(false);
        this.request.setAttribute("javax.servlet.request.X509Certificate", new X509Certificate[]{this.certFactoryBean.getObject()});
        overrideEndStateOutput(FLOW_ID);
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        if (!$assertionsDisabled && launchExecution == null) {
            throw new AssertionError();
        }
        SAML2TestResponseValidator sAML2TestResponseValidator = this.validator;
        if (!$assertionsDisabled && sAML2TestResponseValidator == null) {
            throw new AssertionError();
        }
        sAML2TestResponseValidator.statusCode = "urn:oasis:names:tc:SAML:2.0:status:Success";
        sAML2TestResponseValidator.usedAttributeDesignators = false;
        validateResult(launchExecution, FLOW_ID, sAML2TestResponseValidator);
    }

    @Test
    public void testSAML2AttributeQueryFlowWithDesignators() throws Exception {
        buildRequest(true);
        this.request.setAttribute("javax.servlet.request.X509Certificate", new X509Certificate[]{this.certFactoryBean.getObject()});
        overrideEndStateOutput(FLOW_ID);
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        if (!$assertionsDisabled && launchExecution == null) {
            throw new AssertionError();
        }
        SAML2TestResponseValidator sAML2TestResponseValidator = this.validator;
        if (!$assertionsDisabled && sAML2TestResponseValidator == null) {
            throw new AssertionError();
        }
        sAML2TestResponseValidator.statusCode = "urn:oasis:names:tc:SAML:2.0:status:Success";
        sAML2TestResponseValidator.usedAttributeDesignators = true;
        validateResult(launchExecution, FLOW_ID, sAML2TestResponseValidator);
    }

    @Test
    public void testSAML2AttributeQueryFlowNoCredential() throws Exception {
        buildRequest(false);
        overrideEndStateOutput(FLOW_ID);
        FlowExecutionResult launchExecution = this.flowExecutor.launchExecution(FLOW_ID, (MutableAttributeMap) null, this.externalContext);
        if (!$assertionsDisabled && launchExecution == null) {
            throw new AssertionError();
        }
        SAML2TestResponseValidator sAML2TestResponseValidator = this.validator;
        if (!$assertionsDisabled && sAML2TestResponseValidator == null) {
            throw new AssertionError();
        }
        sAML2TestResponseValidator.statusCode = "urn:oasis:names:tc:SAML:2.0:status:Requester";
        sAML2TestResponseValidator.usedAttributeDesignators = false;
        validateResult(launchExecution, FLOW_ID, sAML2TestResponseValidator);
    }

    public void buildRequest(boolean z) throws Exception {
        AttributeQuery buildAttributeQueryRequest = SAML2ActionTestingSupport.buildAttributeQueryRequest(SAML2ActionTestingSupport.buildSubject("jdoe"));
        buildAttributeQueryRequest.setID(IdentifierGenerationStrategy.getInstance(IdentifierGenerationStrategy.ProviderType.SECURE).generateIdentifier());
        buildAttributeQueryRequest.setIssueInstant(Instant.now());
        buildAttributeQueryRequest.setIssuer(SAML2ActionTestingSupport.buildIssuer(AbstractFlowTest.SP_ENTITY_ID));
        if (z) {
            SAMLObjectBuilder ensureBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(Attribute.DEFAULT_ELEMENT_NAME);
            XMLObjectBuilder ensureBuilder2 = XMLObjectProviderRegistrySupport.getBuilderFactory().ensureBuilder(XSAny.TYPE_NAME);
            Attribute buildObject = ensureBuilder.buildObject();
            buildObject.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:uri");
            buildObject.setName("urn:oid:0.9.2342.19200300.100.1.3");
            buildAttributeQueryRequest.getAttributes().add(buildObject);
            XSAny buildObject2 = ensureBuilder2.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME);
            buildObject2.setTextContent("jdoe@example.org");
            buildObject.getAttributeValues().add(buildObject2);
            Attribute buildObject3 = ensureBuilder.buildObject();
            buildObject3.setNameFormat("urn:oasis:names:tc:SAML:2.0:attrname-format:uri");
            buildObject3.setName("urn:mace:dir:attribute-def:foo");
            buildAttributeQueryRequest.getAttributes().add(buildObject3);
        }
        Envelope buildSOAP11Envelope = buildSOAP11Envelope(buildAttributeQueryRequest);
        Marshaller marshaller = marshallerFactory.getMarshaller(buildSOAP11Envelope);
        if (!$assertionsDisabled && marshaller == null) {
            throw new AssertionError();
        }
        String nodeToString = SerializeSupport.nodeToString(marshaller.marshall(buildSOAP11Envelope, parserPool.newDocument()));
        this.request.setMethod("POST");
        this.request.setContentType("text/xml");
        this.request.setContent(nodeToString.getBytes("UTF-8"));
    }

    static {
        $assertionsDisabled = !SAML2AttributeQueryFlowTest.class.desiredAssertionStatus();
    }
}
