package net.shibboleth.idp.profile.spring.relyingparty.saml;

import java.util.List;
import net.shibboleth.idp.saml.authn.principal.AuthnContextClassRefPrincipal;
import net.shibboleth.idp.saml.saml2.profile.config.BrowserSSOProfileConfiguration;
import net.shibboleth.idp.saml.saml2.profile.config.ECPProfileConfiguration;
import org.springframework.beans.factory.parsing.BeanDefinitionParsingException;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/profile/spring/relyingparty/saml/SAML2ECPProfileTest.class */
public class SAML2ECPProfileTest extends BaseSAMLProfileTest {
    @Test
    public void defaults() {
        ECPProfileConfiguration bean = getBean(ECPProfileConfiguration.class, true, "saml/ecp.xml", "beans.xml");
        Assert.assertTrue(bean.includeAttributeStatement());
        Assert.assertFalse(bean.skipEndpointValidationWhenSigned());
        Assert.assertEquals(bean.getMaximumSPSessionLifetime(), 0L);
        assertTruePredicate(bean.getEncryptAssertionsPredicate());
        assertFalsePredicate(bean.getEncryptNameIDsPredicate());
        Assert.assertEquals(bean.getProxyCount(), 0L);
        Assert.assertTrue(bean.getProxyAudiences().isEmpty());
        assertFalsePredicate(bean.getSignRequestsPredicate());
        assertFalsePredicate(bean.getSignAssertionsPredicate());
        assertTruePredicate(bean.getSignResponsesPredicate());
        Assert.assertEquals(bean.getAssertionLifetime(), 300000L);
        Assert.assertTrue(bean.getAdditionalAudiencesForAssertion().isEmpty());
        Assert.assertTrue(bean.includeConditionsNotBefore());
        Assert.assertEquals(bean.getInboundSubflowId(), "security-policy/saml2-sso");
        Assert.assertNull(bean.getOutboundSubflowId());
        Assert.assertNull(bean.getArtifactConfiguration());
    }

    @Test
    public void values() {
        BrowserSSOProfileConfiguration bean = getBean(BrowserSSOProfileConfiguration.class, true, "beans.xml", "saml/ecpValues.xml");
        Assert.assertFalse(bean.includeAttributeStatement());
        Assert.assertTrue(bean.skipEndpointValidationWhenSigned());
        Assert.assertEquals(bean.getMaximumSPSessionLifetime(), 1L);
        assertTruePredicate(bean.getEncryptAssertionsPredicate());
        assertFalsePredicate(bean.getEncryptNameIDsPredicate());
        Assert.assertEquals(bean.getProxyCount(), 0L);
        Assert.assertTrue(bean.getProxyAudiences().isEmpty());
        assertFalsePredicate(bean.getSignRequestsPredicate());
        assertFalsePredicate(bean.getSignAssertionsPredicate());
        assertTruePredicate(bean.getSignResponsesPredicate());
        Assert.assertEquals(bean.getAssertionLifetime(), 300000L);
        Assert.assertTrue(bean.getAdditionalAudiencesForAssertion().isEmpty());
        Assert.assertTrue(bean.includeConditionsNotBefore());
        Assert.assertEquals(bean.getInboundSubflowId(), "ecpibfid");
        Assert.assertEquals(bean.getOutboundSubflowId(), "ecpobfid");
        Assert.assertNull(bean.getArtifactConfiguration());
        Assert.assertEquals(bean.getDefaultAuthenticationMethods().size(), 1);
        Assert.assertEquals(((AuthnContextClassRefPrincipal) bean.getDefaultAuthenticationMethods().get(0)).getAuthnContextClassRef().getAuthnContextClassRef(), "urn:oasis:names:tc:SAML:2.0:ac:classes:Password");
        List nameIDFormatPrecedence = bean.getNameIDFormatPrecedence();
        Assert.assertEquals(nameIDFormatPrecedence.size(), 2);
        Assert.assertTrue(nameIDFormatPrecedence.contains("three"));
        Assert.assertTrue(nameIDFormatPrecedence.contains("four"));
    }

    @Test(expectedExceptions = {BeanDefinitionParsingException.class})
    public void localityAddress() {
        getBean(BrowserSSOProfileConfiguration.class, true, "beans.xml", "saml/ecpLocalityAddress.xml");
    }

    @Test(expectedExceptions = {BeanDefinitionParsingException.class})
    public void localityDnsname() {
        getBean(BrowserSSOProfileConfiguration.class, true, "beans.xml", "saml/ecpLocalityDNSName.xml");
    }
}
