package net.shibboleth.idp.plugin.oidc.op.token.support.testing;

import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.openid.connect.sdk.Nonce;
import com.nimbusds.openid.connect.sdk.OIDCClaimsRequest;
import com.nimbusds.openid.connect.sdk.claims.ACR;
import com.nimbusds.openid.connect.sdk.claims.ClaimsSet;
import com.nimbusds.openid.connect.sdk.claims.ClaimsSetRequest;
import java.net.URI;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.time.Instant;
import net.minidev.json.JSONArray;
import net.shibboleth.ext.spring.resource.ResourceHelper;
import net.shibboleth.idp.plugin.oidc.op.token.support.TokenDeliveryClaimsClaimsSet;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.security.DataSealer;
import net.shibboleth.utilities.java.support.security.impl.BasicKeystoreKeyStrategy;
import org.springframework.core.io.ClassPathResource;
import org.testng.annotations.BeforeMethod;

/* loaded from: input_file:net/shibboleth/idp/plugin/oidc/op/token/support/testing/BaseTokenClaimsSetTest.class */
public class BaseTokenClaimsSetTest {
    protected DataSealer sealer;
    protected URI redirectURI;
    protected OIDCClaimsRequest claims;
    protected String subject = "sub";
    protected String userPrincipal = "userid";
    protected String issuer = "https://op.example.com";
    protected ClientID clientID = new ClientID();
    protected ACR acr = new ACR("0");
    protected Scope scope = new Scope(new String[]{"openid"});
    protected Nonce nonce = new Nonce();
    protected ClaimsSet dlClaimsUI = new TokenDeliveryClaimsClaimsSet();
    protected Instant iat = Instant.now();
    protected Instant exp = Instant.now().plusSeconds(3600);
    protected ClaimsSet dlClaims = new TokenDeliveryClaimsClaimsSet();
    protected String idpSessionId = "sessionId";
    protected Instant authTime = Instant.now();
    protected boolean consentEnabled = false;
    protected ClaimsSet dlClaimsID = new TokenDeliveryClaimsClaimsSet();
    protected JSONArray consentedClaims = new JSONArray();
    protected String codeChallenge = "code_challenge_123456";

    @BeforeMethod
    protected void setupSealer() throws ComponentInitializationException, NoSuchAlgorithmException {
        this.sealer = new DataSealer();
        BasicKeystoreKeyStrategy basicKeystoreKeyStrategy = new BasicKeystoreKeyStrategy();
        basicKeystoreKeyStrategy.setKeystoreResource(ResourceHelper.of(new ClassPathResource("credentials/sealer.jks")));
        basicKeystoreKeyStrategy.setKeyVersionResource(ResourceHelper.of(new ClassPathResource("credentials/sealer.kver")));
        basicKeystoreKeyStrategy.setKeystorePassword("password");
        basicKeystoreKeyStrategy.setKeyAlias("secret");
        basicKeystoreKeyStrategy.setKeyPassword("password");
        basicKeystoreKeyStrategy.initialize();
        this.sealer.setKeyStrategy(basicKeystoreKeyStrategy);
        this.sealer.setRandom(SecureRandom.getInstance("SHA1PRNG"));
        this.sealer.initialize();
    }

    @BeforeMethod
    protected void setUpParameters() throws Exception {
        this.redirectURI = new URI("https://rp.example.com/cb");
        this.claims = new OIDCClaimsRequest().withIDTokenClaimsRequest(new ClaimsSetRequest().add("email"));
        this.dlClaims.setClaim("tokenDelivery", "value");
        this.dlClaimsID.setClaim("tokenToIdtokenDeliveryClaim", "value");
        this.dlClaimsUI.setClaim("tokenToUserInfotokenDeliveryClaim", "value");
        this.consentedClaims.add("consentedClaim");
    }
}
