package net.shibboleth.idp.attribute.filter.impl;

import java.util.Arrays;
import java.util.Collections;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import net.shibboleth.ext.spring.service.MockApplicationContext;
import net.shibboleth.idp.attribute.IdPAttribute;
import net.shibboleth.idp.attribute.IdPAttributeValue;
import net.shibboleth.idp.attribute.StringAttributeValue;
import net.shibboleth.idp.attribute.context.AttributeContext;
import net.shibboleth.idp.attribute.filter.AttributeFilter;
import net.shibboleth.idp.attribute.filter.AttributeFilterPolicy;
import net.shibboleth.idp.attribute.filter.AttributeRule;
import net.shibboleth.idp.attribute.filter.Matcher;
import net.shibboleth.idp.attribute.filter.policyrule.filtercontext.impl.AttributeIssuerPolicyRule;
import net.shibboleth.idp.authn.AuthenticationFlowDescriptor;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.context.ExternalAuthenticationContext;
import net.shibboleth.idp.authn.impl.BaseAuthenticationContextTest;
import net.shibboleth.idp.authn.impl.ExternalAuthenticationImpl;
import net.shibboleth.idp.authn.impl.ValidateExternalAuthentication;
import net.shibboleth.idp.authn.principal.IdPAttributePrincipal;
import net.shibboleth.idp.authn.principal.UsernamePrincipal;
import net.shibboleth.idp.profile.ActionTestingSupport;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.service.MockReloadableService;
import net.shibboleth.utilities.java.support.service.ReloadableService;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/attribute/filter/impl/ValidateExternalAuthenticationTest.class */
public class ValidateExternalAuthenticationTest extends BaseAuthenticationContextTest {
    private ValidateExternalAuthentication action;

    @BeforeMethod
    public void setUp() throws Exception {
        super.setUp();
        this.prc.getSubcontext(AuthenticationContext.class).setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        this.action = new ValidateExternalAuthentication(getFilterService());
        this.action.setHttpServletRequest((HttpServletRequest) this.src.getExternalContext().getNativeRequest());
        this.action.initialize();
    }

    @Test
    public void testPrincipalName() {
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class);
        ExternalAuthenticationContext addSubcontext = subcontext.addSubcontext(new ExternalAuthenticationContext(new ExternalAuthenticationImpl()), true);
        addSubcontext.setPrincipalName("jdoe");
        IdPAttribute idPAttribute = new IdPAttribute("mail");
        idPAttribute.setValues(Collections.singletonList(StringAttributeValue.valueOf("jdoe@example.org")));
        addSubcontext.getSubcontext(AttributeContext.class, true).setIdPAttributes(Collections.singletonList(idPAttribute));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.src));
        Assert.assertNotNull(subcontext.getAuthenticationResult());
        Assert.assertFalse(subcontext.getAuthenticationResult().isPreviousResult());
        Assert.assertEquals(((UsernamePrincipal) subcontext.getAuthenticationResult().getSubject().getPrincipals(UsernamePrincipal.class).iterator().next()).getName(), "jdoe");
        Assert.assertTrue(subcontext.getAuthenticationResult().getSubject().getPrincipals(IdPAttributePrincipal.class).isEmpty());
    }

    @Test
    public void testAuthnAuthorities() {
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class);
        ExternalAuthenticationContext addSubcontext = subcontext.addSubcontext(new ExternalAuthenticationContext(new ExternalAuthenticationImpl()), true);
        addSubcontext.setPrincipalName("jdoe");
        addSubcontext.getAuthenticatingAuthorities().addAll(Arrays.asList("foo", "bar", "baz"));
        IdPAttribute idPAttribute = new IdPAttribute("mail");
        idPAttribute.setValues(Collections.singletonList(StringAttributeValue.valueOf("jdoe@example.org")));
        addSubcontext.getSubcontext(AttributeContext.class, true).setIdPAttributes(Collections.singletonList(idPAttribute));
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.src));
        Assert.assertNotNull(subcontext.getAuthenticationResult());
        Set principals = subcontext.getAuthenticationResult().getSubject().getPrincipals(IdPAttributePrincipal.class);
        Assert.assertEquals(principals.size(), 1);
        IdPAttribute attribute = ((IdPAttributePrincipal) principals.iterator().next()).getAttribute();
        Assert.assertEquals(attribute.getId(), "mail");
        Assert.assertEquals(attribute.getValues().size(), 1);
        Assert.assertEquals(((IdPAttributeValue) attribute.getValues().get(0)).getNativeValue(), "jdoe@example.org");
    }

    private ReloadableService<AttributeFilter> getFilterService() throws ComponentInitializationException {
        AttributeRule attributeRule = new AttributeRule();
        attributeRule.setId("mailRule");
        attributeRule.setAttributeId("mail");
        attributeRule.setMatcher(Matcher.MATCHES_ALL);
        attributeRule.setIsDenyRule(false);
        attributeRule.initialize();
        AttributeIssuerPolicyRule attributeIssuerPolicyRule = new AttributeIssuerPolicyRule();
        attributeIssuerPolicyRule.setId("issuerRule");
        attributeIssuerPolicyRule.setMatchString("foo");
        attributeIssuerPolicyRule.initialize();
        AttributeFilterPolicy attributeFilterPolicy = new AttributeFilterPolicy("mailPolicy", attributeIssuerPolicyRule, Collections.singletonList(attributeRule));
        attributeFilterPolicy.initialize();
        AttributeFilterImpl attributeFilterImpl = new AttributeFilterImpl("test", Collections.singletonList(attributeFilterPolicy));
        attributeFilterImpl.setApplicationContext(new MockApplicationContext());
        attributeFilterImpl.initialize();
        return new MockReloadableService(attributeFilterImpl);
    }
}
