package net.shibboleth.idp.test.flows.saml1;

import java.util.HashMap;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.xml.namespace.QName;
import net.shibboleth.idp.test.flows.AbstractFlowTest;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.schema.XSAny;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.saml1.core.Assertion;
import org.opensaml.saml.saml1.core.Attribute;
import org.opensaml.saml.saml1.core.AttributeStatement;
import org.opensaml.saml.saml1.core.Audience;
import org.opensaml.saml.saml1.core.AudienceRestrictionCondition;
import org.opensaml.saml.saml1.core.AuthenticationStatement;
import org.opensaml.saml.saml1.core.Conditions;
import org.opensaml.saml.saml1.core.ConfirmationMethod;
import org.opensaml.saml.saml1.core.NameIdentifier;
import org.opensaml.saml.saml1.core.Response;
import org.opensaml.saml.saml1.core.Status;
import org.opensaml.saml.saml1.core.StatusCode;
import org.opensaml.saml.saml1.core.Subject;
import org.opensaml.saml.saml1.core.SubjectConfirmation;
import org.testng.Assert;

/* loaded from: input_file:net/shibboleth/idp/test/flows/saml1/SAML1TestResponseValidator.class */
public class SAML1TestResponseValidator {

    @Nonnull
    public String idpEntityID = AbstractFlowTest.IDP_ENTITY_ID;

    @Nonnull
    public String spEntityID = AbstractFlowTest.SP_ENTITY_ID;

    @Nonnull
    public String authenticationMethod = "urn:oasis:names:tc:SAML:1.0:am:password";

    @Nonnull
    public String confirmationMethod = "urn:oasis:names:tc:SAML:1.0:cm:bearer";

    @Nonnull
    public QName statusCode = StatusCode.SUCCESS;

    @Nonnull
    public String statusMessage = "An error occurred.";
    public boolean validateAuthenticationStatements = true;
    public boolean usedAttributeDesignators = false;

    @Nonnull
    public NameIdentifier nameIdentifier = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(NameIdentifier.DEFAULT_ELEMENT_NAME).buildObject();

    public SAML1TestResponseValidator() {
        this.nameIdentifier.setFormat("urn:mace:shibboleth:1.0:nameIdentifier");
        this.nameIdentifier.setNameQualifier(this.idpEntityID);
    }

    public void validateResponse(@Nullable Response response) {
        assertResponse(response);
        assertStatus(response.getStatus());
        if (this.statusCode != StatusCode.SUCCESS) {
            return;
        }
        List<Assertion> assertions = response.getAssertions();
        assertAssertions(assertions);
        Assertion assertion = assertions.get(0);
        assertAssertion(assertion);
        validateConditions(assertion);
        if (this.validateAuthenticationStatements) {
            validateAuthenticationStatements(assertion);
        }
        validateAttributeStatements(assertion);
    }

    public void validateConditions(@Nullable Assertion assertion) {
        Assert.assertNotNull(assertion);
        Conditions conditions = assertion.getConditions();
        assertConditions(conditions);
        List<AudienceRestrictionCondition> audienceRestrictionConditions = conditions.getAudienceRestrictionConditions();
        assertAudienceRestrictionConditions(audienceRestrictionConditions);
        assertAudiences(audienceRestrictionConditions.get(0).getAudiences());
    }

    public void validateAuthenticationStatements(@Nullable Assertion assertion) {
        Assert.assertNotNull(assertion);
        List<AuthenticationStatement> authenticationStatements = assertion.getAuthenticationStatements();
        assertAuthenticationStatements(authenticationStatements);
        AuthenticationStatement authenticationStatement = authenticationStatements.get(0);
        assertAuthenticationStatement(authenticationStatement);
        assertSubject(authenticationStatement.getSubject());
        assertAuthenticationMethod(authenticationStatement.getAuthenticationMethod());
    }

    public void validateAttributeStatements(@Nullable Assertion assertion) {
        Assert.assertNotNull(assertion);
        List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
        assertAttributeStatements(attributeStatements);
        AttributeStatement attributeStatement = attributeStatements.get(0);
        assertAttributeStatement(attributeStatement);
        Subject subject = attributeStatement.getSubject();
        assertSubject(subject);
        assertNameIdentifier(subject.getNameIdentifier());
        SubjectConfirmation subjectConfirmation = subject.getSubjectConfirmation();
        assertSubjectConfirmation(subjectConfirmation);
        assertConfirmationMethods(subjectConfirmation.getConfirmationMethods());
        assertAttributes(attributeStatement.getAttributes());
    }

    public void assertResponse(@Nullable Response response) {
        Assert.assertNotNull(response);
        Assert.assertNotNull(response.getID());
        Assert.assertFalse(response.getID().isEmpty());
        Assert.assertNotNull(response.getIssueInstant());
        Assert.assertEquals(response.getVersion(), SAMLVersion.VERSION_11);
    }

    public void assertStatus(@Nullable Status status) {
        Assert.assertNotNull(status);
        Assert.assertNotNull(status.getStatusCode());
        Assert.assertEquals(status.getStatusCode().getValue(), this.statusCode);
        if (this.statusCode != StatusCode.SUCCESS) {
            Assert.assertEquals(status.getStatusMessage().getValue(), this.statusMessage);
        }
    }

    public void assertAssertions(@Nullable List<Assertion> list) {
        Assert.assertNotNull(list);
        Assert.assertFalse(list.isEmpty());
        Assert.assertEquals(list.size(), 1);
        Assert.assertNotNull(list.get(0));
    }

    public void assertAssertion(@Nullable Assertion assertion) {
        Assert.assertNotNull(assertion);
        Assert.assertNotNull(assertion.getID());
        Assert.assertFalse(assertion.getID().isEmpty());
        Assert.assertNotNull(assertion.getIssueInstant());
        Assert.assertEquals(assertion.getMajorVersion(), SAMLVersion.VERSION_11.getMajorVersion());
        Assert.assertEquals(assertion.getMinorVersion(), SAMLVersion.VERSION_11.getMinorVersion());
        Assert.assertEquals(assertion.getIssuer(), this.idpEntityID);
    }

    public void assertAuthenticationStatements(@Nullable List<AuthenticationStatement> list) {
        Assert.assertNotNull(list);
        Assert.assertFalse(list.isEmpty());
        Assert.assertEquals(list.size(), 1);
        Assert.assertNotNull(list.get(0));
    }

    public void assertAuthenticationStatement(@Nullable AuthenticationStatement authenticationStatement) {
        Assert.assertNotNull(authenticationStatement);
        Assert.assertNotNull(authenticationStatement.getSubject());
        Assert.assertNotNull(authenticationStatement.getAuthenticationInstant());
        Assert.assertNotNull(authenticationStatement.getAuthenticationMethod());
        Assert.assertFalse(authenticationStatement.getAuthenticationMethod().isEmpty());
    }

    public void assertAuthenticationMethod(@Nullable String str) {
        Assert.assertNotNull(str);
        Assert.assertEquals(str, this.authenticationMethod);
    }

    public void assertAudienceRestrictionConditions(@Nullable List<AudienceRestrictionCondition> list) {
        Assert.assertNotNull(list);
        Assert.assertEquals(list.size(), 1);
    }

    public void assertAudiences(@Nullable List<Audience> list) {
        Assert.assertNotNull(list);
        Assert.assertEquals(list.size(), 1);
        Assert.assertEquals(list.get(0).getURI(), this.spEntityID);
    }

    public void assertConditions(@Nullable Conditions conditions) {
        Assert.assertNotNull(conditions);
        Assert.assertNotNull(conditions.getNotBefore());
        Assert.assertNotNull(conditions.getNotOnOrAfter());
        Assert.assertNotNull(conditions.getAudienceRestrictionConditions());
        Assert.assertEquals(conditions.getAudienceRestrictionConditions().size(), 1);
    }

    public void assertAttributeStatements(@Nullable List<AttributeStatement> list) {
        Assert.assertNotNull(list);
        Assert.assertFalse(list.isEmpty());
        Assert.assertEquals(list.size(), 1);
        Assert.assertNotNull(list.get(0));
    }

    public void assertAttributeStatement(@Nullable AttributeStatement attributeStatement) {
        Assert.assertNotNull(attributeStatement);
        Assert.assertNotNull(attributeStatement.getSubject());
        Assert.assertNotNull(attributeStatement.getAttributes());
    }

    public void assertSubject(@Nullable Subject subject) {
        Assert.assertNotNull(subject);
        Assert.assertNotNull(subject.getNameIdentifier());
        Assert.assertNotNull(subject.getSubjectConfirmation());
    }

    public void assertNameIdentifier(@Nullable NameIdentifier nameIdentifier) {
        Assert.assertNotNull(nameIdentifier);
        Assert.assertNotNull(nameIdentifier.getValue());
        if (this.nameIdentifier.getFormat() != null && !this.nameIdentifier.getFormat().equals("urn:mace:shibboleth:1.0:nameIdentifier")) {
            Assert.assertEquals(nameIdentifier.getValue(), this.nameIdentifier.getValue());
        }
        Assert.assertEquals(nameIdentifier.getFormat(), this.nameIdentifier.getFormat());
        Assert.assertEquals(nameIdentifier.getNameQualifier(), this.nameIdentifier.getNameQualifier());
    }

    public void assertSubjectConfirmation(@Nullable SubjectConfirmation subjectConfirmation) {
        Assert.assertNotNull(subjectConfirmation);
        Assert.assertEquals(subjectConfirmation.getConfirmationMethods().size(), 1);
    }

    public void assertConfirmationMethods(@Nullable List<ConfirmationMethod> list) {
        Assert.assertNotNull(list);
        Assert.assertFalse(list.isEmpty());
        Assert.assertEquals(list.size(), 1);
        Assert.assertNotNull(list.get(0));
        assertConfirmationMethod(list.get(0));
    }

    public void assertConfirmationMethod(@Nullable ConfirmationMethod confirmationMethod) {
        Assert.assertNotNull(confirmationMethod);
        Assert.assertEquals(confirmationMethod.getURI(), this.confirmationMethod);
    }

    public void assertAttributes(@Nullable List<Attribute> list) {
        Assert.assertNotNull(list);
        Assert.assertFalse(list.isEmpty());
        Assert.assertEquals(list.size(), this.usedAttributeDesignators ? 2 : 4);
        HashMap hashMap = new HashMap();
        for (Attribute attribute : list) {
            hashMap.put(attribute.getAttributeName(), attribute);
        }
        if (this.usedAttributeDesignators) {
            Attribute attribute2 = (Attribute) hashMap.get("urn:mace:dir:attribute-def:mail");
            Assert.assertNotNull(attribute2);
            assertAttribute(attribute2, "urn:mace:dir:attribute-def:mail", "jdoe@example.org");
            Attribute attribute3 = (Attribute) hashMap.get("urn:mace:dir:attribute-def:eduPersonScopedAffiliation");
            Assert.assertNotNull(attribute3);
            assertAttribute(attribute3, "urn:mace:dir:attribute-def:eduPersonScopedAffiliation", "member");
            return;
        }
        Attribute attribute4 = (Attribute) hashMap.get("urn:mace:dir:attribute-def:uid");
        Assert.assertNotNull(attribute4);
        assertAttribute(attribute4, "urn:mace:dir:attribute-def:uid", "jdoe");
        Attribute attribute5 = (Attribute) hashMap.get("urn:mace:dir:attribute-def:mail");
        Assert.assertNotNull(attribute5);
        assertAttribute(attribute5, "urn:mace:dir:attribute-def:mail", "jdoe@example.org");
        Attribute attribute6 = (Attribute) hashMap.get("urn:mace:dir:attribute-def:eduPersonPrincipalName");
        Assert.assertNotNull(attribute6);
        assertAttribute(attribute6, "urn:mace:dir:attribute-def:eduPersonPrincipalName", "jdoe");
        Attribute attribute7 = (Attribute) hashMap.get("urn:mace:dir:attribute-def:eduPersonScopedAffiliation");
        Assert.assertNotNull(attribute7);
        assertAttribute(attribute7, "urn:mace:dir:attribute-def:eduPersonScopedAffiliation", "member");
    }

    public void assertAttribute(@Nullable Attribute attribute, @Nonnull String str, @Nonnull String str2) {
        Assert.assertNotNull(attribute);
        Assert.assertEquals(attribute.getAttributeName(), str);
        Assert.assertEquals(attribute.getAttributeNamespace(), "urn:mace:shibboleth:1.0:attributeNamespace:uri");
        Assert.assertEquals(attribute.getAttributeValues().size(), 1);
        Assert.assertTrue(attribute.getAttributeValues().get(0) instanceof XSAny);
        Assert.assertEquals(((XSAny) attribute.getAttributeValues().get(0)).getTextContent(), str2);
    }
}
