package net.shibboleth.idp.ui.csrf.impl;

import java.util.UUID;
import java.util.function.BiPredicate;
import java.util.function.Predicate;
import net.shibboleth.idp.ui.csrf.BaseCSRFTest;
import net.shibboleth.idp.ui.csrf.CSRFToken;
import net.shibboleth.idp.ui.csrf.CSRFTokenManager;
import net.shibboleth.idp.ui.csrf.InvalidCSRFTokenException;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.logic.ConstraintViolationException;
import org.springframework.test.util.ReflectionTestUtils;
import org.springframework.webflow.engine.ActionState;
import org.springframework.webflow.engine.Flow;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;
import org.springframework.webflow.test.MockExternalContext;
import org.springframework.webflow.test.MockFlowExecutionContext;
import org.springframework.webflow.test.MockFlowSession;
import org.springframework.webflow.test.MockParameterMap;
import org.springframework.webflow.test.MockRequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/ui/csrf/impl/CSRFTokenFlowExecutionListenerTest.class */
public class CSRFTokenFlowExecutionListenerTest extends BaseCSRFTest {
    private final String CSRF_PARAM_NAME = "csrf_token";
    private CSRFTokenFlowExecutionListener listener;

    @BeforeMethod
    public void setup() {
        CSRFTokenManager cSRFTokenManager = new CSRFTokenManager();
        cSRFTokenManager.setCsrfParameterName("csrf_token");
        this.listener = new CSRFTokenFlowExecutionListener();
        this.listener.setCsrfTokenManager(cSRFTokenManager);
        this.listener.setEnabled(true);
        this.listener.setViewRequiresCSRFTokenPredicate(new DefaultViewRequiresCSRFTokenPredicate());
        this.listener.setEventRequiresCSRFTokenValidationPredicate(new DefaultEventRequiresCSRFTokenValidationPredicate());
    }

    @Test
    public void testAddingCsrfTokenToViewScopeOnRendering() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        BaseCSRFTest.MockViewState mockViewState = new BaseCSRFTest.MockViewState("testFlow", "a-view-state");
        mockFlowSession.setState(mockViewState);
        MockRequestContext mockRequestContext = new MockRequestContext(new MockFlowExecutionContext(mockFlowSession));
        this.listener.viewRendering(mockRequestContext, new BaseCSRFTest.MockView("login", mockRequestContext), mockViewState);
        Object obj = mockRequestContext.getViewScope().get("csrfToken");
        Assert.assertNotNull(obj);
        Assert.assertTrue(obj instanceof CSRFToken);
        Assert.assertFalse(((CSRFToken) obj).getToken().isEmpty());
    }

    @Test(expectedExceptions = {InvalidCSRFTokenException.class})
    public void testInvalidToken() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        mockFlowSession.getViewScope().put("csrfToken", new SimpleCSRFToken(UUID.randomUUID().toString(), "csrf_token"));
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(mockFlowSession);
        MockParameterMap mockParameterMap = new MockParameterMap();
        mockParameterMap.put("csrf_token", "will-fail");
        MockExternalContext mockExternalContext = new MockExternalContext(mockParameterMap);
        MockRequestContext mockRequestContext = new MockRequestContext(mockFlowExecutionContext);
        mockRequestContext.setExternalContext(mockExternalContext);
        this.listener.eventSignaled(mockRequestContext, new Event(this, "proceed"));
    }

    @Test
    public void testValidToken() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        SimpleCSRFToken simpleCSRFToken = new SimpleCSRFToken(UUID.randomUUID().toString(), "csrf_token");
        mockFlowSession.getViewScope().put("csrfToken", simpleCSRFToken);
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(mockFlowSession);
        MockParameterMap mockParameterMap = new MockParameterMap();
        mockParameterMap.put("csrf_token", simpleCSRFToken.getToken());
        MockExternalContext mockExternalContext = new MockExternalContext(mockParameterMap);
        MockRequestContext mockRequestContext = new MockRequestContext(mockFlowExecutionContext);
        mockRequestContext.setExternalContext(mockExternalContext);
        this.listener.eventSignaled(mockRequestContext, new Event(this, "proceed"));
    }

    @Test
    public void testViewExcluded() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        BaseCSRFTest.MockViewState mockViewState = new BaseCSRFTest.MockViewState("testFlow", "a-view-state");
        mockViewState.getAttributes().put("csrf_excluded", true);
        mockFlowSession.setState(mockViewState);
        mockFlowSession.getViewScope().put("csrfToken", new SimpleCSRFToken(UUID.randomUUID().toString(), "csrf_token"));
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(mockFlowSession);
        MockParameterMap mockParameterMap = new MockParameterMap();
        mockParameterMap.put("csrf_token", "would-fail-but-is-excluded");
        MockExternalContext mockExternalContext = new MockExternalContext(mockParameterMap);
        MockRequestContext mockRequestContext = new MockRequestContext(mockFlowExecutionContext);
        mockRequestContext.setExternalContext(mockExternalContext);
        this.listener.eventSignaled(mockRequestContext, new Event(this, "proceed"));
    }

    @Test
    public void testDisabled() throws ComponentInitializationException {
        this.listener.setEnabled(false);
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        mockFlowSession.getViewScope().put("csrfToken", new SimpleCSRFToken(UUID.randomUUID().toString(), "csrf_token"));
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(mockFlowSession);
        MockParameterMap mockParameterMap = new MockParameterMap();
        mockParameterMap.put("csrf_token", "should-fail-but-disabled");
        MockExternalContext mockExternalContext = new MockExternalContext(mockParameterMap);
        MockRequestContext mockRequestContext = new MockRequestContext(mockFlowExecutionContext);
        mockRequestContext.setExternalContext(mockExternalContext);
        this.listener.eventSignaled(mockRequestContext, new Event(this, "proceed"));
    }

    @Test
    public void testDoesNotAddTokenToNonViewState() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        ActionState actionState = new ActionState(new Flow("testFlow"), "action-state");
        mockFlowSession.setState(actionState);
        MockRequestContext mockRequestContext = new MockRequestContext(new MockFlowExecutionContext(mockFlowSession));
        this.listener.viewRendering(mockRequestContext, new BaseCSRFTest.MockView("login", mockRequestContext), actionState);
    }

    @Test
    public void testDoesNotTestTokenInNonViewState() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new ActionState(new Flow("testFlow"), "action-state"));
        this.listener.eventSignaled(new MockRequestContext(new MockFlowExecutionContext(mockFlowSession)), new Event(this, "proceed"));
    }

    @Test(expectedExceptions = {InvalidCSRFTokenException.class})
    public void testHttpRequestTokenException() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        mockFlowSession.getViewScope().put("csrfToken", new SimpleCSRFToken(UUID.randomUUID().toString(), "csrf_token"));
        this.listener.eventSignaled(new MockRequestContext(new MockFlowExecutionContext(mockFlowSession)), new Event(this, "proceed"));
    }

    @Test(expectedExceptions = {InvalidCSRFTokenException.class})
    public void testInvalidTokenUsingNewEventRequiresCSRFTokenValidationPredicate() throws ComponentInitializationException {
        this.listener.setEventRequiresCSRFTokenValidationPredicate(new BiPredicate<RequestContext, Event>() { // from class: net.shibboleth.idp.ui.csrf.impl.CSRFTokenFlowExecutionListenerTest.1
            @Override // java.util.function.BiPredicate
            public boolean test(RequestContext requestContext, Event event) {
                return event.getId().equals("new-event-id");
            }
        });
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        mockFlowSession.getViewScope().put("csrfToken", new SimpleCSRFToken(UUID.randomUUID().toString(), "csrf_token"));
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(mockFlowSession);
        MockParameterMap mockParameterMap = new MockParameterMap();
        mockParameterMap.put("csrf_token", "should-fail");
        MockExternalContext mockExternalContext = new MockExternalContext(mockParameterMap);
        MockRequestContext mockRequestContext = new MockRequestContext(mockFlowExecutionContext);
        mockRequestContext.setExternalContext(mockExternalContext);
        this.listener.eventSignaled(mockRequestContext, new Event(this, "new-event-id"));
    }

    @Test(expectedExceptions = {InvalidCSRFTokenException.class})
    public void testNoViewScopeTokenException() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        this.listener.eventSignaled(new MockRequestContext(new MockFlowExecutionContext(mockFlowSession)), new Event(this, "proceed"));
    }

    @Test
    public void testSetCsrfTokenManager() throws ComponentInitializationException {
        this.listener.setCsrfTokenManager(new CSRFTokenManager());
        this.listener.initialize();
    }

    @Test
    public void testSetEnabled() {
        CSRFTokenFlowExecutionListener cSRFTokenFlowExecutionListener = new CSRFTokenFlowExecutionListener();
        Object field = ReflectionTestUtils.getField(cSRFTokenFlowExecutionListener, "enabled");
        Assert.assertNotNull(field);
        Assert.assertTrue(field instanceof Boolean);
        Assert.assertFalse(((Boolean) field).booleanValue());
        cSRFTokenFlowExecutionListener.setEnabled(true);
        Object field2 = ReflectionTestUtils.getField(cSRFTokenFlowExecutionListener, "enabled");
        Assert.assertNotNull(field2);
        Assert.assertTrue(field2 instanceof Boolean);
        Assert.assertTrue(((Boolean) field2).booleanValue());
    }

    @Test
    public void testTokenNotAddedToViewScopeOnRenderingWhenDisabled() throws ComponentInitializationException {
        this.listener.setEnabled(false);
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        BaseCSRFTest.MockViewState mockViewState = new BaseCSRFTest.MockViewState("testFlow", "a-view-state");
        mockFlowSession.setState(mockViewState);
        MockRequestContext mockRequestContext = new MockRequestContext(new MockFlowExecutionContext(mockFlowSession));
        this.listener.viewRendering(mockRequestContext, new BaseCSRFTest.MockView("login", mockRequestContext), mockViewState);
        Assert.assertNull(mockRequestContext.getViewScope().get("csrfToken"));
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testSetNullCsrfTokenManager() {
        this.listener.setCsrfTokenManager((CSRFTokenManager) null);
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testSetNullEventRequiresCSRFValidationPredicate() {
        this.listener.setEventRequiresCSRFTokenValidationPredicate((BiPredicate) null);
    }

    @Test(expectedExceptions = {ConstraintViolationException.class})
    public void testSetNullViewRequiresCSRFTokenPredicate() {
        this.listener.setViewRequiresCSRFTokenPredicate((Predicate) null);
    }

    @Test(expectedExceptions = {InvalidCSRFTokenException.class})
    public void testTokenWrongType() throws ComponentInitializationException {
        this.listener.initialize();
        MockFlowSession mockFlowSession = new MockFlowSession();
        mockFlowSession.setState(new BaseCSRFTest.MockViewState("testFlow", "a-view-state"));
        mockFlowSession.getViewScope().put("csrfToken", "string-token");
        MockFlowExecutionContext mockFlowExecutionContext = new MockFlowExecutionContext(mockFlowSession);
        MockParameterMap mockParameterMap = new MockParameterMap();
        mockParameterMap.put("csrf_token", "string-token");
        MockExternalContext mockExternalContext = new MockExternalContext(mockParameterMap);
        MockRequestContext mockRequestContext = new MockRequestContext(mockFlowExecutionContext);
        mockRequestContext.setExternalContext(mockExternalContext);
        this.listener.eventSignaled(mockRequestContext, new Event(this, "proceed"));
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    void testUnsetCsrfTokenManager() throws ComponentInitializationException {
        CSRFTokenFlowExecutionListener cSRFTokenFlowExecutionListener = new CSRFTokenFlowExecutionListener();
        cSRFTokenFlowExecutionListener.setViewRequiresCSRFTokenPredicate(new DefaultViewRequiresCSRFTokenPredicate());
        cSRFTokenFlowExecutionListener.setEventRequiresCSRFTokenValidationPredicate(new DefaultEventRequiresCSRFTokenValidationPredicate());
        cSRFTokenFlowExecutionListener.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    void testUnsetEventRequiresCSRFValidationPredicate() throws ComponentInitializationException {
        CSRFTokenFlowExecutionListener cSRFTokenFlowExecutionListener = new CSRFTokenFlowExecutionListener();
        cSRFTokenFlowExecutionListener.setCsrfTokenManager(new CSRFTokenManager());
        cSRFTokenFlowExecutionListener.setViewRequiresCSRFTokenPredicate(new DefaultViewRequiresCSRFTokenPredicate());
        cSRFTokenFlowExecutionListener.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    void testUnsetViewRequiresCSRFTokenPredicate() throws ComponentInitializationException {
        CSRFTokenFlowExecutionListener cSRFTokenFlowExecutionListener = new CSRFTokenFlowExecutionListener();
        cSRFTokenFlowExecutionListener.setCsrfTokenManager(new CSRFTokenManager());
        cSRFTokenFlowExecutionListener.setEventRequiresCSRFTokenValidationPredicate(new DefaultEventRequiresCSRFTokenValidationPredicate());
        cSRFTokenFlowExecutionListener.initialize();
    }
}
