package net.shibboleth.idp.plugin.authn.duo.impl;

import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.plugin.authn.duo.PasswordlessCookieManager;
import net.shibboleth.idp.plugin.authn.spring.TestResourceConverter;
import net.shibboleth.shared.annotation.constraint.NotEmpty;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.net.CookieManager;
import net.shibboleth.shared.primitive.NonnullSupplier;
import net.shibboleth.shared.resource.Resource;
import net.shibboleth.shared.security.DataSealer;
import net.shibboleth.shared.security.DataSealerException;
import net.shibboleth.shared.security.impl.BasicKeystoreKeyStrategy;
import org.springframework.core.io.ClassPathResource;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/authn/duo/impl/PasswordlessCookieManagerTest.class */
public class PasswordlessCookieManagerTest {

    @Nonnull
    @NotEmpty
    protected static final String COOKIE_NAME = "_cookieName";
    protected PasswordlessCookieManager cookieManager;
    protected MockHttpServletRequest request;
    protected MockHttpServletResponse response;
    protected DataSealer dataSealer;
    private Resource keystoreResource;
    private Resource versionResource;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeClass
    public void beforeClass() throws DataSealerException, ComponentInitializationException {
        ClassPathResource classPathResource = new ClassPathResource("/net/shibboleth/idp/plugin/authn/duo/impl/SealerKeyStore.jks");
        Assert.assertTrue(classPathResource.exists());
        this.keystoreResource = TestResourceConverter.of(classPathResource);
        ClassPathResource classPathResource2 = new ClassPathResource("/net/shibboleth/idp/plugin/authn/duo/impl/SealerKeyStore.kver");
        Assert.assertTrue(classPathResource2.exists());
        this.versionResource = TestResourceConverter.of(classPathResource2);
        this.dataSealer = createDataSealer(null);
    }

    @BeforeMethod
    public void setUp() throws ComponentInitializationException {
        this.request = new MockHttpServletRequest();
        this.response = new MockHttpServletResponse();
        CookieManager cookieManager = new CookieManager();
        cookieManager.setHttpServletRequestSupplier(new NonnullSupplier<HttpServletRequest>() { // from class: net.shibboleth.idp.plugin.authn.duo.impl.PasswordlessCookieManagerTest.1
            @Nonnull
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public HttpServletRequest m9get() {
                return PasswordlessCookieManagerTest.this.request;
            }
        });
        cookieManager.setHttpServletResponseSupplier(new NonnullSupplier<HttpServletResponse>() { // from class: net.shibboleth.idp.plugin.authn.duo.impl.PasswordlessCookieManagerTest.2
            @Nonnull
            /* renamed from: get, reason: merged with bridge method [inline-methods] */
            public HttpServletResponse m10get() {
                return PasswordlessCookieManagerTest.this.response;
            }
        });
        cookieManager.initialize();
        this.cookieManager = new PasswordlessCookieManager();
        this.cookieManager.setCookieName(COOKIE_NAME);
        this.cookieManager.setCookieManager(cookieManager);
        this.cookieManager.setDataSealer(this.dataSealer);
        this.cookieManager.initialize();
    }

    private DataSealer createDataSealer(@NotEmpty @Nullable String str) throws DataSealerException, ComponentInitializationException {
        BasicKeystoreKeyStrategy basicKeystoreKeyStrategy = new BasicKeystoreKeyStrategy();
        basicKeystoreKeyStrategy.setKeyAlias("secret");
        basicKeystoreKeyStrategy.setKeyPassword("kpassword");
        basicKeystoreKeyStrategy.setKeystorePassword("password");
        basicKeystoreKeyStrategy.setKeystoreResource(this.keystoreResource);
        basicKeystoreKeyStrategy.setKeyVersionResource(this.versionResource);
        basicKeystoreKeyStrategy.initialize();
        DataSealer dataSealer = new DataSealer();
        dataSealer.setKeyStrategy(basicKeystoreKeyStrategy);
        dataSealer.setNodePrefix(str);
        dataSealer.initialize();
        return dataSealer;
    }

    @Test
    public void testMissing() {
        Assert.assertNull(this.cookieManager.readCookie());
        Assert.assertTrue(this.cookieManager.refreshCookie());
    }

    @Test
    public void testRoundtrip() {
        Assert.assertTrue(this.cookieManager.writeCookie("foo"));
        Cookie cookie = this.response.getCookie(COOKIE_NAME);
        if (!$assertionsDisabled && cookie == null) {
            throw new AssertionError();
        }
        this.request.setCookies(new Cookie[]{cookie});
        Assert.assertEquals(this.cookieManager.readCookie(), "foo");
        Assert.assertTrue(this.cookieManager.refreshCookie());
        Cookie cookie2 = this.response.getCookies()[1];
        if (!$assertionsDisabled && cookie2 == null) {
            throw new AssertionError();
        }
        Assert.assertNotEquals(cookie.getValue(), cookie2.getValue());
    }

    @Test
    public void testOptOut() {
        Assert.assertTrue(this.cookieManager.writeCookie((String) null));
        Cookie cookie = this.response.getCookie(COOKIE_NAME);
        if (!$assertionsDisabled && cookie == null) {
            throw new AssertionError();
        }
        Assert.assertEquals(cookie.getValue(), "__NO");
        this.request.setCookies(new Cookie[]{cookie});
        Assert.assertNull(this.cookieManager.readCookie());
    }

    static {
        $assertionsDisabled = !PasswordlessCookieManagerTest.class.desiredAssertionStatus();
    }
}
