package net.shibboleth.idp.plugin.authn.oidc.rp.context.navigate;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.openid.connect.sdk.OIDCTokenResponse;
import java.util.Collections;
import java.util.Map;
import net.minidev.json.JSONObject;
import net.shibboleth.idp.plugin.authn.oidc.rp.context.AccessTokenResponseContext;
import net.shibboleth.idp.plugin.authn.oidc.rp.test.TestTokenHelper;
import net.shibboleth.oidc.security.credential.DefaultClientSecretCredential;
import org.opensaml.profile.context.ProfileRequestContext;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/plugin/authn/oidc/rp/context/navigate/IDTokenInAccessTokenUpdateStrategyTest.class */
public class IDTokenInAccessTokenUpdateStrategyTest {
    private static final String CLIENT_SECRET = "Xp2s5v8y/B?E(H+MbQeThWmYq3t6w9z$";
    private IDTokenInAccessTokenUpdateStrategy strategy;

    @Test
    public void testUpdateEncryptedToSigned() throws Exception {
        Map map = (Map) new ObjectMapper().readValue(TestTokenHelper.createAccessTokenResponseJSON(Collections.emptyMap(), JWSAlgorithm.HS256, JWEAlgorithm.DIR, EncryptionMethod.A128CBC_HS256, new DefaultClientSecretCredential(CLIENT_SECRET).toSigningCredential(), new DefaultClientSecretCredential(CLIENT_SECRET).toEncryptionCredential(JWEAlgorithm.DIR, EncryptionMethod.A128CBC_HS256)), new TypeReference<Map<String, Object>>() { // from class: net.shibboleth.idp.plugin.authn.oidc.rp.context.navigate.IDTokenInAccessTokenUpdateStrategyTest.1
        });
        JWT createJWT = TestTokenHelper.createJWT(TestTokenHelper.createBasicClaims(Collections.emptyMap()), JWSAlgorithm.HS256, null, null, new DefaultClientSecretCredential(CLIENT_SECRET).toSigningCredential(), null);
        AccessTokenResponseContext accessTokenResponseContext = new AccessTokenResponseContext();
        try {
            accessTokenResponseContext.setTokenResponse(OIDCTokenResponse.parse(new JSONObject(map)));
        } catch (ParseException e) {
            Assert.fail(e.getMessage());
        }
        this.strategy = new IDTokenInAccessTokenUpdateStrategy(profileRequestContext -> {
            return accessTokenResponseContext;
        });
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getTokens());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getTokens().getAccessToken());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getTokens().getBearerAccessToken());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getOIDCTokens());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getOIDCTokens().getIDToken());
        Assert.assertTrue(accessTokenResponseContext.getTokenResponse().getOIDCTokens().getIDToken() instanceof EncryptedJWT);
        this.strategy.accept(new ProfileRequestContext(), createJWT);
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getTokens());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getTokens().getAccessToken());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getTokens().getBearerAccessToken());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getOIDCTokens());
        Assert.assertNotNull(accessTokenResponseContext.getTokenResponse().getOIDCTokens().getIDToken());
        Assert.assertTrue(accessTokenResponseContext.getTokenResponse().getOIDCTokens().getIDToken() instanceof SignedJWT);
    }
}
