package net.shibboleth.oidc.security.impl;

import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWT;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientInformation;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadata;
import net.shibboleth.idp.profile.testing.ActionTestingSupport;
import net.shibboleth.idp.profile.testing.RequestContextBuilder;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.mockito.Mockito;
import org.opensaml.profile.context.ProfileRequestContext;
import org.springframework.webflow.execution.RequestContext;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/oidc/security/impl/CheckClientJWTDecryptionConfigurationTest.class */
public class CheckClientJWTDecryptionConfigurationTest {
    protected CheckClientJWTDecryptionConfiguration action;
    protected OIDCClientInformation clientInformation = new OIDCClientInformation(new ClientID("mockId"), new OIDCClientMetadata());
    protected String eventId = "mockErrorEventId";

    protected void setup(JWT jwt, boolean z, String str, String str2) {
        try {
            this.action = new CheckClientJWTDecryptionConfiguration();
            this.action.setJwtTokenLookupStrategy(profileRequestContext -> {
                return jwt;
            });
            this.action.setDataEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
                return str;
            });
            this.action.setKeyTransportEncryptionAlgorithmLookupStrategy(oIDCClientInformation2 -> {
                return str2;
            });
            this.action.setClientInformationLookupStrategy(profileRequestContext2 -> {
                return this.clientInformation;
            });
            this.action.setEncryptionOptionalPredicate(profileRequestContext3 -> {
                return z;
            });
            this.action.setErrorEventId(this.eventId);
            this.action.initialize();
        } catch (ComponentInitializationException e) {
            Assert.fail("Object initialization failed", e);
        }
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void init_noJwtTokenLookupStrategy() throws ComponentInitializationException {
        this.action = new CheckClientJWTDecryptionConfiguration();
        this.action.setDataEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
            return "dataEncAlgId";
        });
        this.action.setKeyTransportEncryptionAlgorithmLookupStrategy(oIDCClientInformation2 -> {
            return "keyEncAlgId";
        });
        this.action.setClientInformationLookupStrategy(profileRequestContext -> {
            return this.clientInformation;
        });
        this.action.setEncryptionOptionalPredicate(profileRequestContext2 -> {
            return true;
        });
        this.action.setErrorEventId(this.eventId);
        this.action.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void init_noDataEncryptionAlgorithmLookupStrategy() throws ComponentInitializationException {
        this.action = new CheckClientJWTDecryptionConfiguration();
        this.action.setJwtTokenLookupStrategy(profileRequestContext -> {
            return (JWT) Mockito.mock(JWT.class);
        });
        this.action.setKeyTransportEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
            return "keyEncAlgId";
        });
        this.action.setClientInformationLookupStrategy(profileRequestContext2 -> {
            return this.clientInformation;
        });
        this.action.setEncryptionOptionalPredicate(profileRequestContext3 -> {
            return true;
        });
        this.action.setErrorEventId(this.eventId);
        this.action.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void init_noKeyTransportEncryptionAlgorithmLookupStrategy() throws ComponentInitializationException {
        this.action = new CheckClientJWTDecryptionConfiguration();
        this.action.setJwtTokenLookupStrategy(profileRequestContext -> {
            return (JWT) Mockito.mock(JWT.class);
        });
        this.action.setDataEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
            return "dataEncAlgId";
        });
        this.action.setClientInformationLookupStrategy(profileRequestContext2 -> {
            return this.clientInformation;
        });
        this.action.setEncryptionOptionalPredicate(profileRequestContext3 -> {
            return true;
        });
        this.action.setErrorEventId(this.eventId);
        this.action.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void init_noClientInformationLookupStrategy() throws ComponentInitializationException {
        this.action = new CheckClientJWTDecryptionConfiguration();
        this.action.setJwtTokenLookupStrategy(profileRequestContext -> {
            return (JWT) Mockito.mock(JWT.class);
        });
        this.action.setDataEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
            return "dataEncAlgId";
        });
        this.action.setKeyTransportEncryptionAlgorithmLookupStrategy(oIDCClientInformation2 -> {
            return "keyEncAlgId";
        });
        this.action.setEncryptionOptionalPredicate(profileRequestContext2 -> {
            return true;
        });
        this.action.setErrorEventId(this.eventId);
        this.action.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void init_noEncryptionOptionalPredicate() throws ComponentInitializationException {
        this.action = new CheckClientJWTDecryptionConfiguration();
        this.action.setJwtTokenLookupStrategy(profileRequestContext -> {
            return (JWT) Mockito.mock(JWT.class);
        });
        this.action.setDataEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
            return "dataEncAlgId";
        });
        this.action.setKeyTransportEncryptionAlgorithmLookupStrategy(oIDCClientInformation2 -> {
            return "keyEncAlgId";
        });
        this.action.setClientInformationLookupStrategy(profileRequestContext2 -> {
            return this.clientInformation;
        });
        this.action.setErrorEventId(this.eventId);
        this.action.initialize();
    }

    @Test(expectedExceptions = {ComponentInitializationException.class})
    public void init_noErrorEventId() throws ComponentInitializationException {
        this.action = new CheckClientJWTDecryptionConfiguration();
        this.action.setJwtTokenLookupStrategy(profileRequestContext -> {
            return (JWT) Mockito.mock(JWT.class);
        });
        this.action.setDataEncryptionAlgorithmLookupStrategy(oIDCClientInformation -> {
            return "dataEncAlgId";
        });
        this.action.setKeyTransportEncryptionAlgorithmLookupStrategy(oIDCClientInformation2 -> {
            return "keyEncAlgId";
        });
        this.action.setClientInformationLookupStrategy(profileRequestContext2 -> {
            return this.clientInformation;
        });
        this.action.setEncryptionOptionalPredicate(profileRequestContext3 -> {
            return true;
        });
        this.action.initialize();
    }

    @Test
    public void doPreExecute_noEncryptedJwtEncryptionOptional_returnsFalseNoEvent() throws ComponentInitializationException {
        RequestContext buildRequestContext = new RequestContextBuilder().buildRequestContext();
        setup((JWT) Mockito.mock(JWT.class), true, "dataAlgId", "keyTransportAlgId");
        Assert.assertFalse(this.action.doPreExecute(new ProfileRequestContext()));
        ActionTestingSupport.assertProceedEvent(this.action.execute(buildRequestContext));
    }

    @Test
    public void doPreExecute_noEncryptedJwtEncryptionOptional_returnsFalseWithEvent() throws ComponentInitializationException {
        RequestContext buildRequestContext = new RequestContextBuilder().buildRequestContext();
        setup((JWT) Mockito.mock(JWT.class), false, "dataAlgId", "keyTransportAlgId");
        Assert.assertFalse(this.action.doPreExecute(new ProfileRequestContext()));
        ActionTestingSupport.assertEvent(this.action.execute(buildRequestContext), this.eventId);
    }

    @Test
    public void execute_noDataAlgNorKeyTransportAlg_returnsProceed() throws ComponentInitializationException {
        setup(mockEncryptedJWT(), true, null, null);
        ActionTestingSupport.assertProceedEvent(this.action.execute(new RequestContextBuilder().buildRequestContext()));
    }

    @Test
    public void execute_noDataAlgMatch_returnsError() throws ComponentInitializationException {
        setup(mockEncryptedJWT(), true, "mockDataAlgNOT", "mockKeyAlgId");
        ActionTestingSupport.assertEvent(this.action.execute(new RequestContextBuilder().buildRequestContext()), this.eventId);
    }

    @Test
    public void execute_noKeyTransportAlgMatch_returnsError() throws ComponentInitializationException {
        setup(mockEncryptedJWT(), true, "mockDataAlgId", "mockKeyAlgNOT");
        ActionTestingSupport.assertEvent(this.action.execute(new RequestContextBuilder().buildRequestContext()), this.eventId);
    }

    @Test
    public void execute_bothDataAlgAndKeyTransportAlgMatch_returnsProceed() throws ComponentInitializationException {
        setup(mockEncryptedJWT(), true, "mockDataAlgId", "mockKeyAlgId");
        ActionTestingSupport.assertProceedEvent(this.action.execute(new RequestContextBuilder().buildRequestContext()));
    }

    protected EncryptedJWT mockEncryptedJWT() {
        EncryptedJWT encryptedJWT = (EncryptedJWT) Mockito.mock(EncryptedJWT.class);
        Mockito.when(encryptedJWT.getHeader()).thenReturn(new JWEHeader(JWEAlgorithm.parse("mockKeyAlgId"), EncryptionMethod.parse("mockDataAlgId")));
        return encryptedJWT;
    }
}
