package net.shibboleth.oidc.security.credential.impl;

import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Objects;
import javax.annotation.Nonnull;
import net.shibboleth.oidc.jwk.RemoteJwkSetCache;
import net.shibboleth.oidc.security.credential.impl.BasicJOSEObjectCredentialResolver;
import net.shibboleth.oidc.security.jose.criterion.KeyIdCriterion;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.resolver.CriteriaSet;
import org.apache.hc.client5.http.ClientProtocolException;
import org.apache.hc.client5.http.classic.HttpClient;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.ClassicHttpResponse;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.io.entity.StringEntity;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.mockito.Mockito;
import org.opensaml.security.credential.UsageType;
import org.opensaml.security.criteria.KeyAlgorithmCriterion;
import org.opensaml.security.criteria.UsageCriterion;
import org.opensaml.storage.StorageService;
import org.opensaml.storage.impl.MemoryStorageService;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
import org.springframework.util.FileCopyUtils;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/oidc/security/credential/impl/BaseMetadataCredentialResolverTest.class */
public abstract class BaseMetadataCredentialResolverTest<T extends BasicJOSEObjectCredentialResolver> {
    protected static final ClassPathResource REMOTE_JWKSET = new ClassPathResource("/credentials/test-provider-resolver-remote-jwkset-response.jwk");
    protected static final ClassPathResource REMOTE_JWKSET_NO_KEYS = new ClassPathResource("/credentials/test-provider-resolver-remote-jwkset-response-nokeys.jwk");
    protected static final ClassPathResource REMOTE_JWKSET_ROLLOVER = new ClassPathResource("/credentials/test-provider-resolver-remote-jwkset-response-rollover.jwk");
    protected static final ClassPathResource REMOTE_JWKSET_NO_KEY_ARRAY = new ClassPathResource("/credentials/test-provider-resolver-remote-jwkset-response-no-key-array.jwk");
    protected T resolver;
    protected CriteriaSet criteria;
    protected RemoteJwkSetCache cache;

    protected HttpClient createMockHttpClient(String str) throws ClientProtocolException, IOException {
        HttpClient httpClient = (HttpClient) Mockito.mock(HttpClient.class);
        ClassicHttpResponse classicHttpResponse = (ClassicHttpResponse) Mockito.mock(ClassicHttpResponse.class);
        Mockito.when(classicHttpResponse.getEntity()).thenReturn(new StringEntity(str));
        Mockito.when(httpClient.executeOpen((HttpHost) Mockito.any(), (ClassicHttpRequest) Mockito.any(), (HttpContext) Mockito.any())).thenReturn(classicHttpResponse);
        return httpClient;
    }

    private StorageService buildStorageService() throws ComponentInitializationException {
        MemoryStorageService memoryStorageService = new MemoryStorageService();
        memoryStorageService.setId("mockId");
        memoryStorageService.initialize();
        return memoryStorageService;
    }

    @BeforeMethod
    public void setup() throws Exception {
        this.cache = new RemoteJwkSetCache();
        this.cache.setStorage(buildStorageService());
        this.cache.setHttpClient(createMockHttpClient(readJsonFromFile(REMOTE_JWKSET)));
        this.resolver = constructResolver(this.cache);
        this.criteria = buildInitialCriteriaSet();
    }

    protected abstract T constructResolver(RemoteJwkSetCache remoteJwkSetCache);

    protected abstract CriteriaSet buildInitialCriteriaSet() throws Exception;

    @Test
    public void testFail_EmptyCriteria() throws Exception {
        this.resolver.initialize();
        this.criteria = new CriteriaSet();
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 0);
    }

    @Test
    public void testSuccess_ForEncryption() throws Exception {
        this.resolver.initialize();
        this.criteria.add(new UsageCriterion(UsageType.ENCRYPTION));
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 2);
    }

    @Test
    public void testSuccess_NoKeyArray() throws Exception {
        this.cache.setHttpClient(createMockHttpClient(readJsonFromFile(REMOTE_JWKSET_NO_KEY_ARRAY)));
        this.resolver.initialize();
        this.criteria.add(new UsageCriterion(UsageType.ENCRYPTION));
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 0);
    }

    @Test
    public void testSuccess_NoKeys() throws Exception {
        this.cache.setHttpClient(createMockHttpClient(readJsonFromFile(REMOTE_JWKSET_NO_KEYS)));
        this.resolver.initialize();
        this.criteria.add(new UsageCriterion(UsageType.ENCRYPTION));
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 0);
    }

    @Test
    public void testSuccess_KeyRotatedRefetch() throws Exception {
        this.cache.fetch(new URI("https://localhost:9921/oauth2/v3/certs"), Instant.now().plus((TemporalAmount) Duration.ofMinutes(10L)));
        this.resolver.initialize();
        this.cache.setHttpClient(createMockHttpClient(readJsonFromFile(REMOTE_JWKSET_ROLLOVER)));
        this.criteria.add(new UsageCriterion(UsageType.SIGNING));
        this.criteria.add(new EvaluableKeyIDCredentialCriterion(new KeyIdCriterion("not-in-original-cache")));
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 1);
    }

    @Test
    public void testSuccess_ForEncryptionAndKeyAlg() throws Exception {
        this.resolver.initialize();
        this.criteria.add(new UsageCriterion(UsageType.ENCRYPTION));
        this.criteria.add(new KeyAlgorithmCriterion("RSA"));
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 1);
    }

    @Test
    public void testSuccess_ForSigning() throws Exception {
        this.resolver.initialize();
        this.criteria.add(new UsageCriterion(UsageType.SIGNING));
        Iterable resolve = this.resolver.resolve(this.criteria);
        Assert.assertNotNull(resolve);
        ArrayList arrayList = new ArrayList();
        Objects.requireNonNull(arrayList);
        resolve.forEach((v1) -> {
            r1.add(v1);
        });
        Assert.assertEquals(arrayList.size(), 5);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String readJsonFromFile(@Nonnull Resource resource) {
        try {
            InputStreamReader inputStreamReader = new InputStreamReader(resource.getInputStream(), StandardCharsets.UTF_8);
            try {
                String copyToString = FileCopyUtils.copyToString(inputStreamReader);
                inputStreamReader.close();
                return copyToString;
            } finally {
            }
        } catch (Exception e) {
            Assert.fail();
            return null;
        }
    }
}
