package org.opensaml.security.httpclient;

import java.io.IOException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.httpclient.HttpClientBuilder;
import net.shibboleth.shared.spring.httpclient.resource.HTTPResource;
import net.shibboleth.shared.testing.RepositorySupport;
import net.shibboleth.shared.testing.ResourceTestHelper;
import org.apache.hc.client5.http.classic.HttpClient;
import org.springframework.core.io.ClassPathResource;
import org.testng.Assert;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/security/httpclient/SecurityEnhancedHTTPResourceTest.class */
public class SecurityEnhancedHTTPResourceTest {
    private final String path = "data/org/opensaml/security/httpclient/document.xml";
    private final String pathPrefix = "opensaml-security-api/src/test/resources/";
    private final String existsHttps = RepositorySupport.buildHTTPSResourceURL("java-opensaml", "opensaml-security-api/src/test/resources/data/org/opensaml/security/httpclient/document.xml");
    private final String existsHttp = RepositorySupport.buildHTTPResourceURL("java-opensaml", "opensaml-security-api/src/test/resources/data/org/opensaml/security/httpclient/document.xml", false);
    private HttpClient client;
    private HttpClientSecurityParameters params;
    private HttpClientSecurityContextHandler handler;

    @BeforeClass
    public void setupClient() throws Exception {
        this.client = new HttpClientBuilder().buildClient();
    }

    @BeforeMethod
    public void setUp() throws ComponentInitializationException {
        this.params = new HttpClientSecurityParameters();
        this.handler = new HttpClientSecurityContextHandler();
        this.handler.setHttpClientSecurityParameters(this.params);
        this.handler.initialize();
    }

    @Test
    public void testNoSecurityAdded() throws IOException, ComponentInitializationException {
        HTTPResource hTTPResource = new HTTPResource(this.client, this.existsHttp);
        hTTPResource.setHttpClientContextHandler(this.handler);
        Assert.assertTrue(ResourceTestHelper.compare(hTTPResource, new ClassPathResource("data/org/opensaml/security/httpclient/document.xml")));
    }

    @Test
    public void testHostnameRejected() throws IOException, ComponentInitializationException {
        HTTPResource hTTPResource = new HTTPResource(this.client, this.existsHttps);
        hTTPResource.setHttpClientContextHandler(this.handler);
        this.params.setHostnameVerifier(new HostnameVerifier() { // from class: org.opensaml.security.httpclient.SecurityEnhancedHTTPResourceTest.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return false;
            }
        });
        Assert.assertFalse(hTTPResource.exists());
    }

    @Test
    public void testBadSSLProtocol() throws IOException, ComponentInitializationException {
        HTTPResource hTTPResource = new HTTPResource(this.client, this.existsHttps);
        hTTPResource.setHttpClientContextHandler(this.handler);
        this.params.setTLSProtocols(CollectionSupport.singletonList("SSLv3"));
        Assert.assertFalse(hTTPResource.exists());
    }
}
