package org.opensaml.spring.trust;

import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.shared.collection.CollectionSupport;
import net.shibboleth.shared.component.AbstractInitializableComponent;
import net.shibboleth.shared.spring.util.ApplicationContextBuilder;
import org.opensaml.security.SecurityException;
import org.opensaml.security.x509.PKIXTrustEvaluator;
import org.opensaml.security.x509.PKIXValidationInformation;
import org.opensaml.security.x509.PKIXValidationOptions;
import org.opensaml.security.x509.X509Credential;
import org.opensaml.security.x509.impl.BasicX509CredentialNameEvaluator;
import org.opensaml.security.x509.impl.CertPathPKIXTrustEvaluator;
import org.opensaml.security.x509.impl.PKIXX509CredentialTrustEngine;
import org.opensaml.security.x509.impl.StaticPKIXValidationInformationResolver;
import org.opensaml.security.x509.impl.X509CredentialNameEvaluator;
import org.springframework.beans.FatalBeanException;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/spring/trust/StaticPKIXFactoryBeanTest.class */
public class StaticPKIXFactoryBeanTest {

    /* loaded from: input_file:org/opensaml/spring/trust/StaticPKIXFactoryBeanTest$MockPKIXTrustEvaluator.class */
    public static class MockPKIXTrustEvaluator extends AbstractInitializableComponent implements PKIXTrustEvaluator {
        public boolean validate(@Nonnull PKIXValidationInformation pKIXValidationInformation, @Nonnull X509Credential x509Credential) throws SecurityException {
            return false;
        }

        @Nonnull
        public PKIXValidationOptions getPKIXValidationOptions() {
            throw new UnsupportedOperationException();
        }
    }

    /* loaded from: input_file:org/opensaml/spring/trust/StaticPKIXFactoryBeanTest$MockX509CredentialNameEvaluator.class */
    public static class MockX509CredentialNameEvaluator extends AbstractInitializableComponent implements X509CredentialNameEvaluator {
        public boolean evaluate(@Nonnull X509Credential x509Credential, @Nullable Set<String> set) throws SecurityException {
            return false;
        }
    }

    @Test
    public void defaults() {
        ApplicationContextBuilder applicationContextBuilder = new ApplicationContextBuilder();
        applicationContextBuilder.setUnresolvedServiceConfigurations(CollectionSupport.singletonList("org/opensaml/spring/trust/static-pkix-factory-defaults.xml"));
        PKIXX509CredentialTrustEngine pKIXX509CredentialTrustEngine = (PKIXX509CredentialTrustEngine) applicationContextBuilder.build().getBean("StaticPKIXX509CredentialTrustEngine", PKIXX509CredentialTrustEngine.class);
        Assert.assertNotNull(pKIXX509CredentialTrustEngine);
        Assert.assertTrue(StaticPKIXValidationInformationResolver.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXResolver()));
        Assert.assertTrue(CertPathPKIXTrustEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXTrustEvaluator()));
        Assert.assertTrue(BasicX509CredentialNameEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getX509CredentialNameEvaluator()));
    }

    @Test
    public void customPropertiesSuccess() {
        ApplicationContextBuilder applicationContextBuilder = new ApplicationContextBuilder();
        applicationContextBuilder.setUnresolvedServiceConfigurations(CollectionSupport.singletonList("org/opensaml/spring/trust/static-pkix-factory-custom-success.xml"));
        PKIXX509CredentialTrustEngine pKIXX509CredentialTrustEngine = (PKIXX509CredentialTrustEngine) applicationContextBuilder.build().getBean("StaticPKIXX509CredentialTrustEngine", PKIXX509CredentialTrustEngine.class);
        Assert.assertNotNull(pKIXX509CredentialTrustEngine);
        Assert.assertTrue(StaticPKIXValidationInformationResolver.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXResolver()));
        Assert.assertTrue(MockPKIXTrustEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getPKIXTrustEvaluator()));
        Assert.assertTrue(MockX509CredentialNameEvaluator.class.isInstance(pKIXX509CredentialTrustEngine.getX509CredentialNameEvaluator()));
    }

    @Test(expectedExceptions = {FatalBeanException.class})
    public void customPropertiesFailsValidation() {
        ApplicationContextBuilder applicationContextBuilder = new ApplicationContextBuilder();
        applicationContextBuilder.setUnresolvedServiceConfigurations(CollectionSupport.singletonList("org/opensaml/spring/trust/static-pkix-factory-custom-failsValidation.xml"));
        applicationContextBuilder.build();
    }
}
