package org.apache.cxf.systest.ws.saml;

import java.math.BigInteger;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.soap.SOAPFaultException;
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.systest.ws.saml.client.SamlCallbackHandler;
import org.apache.cxf.systest.ws.saml.server.Server;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
import wssec.saml.DoubleItService;

/* loaded from: input_file:org/apache/cxf/systest/ws/saml/SamlTokenTest.class */
public class SamlTokenTest extends AbstractBusClientServerTestBase {
    static final String PORT = allocatePort(Server.class);
    static final String PORT2 = allocatePort(Server.class, 2);
    private boolean unrestrictedPoliciesInstalled = checkUnrestrictedPoliciesInstalled();

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("Server failed to launch", launchServer(Server.class, true));
    }

    @Test
    public void testSaml1OverTransport() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        BindingProvider doubleItSaml1TransportPort = new DoubleItService().getDoubleItSaml1TransportPort();
        updateAddressPort(doubleItSaml1TransportPort, PORT2);
        try {
            doubleItSaml1TransportPort.doubleIt(BigInteger.valueOf(25L));
            fail("Expected failure on an invocation with no SAML Assertion");
        } catch (SOAPFaultException e) {
            assertTrue(e.getMessage().contains("No SAML CallbackHandler available"));
        }
        doubleItSaml1TransportPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
        try {
            doubleItSaml1TransportPort.doubleIt(BigInteger.valueOf(25L));
            fail("Expected failure on an invocation with a SAML2 Assertion");
        } catch (SOAPFaultException e2) {
            assertTrue(e2.getMessage().contains("Wrong SAML Version"));
        }
        doubleItSaml1TransportPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler(false));
        assertTrue(doubleItSaml1TransportPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
    }

    @Test
    public void testSaml2OverSymmetric() throws Exception {
        if (this.unrestrictedPoliciesInstalled) {
            Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
            SpringBusFactory.setDefaultBus(createBus);
            SpringBusFactory.setThreadDefaultBus(createBus);
            BindingProvider doubleItSaml2SymmetricPort = new DoubleItService().getDoubleItSaml2SymmetricPort();
            updateAddressPort(doubleItSaml2SymmetricPort, PORT);
            try {
                doubleItSaml2SymmetricPort.doubleIt(BigInteger.valueOf(25L));
                fail("Expected failure on an invocation with no SAML Assertion");
            } catch (SOAPFaultException e) {
                assertTrue(e.getMessage().contains("No SAML CallbackHandler available"));
            }
            doubleItSaml2SymmetricPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler(false));
            try {
                doubleItSaml2SymmetricPort.doubleIt(BigInteger.valueOf(25L));
                fail("Expected failure on an invocation with a SAML1 Assertion");
            } catch (SOAPFaultException e2) {
                assertTrue(e2.getMessage().contains("Wrong SAML Version"));
            }
            doubleItSaml2SymmetricPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
            assertTrue(doubleItSaml2SymmetricPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
            try {
                SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
                samlCallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
                doubleItSaml2SymmetricPort.getRequestContext().put("ws-security.saml-callback-handler", samlCallbackHandler);
                doubleItSaml2SymmetricPort.doubleIt(BigInteger.valueOf(25L));
                fail("Expected failure on an invocation with a invalid SAML2 Assertion");
            } catch (SOAPFaultException e3) {
                assertTrue(e3.getMessage().contains("SAML token security failure"));
            }
        }
    }

    @Test
    public void testSaml2OverSymmetricSupporting() throws Exception {
        if (this.unrestrictedPoliciesInstalled) {
            Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
            SpringBusFactory.setDefaultBus(createBus);
            SpringBusFactory.setThreadDefaultBus(createBus);
            BindingProvider doubleItSaml2SymmetricSupportingPort = new DoubleItService().getDoubleItSaml2SymmetricSupportingPort();
            updateAddressPort(doubleItSaml2SymmetricSupportingPort, PORT);
            doubleItSaml2SymmetricSupportingPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
            try {
                doubleItSaml2SymmetricSupportingPort.doubleIt(BigInteger.valueOf(25L));
                fail("Expected failure on an invocation with an unsigned SAML SV Assertion");
            } catch (SOAPFaultException e) {
                assertTrue(e.getMessage().contains("Assertion fails sender-vouches requirements"));
            }
        }
    }

    @Test
    public void testSaml2OverAsymmetric() throws Exception {
        if (this.unrestrictedPoliciesInstalled) {
            Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
            SpringBusFactory.setDefaultBus(createBus);
            SpringBusFactory.setThreadDefaultBus(createBus);
            BindingProvider doubleItSaml2AsymmetricPort = new DoubleItService().getDoubleItSaml2AsymmetricPort();
            updateAddressPort(doubleItSaml2AsymmetricPort, PORT);
            try {
                doubleItSaml2AsymmetricPort.doubleIt(BigInteger.valueOf(25L));
                fail("Expected failure on an invocation with no SAML Assertion");
            } catch (SOAPFaultException e) {
                assertTrue(e.getMessage().contains("No SAML CallbackHandler available"));
            }
            doubleItSaml2AsymmetricPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler(false));
            try {
                doubleItSaml2AsymmetricPort.doubleIt(BigInteger.valueOf(25L));
                fail("Expected failure on an invocation with a SAML1 Assertion");
            } catch (SOAPFaultException e2) {
                assertTrue(e2.getMessage().contains("Wrong SAML Version"));
            }
            doubleItSaml2AsymmetricPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
            assertTrue(doubleItSaml2AsymmetricPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
        }
    }

    @Test
    public void testSaml1SelfSignedOverTransport() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        BindingProvider doubleItSaml1SelfSignedTransportPort = new DoubleItService().getDoubleItSaml1SelfSignedTransportPort();
        updateAddressPort(doubleItSaml1SelfSignedTransportPort, PORT2);
        doubleItSaml1SelfSignedTransportPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler(false));
        assertTrue(doubleItSaml1SelfSignedTransportPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
    }

    @Test
    @Ignore
    public void testSaml2OverSymmetricProtection() throws Exception {
        if (this.unrestrictedPoliciesInstalled) {
            Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
            SpringBusFactory.setDefaultBus(createBus);
            SpringBusFactory.setThreadDefaultBus(createBus);
            BindingProvider doubleItSaml2SymmetricProtectionPort = new DoubleItService().getDoubleItSaml2SymmetricProtectionPort();
            updateAddressPort(doubleItSaml2SymmetricProtectionPort, PORT);
            doubleItSaml2SymmetricProtectionPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
            assertTrue(doubleItSaml2SymmetricProtectionPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
        }
    }

    @Test
    public void testSaml2OverSymmetricSignedElements() throws Exception {
        if (this.unrestrictedPoliciesInstalled) {
            Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
            SpringBusFactory.setDefaultBus(createBus);
            SpringBusFactory.setThreadDefaultBus(createBus);
            BindingProvider doubleItSaml2SymmetricSignedElementsPort = new DoubleItService().getDoubleItSaml2SymmetricSignedElementsPort();
            updateAddressPort(doubleItSaml2SymmetricSignedElementsPort, PORT);
            doubleItSaml2SymmetricSignedElementsPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
            assertTrue(doubleItSaml2SymmetricSignedElementsPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
        }
    }

    @Test
    @Ignore
    public void testSaml2EndorsingOverTransport() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(SamlTokenTest.class.getResource("client/client.xml").toString());
        SpringBusFactory.setDefaultBus(createBus);
        SpringBusFactory.setThreadDefaultBus(createBus);
        BindingProvider doubleItSaml2EndorsingTransportPort = new DoubleItService().getDoubleItSaml2EndorsingTransportPort();
        updateAddressPort(doubleItSaml2EndorsingTransportPort, PORT2);
        doubleItSaml2EndorsingTransportPort.getRequestContext().put("ws-security.saml-callback-handler", new SamlCallbackHandler());
        assertTrue(doubleItSaml2EndorsingTransportPort.doubleIt(BigInteger.valueOf(25L)).equals(BigInteger.valueOf(50L)));
    }

    private boolean checkUnrestrictedPoliciesInstalled() {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23}, "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, secretKeySpec);
            cipher.doFinal(new byte[]{0, 1, 2, 3, 4, 5, 6, 7});
            return true;
        } catch (Exception e) {
            return false;
        }
    }
}
