package org.apache.wss4j.dom.message;

import java.util.List;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.common.SOAPUtil;
import org.apache.wss4j.dom.common.SecretKeyCallbackHandler;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.apache.wss4j.dom.engine.WSSecurityEngine;
import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.WSHandlerResult;
import org.apache.wss4j.dom.message.token.SecurityContextToken;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:org/apache/wss4j/dom/message/SecurityContextTokenTest.class */
public class SecurityContextTokenTest {
    private static final Logger LOG = LoggerFactory.getLogger(SecurityContextTokenTest.class);
    private WSSecurityEngine secEngine = new WSSecurityEngine();
    private SecretKeyCallbackHandler callbackHandler = new SecretKeyCallbackHandler();
    private Crypto crypto = CryptoFactory.getInstance("wss40.properties");

    @Test
    public void testBuild() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.prepare(this.crypto);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            String prettyDocumentToString = XMLUtils.prettyDocumentToString(sOAPPart);
            if (LOG.isDebugEnabled()) {
                LOG.debug(prettyDocumentToString);
            }
            Assertions.assertTrue(prettyDocumentToString.indexOf("SecurityContextToken") > 0, "SecurityContextToken missing");
            Assertions.assertTrue(prettyDocumentToString.indexOf("Identifier") > 0, "wsc:Identifier missing");
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    @Test
    public void testSCTDKTEncrypt() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.prepare(this.crypto);
            byte[] generateNonce = WSSecurityUtil.generateNonce(16);
            this.callbackHandler.addSecretKey(wSSecSecurityContextToken.getIdentifier(), generateNonce);
            String sctId = wSSecSecurityContextToken.getSctId();
            WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt(wSSecHeader);
            wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
            wSSecDKEncrypt.setTokenIdentifier(sctId);
            wSSecDKEncrypt.build(generateNonce);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            if (LOG.isDebugEnabled()) {
                LOG.debug(XMLUtils.prettyDocumentToString(sOAPPart));
            }
            SecurityContextToken securityContextToken = (SecurityContextToken) ((WSSecurityEngineResult) ((List) verify(sOAPPart).getActionResults().get(1024)).get(0)).get("security-context-token");
            Assertions.assertNotNull(securityContextToken);
            Assertions.assertTrue("http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct".equals(securityContextToken.getTokenType()));
            SecurityContextToken securityContextToken2 = new SecurityContextToken(securityContextToken.getElement());
            Assertions.assertTrue(securityContextToken2.equals(securityContextToken));
            Assertions.assertTrue(securityContextToken2.hashCode() == securityContextToken.hashCode());
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    @Test
    public void testSCTKDKTSign() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.setWscVersion(2);
            wSSecSecurityContextToken.prepare(this.crypto);
            byte[] generateNonce = WSSecurityUtil.generateNonce(16);
            this.callbackHandler.addSecretKey(wSSecSecurityContextToken.getIdentifier(), generateNonce);
            String sctId = wSSecSecurityContextToken.getSctId();
            WSSecDKSign wSSecDKSign = new WSSecDKSign(wSSecHeader);
            wSSecDKSign.setTokenIdentifier(sctId);
            wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
            wSSecDKSign.build(generateNonce);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            if (LOG.isDebugEnabled()) {
                LOG.debug(XMLUtils.prettyDocumentToString(sOAPPart));
            }
            SecurityContextToken securityContextToken = (SecurityContextToken) ((WSSecurityEngineResult) ((List) verify(sOAPPart).getActionResults().get(1024)).get(0)).get("security-context-token");
            Assertions.assertNotNull(securityContextToken);
            Assertions.assertTrue("http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/sct".equals(securityContextToken.getTokenType()));
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    @Test
    public void testSCTKDKTSignAbsolute() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.prepare(this.crypto);
            byte[] generateNonce = WSSecurityUtil.generateNonce(16);
            this.callbackHandler.addSecretKey(wSSecSecurityContextToken.getIdentifier(), generateNonce);
            WSSecDKSign wSSecDKSign = new WSSecDKSign(wSSecHeader);
            wSSecDKSign.setTokenIdentifier(wSSecSecurityContextToken.getIdentifier());
            wSSecDKSign.setTokenIdDirectId(true);
            wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
            wSSecDKSign.build(generateNonce);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            if (LOG.isDebugEnabled()) {
                LOG.debug("DKT Absolute");
                LOG.debug(XMLUtils.prettyDocumentToString(sOAPPart));
            }
            verify(sOAPPart);
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    @Test
    public void testSCTKDKTSignEncrypt() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.prepare(this.crypto);
            byte[] generateNonce = WSSecurityUtil.generateNonce(16);
            this.callbackHandler.addSecretKey(wSSecSecurityContextToken.getIdentifier(), generateNonce);
            String sctId = wSSecSecurityContextToken.getSctId();
            WSSecDKSign wSSecDKSign = new WSSecDKSign(wSSecHeader);
            wSSecDKSign.setTokenIdentifier(sctId);
            wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
            wSSecDKSign.build(generateNonce);
            WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt(wSSecHeader);
            wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
            wSSecDKEncrypt.setTokenIdentifier(sctId);
            wSSecDKEncrypt.build(generateNonce);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            if (LOG.isDebugEnabled()) {
                LOG.debug(XMLUtils.prettyDocumentToString(sOAPPart));
            }
            verify(sOAPPart);
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    @Test
    public void testSCTKDKTEncryptSign() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.prepare(this.crypto);
            byte[] generateNonce = WSSecurityUtil.generateNonce(16);
            this.callbackHandler.addSecretKey(wSSecSecurityContextToken.getIdentifier(), generateNonce);
            String sctId = wSSecSecurityContextToken.getSctId();
            WSSecDKEncrypt wSSecDKEncrypt = new WSSecDKEncrypt(wSSecHeader);
            wSSecDKEncrypt.setSymmetricEncAlgorithm("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
            wSSecDKEncrypt.setTokenIdentifier(sctId);
            wSSecDKEncrypt.build(generateNonce);
            WSSecDKSign wSSecDKSign = new WSSecDKSign(wSSecHeader);
            wSSecDKSign.setTokenIdentifier(sctId);
            wSSecDKSign.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
            wSSecDKSign.build(generateNonce);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            if (LOG.isDebugEnabled()) {
                LOG.debug(XMLUtils.prettyDocumentToString(sOAPPart));
            }
            verify(sOAPPart);
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    @Test
    public void testSCTSign() {
        try {
            Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
            WSSecHeader wSSecHeader = new WSSecHeader(sOAPPart);
            wSSecHeader.insertSecurityHeader();
            WSSecSecurityContextToken wSSecSecurityContextToken = new WSSecSecurityContextToken(wSSecHeader, (WSSConfig) null);
            wSSecSecurityContextToken.prepare(this.crypto);
            byte[] generateNonce = WSSecurityUtil.generateNonce(16);
            this.callbackHandler.addSecretKey(wSSecSecurityContextToken.getIdentifier(), generateNonce);
            String sctId = wSSecSecurityContextToken.getSctId();
            WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
            wSSecSignature.setSecretKey(generateNonce);
            wSSecSignature.setKeyIdentifierType(9);
            wSSecSignature.setCustomTokenValueType("http://schemas.xmlsoap.org/ws/2005/02/sc/sct");
            wSSecSignature.setCustomTokenId(sctId);
            wSSecSignature.setSignatureAlgorithm("http://www.w3.org/2000/09/xmldsig#hmac-sha1");
            wSSecSignature.build(this.crypto);
            wSSecSecurityContextToken.prependSCTElementToHeader();
            if (LOG.isDebugEnabled()) {
                LOG.debug("SCT sign");
                LOG.debug(XMLUtils.prettyDocumentToString(sOAPPart));
            }
            verify(sOAPPart);
        } catch (Exception e) {
            e.printStackTrace();
            Assertions.fail(e.getMessage());
        }
    }

    private WSHandlerResult verify(Document document) throws Exception {
        WSHandlerResult processSecurityHeader = this.secEngine.processSecurityHeader(document, (String) null, this.callbackHandler, this.crypto);
        Assertions.assertTrue(XMLUtils.prettyDocumentToString(document).indexOf("counter_port_type") > 0);
        return processSecurityHeader;
    }
}
