package org.apache.wss4j.dom.message.token;

import java.util.Collections;
import org.apache.wss4j.common.bsp.BSPEnforcer;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.token.Reference;
import org.apache.wss4j.common.token.SecurityTokenReference;
import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.common.util.SOAPUtil;
import org.apache.wss4j.dom.engine.WSSConfig;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/apache/wss4j/dom/message/token/SecurityTokenReferenceTest.class */
public class SecurityTokenReferenceTest {
    private static final Logger LOG = LoggerFactory.getLogger(SecurityTokenReferenceTest.class);

    public SecurityTokenReferenceTest() {
        WSSConfig.init();
    }

    @Test
    public void testReferenceNoURI() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        Reference reference = new Reference(sOAPPart);
        reference.setValueType("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey");
        reference.setURI((String) null);
        securityTokenReference.setReference(reference);
        if (LOG.isDebugEnabled()) {
            LOG.debug(securityTokenReference.toString());
        }
        try {
            new SecurityTokenReference(securityTokenReference.getElement(), new BSPEnforcer(true));
            Assertions.fail("Failure expected on a reference with no URI");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getMessage().contains("Reference URI is null"));
        }
    }

    @Test
    public void testMultipleChildren() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        securityTokenReference.setKeyIdentifierEncKeySHA1("123456");
        Element element = securityTokenReference.getElement();
        Reference reference = new Reference(sOAPPart);
        reference.setValueType("http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey");
        reference.setURI("#123");
        element.appendChild(reference.getElement());
        if (LOG.isDebugEnabled()) {
            LOG.debug(securityTokenReference.toString());
        }
        BSPEnforcer bSPEnforcer = new BSPEnforcer();
        try {
            new SecurityTokenReference(element, bSPEnforcer);
            Assertions.fail("Failure expected on multiple data references");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        bSPEnforcer.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3061));
        new SecurityTokenReference(element, bSPEnforcer);
    }

    @Test
    public void testKeyIdentifierNoValueType() throws Exception {
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>"));
        securityTokenReference.addWSSENamespace();
        securityTokenReference.setKeyIdentifier((String) null, "#123");
        Element element = securityTokenReference.getElement();
        if (LOG.isDebugEnabled()) {
            LOG.debug(securityTokenReference.toString());
        }
        BSPEnforcer bSPEnforcer = new BSPEnforcer();
        try {
            new SecurityTokenReference(element, bSPEnforcer);
            Assertions.fail("Failure expected on a Key Identifier with no ValueType");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        bSPEnforcer.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3054));
    }

    @Test
    public void testKeyIdentifierBadEncodingType() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        Element element = securityTokenReference.getElement();
        Element createElementNS = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:KeyIdentifier");
        createElementNS.setAttributeNS(null, "ValueType", "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1");
        createElementNS.setAttributeNS(null, "EncodingType", "http://bad_encoding");
        createElementNS.appendChild(sOAPPart.createTextNode("#123"));
        element.appendChild(createElementNS);
        if (LOG.isDebugEnabled()) {
            LOG.debug(securityTokenReference.toString());
        }
        BSPEnforcer bSPEnforcer = new BSPEnforcer();
        try {
            new SecurityTokenReference(element, bSPEnforcer);
            Assertions.fail("Failure expected on a Key Identifier with a Bad EncodingType");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        bSPEnforcer.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3071));
    }

    @Test
    public void testKeyIdentifierNoEncodingType() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        Element element = securityTokenReference.getElement();
        Element createElementNS = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:KeyIdentifier");
        createElementNS.setAttributeNS(null, "ValueType", "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1");
        createElementNS.appendChild(sOAPPart.createTextNode("#123"));
        element.appendChild(createElementNS);
        if (LOG.isDebugEnabled()) {
            LOG.debug(securityTokenReference.toString());
        }
        BSPEnforcer bSPEnforcer = new BSPEnforcer();
        try {
            new SecurityTokenReference(element, bSPEnforcer);
            Assertions.fail("Failure expected on a Key Identifier with no EncodingType");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        bSPEnforcer.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3070));
    }

    @Test
    public void testKeyIdentifierSAMLNoEncodingType() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        Element element = securityTokenReference.getElement();
        Element createElementNS = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:KeyIdentifier");
        createElementNS.setAttributeNS(null, "ValueType", "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID");
        createElementNS.appendChild(sOAPPart.createTextNode("#123"));
        element.appendChild(createElementNS);
        if (LOG.isDebugEnabled()) {
            LOG.debug(securityTokenReference.toString());
        }
        new SecurityTokenReference(element, new BSPEnforcer());
    }

    @Test
    public void testEmbeddedSTRChild() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        Element element = securityTokenReference.getElement();
        Element createElementNS = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Embedded");
        SecurityTokenReference securityTokenReference2 = new SecurityTokenReference(sOAPPart);
        securityTokenReference2.addWSSENamespace();
        createElementNS.appendChild(securityTokenReference2.getElement());
        element.appendChild(createElementNS);
        if (LOG.isDebugEnabled()) {
            LOG.debug(DOM2Writer.nodeToString(element));
        }
        BSPEnforcer bSPEnforcer = new BSPEnforcer();
        try {
            new SecurityTokenReference(element, bSPEnforcer);
            Assertions.fail("Failure expected on an Embedded Child with a SecurityTokenReference child");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        bSPEnforcer.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3056));
    }

    @Test
    public void testMultipleEmbeddedChildren() throws Exception {
        Document sOAPPart = SOAPUtil.toSOAPPart("<?xml version=\"1.0\" encoding=\"UTF-8\"?><SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><SOAP-ENV:Body><add xmlns=\"http://ws.apache.org/counter/counter_port_type\"><value xmlns=\"\">15</value></add></SOAP-ENV:Body></SOAP-ENV:Envelope>");
        SecurityTokenReference securityTokenReference = new SecurityTokenReference(sOAPPart);
        securityTokenReference.addWSSENamespace();
        Element element = securityTokenReference.getElement();
        Element createElementNS = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Embedded");
        Element createElementNS2 = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Reference");
        Element createElementNS3 = sOAPPart.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Reference");
        createElementNS.appendChild(createElementNS2);
        createElementNS.appendChild(createElementNS3);
        element.appendChild(createElementNS);
        if (LOG.isDebugEnabled()) {
            LOG.debug(DOM2Writer.nodeToString(element));
        }
        BSPEnforcer bSPEnforcer = new BSPEnforcer();
        try {
            new SecurityTokenReference(element, bSPEnforcer);
            Assertions.fail("Failure expected on an Embedded Child with multiple children");
        } catch (WSSecurityException e) {
            Assertions.assertTrue(e.getErrorCode() == WSSecurityException.ErrorCode.INVALID_SECURITY);
        }
        bSPEnforcer.setIgnoredBSPRules(Collections.singletonList(BSPRule.R3060));
    }
}
