package org.apache.wss4j.stax.test;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.util.Properties;
import javax.xml.stream.XMLStreamException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.cache.ReplayCache;
import org.apache.wss4j.common.saml.bean.ConditionsBean;
import org.apache.wss4j.dom.common.AbstractSAMLCallbackHandler;
import org.apache.wss4j.stax.WSSec;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.test.saml.SAML2CallbackHandler;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/ReplayTest.class */
public class ReplayTest extends AbstractTestBase {
    @Test
    public void testReplayedTimestamp() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.setProperty("signatureParts", "{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "Signature Timestamp", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ReplayCache timestampReplayCache = wSSSecurityProperties.getTimestampReplayCache();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.setTimestampReplayCache(timestampReplayCache);
        wSSSecurityProperties2.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof XMLSecurityException);
            Assert.assertEquals("The message has expired", e.getCause().getMessage());
        }
    }

    @Test
    public void testUsernameToken() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"), "UsernameToken", new Properties());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_wsse_UsernameToken.getNamespaceURI(), WSSConstants.TAG_wsse_UsernameToken.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ReplayCache nonceReplayCache = wSSSecurityProperties.getNonceReplayCache();
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        NodeList elementsByTagNameNS = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_wsse_UsernameToken.getNamespaceURI(), WSSConstants.TAG_wsse_UsernameToken.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.setNonceReplayCache(nonceReplayCache);
        wSSSecurityProperties2.setCallbackHandler(new CallbackHandlerImpl());
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof XMLSecurityException);
        }
    }

    @Test
    public void testEhCacheReplayedSAML2() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setSignAssertion(false);
        ConditionsBean conditionsBean = new ConditionsBean();
        conditionsBean.setTokenPeriodMinutes(5);
        sAML2CallbackHandler.setConditions(conditionsBean);
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML2CallbackHandler);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenUnsigned", properties)), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ReplayCache samlOneTimeUseReplayCache = wSSSecurityProperties.getSamlOneTimeUseReplayCache();
        Assert.assertNotNull(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))));
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.setSamlOneTimeUseReplayCache(samlOneTimeUseReplayCache);
        Assert.assertNotNull(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))));
    }

    @Test
    public void testEhCacheReplayedSAML2OneTimeUse() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setSignAssertion(false);
        ConditionsBean conditionsBean = new ConditionsBean();
        conditionsBean.setTokenPeriodMinutes(5);
        conditionsBean.setOneTimeUse(true);
        sAML2CallbackHandler.setConditions(conditionsBean);
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML2CallbackHandler);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenUnsigned", properties)), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ReplayCache samlOneTimeUseReplayCache = wSSSecurityProperties.getSamlOneTimeUseReplayCache();
        Assert.assertNotNull(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))));
        WSSSecurityProperties wSSSecurityProperties2 = new WSSSecurityProperties();
        wSSSecurityProperties2.setSamlOneTimeUseReplayCache(samlOneTimeUseReplayCache);
        try {
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties2).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            Assert.fail("Exception expected");
        } catch (XMLStreamException e) {
            Assert.assertTrue(e.getCause() instanceof XMLSecurityException);
        }
    }
}
