package org.apache.wss4j.stax.test.saml;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.Properties;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.stream.XMLStreamWriter;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.bean.KeyInfoBean;
import org.apache.wss4j.common.saml.bean.Version;
import org.apache.wss4j.dom.common.AbstractSAMLCallbackHandler;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSAMLToken;
import org.apache.wss4j.stax.WSSec;
import org.apache.wss4j.stax.ext.InboundWSSec;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.impl.securityToken.HttpsSecurityTokenImpl;
import org.apache.wss4j.stax.securityEvent.HttpsTokenSecurityEvent;
import org.apache.wss4j.stax.securityToken.WSSecurityTokenConstants;
import org.apache.wss4j.stax.test.AbstractTestBase;
import org.apache.wss4j.stax.test.CallbackHandlerImpl;
import org.apache.wss4j.stax.test.saml.SAMLCallbackHandlerImpl;
import org.apache.wss4j.stax.test.utils.SOAPUtil;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.apache.wss4j.stax.test.utils.XmlReaderToWriter;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/saml/SAMLTokenHOKTest.class */
public class SAMLTokenHOKTest extends AbstractTestBase {
    @Test
    public void testSAML1AuthnAssertionOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AuthenticationStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    @Test
    public void testSAML1AuthnAssertionInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML1CallbackHandler sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML1CallbackHandler);
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AuthenticationStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
    }

    @Test
    public void testSAML1AuthnAssertionIssuerSerialOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.X509_ISSUER_SERIAL);
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "X509IssuerSerial").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AuthenticationStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    @Test
    public void testSAML1AuthnAssertionIssuerSerialInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML1CallbackHandler sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.X509_ISSUER_SERIAL);
        sAML1CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML1CallbackHandler);
        properties.put("signatureKeyIdentifier", "DirectReference");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "X509IssuerSerial").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AuthenticationStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
    }

    @Test
    public void testSAML1AuthnAssertionKeyValueOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.KEY_VALUE);
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "KeyValue").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AuthenticationStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    @Test
    public void testSAML1AuthnAssertionKeyValueInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML1CallbackHandler sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.KEY_VALUE);
        sAML1CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML1CallbackHandler);
        properties.put("signatureKeyIdentifier", "DirectReference");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "KeyValue").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AuthenticationStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
    }

    @Test
    public void testSAML1AttrAssertionOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.ATTR);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("receiver.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("receiver");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AttributeStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML1CallbackHandler] */
    @Test
    public void testSAML1AttrAssertionInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ?? sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.ATTR);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        SAMLCallback sAMLCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback((CallbackHandler) sAML1CallbackHandler, sAMLCallback);
        SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(sAMLCallback);
        samlAssertionWrapper.signAssertion("transmitter", "default", CryptoFactory.getInstance("saml/saml-signed.properties"), false);
        WSSecSAMLToken wSSecSAMLToken = new WSSecSAMLToken();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        Document build = wSSecSAMLToken.build(sOAPPart, samlAssertionWrapper, wSSecHeader);
        NodeList elementsByTagNameNS = build.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(build.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "AttributeStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = build.getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "ConfirmationMethod");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getTextContent().trim(), "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(build), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setValidateSamlSubjectConfirmation(false);
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
    }

    @Test
    public void testSAMLAssertionHOKTransportSecurityInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML1CallbackHandler sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML1CallbackHandler);
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Element element = (Element) elementsByTagNameNS.item(1);
        element.getParentNode().removeChild(element);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setSamlCallbackHandler(new SAMLCallbackHandlerImpl());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
        httpsTokenSecurityEvent.setAuthenticationType(HttpsTokenSecurityEvent.AuthenticationType.HttpsClientCertificateAuthentication);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        httpsTokenSecurityEvent.setSecurityToken(new HttpsSecurityTokenImpl(wSSSecurityProperties.getSignatureVerificationCrypto().getX509Certificates(cryptoType)[0]));
        new ArrayList().add(httpsTokenSecurityEvent);
        Assert.assertEquals(StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), r0)).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
    }

    @Test
    public void testSAML2AuthnOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setSamlVersion(Version.SAML_20);
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Assert.assertEquals(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 2L);
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    @Test
    public void testSAML2AuthnAssertionInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML2CallbackHandler);
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml2_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS2 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS2.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml2_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS2.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
    }

    @Test
    public void testSAML2AuthnAssertionIssuerSerialOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setSamlVersion(Version.SAML_20);
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.X509_ISSUER_SERIAL);
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "X509IssuerSerial").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AuthnStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS2.item(0)).getAttributeNS(null, "Method"), "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    @Test
    public void testSAML2AuthnAssertionIssuerSerialInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.X509_ISSUER_SERIAL);
        sAML2CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML2CallbackHandler);
        properties.put("signatureKeyIdentifier", "DirectReference");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "X509IssuerSerial").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AuthnStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS2.item(0)).getAttributeNS(null, "Method"), "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
    }

    @Test
    public void testSAML2AuthnAssertionKeyValueOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setSamlVersion(Version.SAML_20);
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.AUTHN);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.KEY_VALUE);
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("transmitter");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("transmitter");
        wSSSecurityProperties.setSignatureKeyIdentifier(WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "KeyValue").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AuthnStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS2.item(0)).getAttributeNS(null, "Method"), "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    @Test
    public void testSAML2AuthnAssertionKeyValueInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML2CallbackHandler sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER.KEY_VALUE);
        sAML2CallbackHandler.setIssuer("www.example.com");
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML2CallbackHandler);
        properties.put("signatureKeyIdentifier", "DirectReference");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "KeyValue").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "KeyIdentifier").getLength(), 1L);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AuthnStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = doOutboundSecurityWithWSS4J.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS2.item(0)).getAttributeNS(null, "Method"), "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
    }

    @Test
    public void testSAML2AttrAssertionOutbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        ArrayList arrayList = new ArrayList();
        arrayList.add(WSSConstants.SAML_TOKEN_SIGNED);
        wSSSecurityProperties.setActions(arrayList);
        SAMLCallbackHandlerImpl sAMLCallbackHandlerImpl = new SAMLCallbackHandlerImpl();
        sAMLCallbackHandlerImpl.setSamlVersion(Version.SAML_20);
        sAMLCallbackHandlerImpl.setStatement(SAMLCallbackHandlerImpl.Statement.ATTR);
        sAMLCallbackHandlerImpl.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAMLCallbackHandlerImpl.setIssuer("www.example.com");
        wSSSecurityProperties.setSamlCallbackHandler(sAMLCallbackHandlerImpl);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(getClass().getClassLoader().getResourceAsStream("transmitter.jks"), "default".toCharArray());
        Merlin merlin = new Merlin();
        merlin.setKeyStore(keyStore);
        CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
        cryptoType.setAlias("receiver");
        sAMLCallbackHandlerImpl.setCerts(merlin.getX509Certificates(cryptoType));
        wSSSecurityProperties.loadSignatureKeyStore(getClass().getClassLoader().getResource("transmitter.jks"), "default".toCharArray());
        wSSSecurityProperties.setSignatureUser("receiver");
        wSSSecurityProperties.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256");
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        XMLStreamWriter processOutMessage = WSSec.getOutboundWSSec(wSSSecurityProperties).processOutMessage(byteArrayOutputStream, "UTF-8", new ArrayList());
        XmlReaderToWriter.writeAll(xmlInputFactory.createXMLStreamReader(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml")), processOutMessage);
        processOutMessage.close();
        Document parse = this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        Assert.assertEquals(parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AttributeStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = parse.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS2.item(0)).getAttributeNS(null, "Method"), "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        doInboundSecurityWithWSS4J_1(this.documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), "Signature SAMLTokenSigned", new Properties(), false);
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML2CallbackHandler] */
    @Test
    public void testSAML2AttrAssertionInbound() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ?? sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.ATTR);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        SAMLCallback sAMLCallback = new SAMLCallback();
        SAMLUtil.doSAMLCallback((CallbackHandler) sAML2CallbackHandler, sAMLCallback);
        SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(sAMLCallback);
        samlAssertionWrapper.signAssertion("transmitter", "default", CryptoFactory.getInstance("saml/saml-signed.properties"), false);
        WSSecSAMLToken wSSecSAMLToken = new WSSecSAMLToken();
        Document sOAPPart = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.insertSecurityHeader(sOAPPart);
        Document build = wSSecSAMLToken.build(sOAPPart, samlAssertionWrapper, wSSecHeader);
        NodeList elementsByTagNameNS = build.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(build.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "AttributeStatement").getLength(), 1L);
        NodeList elementsByTagNameNS2 = build.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        Assert.assertEquals(elementsByTagNameNS2.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS2.item(0)).getAttributeNS(null, "Method"), "urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(build), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.setValidateSamlSubjectConfirmation(false);
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        NodeList elementsByTagNameNS3 = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())))).getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS3.getLength(), 1L);
        Assert.assertEquals(elementsByTagNameNS3.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
    }
}
