package org.apache.wss4j.stax.test.saml;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.util.Properties;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.stream.XMLStreamException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.dom.common.AbstractSAMLCallbackHandler;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.setup.WSSec;
import org.apache.wss4j.stax.test.AbstractTestBase;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.joda.time.DateTime;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/saml/SamlAuthnTest.class */
public class SamlAuthnTest extends AbstractTestBase {
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML1CallbackHandler] */
    @Test
    public void testSAML1AuthnAssertion() throws Exception {
        ?? sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        createDOMMessageAndVerifyStAX(sAML1CallbackHandler, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML2CallbackHandler] */
    @Test
    public void testSAML2AuthnAssertion() throws Exception {
        ?? sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        createDOMMessageAndVerifyStAX(sAML2CallbackHandler, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML1CallbackHandler] */
    @Test
    public void testSAML1FutureAuthnInstant() throws Exception {
        ?? sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        sAML1CallbackHandler.setAuthenticationInstant(new DateTime().plusMinutes(70));
        createDOMMessageAndVerifyStAX(sAML1CallbackHandler, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML2CallbackHandler] */
    @Test
    public void testSAML2FutureAuthnInstant() throws Exception {
        ?? sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setAuthenticationInstant(new DateTime().plusMinutes(70));
        createDOMMessageAndVerifyStAX(sAML2CallbackHandler, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML2CallbackHandler] */
    @Test
    public void testSAML2StaleSessionNotOnOrAfter() throws Exception {
        ?? sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setSessionNotOnOrAfter(new DateTime().minusMinutes(70));
        createDOMMessageAndVerifyStAX(sAML2CallbackHandler, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML1CallbackHandler] */
    @Test
    public void testSAML1ValidSubjectLocality() throws Exception {
        ?? sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        sAML1CallbackHandler.setSubjectLocality("127.0.0.1", "xyz.ws.apache.org");
        createDOMMessageAndVerifyStAX(sAML1CallbackHandler, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML2CallbackHandler] */
    @Test
    public void testSAML2ValidSubjectLocality() throws Exception {
        ?? sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setSubjectLocality("127.0.0.1", "xyz.ws.apache.org");
        createDOMMessageAndVerifyStAX(sAML2CallbackHandler, true);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML1CallbackHandler] */
    @Test
    public void testSAML1InvalidSubjectLocality() throws Exception {
        ?? sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key");
        sAML1CallbackHandler.setIssuer("www.example.com");
        sAML1CallbackHandler.setSubjectLocality("xyz.ws.apache.org", "xyz.ws.apache.org");
        createDOMMessageAndVerifyStAX(sAML1CallbackHandler, false);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0, types: [javax.security.auth.callback.CallbackHandler, org.apache.wss4j.stax.test.saml.SAML2CallbackHandler] */
    @Test
    public void testSAML2InvalidSubjectLocality() throws Exception {
        ?? sAML2CallbackHandler = new SAML2CallbackHandler();
        sAML2CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML2CallbackHandler.setConfirmationMethod("urn:oasis:names:tc:SAML:2.0:cm:holder-of-key");
        sAML2CallbackHandler.setIssuer("www.example.com");
        sAML2CallbackHandler.setSubjectLocality("xyz.ws.apache.org", "xyz.ws.apache.org");
        createDOMMessageAndVerifyStAX(sAML2CallbackHandler, false);
    }

    private void createDOMMessageAndVerifyStAX(CallbackHandler callbackHandler, boolean z) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", callbackHandler);
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenSigned", properties);
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 2L);
        Assert.assertEquals(elementsByTagNameNS.item(0).getParentNode().getLocalName(), WSSConstants.TAG_saml_Assertion.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.item(1).getParentNode().getLocalName(), WSSConstants.TAG_wsse_Security.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        try {
            Document readDoc = StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), WSSec.getInboundWSSec(wSSSecurityProperties).processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()))));
            if (!z) {
                Assert.fail("XMLStreamException expected");
            }
            Assert.assertNotNull(readDoc);
        } catch (XMLStreamException e) {
            Assert.assertFalse(z);
            Assert.assertNotNull(e.getCause());
        }
    }
}
