package org.apache.wss4j.stax.test;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.util.List;
import java.util.Properties;
import javax.security.auth.x500.X500Principal;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.wss4j.common.bsp.BSPRule;
import org.apache.wss4j.common.principal.PublicKeyPrincipal;
import org.apache.wss4j.common.principal.SAMLTokenPrincipal;
import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
import org.apache.wss4j.dom.common.AbstractSAMLCallbackHandler;
import org.apache.wss4j.stax.ext.WSSConstants;
import org.apache.wss4j.stax.ext.WSSSecurityProperties;
import org.apache.wss4j.stax.securityEvent.KeyValueTokenSecurityEvent;
import org.apache.wss4j.stax.securityEvent.SamlTokenSecurityEvent;
import org.apache.wss4j.stax.securityEvent.UsernameTokenSecurityEvent;
import org.apache.wss4j.stax.securityEvent.WSSecurityEventConstants;
import org.apache.wss4j.stax.securityEvent.X509TokenSecurityEvent;
import org.apache.wss4j.stax.setup.InboundWSSec;
import org.apache.wss4j.stax.setup.WSSec;
import org.apache.wss4j.stax.test.AbstractTestBase;
import org.apache.wss4j.stax.test.saml.SAML1CallbackHandler;
import org.apache.wss4j.stax.test.utils.StAX2DOM;
import org.apache.xml.security.stax.securityEvent.SecurityEventConstants;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/apache/wss4j/stax/test/PrincipalTest.class */
public class PrincipalTest extends AbstractTestBase {
    @Test
    public void testUsernameToken() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"), "UsernameToken", new Properties());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_WSSE_USERNAME_TOKEN.getNamespaceURI(), WSSConstants.TAG_WSSE_USERNAME_TOKEN.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
        NodeList elementsByTagNameNS = doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_WSSE_PASSWORD.getNamespaceURI(), WSSConstants.TAG_WSSE_PASSWORD.getLocalPart());
        Assert.assertEquals(elementsByTagNameNS.getLength(), 1L);
        Assert.assertEquals(((Element) elementsByTagNameNS.item(0)).getAttributeNS(null, WSSConstants.ATT_NULL_Type.getLocalPart()), WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST.getNamespace());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(this, new SecurityEventConstants.Event[]{WSSecurityEventConstants.USERNAME_TOKEN, WSSecurityEventConstants.OPERATION});
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
        UsernameTokenSecurityEvent usernameTokenSecurityEvent = (UsernameTokenSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.USERNAME_TOKEN);
        Assert.assertNotNull(usernameTokenSecurityEvent);
        UsernameTokenPrincipal principal = usernameTokenSecurityEvent.getSecurityToken().getPrincipal();
        Assert.assertTrue(principal instanceof UsernameTokenPrincipal);
        UsernameTokenPrincipal usernameTokenPrincipal = principal;
        Assert.assertTrue("transmitter".equals(usernameTokenPrincipal.getName()));
        Assert.assertTrue(usernameTokenPrincipal.getCreatedTime() != null);
        Assert.assertTrue(usernameTokenPrincipal.getNonce() != null);
        Assert.assertTrue(usernameTokenPrincipal.getPassword() != null);
        Assert.assertTrue(usernameTokenPrincipal.isPasswordDigest());
        Assert.assertTrue("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest".equals(usernameTokenPrincipal.getPasswordType()));
    }

    @Test
    public void testSAMLToken() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        SAML1CallbackHandler sAML1CallbackHandler = new SAML1CallbackHandler();
        sAML1CallbackHandler.setStatement(AbstractSAMLCallbackHandler.Statement.AUTHN);
        sAML1CallbackHandler.setIssuer("www.example.com");
        sAML1CallbackHandler.setSignAssertion(false);
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("samlCallbackRef", sAML1CallbackHandler);
        properties.setProperty("signatureParts", "{Element}{urn:oasis:names:tc:SAML:1.0:assertion}Assertion;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "SAMLTokenUnsigned Signature", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).getLength(), 1L);
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.setCallbackHandler(new CallbackHandlerImpl());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(this, new SecurityEventConstants.Event[]{WSSecurityEventConstants.SAML_TOKEN, WSSecurityEventConstants.OPERATION});
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
        SamlTokenSecurityEvent samlTokenSecurityEvent = (SamlTokenSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.SAML_TOKEN);
        Assert.assertNotNull(samlTokenSecurityEvent);
        SAMLTokenPrincipal principal = samlTokenSecurityEvent.getSecurityToken().getPrincipal();
        Assert.assertTrue(principal instanceof SAMLTokenPrincipal);
        Assert.assertTrue(principal.getName().contains("uid=joe"));
        Assert.assertTrue(principal.getToken() != null);
    }

    @Test
    public void testX509Certificate() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml"), "Signature", new Properties());
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(this, new SecurityEventConstants.Event[]{WSSecurityEventConstants.X509Token, WSSecurityEventConstants.OPERATION});
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
        X509TokenSecurityEvent x509TokenSecurityEvent = (X509TokenSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.X509Token);
        Assert.assertNotNull(x509TokenSecurityEvent);
        Assert.assertTrue(x509TokenSecurityEvent.getSecurityToken().getPrincipal() instanceof X500Principal);
    }

    @Test
    public void testRSAKeyValue() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("signatureKeyIdentifier", "KeyValue");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "Signature", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.addIgnoreBSPRule(BSPRule.R5417);
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(this, new SecurityEventConstants.Event[]{WSSecurityEventConstants.KeyValueToken, WSSecurityEventConstants.OPERATION});
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
        KeyValueTokenSecurityEvent keyValueTokenSecurityEvent = (KeyValueTokenSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.KeyValueToken);
        Assert.assertNotNull(keyValueTokenSecurityEvent);
        Assert.assertTrue(keyValueTokenSecurityEvent.getSecurityToken().getPrincipal() instanceof PublicKeyPrincipal);
    }

    @Test
    public void testDSAKeyValue() throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
        Properties properties = new Properties();
        properties.put("signatureKeyIdentifier", "KeyValue");
        properties.put("signatureUser", "transmitter-dsa");
        Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "Signature", properties);
        Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
        TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
        WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
        wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
        wSSSecurityProperties.addIgnoreBSPRule(BSPRule.R5417);
        wSSSecurityProperties.addIgnoreBSPRule(BSPRule.R5421);
        InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
        AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(this, new SecurityEventConstants.Event[]{WSSecurityEventConstants.KeyValueToken, WSSecurityEventConstants.OPERATION});
        StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
        KeyValueTokenSecurityEvent keyValueTokenSecurityEvent = (KeyValueTokenSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.KeyValueToken);
        Assert.assertNotNull(keyValueTokenSecurityEvent);
        Assert.assertTrue(keyValueTokenSecurityEvent.getSecurityToken().getPrincipal() instanceof PublicKeyPrincipal);
    }

    @Test
    public void testECKeyValue() throws Exception {
        if ("IBM Corporation".equals(System.getProperty("java.vendor"))) {
            return;
        }
        if (System.getProperty("java.version") == null || !(System.getProperty("java.version").startsWith("1.8") || System.getProperty("java.version").startsWith("1.6"))) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
            Properties properties = new Properties();
            properties.put("signatureKeyIdentifier", "KeyValue");
            properties.put("signatureUser", "transmitter-ecdsa");
            properties.put("signatureAlgorithm", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512");
            Document doOutboundSecurityWithWSS4J = doOutboundSecurityWithWSS4J(resourceAsStream, "Signature", properties);
            Assert.assertEquals(doOutboundSecurityWithWSS4J.getElementsByTagNameNS(WSSConstants.TAG_dsig_Signature.getNamespaceURI(), WSSConstants.TAG_dsig_Signature.getLocalPart()).item(0).getParentNode().getLocalName(), WSSConstants.TAG_WSSE_SECURITY.getLocalPart());
            TRANSFORMER_FACTORY.newTransformer().transform(new DOMSource(doOutboundSecurityWithWSS4J), new StreamResult(byteArrayOutputStream));
            WSSSecurityProperties wSSSecurityProperties = new WSSSecurityProperties();
            wSSSecurityProperties.loadSignatureVerificationKeystore(getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
            wSSSecurityProperties.addIgnoreBSPRule(BSPRule.R5417);
            wSSSecurityProperties.addIgnoreBSPRule(BSPRule.R5421);
            InboundWSSec inboundWSSec = WSSec.getInboundWSSec(wSSSecurityProperties);
            AbstractTestBase.TestSecurityEventListener testSecurityEventListener = new AbstractTestBase.TestSecurityEventListener(this, new SecurityEventConstants.Event[]{WSSecurityEventConstants.KeyValueToken, WSSecurityEventConstants.OPERATION});
            StAX2DOM.readDoc(this.documentBuilderFactory.newDocumentBuilder(), inboundWSSec.processInMessage(xmlInputFactory.createXMLStreamReader(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())), (List) null, testSecurityEventListener));
            KeyValueTokenSecurityEvent keyValueTokenSecurityEvent = (KeyValueTokenSecurityEvent) testSecurityEventListener.getSecurityEvent(WSSecurityEventConstants.KeyValueToken);
            Assert.assertNotNull(keyValueTokenSecurityEvent);
            Assert.assertTrue(keyValueTokenSecurityEvent.getSecurityToken().getPrincipal() instanceof PublicKeyPrincipal);
        }
    }
}
