package org.apereo.cas.support.saml.web.idp.profile.builders.enc;

import java.io.File;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import net.shibboleth.utilities.java.support.resolver.Criterion;
import org.apache.commons.io.FileUtils;
import org.apereo.cas.category.FileSystemCategory;
import org.apereo.cas.support.saml.BaseSamlIdPConfigurationTests;
import org.apereo.cas.support.saml.InMemoryResourceMetadataResolver;
import org.apereo.cas.support.saml.SamlIdPUtils;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.junit.Before;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.messaging.context.SAMLMetadataContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.messaging.context.SAMLSelfEntityContext;
import org.opensaml.saml.criterion.EntityRoleCriterion;
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
import org.opensaml.saml.saml2.metadata.RoleDescriptor;
import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.client.SAML2ClientConfiguration;
import org.pac4j.saml.context.SAML2MessageContext;
import org.pac4j.saml.sso.impl.SAML2AuthnRequestBuilder;
import org.springframework.mock.web.MockHttpServletRequest;

@Category({FileSystemCategory.class})
/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/profile/builders/enc/SamlObjectSignatureValidatorTests.class */
public class SamlObjectSignatureValidatorTests extends BaseSamlIdPConfigurationTests {
    private SAML2ClientConfiguration saml2ClientConfiguration;
    private SAML2MessageContext saml2MessageContext;
    private String spMetadataPath;
    private MessageContext<SAMLObject> samlContext;
    private SamlRegisteredServiceServiceProviderMetadataFacade adaptor;

    @Before
    public void before() throws Exception {
        String canonicalPath = new File("src/test/resources/metadata/idp-metadata.xml").getCanonicalPath();
        String canonicalPath2 = new File(FileUtils.getTempDirectory(), "keystore").getCanonicalPath();
        this.spMetadataPath = new File(FileUtils.getTempDirectory(), "sp-metadata.xml").getCanonicalPath();
        this.saml2ClientConfiguration = new SAML2ClientConfiguration(canonicalPath2, "changeit", "changeit", canonicalPath);
        this.saml2ClientConfiguration.setServiceProviderEntityId("cas:example:sp");
        this.saml2ClientConfiguration.setServiceProviderMetadataPath(this.spMetadataPath);
        this.saml2ClientConfiguration.init();
        SAML2Client sAML2Client = new SAML2Client(this.saml2ClientConfiguration);
        sAML2Client.setCallbackUrl("http://callback.example.org");
        sAML2Client.init();
        this.samlContext = new MessageContext<>();
        this.saml2MessageContext = new SAML2MessageContext(this.samlContext);
        SAMLPeerEntityContext subcontext = this.saml2MessageContext.getSubcontext(SAMLPeerEntityContext.class, true);
        subcontext.setEntityId("https://cas.example.org/idp");
        subcontext.getSubcontext(SAMLMetadataContext.class, true).setRoleDescriptor((RoleDescriptor) SamlIdPUtils.getRoleDescriptorResolver(this.casSamlIdPMetadataResolver, true).resolveSingle(new CriteriaSet(new Criterion[]{new EntityIdCriterion(subcontext.getEntityId()), new EntityRoleCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME)})));
        SAMLSelfEntityContext subcontext2 = this.saml2MessageContext.getSubcontext(SAMLSelfEntityContext.class, true);
        subcontext2.setEntityId(this.saml2ClientConfiguration.getServiceProviderEntityId());
        SAMLMetadataContext subcontext3 = subcontext2.getSubcontext(SAMLMetadataContext.class, true);
        InMemoryResourceMetadataResolver inMemoryResourceMetadataResolver = new InMemoryResourceMetadataResolver(new File(this.spMetadataPath), this.openSamlConfigBean);
        inMemoryResourceMetadataResolver.setId(getClass().getSimpleName());
        inMemoryResourceMetadataResolver.initialize();
        subcontext3.setRoleDescriptor((RoleDescriptor) SamlIdPUtils.getRoleDescriptorResolver(inMemoryResourceMetadataResolver, true).resolveSingle(new CriteriaSet(new Criterion[]{new EntityIdCriterion(subcontext2.getEntityId()), new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME)})));
        SamlRegisteredService samlRegisteredService = new SamlRegisteredService();
        samlRegisteredService.setName("Sample");
        samlRegisteredService.setServiceId(this.saml2ClientConfiguration.getServiceProviderEntityId());
        samlRegisteredService.setId(100L);
        samlRegisteredService.setDescription("SAML Service");
        samlRegisteredService.setMetadataLocation(this.spMetadataPath);
        this.adaptor = (SamlRegisteredServiceServiceProviderMetadataFacade) SamlRegisteredServiceServiceProviderMetadataFacade.get(this.samlRegisteredServiceCachingMetadataResolver, samlRegisteredService, samlRegisteredService.getServiceId()).get();
    }

    @Test
    public void verifySamlAuthnRequestNotSigned() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        this.samlObjectSignatureValidator.verifySamlProfileRequestIfNeeded(new SAML2AuthnRequestBuilder(this.saml2ClientConfiguration).build(this.saml2MessageContext), this.adaptor, mockHttpServletRequest, this.samlContext);
    }
}
