package org.opensaml.saml.saml2.assertion.impl;

import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Map;
import org.opensaml.saml.common.assertion.AssertionValidationException;
import org.opensaml.saml.common.assertion.ValidationContext;
import org.opensaml.saml.common.assertion.ValidationResult;
import org.opensaml.saml.saml2.assertion.BaseAssertionValidationTest;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.SubjectLocality;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/saml/saml2/assertion/impl/AuthnStatementValidatorTest.class */
public class AuthnStatementValidatorTest extends BaseAssertionValidationTest {
    private AuthnStatementValidator validator;
    private AuthnStatement authnStatement;

    @BeforeMethod(dependsOnMethods = {"setUpBasicAssertion"})
    public void setUp() {
        this.validator = new AuthnStatementValidator();
        this.authnStatement = buildBasicAuthnStatement();
        getAssertion().getAuthnStatements().add(this.authnStatement);
    }

    @Test
    public void testValid() throws AssertionValidationException {
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.VALID);
    }

    @Test
    void testMaxTimeSinceAuthnExceeded() throws AssertionValidationException {
        this.authnStatement.setAuthnInstant(Instant.now().minus((TemporalAmount) Duration.ofHours(1L)));
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.INVALID);
    }

    @Test
    void testNoAuthnInstant() throws AssertionValidationException {
        this.authnStatement.setAuthnInstant((Instant) null);
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.INVALID);
    }

    @Test
    void testNoMaxTimeSinceAuthnParam() throws AssertionValidationException {
        this.authnStatement.setAuthnInstant(Instant.now().minus((TemporalAmount) Duration.ofHours(1L)));
        Map<String, Object> buildBasicStaticParameters = buildBasicStaticParameters();
        buildBasicStaticParameters.remove("saml2.Statement.Authn.MaxTimeSinceAuthn");
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters)), ValidationResult.VALID);
    }

    @Test
    public void testInvalidAddress() throws AssertionValidationException {
        this.authnStatement.getSubjectLocality().setAddress("1.2.3.4");
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.INVALID);
    }

    @Test
    public void testInvalidAddressWithAddressCheckDisabled() throws AssertionValidationException {
        this.authnStatement.getSubjectLocality().setAddress("1.2.3.4");
        Map<String, Object> buildBasicStaticParameters = buildBasicStaticParameters();
        buildBasicStaticParameters.put("saml2.Statement.Authn.SubjectLocality.CheckAddress", Boolean.FALSE);
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters)), ValidationResult.VALID);
    }

    @Test
    public void testInvalidAddressParamType() throws AssertionValidationException {
        Map<String, Object> buildBasicStaticParameters = buildBasicStaticParameters();
        buildBasicStaticParameters.put("saml2.Statement.Authn.SubjectLocality.ValidAddresses", "10.1.2.3");
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters)), ValidationResult.INDETERMINATE);
    }

    @Test
    public void testMissingAddressParam() throws AssertionValidationException {
        Map<String, Object> buildBasicStaticParameters = buildBasicStaticParameters();
        buildBasicStaticParameters.remove("saml2.Statement.Authn.SubjectLocality.ValidAddresses");
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters)), ValidationResult.INDETERMINATE);
    }

    @Test
    public void testNoAddress() throws AssertionValidationException {
        this.authnStatement.getSubjectLocality().setAddress((String) null);
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.VALID);
    }

    @Test
    public void testNoSubjectLocality() throws AssertionValidationException {
        this.authnStatement.setSubjectLocality((SubjectLocality) null);
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.VALID);
    }

    @Test
    public void testAuthnContextEval() throws AssertionValidationException {
        this.validator = new AuthnStatementValidator() { // from class: org.opensaml.saml.saml2.assertion.impl.AuthnStatementValidatorTest.1
            protected ValidationResult validateAuthnContext(AuthnStatement authnStatement, Assertion assertion, ValidationContext validationContext) throws AssertionValidationException {
                return "urn:oasis:names:tc:SAML:2.0:ac:classes:Smartcard".equals(authnStatement.getAuthnContext().getAuthnContextClassRef().getURI()) ? ValidationResult.VALID : ValidationResult.INVALID;
            }
        };
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.INVALID);
    }

    @Test
    public void testValidationThrows() throws AssertionValidationException {
        this.validator = new AuthnStatementValidator() { // from class: org.opensaml.saml.saml2.assertion.impl.AuthnStatementValidatorTest.2
            protected ValidationResult validateAuthnInstant(AuthnStatement authnStatement, Assertion assertion, ValidationContext validationContext) throws AssertionValidationException {
                throw new RuntimeException();
            }
        };
        Assert.assertEquals(this.validator.validate(this.authnStatement, getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.INDETERMINATE);
    }

    @Test
    public void testWrongStatementType() throws AssertionValidationException {
        Assert.assertEquals(this.validator.validate(buildXMLObject(AttributeStatement.DEFAULT_ELEMENT_NAME), getAssertion(), new ValidationContext(buildBasicStaticParameters())), ValidationResult.INDETERMINATE);
    }
}
