package at.gv.egiz.eaaf.modules.pvp2.idp.test;

import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyAuthConfig;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvp2MetadataProvider;
import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
import at.gv.egiz.eaaf.modules.pvp2.exception.SamlAssertionValidationExeption;
import at.gv.egiz.eaaf.modules.pvp2.idp.exception.InvalidAssertionEncryptionException;
import at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder.AuthResponseBuilder;
import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
import at.gv.egiz.eaaf.modules.pvp2.test.binding.PostBindingTest;
import at.gv.egiz.eaaf.modules.pvp2.test.dummy.DummyCredentialProvider;
import java.io.IOException;
import java.time.Instant;
import javax.xml.transform.TransformerException;
import net.shibboleth.shared.xml.XMLParserException;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.hc.client5.http.classic.HttpClient;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
import org.opensaml.saml.saml2.core.RequestAbstractType;
import org.opensaml.saml.saml2.core.Response;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

@ContextConfiguration({"/spring/test_eaaf_pvp.beans.xml"})
@RunWith(SpringJUnit4ClassRunner.class)
@TestPropertySource(locations = {"/config/config_1.props"})
/* loaded from: input_file:at/gv/egiz/eaaf/modules/pvp2/idp/test/AuthnResponseBuilderTest.class */
public class AuthnResponseBuilderTest {

    @Autowired
    private DummyAuthConfig authConfig;

    @Autowired
    private PvpMetadataResolverFactory metadataResolverFactory;

    @Autowired
    private SamlVerificationEngine verifyEngine;

    @Autowired
    private DummyCredentialProvider credentialProvider;

    @BeforeClass
    public static void classInitializer() throws Exception {
        EaafOpenSaml3xInitializer.eaafInitialize();
    }

    @Test
    public void plainAssertion() throws InvalidAssertionEncryptionException, Pvp2MetadataException, XMLParserException, UnmarshallingException, MarshallingException, TransformerException, IOException {
        String randomAlphabetic = RandomStringUtils.randomAlphabetic(15);
        IPvp2MetadataProvider createMetadataProvider = this.metadataResolverFactory.createMetadataProvider("classpath:/data/pvp_metadata_junit_keystore_without_enc.xml", (MetadataFilter) null, "jUnit metadata resolver", (HttpClient) null);
        RequestAbstractType unmarshallFromInputStream = XMLObjectSupport.unmarshallFromInputStream(XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml"));
        unmarshallFromInputStream.setID("_" + RandomStringUtils.randomAlphanumeric(10));
        Response buildResponse = AuthResponseBuilder.buildResponse(createMetadataProvider, randomAlphabetic, unmarshallFromInputStream, Instant.now(), XMLObjectSupport.unmarshallFromInputStream(XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml")), this.authConfig);
        Assert.assertNotNull("SAML2 response is null", buildResponse);
        Assert.assertFalse("Assertion is empty", buildResponse.getAssertions().isEmpty());
        Assert.assertEquals("# assertions wrong", 1L, buildResponse.getAssertions().size());
        Assert.assertNotNull("Enc. assertion is null", buildResponse.getEncryptedAssertions());
        Assert.assertTrue("Enc. assertion is not empty", buildResponse.getEncryptedAssertions().isEmpty());
        Assert.assertEquals("InResponseTo", unmarshallFromInputStream.getID(), buildResponse.getInResponseTo());
        Assert.assertEquals("Issuer EntityId", randomAlphabetic, buildResponse.getIssuer().getValue());
        Assert.assertNotNull("ResponseId is null", buildResponse.getID());
        Assert.assertFalse("ResponseId is emptry", buildResponse.getID().isEmpty());
        String serializeNode = DomUtils.serializeNode(XMLObjectSupport.getMarshaller(buildResponse).marshall(buildResponse));
        Assert.assertNotNull("XML response is null", serializeNode);
        Assert.assertFalse("XML response is empty", serializeNode.isEmpty());
    }

    @Test
    public void encryptedAssertion() throws InvalidAssertionEncryptionException, Pvp2MetadataException, XMLParserException, UnmarshallingException, MarshallingException, TransformerException, IOException {
        String randomAlphabetic = RandomStringUtils.randomAlphabetic(15);
        IPvp2MetadataProvider createMetadataProvider = this.metadataResolverFactory.createMetadataProvider("classpath:/data/pvp_metadata_junit_keystore.xml", (MetadataFilter) null, "jUnit metadata resolver", (HttpClient) null);
        RequestAbstractType unmarshallFromInputStream = XMLObjectSupport.unmarshallFromInputStream(XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml"));
        unmarshallFromInputStream.setID("_" + RandomStringUtils.randomAlphanumeric(10));
        Response buildResponse = AuthResponseBuilder.buildResponse(createMetadataProvider, randomAlphabetic, unmarshallFromInputStream, Instant.now(), XMLObjectSupport.unmarshallFromInputStream(XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml")), this.authConfig);
        Assert.assertNotNull("SAML2 response is null", buildResponse);
        Assert.assertTrue("Assertion not null", buildResponse.getAssertions().isEmpty());
        Assert.assertNotNull("Enc. assertion is null", buildResponse.getEncryptedAssertions());
        Assert.assertFalse("Enc. assertion is empty", buildResponse.getEncryptedAssertions().isEmpty());
        Assert.assertEquals("# enc. assertions wrong", 1L, buildResponse.getEncryptedAssertions().size());
        Assert.assertEquals("InResponseTo", unmarshallFromInputStream.getID(), buildResponse.getInResponseTo());
        Assert.assertEquals("Issuer EntityId", randomAlphabetic, buildResponse.getIssuer().getValue());
        Assert.assertNotNull("ResponseId is null", buildResponse.getID());
        Assert.assertFalse("ResponseId is emptry", buildResponse.getID().isEmpty());
        String serializeNode = DomUtils.serializeNode(XMLObjectSupport.getMarshaller(buildResponse).marshall(buildResponse));
        Assert.assertNotNull("XML response is null", serializeNode);
        Assert.assertFalse("XML response is empty", serializeNode.isEmpty());
    }

    @Test
    public void encryptedAssertionWithDecryption() throws InvalidAssertionEncryptionException, Pvp2MetadataException, XMLParserException, UnmarshallingException, MarshallingException, TransformerException, IOException, SamlAssertionValidationExeption, CredentialsNotAvailableException {
        String randomAlphabetic = RandomStringUtils.randomAlphabetic(15);
        IPvp2MetadataProvider createMetadataProvider = this.metadataResolverFactory.createMetadataProvider("classpath:/data/pvp_metadata_junit_keystore.xml", (MetadataFilter) null, "jUnit metadata resolver", (HttpClient) null);
        RequestAbstractType unmarshallFromInputStream = XMLObjectSupport.unmarshallFromInputStream(XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/AuthRequest_without_sig_1.xml"));
        unmarshallFromInputStream.setID("_" + RandomStringUtils.randomAlphanumeric(10));
        Response buildResponse = AuthResponseBuilder.buildResponse(createMetadataProvider, randomAlphabetic, unmarshallFromInputStream, Instant.now(), XMLObjectSupport.unmarshallFromInputStream(XMLObjectProviderRegistrySupport.getParserPool(), PostBindingTest.class.getResourceAsStream("/data/Assertion_1.xml")), this.authConfig);
        Assert.assertNotNull("SAML2 response is null", buildResponse);
        Assert.assertTrue("Assertion not null", buildResponse.getAssertions().isEmpty());
        Assert.assertNotNull("Enc. assertion is null", buildResponse.getEncryptedAssertions());
        Assert.assertFalse("Enc. assertion is empty", buildResponse.getEncryptedAssertions().isEmpty());
        Assert.assertEquals("# enc. assertions wrong", 1L, buildResponse.getEncryptedAssertions().size());
        Assert.assertEquals("InResponseTo", unmarshallFromInputStream.getID(), buildResponse.getInResponseTo());
        Assert.assertEquals("Issuer EntityId", randomAlphabetic, buildResponse.getIssuer().getValue());
        Assert.assertNotNull("ResponseId is null", buildResponse.getID());
        Assert.assertFalse("ResponseId is emptry", buildResponse.getID().isEmpty());
        String serializeNode = DomUtils.serializeNode(XMLObjectSupport.getMarshaller(buildResponse).marshall(buildResponse));
        Assert.assertNotNull("XML response is null", serializeNode);
        Assert.assertFalse("XML response is empty", serializeNode.isEmpty());
        this.verifyEngine.validateAssertion(buildResponse, this.credentialProvider.getMetaDataSigningCredential(), "https://demo.egiz.gv.at/demoportal_demologin/", "jUnitTest", false);
    }
}
