package org.opensaml.saml.saml2.assertion;

import java.io.File;
import java.net.InetAddress;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.security.KeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import org.joda.time.DateTime;
import org.opensaml.core.xml.XMLObjectBaseTestCase;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Conditions;
import org.opensaml.saml.saml2.core.SubjectConfirmation;
import org.opensaml.saml.saml2.core.SubjectConfirmationData;
import org.opensaml.saml.saml2.profile.SAML2ActionTestingSupport;
import org.opensaml.security.SecurityException;
import org.opensaml.security.credential.BasicCredential;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialSupport;
import org.opensaml.security.credential.UsageType;
import org.opensaml.security.crypto.KeySupport;
import org.opensaml.security.x509.X509Support;
import org.opensaml.xmlsec.SignatureSigningParameters;
import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.SignatureSupport;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;

/* loaded from: input_file:org/opensaml/saml/saml2/assertion/BaseAssertionValidationTest.class */
public class BaseAssertionValidationTest extends XMLObjectBaseTestCase {
    public static final Long CLOCK_SKEW = 300000L;
    public static final String PRINCIPAL_NAME = "gollum";
    public static final String ISSUER = "https://idp.example.org";
    public static final String SUBJECT_CONFIRMATION_RECIPIENT = "https://sp.example.com";
    public static final String SUBJECT_CONFIRMATION_ADDRESS = "10.1.2.3";
    private Assertion assertion;

    /* JADX INFO: Access modifiers changed from: protected */
    public Assertion getAssertion() {
        return this.assertion;
    }

    @BeforeMethod
    protected void setUpBasicAssertion() {
        this.assertion = SAML2ActionTestingSupport.buildAssertion();
        this.assertion.setIssueInstant(new DateTime());
        this.assertion.setIssuer(SAML2ActionTestingSupport.buildIssuer(ISSUER));
        this.assertion.setSubject(SAML2ActionTestingSupport.buildSubject(PRINCIPAL_NAME));
        this.assertion.setConditions(buildBasicConditions());
        SubjectConfirmation buildXMLObject = buildXMLObject(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer");
        buildXMLObject.setSubjectConfirmationData(buildBasicSubjectConfirmationData());
        this.assertion.getSubject().getSubjectConfirmations().add(buildXMLObject);
    }

    protected Conditions buildBasicConditions() {
        Conditions buildXMLObject = buildXMLObject(Conditions.DEFAULT_ELEMENT_NAME);
        DateTime dateTime = new DateTime();
        buildXMLObject.setNotBefore(dateTime.minusMinutes(5));
        buildXMLObject.setNotOnOrAfter(dateTime.plusMinutes(5));
        return buildXMLObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SubjectConfirmationData buildBasicSubjectConfirmationData() {
        return buildBasicSubjectConfirmationData(null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SubjectConfirmationData buildBasicSubjectConfirmationData(QName qName) {
        SubjectConfirmationData buildXMLObject = qName != null ? (SubjectConfirmationData) getBuilder(qName).buildObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME, qName) : buildXMLObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setRecipient(SUBJECT_CONFIRMATION_RECIPIENT);
        buildXMLObject.setAddress(SUBJECT_CONFIRMATION_ADDRESS);
        DateTime dateTime = new DateTime();
        buildXMLObject.setNotBefore(dateTime.minusMinutes(5));
        buildXMLObject.setNotOnOrAfter(dateTime.plusMinutes(5));
        return buildXMLObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, Object> buildBasicStaticParameters() {
        HashMap hashMap = new HashMap();
        hashMap.put("saml2.ClockSkew", CLOCK_SKEW);
        hashMap.put("saml2.SubjectConfirmation.ValidRecipients", Collections.singleton(SUBJECT_CONFIRMATION_RECIPIENT));
        try {
            hashMap.put("saml2.SubjectConfirmation.ValidAddresses", Collections.singleton(InetAddress.getByName(SUBJECT_CONFIRMATION_ADDRESS)));
        } catch (UnknownHostException e) {
            Assert.fail("Invalid address: 10.1.2.3");
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public X509Certificate getCertificate(String str) throws CertificateException, URISyntaxException {
        return X509Support.decodeCertificate(new File(getClass().getResource("/org/opensaml/saml/saml2/assertion/" + str).toURI()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PrivateKey getPrivateKey(String str) throws KeyException, URISyntaxException {
        return KeySupport.decodePrivateKey(new File(getClass().getResource("/org/opensaml/saml/saml2/assertion/" + str).toURI()), (char[]) null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Credential getSigningCredential(PublicKey publicKey, PrivateKey privateKey) {
        BasicCredential simpleCredential = CredentialSupport.getSimpleCredential(publicKey, privateKey);
        simpleCredential.setUsageType(UsageType.SIGNING);
        simpleCredential.setEntityId(ISSUER);
        return simpleCredential;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void signAssertion(Assertion assertion, Credential credential) throws SecurityException, MarshallingException, SignatureException {
        SignatureSigningParameters signatureSigningParameters = new SignatureSigningParameters();
        signatureSigningParameters.setSigningCredential(credential);
        signatureSigningParameters.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
        signatureSigningParameters.setSignatureReferenceDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256");
        signatureSigningParameters.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
        SignatureSupport.signObject(assertion, signatureSigningParameters);
    }
}
