package com.atlassian.crowd.acceptance.tests.applications.crowd.plugin.saml;

import com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdAcceptanceTestCase;
import com.atlassian.crowd.acceptance.tests.client.atlassianuser.CrowdEntityQueryParserTest;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.zip.Deflater;
import junit.framework.AssertionFailedError;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:com/atlassian/crowd/acceptance/tests/applications/crowd/plugin/saml/SAMLAuthTest.class */
public class SAMLAuthTest extends CrowdAcceptanceTestCase {
    private static final String SAMPLE_GOOGLE_REQUEST = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"cliofbcolgkmklnaoeafjjcakpnkblpccdjkpcla\" Version=\"2.0\" IssueInstant=\"2008-07-21T06:22:10Z\" ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" ProviderName=\"google.com\" IsPassive=\"false\" AssertionConsumerServiceURL=\"https://www.google.com/a/thanksforcomingin.com/acs\"><saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">google.com</saml:Issuer><samlp:NameIDPolicy AllowCreate=\"true\" Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\" /></samlp:AuthnRequest>";
    private static final String SAMPLE_GOOGLE_RELAY = "https%3A%2F%2Fwww.google.com%2Fa%2Fthanksforcomingin.com%2FServiceLogin%3Fservice%3Dmail%26passive%3Dtrue%26rm%3Dfalse%26continue%3Dhttp%253A%252F%252Fmail.google.com%252Fa%252Fthanksforcomingin.com%252F%26bsv%3D1k96igf4806cy%26ltmpl%3Ddefault%26ltmplcache%3D2";

    @Override // com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdAcceptanceTestCase, com.atlassian.crowd.acceptance.utils.CrowdWebTestCase
    public void setUp() throws Exception {
        super.setUp();
        _loginAdminUser();
        restoreCrowdFromXML("googletest.xml");
    }

    protected void forgeGoogleRequest() throws UnsupportedEncodingException {
        gotoPage("/console/plugin/secure/saml/samlauth.action?SAMLRequest=" + generateGoogleSAMLRequestParameter() + "&RelayState=" + SAMPLE_GOOGLE_RELAY);
    }

    protected void forgeInvalidGoogleRequest() {
        gotoPage("/console/plugin/secure/saml/samlauth.action?SAMLRequest=fVLJTsMKNd7FmhP1MDfkpfEBStNJlJ5G40mZnojjY5EePXNWfDqda7Nv8F%2Bs5Z5E4rosi6i4X5SDwEavwN0FdsZrxLqFWGG3sy8kkd4EuJItAWczInA%2BBLxAQ30HbgFuoxU8PtxkvPHekkiS7XYbf8skMvGNNGuq0IVjcNdmjyvi%2BTBkMfR0P6b7fwv5lYLn3z7T5IdU%2Fvl5u07zywJbrd7ZrG1xe%2BFA%2BlDIuz70uULXSf%2B32ygeDYheRdVAFb0hC0pXGlacJfne9feWhN35AA%3D%3D&RelayState=https%3A%2F%2Fwww.google.com%2Fa%2Fthanksforcomingin.com%2FServic%252Fmail.google.com%252Fa%252Fthanksforcomingin.com%252F%26bsv%3D1k96igf4806cy%26ltmpl%3Ddefault%26ltmplcache%3D2");
    }

    protected void ensureNoKeysPresent() {
        gotoSAMLConfig();
        try {
            assertButtonPresent("keydelButton");
            clickButton("keydelButton");
        } catch (AssertionFailedError e) {
        }
        assertButtonNotPresent("keydelButton");
        assertKeyPresent("saml.key.none");
    }

    protected void ensureKeysPresent() {
        gotoSAMLConfig();
        try {
            clickButton("keygenButton");
        } catch (AssertionFailedError e) {
        }
        assertKeyPresent("saml.key.gen.success");
        assertButtonPresent("keydelButton");
    }

    public void testAuthWithNoKeysSetup() throws UnsupportedEncodingException {
        log("Running testAuthWithNoKeysSetup");
        ensureNoKeysPresent();
        forgeGoogleRequest();
        assertTextPresent("SAML Error: SAML signature keys have not been set up.");
    }

    public void testAuthWithGarbageRequest() {
        log("Running testAuthWithGarbageRequest");
        ensureKeysPresent();
        forgeInvalidGoogleRequest();
        assertTextPresent("SAML Error: Error decoding SAML Authentication Request");
    }

    public void testAuthSuccessSSO() throws UnsupportedEncodingException {
        log("Running testAuthSuccessSSO");
        ensureKeysPresent();
        forgeGoogleRequest();
        verifySAMLResponse();
    }

    public void testAuthSuccessAfterLogin() throws UnsupportedEncodingException {
        log("Running testAuthSuccessAfterLogin");
        ensureKeysPresent();
        _logout();
        forgeGoogleRequest();
        assertKeyPresent("login.title");
        setTextField("j_username", CrowdEntityQueryParserTest.ADMIN);
        setTextField("j_password", CrowdEntityQueryParserTest.ADMIN);
        submit();
        verifySAMLResponse();
    }

    protected void verifySAMLResponse() {
        assertTextPresent("Oops - an error has occurred");
        assertTextPresent("SAMLResponse : &lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt;");
        assertTextPresent("&lt;samlp:Response xmlns:samlp=&quot;urn:oasis:names:tc:SAML:2.0:protocol&quot; xmlns=&quot;urn:oasis:names:tc:SAML:2.0:assertion&quot; xmlns:xenc=&quot;http://www.w3.org/2001/04/xmlenc#&quot; ID=&quot;");
        assertTextPresent("&lt;Signature xmlns=&quot;http://www.w3.org/2000/09/xmldsig#&quot;&gt;&lt;SignedInfo&gt;&lt;CanonicalizationMethod Algorithm=&quot;http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments&quot; /&gt;&lt;SignatureMethod Algorithm=&quot;http://www.w3.org/2000/09/xmldsig#dsa-sha1&quot; /&gt;&lt;Reference URI=&quot;&quot;&gt;&lt;Transforms&gt;&lt;Transform Algorithm=&quot;http://www.w3.org/2000/09/xmldsig#enveloped-signature&quot; /&gt;&lt;/Transforms&gt;&lt;DigestMethod Algorithm=&quot;http://www.w3.org/2000/09/xmldsig#sha1&quot; /&gt;&lt;DigestValue&gt;");
        assertTextPresent("&lt;samlp:StatusCode Value=&quot;urn:oasis:names:tc:SAML:2.0:status:Success&quot; /&gt;");
        assertTextPresent("&lt;samlp:StatusCode Value=&quot;urn:oasis:names:tc:SAML:2.0:status:Success&quot; /&gt;");
        assertTextPresent("&lt;NameID Format=&quot;urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress&quot;&gt;");
        assertTextPresent(CrowdEntityQueryParserTest.ADMIN);
    }

    @Override // com.atlassian.crowd.acceptance.utils.CrowdWebTestCase
    public void assertTextPresent(String str) {
        try {
            if (!this.tester.getPageSource().contains(str)) {
                fail("Expected text not found in current page: [" + str + "]");
            }
        } catch (AssertionFailedError e) {
            System.err.println("Unable to find " + str + " in:");
            System.err.print(this.tester.getPageSource());
            throw e;
        }
    }

    private String generateGoogleSAMLRequestParameter() throws UnsupportedEncodingException {
        String replaceAll = SAMPLE_GOOGLE_REQUEST.replaceAll("https://www.google.com/a/thanksforcomingin.com/acs", getBaseUrl() + "/console/500.jsp");
        byte[] bArr = new byte[5000];
        Deflater deflater = new Deflater();
        deflater.setInput(replaceAll.getBytes());
        deflater.finish();
        return URLEncoder.encode(new String(new Base64().encode(new String(bArr).substring(0, deflater.deflate(bArr)).getBytes())), "UTF-8");
    }
}
