package org.xdi.oxauth.comp;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.testng.Assert;
import org.testng.annotations.Test;
import org.xdi.oxauth.BaseComponentTestAdapter;
import org.xdi.oxauth.model.config.ConfigurationFactory;
import org.xdi.oxauth.model.crypto.signature.RSAKeyFactory;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.exception.InvalidJwtException;
import org.xdi.oxauth.model.jws.RSASigner;
import org.xdi.oxauth.model.jwt.Jwt;
import org.xdi.oxauth.model.jwt.JwtHeader;
import org.xdi.oxauth.model.jwt.JwtType;
import org.xdi.oxauth.model.jwt.PureJwt;
import org.xdi.oxauth.model.util.JwtUtil;

/* loaded from: input_file:org/xdi/oxauth/comp/FederationSigningTest.class */
public class FederationSigningTest extends BaseComponentTestAdapter {
    private static final String TEST_METADATA = "{\"federation_id\"  : \"@!2222!0008!FF8F!7434\",\n \"display_name\" : \"Federation example name\",\n \"OPs\" : [\n          {\n            \"display_name\" : \"Example OP\",\n            \"op_id\" : \"example.com\",\n            \"domain\" : \"example.com\"\n          }          \n         ],\n \"RPs\" : [\n          {\n            \"display_name\" : \"oxGraph client\",\n            \"redirect_uri\" : \"example.com/oxGraph\"\n          }\n         ]        \n}";

    @Test
    public void test() throws InvalidJwtException, JSONException, SignatureException, IOException, IllegalBlockSizeException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, BadPaddingException {
        String federationSigningKid = ConfigurationFactory.getConfiguration().getFederationSigningKid();
        SignatureAlgorithm fromName = SignatureAlgorithm.fromName(ConfigurationFactory.getConfiguration().getFederationSigningAlg());
        String jwksUri = ConfigurationFactory.getConfiguration().getJwksUri();
        RSAKeyFactory valueOf = RSAKeyFactory.valueOf(ConfigurationFactory.getWebKeys().getKey(federationSigningKid));
        String encodeJwt = JwtUtil.encodeJwt(JwtHeader.instance().setType(JwtType.JWS).setAlgorithm(fromName).setKeyId(federationSigningKid).setJwkSetUrl(jwksUri).toJsonObject(), new JSONObject(TEST_METADATA), fromName, valueOf.getPrivateKey());
        PureJwt parse = PureJwt.parse(encodeJwt);
        Assert.assertTrue(new RSASigner(fromName, valueOf.getPublicKey()).validateSignature(parse.getSigningInput(), parse.getEncodedSignature()));
        JwtHeader header = Jwt.parse(encodeJwt).getHeader();
        Assert.assertTrue(header.getClaim("kid").equals(federationSigningKid) && header.getClaim("jku").equals(jwksUri));
    }
}
