package org.verisign.joid.test;

import java.math.BigInteger;
import java.net.URLEncoder;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import org.verisign.joid.AssociationRequest;
import org.verisign.joid.AssociationResponse;
import org.verisign.joid.AuthenticationRequest;
import org.verisign.joid.AuthenticationResponse;
import org.verisign.joid.CheckAuthenticationRequest;
import org.verisign.joid.CheckAuthenticationResponse;
import org.verisign.joid.Crypto;
import org.verisign.joid.DiffieHellman;
import org.verisign.joid.MessageParser;
import org.verisign.joid.OpenId;
import org.verisign.joid.OpenIdException;
import org.verisign.joid.Request;
import org.verisign.joid.RequestFactory;
import org.verisign.joid.Response;
import org.verisign.joid.ResponseFactory;
import org.verisign.joid.ServerInfo;
import org.verisign.joid.SimpleRegistration;
import org.verisign.joid.Store;
import org.verisign.joid.StoreFactory;
import org.verisign.joid.extension.PapeConstants;
import org.verisign.joid.extension.PapeRequest;
import org.verisign.joid.extension.PapeResponse;
import org.verisign.joid.server.AssociationImpl;
import org.verisign.joid.server.MemoryStore;

/* loaded from: input_file:org/verisign/joid/test/AllTests.class */
public class AllTests extends TestCase {
    private long defaultLifespan;
    private static Crypto crypto = new Crypto();
    private static Store store = StoreFactory.getInstance(MemoryStore.class.getName());
    private static ServerInfo serverInfo = new ServerInfo("http://example.com", store, crypto);
    private static final SecureRandom srand;
    BigInteger p;
    BigInteger g;
    String v2;

    public AllTests(String str) {
        super(str);
        this.p = DiffieHellman.DEFAULT_MODULUS;
        this.g = DiffieHellman.DEFAULT_GENERATOR;
        this.v2 = "http://specs.openid.net/auth/2.0";
    }

    protected void setUp() throws Exception {
        super.setUp();
        this.defaultLifespan = MemoryStore.DEFAULT_LIFESPAN;
    }

    protected void tearDown() throws Exception {
        super.tearDown();
    }

    public static Test suite() {
        return new TestSuite(AllTests.class);
    }

    private AssociationResponse associate(DiffieHellman diffieHellman) throws Exception {
        Request parse = RequestFactory.parse("openid.mode=associate&openid.assoc_type=HMAC-SHA1&openid.session_type=DH-SHA1&openid.dh_consumer_public=" + URLEncoder.encode(Crypto.convertToString(diffieHellman.getPublicKey()), "UTF-8"));
        assertTrue(parse instanceof AssociationRequest);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        assertTrue(ResponseFactory.parse(processUsing.toUrlString()) instanceof AssociationResponse);
        return (AssociationResponse) processUsing;
    }

    private AssociationResponse associate256(DiffieHellman diffieHellman) throws Exception {
        Request parse = RequestFactory.parse("openid.mode=associate&openid.assoc_type=HMAC-SHA256&openid.session_type=DH-SHA1&openid.dh_consumer_public=" + URLEncoder.encode(Crypto.convertToString(diffieHellman.getPublicKey()), "UTF-8"));
        assertTrue(parse instanceof AssociationRequest);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) processUsing;
        assertTrue(associationResponse.getSessionType(), "DH-SHA256".equals(associationResponse.getSessionType()));
        assertTrue("HMAC-SHA256".equals(associationResponse.getAssociationType()));
        assertTrue(ResponseFactory.parse(processUsing.toUrlString()) instanceof AssociationResponse);
        return (AssociationResponse) processUsing;
    }

    public void testUrlToMap() throws Exception {
        Map urlEncodedToMap = MessageParser.urlEncodedToMap("path?foo=bar&baz=qux");
        assertTrue(urlEncodedToMap.size() == 2);
        assertTrue(((String) urlEncodedToMap.get("foo")).equals("bar"));
        assertTrue(((String) urlEncodedToMap.get("baz")).equals("qux"));
        Map urlEncodedToMap2 = MessageParser.urlEncodedToMap("path?foo=bar;baz=qux");
        assertTrue(urlEncodedToMap2.size() == 2);
        assertTrue(((String) urlEncodedToMap2.get("foo")).equals("bar"));
        assertTrue(((String) urlEncodedToMap2.get("baz")).equals("qux"));
    }

    public void testAssociationLifeLength() throws Exception {
        AssociationImpl associationImpl = new AssociationImpl();
        associationImpl.setIssuedDate(new Date());
        associationImpl.setLifetime(new Long(1L));
        assertFalse(associationImpl.hasExpired());
        Thread.sleep(1200L);
        assertTrue(associationImpl.hasExpired());
    }

    public void testGetSharedSecret() {
        for (int i = 0; i < 3; i++) {
            DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
            DiffieHellman diffieHellman2 = new DiffieHellman(this.p, this.g);
            assertEquals(diffieHellman.getSharedSecret(diffieHellman2.getPublicKey()), diffieHellman2.getSharedSecret(diffieHellman.getPublicKey()));
        }
    }

    public void test2() throws Exception {
        Request parse = RequestFactory.parse(Utils.readFileAsString("2.txt"));
        assertTrue(parse instanceof AssociationRequest);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) parse2;
        assertTrue(associationResponse.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associationResponse.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associationResponse.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associationResponse.getExpiresIn()));
        assertTrue(null == associationResponse.getMacKey());
        assertTrue(null != associationResponse.getEncryptedMacKey());
        assertTrue(null != associationResponse.getDhServerPublic());
        assertTrue(null == associationResponse.getErrorCode());
    }

    public void test2b() throws Exception {
        String readFileAsString = Utils.readFileAsString("2.txt");
        OpenId openId = new OpenId(serverInfo);
        assertTrue(openId.isAssociationRequest(readFileAsString));
        assertFalse(openId.isAuthenticationRequest(readFileAsString));
    }

    public void testAssocNoEncryption() throws Exception {
        Request parse = RequestFactory.parse(Utils.readFileAsString("5.txt"));
        assertTrue(parse instanceof AssociationRequest);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) parse2;
        assertTrue(null == associationResponse.getSessionType());
        assertTrue("HMAC-SHA1".equals(associationResponse.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associationResponse.getExpiresIn()));
        assertTrue(null != associationResponse.getMacKey());
        assertTrue(null == associationResponse.getEncryptedMacKey());
        assertTrue(null == associationResponse.getDhServerPublic());
        assertTrue(null == associationResponse.getErrorCode());
    }

    public void testMarshall() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        BigInteger privateKey = diffieHellman.getPrivateKey();
        BigInteger publicKey = diffieHellman.getPublicKey();
        assertEquals(privateKey, Crypto.convertToBigIntegerFromString(Crypto.convertToString(privateKey)));
        assertEquals(publicKey, Crypto.convertToBigIntegerFromString(Crypto.convertToString(publicKey)));
    }

    public void testSchtuffTrustRoot() throws Exception {
        assertTrue(RequestFactory.parse("openid.identity=http%3A%2F%2Fhans.beta.abtain.com%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F") instanceof AuthenticationRequest);
    }

    public void testOpenIdNetDemoTrustRoot() throws Exception {
        assertTrue(RequestFactory.parse("openid.mode=checkid_setup&openid.identity=http://hans.beta.abtain.com/&openid.return_to=http://openid.net/demo/helper.bml%3Fstyle%3Dclassic%26oic.time%3D1165421699-368eacd1483709faab32&openid.trust_root=http://%2A.openid.net/demo/&openid.assoc_handle=1c431e80-8545-11db-9ff5-155b0e692653") instanceof AuthenticationRequest);
    }

    public void testTrustRoot() throws Exception {
        assertTrue(RequestFactory.parse("openid.mode=checkid_setup&openid.identity=http://my.identity&openid.return_to=http://a.example.com&openid.trust_root=http://*.example.com") instanceof AuthenticationRequest);
        try {
            RequestFactory.parse("openid.mode=checkid_setup&openid.identity=http://my.identity&openid.return_to=http://a.example.com&openid.trust_root=http://www.example.com");
            fail("Should have thrown");
        } catch (OpenIdException e) {
        }
        assertTrue(RequestFactory.parse("openid.mode=checkid_setup&openid.identity=http://my.identity&openid.trust_root=http://example.com/a/b/c&openid.return_to=http://example.com/a/b/c/d") instanceof AuthenticationRequest);
        try {
            RequestFactory.parse("openid.mode=checkid_setup&openid.identity=http://my.identity&openid.trust_root=http://example.com/a/b/c&openid.return_to=http://example.com/a/b");
            fail("Should have thrown");
        } catch (OpenIdException e2) {
        }
        try {
            RequestFactory.parse("openid.mode=checkid_setup&openid.identity=http://my.identity&openid.trust_root=http://example.com/a/b/c&openid.return_to=http://example.com/a/b/b");
            fail("Should have thrown");
        } catch (OpenIdException e3) {
        }
    }

    public void test3() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        AssociationResponse associate = associate(diffieHellman);
        assertFalse(associate.isVersion2());
        diffieHellman.getPrivateKey();
        diffieHellman.getPublicKey();
        assertTrue(associate.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associate.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associate.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associate.getExpiresIn()));
        assertTrue(null == associate.getErrorCode());
        assertTrue(null == associate.getMacKey());
        byte[] encryptedMacKey = associate.getEncryptedMacKey();
        assertTrue(null != encryptedMacKey);
        BigInteger dhServerPublic = associate.getDhServerPublic();
        assertTrue(null != dhServerPublic);
        byte[] xorSecret = diffieHellman.xorSecret(dhServerPublic, encryptedMacKey);
        Request parse = RequestFactory.parse(Utils.readFileAsString("3bv1.txt") + "?openid.assoc_handle=" + URLEncoder.encode(associate.getAssociationHandle(), "UTF-8"));
        assertTrue(parse instanceof AuthenticationRequest);
        assertFalse(parse.isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertFalse(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) parse2;
        assertFalse(authenticationResponse.isVersion2());
        assertTrue(null == authenticationResponse.getUrlEndPoint());
        String signedList = authenticationResponse.getSignedList();
        assertTrue(signedList != null);
        String signature = authenticationResponse.getSignature();
        assertTrue(signature != null);
        assertEquals(authenticationResponse.sign("HMAC-SHA1", xorSecret, signedList), signature);
        CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(authenticationResponse.toMap(), "check_authentication");
        assertFalse(checkAuthenticationRequest.isVersion2());
        Response processUsing2 = checkAuthenticationRequest.processUsing(serverInfo);
        assertFalse(processUsing2.isVersion2());
        assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
        assertTrue(((CheckAuthenticationResponse) processUsing2).isValid());
    }

    public void test3_badsig() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        AssociationResponse associate = associate(diffieHellman);
        assertFalse(associate.isVersion2());
        diffieHellman.getPrivateKey();
        diffieHellman.getPublicKey();
        assertTrue(associate.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associate.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associate.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associate.getExpiresIn()));
        assertTrue(null == associate.getErrorCode());
        assertTrue(null == associate.getMacKey());
        byte[] encryptedMacKey = associate.getEncryptedMacKey();
        assertTrue(null != encryptedMacKey);
        BigInteger dhServerPublic = associate.getDhServerPublic();
        assertTrue(null != dhServerPublic);
        byte[] xorSecret = diffieHellman.xorSecret(dhServerPublic, encryptedMacKey);
        Request parse = RequestFactory.parse(Utils.readFileAsString("3bv1.txt") + "?openid.assoc_handle=" + URLEncoder.encode(associate.getAssociationHandle(), "UTF-8"));
        assertTrue(parse instanceof AuthenticationRequest);
        assertFalse(parse.isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertFalse(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) parse2;
        assertFalse(authenticationResponse.isVersion2());
        String signedList = authenticationResponse.getSignedList();
        assertTrue(signedList != null);
        String signature = authenticationResponse.getSignature();
        assertTrue(signature != null);
        assertEquals(authenticationResponse.sign("HMAC-SHA1", xorSecret, signedList), signature);
        Map map = authenticationResponse.toMap();
        map.put("openid.sig", "pO+52CAFEBABEuu0lVRivEeu2Zw=");
        Response processUsing2 = new CheckAuthenticationRequest(map, "check_authentication").processUsing(serverInfo);
        assertFalse(processUsing2.isVersion2());
        assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
        assertFalse(((CheckAuthenticationResponse) processUsing2).isValid());
    }

    public void testSreg() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        AssociationResponse associate = associate(diffieHellman);
        diffieHellman.getPrivateKey();
        diffieHellman.getPublicKey();
        assertTrue(associate.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associate.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associate.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associate.getExpiresIn()));
        assertTrue(null == associate.getErrorCode());
        assertTrue(null == associate.getMacKey());
        byte[] encryptedMacKey = associate.getEncryptedMacKey();
        assertTrue(null != encryptedMacKey);
        BigInteger dhServerPublic = associate.getDhServerPublic();
        assertTrue(null != dhServerPublic);
        byte[] xorSecret = diffieHellman.xorSecret(dhServerPublic, encryptedMacKey);
        Request parse = RequestFactory.parse(Utils.readFileAsString("sreg.txt") + "?openid.assoc_handle=" + URLEncoder.encode(associate.getAssociationHandle(), "UTF-8"));
        assertTrue(parse.isVersion2());
        assertTrue(parse instanceof AuthenticationRequest);
        Set required = ((AuthenticationRequest) parse).getSimpleRegistration().getRequired();
        HashMap hashMap = new HashMap();
        Iterator it = required.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), "blahblah");
        }
        ((AuthenticationRequest) parse).setSimpleRegistration(new SimpleRegistration(required, Collections.EMPTY_SET, hashMap, ""));
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertTrue(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) parse2;
        assertTrue(authenticationResponse.isVersion2());
        String signedList = authenticationResponse.getSignedList();
        assertTrue(signedList != null);
        String signature = authenticationResponse.getSignature();
        assertTrue(signature != null);
        assertEquals(authenticationResponse.sign("HMAC-SHA1", xorSecret, signedList), signature);
        Map map = authenticationResponse.toMap();
        CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(map, "check_authentication");
        if (processUsing.isVersion2()) {
            assertEquals((String) map.get(SimpleRegistration.OPENID_SREG_NSDEF), SimpleRegistration.OPENID_SREG_NAMESPACE_11);
        }
        Response processUsing2 = checkAuthenticationRequest.processUsing(serverInfo);
        assertTrue(processUsing2.isVersion2());
        assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
        assertTrue(((CheckAuthenticationResponse) processUsing2).isValid());
    }

    public void testVersion2() throws Exception {
        Request parse = RequestFactory.parse(Utils.readFileAsString("2.txt") + "openid.ns=" + this.v2);
        assertTrue(parse instanceof AssociationRequest);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        assertTrue(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2.isVersion2());
        assertTrue(parse2 instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) parse2;
        assertTrue(associationResponse.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associationResponse.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associationResponse.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associationResponse.getExpiresIn()));
        assertTrue(null == associationResponse.getMacKey());
        assertTrue(null != associationResponse.getEncryptedMacKey());
        assertTrue(null != associationResponse.getDhServerPublic());
        assertTrue(null == associationResponse.getErrorCode());
        assertTrue(this.v2.equals(associationResponse.getNamespace()));
    }

    public void test3version2() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        AssociationResponse associate = associate(diffieHellman);
        diffieHellman.getPrivateKey();
        diffieHellman.getPublicKey();
        assertTrue(associate.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associate.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associate.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associate.getExpiresIn()));
        assertTrue(null == associate.getErrorCode());
        assertTrue(null == associate.getMacKey());
        byte[] encryptedMacKey = associate.getEncryptedMacKey();
        assertTrue(null != encryptedMacKey);
        BigInteger dhServerPublic = associate.getDhServerPublic();
        assertTrue(null != dhServerPublic);
        byte[] xorSecret = diffieHellman.xorSecret(dhServerPublic, encryptedMacKey);
        Request parse = RequestFactory.parse(Utils.readFileAsString("3b.txt") + "?openid.ns=" + this.v2 + "?openid.assoc_handle=" + URLEncoder.encode(associate.getAssociationHandle(), "UTF-8"));
        assertTrue(parse instanceof AuthenticationRequest);
        assertTrue(parse.isVersion2());
        assertTrue(((AuthenticationRequest) parse).getClaimedIdentity() == null);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertTrue(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AuthenticationResponse);
        assertTrue(parse2.isVersion2());
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        String signedList = authenticationResponse.getSignedList();
        assertTrue(signedList != null);
        assertTrue(signedList.indexOf("claimed_id") == -1);
        String signature = authenticationResponse.getSignature();
        assertTrue(signature != null);
        assertTrue(this.v2.equals(authenticationResponse.getNamespace()));
        assertEquals(authenticationResponse.sign("HMAC-SHA1", xorSecret, signedList), signature);
        Response processUsing2 = new CheckAuthenticationRequest(authenticationResponse.toMap(), "check_authentication").processUsing(serverInfo);
        assertTrue(processUsing2.isVersion2());
        assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
        assertTrue(((CheckAuthenticationResponse) processUsing2).isValid());
    }

    public void test3version2_badsig() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        AssociationResponse associate = associate(diffieHellman);
        diffieHellman.getPrivateKey();
        diffieHellman.getPublicKey();
        assertTrue(associate.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associate.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associate.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associate.getExpiresIn()));
        assertTrue(null == associate.getErrorCode());
        assertTrue(null == associate.getMacKey());
        byte[] encryptedMacKey = associate.getEncryptedMacKey();
        assertTrue(null != encryptedMacKey);
        BigInteger dhServerPublic = associate.getDhServerPublic();
        assertTrue(null != dhServerPublic);
        byte[] xorSecret = diffieHellman.xorSecret(dhServerPublic, encryptedMacKey);
        Request parse = RequestFactory.parse(Utils.readFileAsString("3b.txt") + "?openid.ns=" + this.v2 + "?openid.assoc_handle=" + URLEncoder.encode(associate.getAssociationHandle(), "UTF-8"));
        assertTrue(parse instanceof AuthenticationRequest);
        assertTrue(parse.isVersion2());
        assertTrue(((AuthenticationRequest) parse).getClaimedIdentity() == null);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertTrue(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AuthenticationResponse);
        assertTrue(parse2.isVersion2());
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        assertTrue(null != authenticationResponse.getUrlEndPoint());
        String signedList = authenticationResponse.getSignedList();
        assertTrue(signedList != null);
        assertTrue(signedList.indexOf("claimed_id") == -1);
        String signature = authenticationResponse.getSignature();
        assertTrue(signature != null);
        assertTrue(this.v2.equals(authenticationResponse.getNamespace()));
        assertEquals(authenticationResponse.sign("HMAC-SHA1", xorSecret, signedList), signature);
        Map map = authenticationResponse.toMap();
        map.put("openid.sig", "pO+52CAFEBABEuu0lVRivEeu2Zw=");
        CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(map, "check_authentication");
        assertTrue(checkAuthenticationRequest.isVersion2());
        Response processUsing2 = checkAuthenticationRequest.processUsing(serverInfo);
        assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
        assertFalse(((CheckAuthenticationResponse) processUsing2).isValid());
    }

    public void test3_claimedid_noncecheck() throws Exception {
        DiffieHellman diffieHellman = new DiffieHellman(this.p, this.g);
        AssociationResponse associate = associate(diffieHellman);
        diffieHellman.getPrivateKey();
        diffieHellman.getPublicKey();
        assertTrue(associate.getSessionType(), AuthenticationRequest.DH_SHA1.equals(associate.getSessionType()));
        assertTrue("HMAC-SHA1".equals(associate.getAssociationType()));
        assertTrue(this.defaultLifespan == ((long) associate.getExpiresIn()));
        assertTrue(null == associate.getErrorCode());
        assertTrue(null == associate.getMacKey());
        byte[] encryptedMacKey = associate.getEncryptedMacKey();
        assertTrue(null != encryptedMacKey);
        BigInteger dhServerPublic = associate.getDhServerPublic();
        assertTrue(null != dhServerPublic);
        byte[] xorSecret = diffieHellman.xorSecret(dhServerPublic, encryptedMacKey);
        Request parse = RequestFactory.parse(Utils.readFileAsString("3c.txt") + "?openid.ns=" + this.v2 + "?openid.assoc_handle=" + URLEncoder.encode(associate.getAssociationHandle(), "UTF-8"));
        assertTrue(parse instanceof AuthenticationRequest);
        assertTrue(parse.isVersion2());
        assertTrue(((AuthenticationRequest) parse).getClaimedIdentity() != null);
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertTrue(processUsing.isVersion2());
        Response parse2 = ResponseFactory.parse(processUsing.toUrlString());
        assertTrue(parse2 instanceof AuthenticationResponse);
        assertTrue(parse2.isVersion2());
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        String signedList = authenticationResponse.getSignedList();
        assertTrue(signedList != null);
        assertTrue(signedList.indexOf("claimed_id") != -1);
        String signature = authenticationResponse.getSignature();
        assertTrue(signature != null);
        assertTrue(this.v2.equals(authenticationResponse.getNamespace()));
        assertEquals(authenticationResponse.sign("HMAC-SHA1", xorSecret, signedList), signature);
        CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(authenticationResponse.toMap(), "check_authentication");
        Response processUsing2 = checkAuthenticationRequest.processUsing(serverInfo);
        assertTrue(processUsing2.isVersion2());
        assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
        assertTrue(((CheckAuthenticationResponse) processUsing2).isValid());
        try {
            checkAuthenticationRequest.processUsing(serverInfo);
            assertTrue(false);
        } catch (OpenIdException e) {
        }
    }

    public void testEndsWithEquals() throws Exception {
        try {
            RequestFactory.parse("openid.assoc_handle=%7BHMAC-SHA1%7D%7B44e56f1d%7D%7BqrHn2Q%3D%3D%7D&openid.identity=http%3A%2F%2Fmisja.pip.verisignlabs.com%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fradagast.biz%2Felgg2%2Fmod%2Fopenid_client%2Freturn.php%3Fresponse_nonce%3DRqyqPiwW&openid.sreg.optional=email%2Cfullname&openid.trust_root=");
        } catch (OpenIdException e) {
            assertTrue(false);
        }
    }

    public void testEmptyIdentity() throws Exception {
        try {
            RequestFactory.parse("openid.return_to=http%3A%2F%2Ftest.vladlife.com%2Ffivestores%2Fclass.openid.php&openid.cancel_to=&openid.mode=checkid_setup&openid.identity=&openid.trust_root=http%3A%2F%2Ftest.vladlife.com&").processUsing(serverInfo);
            assertTrue(false);
        } catch (OpenIdException e) {
        }
    }

    public void testMissingDhPublic() throws Exception {
        try {
            RequestFactory.parse("openid.mode=associate&openid.session_type=DH-SHA1");
            assertTrue(false);
        } catch (OpenIdException e) {
        }
    }

    public void testRealm() throws Exception {
        RequestFactory.parse("openid.return_to=http%3A%2F%2Fexample.com&openid.realm=http%3A%2F%2Fexample.com&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Falice.example.com&openid.mode=checkid_setup&openid.identity=http%3A%2F%2Fexample.com&openid.assoc_handle=" + associate(new DiffieHellman(this.p, this.g)).getAssociationHandle()).processUsing(serverInfo);
    }

    public void testTrailing() throws Exception {
        try {
            RequestFactory.parse("openid.return_to=http%3A%2F%2Fexample.com&openid.realm=http%3A%2F%2Fexample.com/&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Falice.example.com&openid.mode=checkid_setup&openid.identity=http%3A%2F%2Fexample.com&openid.assoc_handle=1b184cb").processUsing(serverInfo);
            assertTrue(false);
        } catch (OpenIdException e) {
        }
    }

    public void testChangeId() throws Exception {
        Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fhans.beta.abtain.com%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.assoc_handle=ahandle");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        assertFalse(authenticationRequest.isIdentifierSelect());
        authenticationRequest.setIdentity("http://newidentity.example.com");
        assertFalse("openid.identity=http%3A%2F%2Fhans.beta.abtain.com%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.assoc_handle=ahandle".equals(authenticationRequest.toUrlString()));
    }

    public void testIdentitySelect() throws Exception {
        Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.assoc_handle=ahandle");
        assertTrue(parse instanceof AuthenticationRequest);
        assertTrue(((AuthenticationRequest) parse).isIdentifierSelect());
    }

    public void testExtensions() throws Exception {
        try {
            RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.assoc_handle=ahandle&openid.ns.sig=http%3A%2F%2Fcommented.org&openid.foo=happiness%20is%20a%20warm%20bun&openid.glass.bunion=rocky%20sassoon%20gluebird%20foolia");
            assertTrue(false);
        } catch (OpenIdException e) {
        }
    }

    public void testExtensions2() throws Exception {
        Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.ns.foo=http%3A%2F%2Fcommented.org&openid.foo=trycke%20e%20for%20mycke&openid.foo.bar=jaha%20vadda%20nu%20da");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        assertTrue(authenticationRequest.isIdentifierSelect());
        Map extensions = authenticationRequest.getExtensions();
        assertTrue(extensions.containsKey("ns.foo"));
        assertTrue(extensions.containsKey("foo"));
        assertTrue(extensions.containsKey("foo.bar"));
    }

    public void testAssociateSHA256() throws Exception {
        Request parse = RequestFactory.parse("openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.session_type=DH-SHA256&openid.assoc_type=HMAC-SHA256&openid.mode=associate&openid.dh_consumer_public=AJvqGzvFfjNk4LYWn8ZHSM7QyQnvxaaYUNwpSn089xdgBJx2okrYOWPesAl1%2B1oosnKPej6WBN9h2glimmv2g80h%2FAkDHLWU692efHdVhxnt4ZryI9SWAP0CIbznMs%2BphjGev4nS%2B5bLSR0lAbtvS7YQhiwfCJVrK5RrwplhZPzM");
        assertTrue(parse instanceof AssociationRequest);
        assertTrue(((AssociationRequest) parse).isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) processUsing;
        assertTrue(associationResponse.isVersion2());
        System.out.println("assoc resp: " + associationResponse.toString());
    }

    public void testAssociate20() throws Exception {
        Request parse = RequestFactory.parse("openid.dh_consumer_public=GXmne0vGvF%2Fw9RHrk4McrUgxq3dmwURoKPhkrVdtBVNZtRlulFau2SBf%2FFT7JRo5LEcqY5CrctJlk%2B7YFcAyOX9VGd%2BmPfIE6cGPCTxy26USiJgjMEFPtkIRzT1y8lC7ypXvjZ5p0Q1hSg%2FuKdz1v0RAPICrVUrZ%2FgASGuqIpvQ%3D&openid.assoc_type=HMAC-SHA1&openid.session_type=DH-SHA1&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=associate");
        assertTrue(parse instanceof AssociationRequest);
        assertTrue(((AssociationRequest) parse).isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        assertTrue(((AssociationResponse) processUsing).isVersion2());
        HashSet hashSet = new HashSet(Arrays.asList("assoc_handle", "assoc_type", "dh_server_public", "enc_mac_key", "expires_in", "mac_key", "ns", "session_type"));
        String[] split = processUsing.toPostString().split("\n");
        for (int i = 0; i < split.length; i++) {
            String substring = split[i].substring(0, split[i].indexOf(":"));
            String substring2 = split[i].substring(split[i].indexOf(":") + 1);
            assertTrue("'" + substring + "' not a valid association response parameter", hashSet.contains(substring));
            if (substring.equals("ns")) {
                assertTrue("Bad namespace: " + substring2, substring2.equals("http://specs.openid.net/auth/2.0"));
            }
        }
    }

    public void testAssociate1x() throws Exception {
        Request parse = RequestFactory.parse("openid.dh_consumer_public=GXmne0vGvF%2Fw9RHrk4McrUgxq3dmwURoKPhkrVdtBVNZtRlulFau2SBf%2FFT7JRo5LEcqY5CrctJlk%2B7YFcAyOX9VGd%2BmPfIE6cGPCTxy26USiJgjMEFPtkIRzT1y8lC7ypXvjZ5p0Q1hSg%2FuKdz1v0RAPICrVUrZ%2FgASGuqIpvQ%3D&openid.assoc_type=HMAC-SHA1&openid.session_type=DH-SHA1&openid.mode=associate");
        assertTrue(parse instanceof AssociationRequest);
        assertFalse(((AssociationRequest) parse).isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        assertFalse(((AssociationResponse) processUsing).isVersion2());
        HashSet hashSet = new HashSet(Arrays.asList("assoc_handle", "assoc_type", "dh_server_public", "enc_mac_key", "expires_in", "mac_key", "session_type"));
        for (String str : processUsing.toPostString().split("\n")) {
            String[] split = str.split(":");
            assertTrue("'" + split[0] + "' not a valid association response parameter", hashSet.contains(split[0]));
        }
    }

    public void testAuthenticate1xWithInvalidParam() throws Exception {
        try {
            assertTrue(RequestFactory.parse("openid.identity=http%3A%2F%2Fhans.beta.abtain.com%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.post_grant=return") instanceof AuthenticationRequest);
        } catch (OpenIdException e) {
            assertTrue("Should not throw an exception on unrecognized parameter", false);
        }
    }

    public void testAuthenticate2xWithInvalidParam() throws Exception {
        try {
            Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.foo=trycke%20e%20for%20mycke");
            assertTrue("Should throw an exception on unrecognized parameter", false);
            assertTrue(parse instanceof AuthenticationRequest);
        } catch (OpenIdException e) {
        }
    }

    public void testAuthenticate2xDumbModeWithNoRealm() throws Exception {
        try {
            Request parse = RequestFactory.parse("openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Ffoo.pip.verisignlabs.com%2F&openid.identity=http%3A%2F%2Ffoo.pip.verisignlabs.com%2F&openid.return_to=http%3A%2F%2Fbar.com%2Fadmin%2FLogin&openid.mode=checkid_setup");
            assertTrue(parse instanceof AuthenticationRequest);
            assertEquals("trust_root should be equal to return_to", ((AuthenticationRequest) parse).getTrustRoot(), "http://bar.com/admin/Login");
        } catch (OpenIdException e) {
            assertTrue("Should not throw an exception, threw '" + e.getMessage() + "'", false);
        }
    }

    public void testSignatureValidation1xDumbMode() throws Exception {
        try {
            Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fidentity.bar.baz%2F&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.foo.bar%2F");
            assertFalse(parse.isVersion2());
            assertTrue(parse instanceof AuthenticationRequest);
            Response processUsing = ((AuthenticationRequest) parse).processUsing(serverInfo);
            assertFalse(processUsing.isVersion2());
            assertTrue(processUsing instanceof AuthenticationResponse);
            CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(((AuthenticationResponse) processUsing).toMap(), "check_authentication");
            assertFalse(checkAuthenticationRequest.isVersion2());
            Response processUsing2 = checkAuthenticationRequest.processUsing(serverInfo);
            assertFalse(processUsing2.isVersion2());
            assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
            CheckAuthenticationResponse checkAuthenticationResponse = (CheckAuthenticationResponse) processUsing2;
            assertTrue(checkAuthenticationResponse.isValid());
            String postString = checkAuthenticationResponse.toPostString();
            System.out.println(postString);
            assertTrue("Mode parameter 'openid.mode' must be in 1.x check auth responses", Pattern.compile("^openid.mode:", 8).matcher(postString).find());
            assertTrue("Must have is_valid parameter in check auth response", Pattern.compile("^is_valid:true$", 8).matcher(postString).find());
            assertFalse("Must not have an ns parameter in 1.x check auth responses", Pattern.compile("^ns:", 8).matcher(postString).find());
            Response parse2 = ResponseFactory.parse(postString);
            assertFalse(parse2.isVersion2());
            assertTrue(parse2 instanceof CheckAuthenticationResponse);
        } catch (OpenIdException e) {
            assertTrue("Should not throw an exception, threw '" + e.getMessage() + "'", false);
        }
    }

    public void testSignatureValidation2xDumbMode() throws Exception {
        try {
            Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.foo.bar%2F");
            assertTrue(parse.isVersion2());
            assertTrue(parse instanceof AuthenticationRequest);
            Response processUsing = ((AuthenticationRequest) parse).processUsing(serverInfo);
            assertTrue(processUsing.isVersion2());
            assertTrue(processUsing instanceof AuthenticationResponse);
            CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(((AuthenticationResponse) processUsing).toMap(), "check_authentication");
            assertTrue(checkAuthenticationRequest.isVersion2());
            Response processUsing2 = checkAuthenticationRequest.processUsing(serverInfo);
            assertTrue(processUsing2.isVersion2());
            assertTrue(processUsing2 instanceof CheckAuthenticationResponse);
            CheckAuthenticationResponse checkAuthenticationResponse = (CheckAuthenticationResponse) processUsing2;
            assertTrue(checkAuthenticationResponse.isValid());
            String postString = checkAuthenticationResponse.toPostString();
            assertTrue("No mode value allowed in 2.x check auth responses", !Pattern.compile("^(mode|openid.mode):", 8).matcher(postString).find());
            assertTrue("Must have is_valid parameter in check auth response", Pattern.compile("^is_valid:true$", 8).matcher(postString).find());
            assertTrue("Must have an ns parameter in 2.x check auth responses", Pattern.compile("^ns:", 8).matcher(postString).find());
            Response parse2 = ResponseFactory.parse(postString);
            assertTrue(parse2.isVersion2());
            assertTrue(parse2 instanceof CheckAuthenticationResponse);
        } catch (OpenIdException e) {
            assertTrue("Should not throw an exception, threw '" + e.getMessage() + "'", false);
        }
    }

    void validatePapeRequest(PapeRequest papeRequest) throws Exception {
        assertTrue(papeRequest.isValid());
        assertNotNull(papeRequest.getMaxAuthAge());
        assertEquals(papeRequest.getMaxAuthAge().intValue(), 3600);
        Set<String> preferredAuthPolicies = papeRequest.getPreferredAuthPolicies();
        String[] strArr = {PapeConstants.AUTH_PHISHING_RESISTANT, PapeConstants.AUTH_MULTI_FACTOR, PapeConstants.AUTH_PHYSICAL_MULTI_FACTOR};
        for (String str : preferredAuthPolicies) {
            int i = 0;
            while (i < strArr.length && !str.equals(strArr[i])) {
                i++;
            }
            assertTrue(i < strArr.length);
        }
    }

    public void testPapeRequestFromQuery() throws Exception {
        Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.ns.foo=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.foo.max_auth_age=3600&openid.foo.preferred_auth_policies=http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fphishing-resistant+http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fmulti-factor+http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fmulti-factor-physical");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        assertTrue(authenticationRequest.isIdentifierSelect());
        PapeRequest papeRequest = new PapeRequest(authenticationRequest.getExtensions());
        System.out.println(papeRequest.toString());
        validatePapeRequest(papeRequest);
        assertEquals(papeRequest.getPreferredAuthPolicies().size(), 3);
    }

    public void testPapeRequestWithEmptyAuthPoliciesFromQuery() throws Exception {
        Request parse = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.ns.foo=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.foo.max_auth_age=3600&openid.foo.preferred_auth_policies=");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        assertTrue(authenticationRequest.isIdentifierSelect());
        PapeRequest papeRequest = new PapeRequest(authenticationRequest.getExtensions());
        System.out.println(papeRequest.toString());
        validatePapeRequest(papeRequest);
        assertEquals(papeRequest.getPreferredAuthPolicies().size(), 0);
    }

    public void testPapeRequestGenerate() throws Exception {
        AuthenticationRequest create = AuthenticationRequest.create(AuthenticationRequest.ID_SELECT, "http://www.schtuff.com/?action=openid_return&dest=&stay_logged_in=False&response_nonce=2006-12-06t04%3A54%3A51ZQvGYW3", "http://*.schtuff.com/", "ahandle");
        assertTrue(create.isIdentifierSelect());
        PapeRequest papeRequest = new PapeRequest();
        papeRequest.setMaxAuthAge(3600);
        papeRequest.setPreferredAuthPolicies(new String[]{PapeConstants.AUTH_PHISHING_RESISTANT, PapeConstants.AUTH_MULTI_FACTOR, PapeConstants.AUTH_PHYSICAL_MULTI_FACTOR});
        create.addExtension(papeRequest);
        validatePapeRequest(new PapeRequest(create.getExtensions()));
        Request parse = RequestFactory.parse(create.toUrlString());
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        assertTrue(authenticationRequest.isIdentifierSelect());
        PapeRequest papeRequest2 = new PapeRequest(authenticationRequest.getExtensions());
        System.out.println(papeRequest2.toString());
        validatePapeRequest(papeRequest2);
    }

    void validatePapeResponse(PapeResponse papeResponse) throws Exception {
        assertTrue(papeResponse.isValid());
        assertNotNull(papeResponse.getAuthTime());
        assertEquals(papeResponse.getAuthTime().getTime(), 1196510400000L);
        Set<String> authPolicies = papeResponse.getAuthPolicies();
        assertEquals(authPolicies.size(), 3);
        String[] strArr = {PapeConstants.AUTH_PHISHING_RESISTANT, PapeConstants.AUTH_MULTI_FACTOR, PapeConstants.AUTH_PHYSICAL_MULTI_FACTOR};
        for (String str : authPolicies) {
            int i = 0;
            while (i < strArr.length && !str.equals(strArr[i])) {
                i++;
            }
            assertTrue(i < strArr.length);
        }
        assertNotNull(papeResponse.getNistAuthLevel());
        assertEquals(papeResponse.getNistAuthLevel().intValue(), 4);
    }

    public void testPapeResponseFromQuery() throws Exception {
        Response parse = ResponseFactory.parse("openid.op_endpoint=http%3A%2F%2Fexample.com&openid.pape.auth_policies=http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fphishing-resistant+http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fmulti-factor+http%3A%2F%2Fschemas.openid.net%2Fpape%2Fpolicies%2F2007%2F06%2Fmulti-factor-physical&openid.pape.auth_time=2007-12-01T12%3A00%3A00Z&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06t04%253A54%253A51ZQvGYW3&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.response_nonce=2007-10-15T17%3A38%3A16ZZvI%3D&openid.pape.nist_auth_level=4&openid.assoc_handle=694d5d70-7b45-11dc-8e68-bbf7f7e8a280&openid.signed=assoc_handle%2Cidentity%2Cresponse_nonce%2Creturn_to%2Cclaimed_id%2Cop_endpoint&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=id_res&openid.invalidate_handle=ahandle&openid.sig=iqoAqcoyYK3XX9%2BOdxmdjUYLUJs%3D");
        assertTrue(parse instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) parse;
        assertTrue(authenticationResponse.isVersion2());
        PapeResponse papeResponse = new PapeResponse(authenticationResponse.getExtensions());
        System.out.println(papeResponse.toString());
        validatePapeResponse(papeResponse);
    }

    public void testPapeResponseGenerate() throws Exception {
        Response processUsing = AuthenticationRequest.create(AuthenticationRequest.ID_SELECT, "http://www.schtuff.com/?action=openid_return&dest=&stay_logged_in=False&response_nonce=2006-12-06t04%3A54%3A51ZQvGYW3", "http://*.schtuff.com/", "ahandle").processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        assertTrue(processUsing.isVersion2());
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        PapeResponse papeResponse = new PapeResponse();
        papeResponse.setAuthTime(new Date(1196510400000L));
        assertTrue(papeResponse.getParam("auth_policies").equals("none"));
        papeResponse.setAuthPolicies(new String[0]);
        assertTrue(papeResponse.getParam("auth_policies").equals("none"));
        papeResponse.setAuthPolicies(new String[]{PapeConstants.AUTH_PHISHING_RESISTANT, PapeConstants.AUTH_MULTI_FACTOR, PapeConstants.AUTH_PHYSICAL_MULTI_FACTOR});
        papeResponse.setNistAuthLevel(4);
        authenticationResponse.addExtension(papeResponse);
        System.out.println(authenticationResponse.toUrlString());
        String[] split = authenticationResponse.getSignedList().split(",");
        HashSet hashSet = new HashSet();
        hashSet.addAll(Arrays.asList(split));
        assertTrue(hashSet.contains("ns.pape"));
        assertTrue(hashSet.contains("pape.auth_policies"));
        assertTrue(hashSet.contains("pape.auth_time"));
        assertTrue(hashSet.contains("pape.nist_auth_level"));
        validatePapeResponse(new PapeResponse(authenticationResponse.getExtensions()));
        String urlString = authenticationResponse.toUrlString();
        System.out.println(urlString);
        Response parse = ResponseFactory.parse(urlString);
        assertTrue(parse instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse2 = (AuthenticationResponse) parse;
        assertTrue(authenticationResponse2.isVersion2());
        PapeResponse papeResponse2 = new PapeResponse(authenticationResponse2.getExtensions());
        System.out.println(papeResponse2.toString());
        validatePapeResponse(papeResponse2);
    }

    public void testSreg10() throws Exception {
        Request parse = RequestFactory.parse("openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Fhans.pip.verisignlabs.com%2F&openid.identity=http%3A%2F%2Fhans.pip.verisignlabs.com%2F&openid.return_to=https%3A%2F%2Fwww.blogger.com%2Fcomment.do%3FloginRedirect%3Dlm6phc1udus9&openid.realm=https%3A%2F%2Fwww.blogger.com&openid.mode=checkid_setup&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fsreg%2F1.0&openid.sreg.optional=nickname%2Cfullname");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        SimpleRegistration simpleRegistration = authenticationRequest.getSimpleRegistration();
        assertTrue(simpleRegistration.isRequested());
        Set optional = simpleRegistration.getOptional();
        HashMap hashMap = new HashMap();
        Iterator it = optional.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), "blahblah");
        }
        authenticationRequest.setSimpleRegistration(new SimpleRegistration(Collections.EMPTY_SET, optional, hashMap, "", simpleRegistration.getNamespace()));
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        assertTrue(authenticationResponse.isVersion2());
        Map map = authenticationResponse.toMap();
        if (processUsing.isVersion2()) {
            assertEquals((String) map.get(SimpleRegistration.OPENID_SREG_NSDEF), SimpleRegistration.OPENID_SREG_NAMESPACE_10);
        }
    }

    public void testSreg11() throws Exception {
        Request parse = RequestFactory.parse("openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Fhans.pip.verisignlabs.com%2F&openid.identity=http%3A%2F%2Fhans.pip.verisignlabs.com%2F&openid.return_to=https%3A%2F%2Fwww.blogger.com%2Fcomment.do%3FloginRedirect%3Dlm6phc1udus9&openid.realm=https%3A%2F%2Fwww.blogger.com&openid.mode=checkid_setup&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.sreg.optional=nickname%2Cfullname");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        SimpleRegistration simpleRegistration = authenticationRequest.getSimpleRegistration();
        assertTrue(simpleRegistration.isRequested());
        Set optional = simpleRegistration.getOptional();
        HashMap hashMap = new HashMap();
        Iterator it = optional.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), "blahblah");
        }
        authenticationRequest.setSimpleRegistration(new SimpleRegistration(Collections.EMPTY_SET, optional, hashMap, "", simpleRegistration.getNamespace()));
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        assertTrue(authenticationResponse.isVersion2());
        Map map = authenticationResponse.toMap();
        if (processUsing.isVersion2()) {
            assertEquals((String) map.get(SimpleRegistration.OPENID_SREG_NSDEF), SimpleRegistration.OPENID_SREG_NAMESPACE_11);
        }
    }

    public void testSregBadNS() throws Exception {
        Request parse = RequestFactory.parse("openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.claimed_id=http%3A%2F%2Fhans.pip.verisignlabs.com%2F&openid.identity=http%3A%2F%2Fhans.pip.verisignlabs.com%2F&openid.return_to=https%3A%2F%2Fwww.blogger.com%2Fcomment.do%3FloginRedirect%3Dlm6phc1udus9&openid.realm=https%3A%2F%2Fwww.blogger.com&openid.mode=checkid_setup&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2Ffoo&openid.sreg.optional=nickname%2Cfullname");
        assertTrue(parse instanceof AuthenticationRequest);
        AuthenticationRequest authenticationRequest = (AuthenticationRequest) parse;
        SimpleRegistration simpleRegistration = authenticationRequest.getSimpleRegistration();
        assertTrue(simpleRegistration.isRequested());
        Set optional = simpleRegistration.getOptional();
        HashMap hashMap = new HashMap();
        Iterator it = optional.iterator();
        while (it.hasNext()) {
            hashMap.put((String) it.next(), "blahblah");
        }
        authenticationRequest.setSimpleRegistration(new SimpleRegistration(Collections.EMPTY_SET, optional, hashMap, "", simpleRegistration.getNamespace()));
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing;
        assertTrue(authenticationResponse.isVersion2());
        Map map = authenticationResponse.toMap();
        if (processUsing.isVersion2()) {
            assertEquals((String) map.get(SimpleRegistration.OPENID_SREG_NSDEF), SimpleRegistration.OPENID_SREG_NAMESPACE_11);
        }
    }

    public void testMessageMapToUrlStringOk() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("openid.assoc_handle", "adfasdf");
        hashMap.put("openid.mode", "check_authentication");
        hashMap.put(AuthenticationResponse.OPENID_IDENTITY, "http://foo");
        hashMap.put(AuthenticationResponse.OPENID_RETURN_TO, "http://bar");
        hashMap.put(AuthenticationResponse.OPENID_NONCE, "42");
        hashMap.put(AuthenticationResponse.OPENID_SIG, "siggy");
        CheckAuthenticationRequest checkAuthenticationRequest = new CheckAuthenticationRequest(hashMap, "check_authentication");
        System.out.println("urlstr:'" + checkAuthenticationRequest.toUrlString() + "'");
        assertTrue("openid.assoc_handle=adfasdf&openid.identity=http%3A%2F%2Ffoo&openid.return_to=http%3A%2F%2Fbar&openid.sig=siggy&openid.mode=check_authentication&openid.response_nonce=42".equals(checkAuthenticationRequest.toUrlString()));
    }

    public void testMessageMapToUrlStringNullParam() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("openid.assoc_handle", "adfasdf");
        hashMap.put("openid.mode", "check_authentication");
        hashMap.put(AuthenticationResponse.OPENID_IDENTITY, "http://foo");
        hashMap.put(AuthenticationResponse.OPENID_RETURN_TO, "http://bar");
        hashMap.put(AuthenticationResponse.OPENID_NONCE, null);
        hashMap.put(AuthenticationResponse.OPENID_SIG, "siggy");
        boolean z = false;
        try {
            new CheckAuthenticationRequest(hashMap, "check_authentication").toUrlString();
        } catch (OpenIdException e) {
            z = true;
        }
        assertTrue(z);
    }

    public void testCheckAuthNonceOk() throws Exception {
        Request parse = RequestFactory.parse("openid.dh_consumer_public=GXmne0vGvF%2Fw9RHrk4McrUgxq3dmwURoKPhkrVdtBVNZtRlulFau2SBf%2FFT7JRo5LEcqY5CrctJlk%2B7YFcAyOX9VGd%2BmPfIE6cGPCTxy26USiJgjMEFPtkIRzT1y8lC7ypXvjZ5p0Q1hSg%2FuKdz1v0RAPICrVUrZ%2FgASGuqIpvQ%3D&openid.assoc_type=HMAC-SHA1&openid.session_type=DH-SHA1&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=associate");
        assertTrue(parse instanceof AssociationRequest);
        assertTrue(((AssociationRequest) parse).isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) processUsing;
        assertTrue(associationResponse.isVersion2());
        String str = "openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.assoc_handle=" + associationResponse.getAssociationHandle();
        Request parse2 = RequestFactory.parse(str);
        assertTrue(parse2 instanceof AuthenticationRequest);
        Response processUsing2 = parse2.processUsing(serverInfo);
        assertTrue(processUsing2 instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing2;
        String nonce = authenticationResponse.getNonce();
        new CheckAuthenticationRequest(authenticationResponse.toMap(), "check_authentication").processUsing(serverInfo);
        Request parse3 = RequestFactory.parse(str);
        assertTrue(parse3 instanceof AuthenticationRequest);
        Response processUsing3 = parse3.processUsing(serverInfo);
        assertTrue(processUsing3 instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse2 = (AuthenticationResponse) processUsing3;
        assertFalse(nonce.equals(authenticationResponse2.getNonce()));
        new CheckAuthenticationRequest(authenticationResponse2.toMap(), "check_authentication").processUsing(serverInfo);
    }

    public void testCheckAuthNonceDuplicate() throws Exception {
        Request parse = RequestFactory.parse("openid.dh_consumer_public=GXmne0vGvF%2Fw9RHrk4McrUgxq3dmwURoKPhkrVdtBVNZtRlulFau2SBf%2FFT7JRo5LEcqY5CrctJlk%2B7YFcAyOX9VGd%2BmPfIE6cGPCTxy26USiJgjMEFPtkIRzT1y8lC7ypXvjZ5p0Q1hSg%2FuKdz1v0RAPICrVUrZ%2FgASGuqIpvQ%3D&openid.assoc_type=HMAC-SHA1&openid.session_type=DH-SHA1&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=associate");
        assertTrue(parse instanceof AssociationRequest);
        assertTrue(((AssociationRequest) parse).isVersion2());
        Response processUsing = parse.processUsing(serverInfo);
        assertTrue(processUsing instanceof AssociationResponse);
        AssociationResponse associationResponse = (AssociationResponse) processUsing;
        assertTrue(associationResponse.isVersion2());
        Request parse2 = RequestFactory.parse("openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=checkid_setup&openid.return_to=http%3A%2F%2Fwww.schtuff.com%2F%3Faction%3Dopenid_return%26dest%3D%26stay_logged_in%3DFalse%26response_nonce%3D2006-12-06T04%253A54%253A51ZQvGYW3&openid.trust_root=http%3A%2F%2F%2A.schtuff.com%2F&openid.assoc_handle=" + associationResponse.getAssociationHandle());
        assertTrue(parse2 instanceof AuthenticationRequest);
        Response processUsing2 = parse2.processUsing(serverInfo);
        assertTrue(processUsing2 instanceof AuthenticationResponse);
        AuthenticationResponse authenticationResponse = (AuthenticationResponse) processUsing2;
        authenticationResponse.getNonce();
        new CheckAuthenticationRequest(authenticationResponse.toMap(), "check_authentication").processUsing(serverInfo);
        boolean z = false;
        try {
            new CheckAuthenticationRequest(authenticationResponse.toMap(), "check_authentication").processUsing(serverInfo);
        } catch (OpenIdException e) {
            z = true;
        }
        assertTrue(z);
    }

    static {
        try {
            srand = SecureRandom.getInstance("SHA1PRNG");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("No SHA1 prng??");
        }
    }
}
