package de.conterra.smarteditor.common.authentication;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Iterator;
import java.util.Map;
import org.apache.log4j.Logger;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLException;
import org.opensaml.SAMLResponse;

/* loaded from: input_file:de/conterra/smarteditor/common/authentication/Saml1_1Ticket.class */
public class Saml1_1Ticket implements Ticket {
    private static final Logger LOG = Logger.getLogger(Saml1_1Ticket.class);
    private KeyStoreProvider provider;
    private SAMLResponse samlResponse;
    private Actor actor;

    public Saml1_1Ticket(byte[] bArr, KeyStoreProvider keyStoreProvider, Map<String, String> map) throws SAMLException {
        try {
            this.samlResponse = new SAMLResponse(new ByteArrayInputStream(bArr));
            this.provider = keyStoreProvider;
            this.actor = new Saml1_1Actor(this.samlResponse.getAssertions().next());
            if (map != null) {
                ((Saml1_1Actor) this.actor).setAttributeNameMap(map);
            }
            ((Saml1_1Actor) this.actor).compileActor();
        } catch (SAMLException e) {
            LOG.info("Caught SAMLException: " + e.getMessage());
            throw e;
        }
    }

    @Override // de.conterra.smarteditor.common.authentication.Ticket
    public String asBase64String() {
        try {
            return new String(this.samlResponse.toBase64());
        } catch (IOException e) {
            LOG.error(e.getMessage(), e);
            return null;
        } catch (SAMLException e2) {
            LOG.error(e2.getMessage(), e2);
            return null;
        }
    }

    @Override // de.conterra.smarteditor.common.authentication.Ticket
    public void verify() throws SAMLException {
        try {
            KeyAndCertificate resolveByAlias = this.provider.resolveByAlias(this.provider.create());
            Iterator assertions = this.samlResponse.getAssertions();
            if (assertions.hasNext()) {
                ((SAMLAssertion) assertions.next()).verify(resolveByAlias.getCertificate());
            }
        } catch (PolicyException e) {
            LOG.error(e.getMessage(), e);
            throw new SAMLException(e.getMessage(), e);
        }
    }

    @Override // de.conterra.smarteditor.common.authentication.Ticket
    public Actor getActor() {
        return this.actor;
    }

    public KeyStoreProvider getProvider() {
        return this.provider;
    }

    public void setProvider(KeyStoreProvider keyStoreProvider) {
        this.provider = keyStoreProvider;
    }

    public static void main(String[] strArr) {
        try {
            ClassPathKeyStoreProvider classPathKeyStoreProvider = new ClassPathKeyStoreProvider();
            classPathKeyStoreProvider.setAlias("ct-security");
            classPathKeyStoreProvider.setAliasPwd("changeit");
            classPathKeyStoreProvider.setJKSPwd("changeit");
            classPathKeyStoreProvider.setPath("/.keystore");
            SamlTicketFactory samlTicketFactory = new SamlTicketFactory();
            samlTicketFactory.setProvider(classPathKeyStoreProvider);
            samlTicketFactory.createTicket("<Response xmlns=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" IssueInstant=\"2010-11-15T14:53:35.266Z\" MajorVersion=\"1\" MinorVersion=\"1\" ResponseID=\"_8e9597de4258e2cf51078f09bb96f6b8\"><Status><StatusCode Value=\"samlp:Success\"></StatusCode></Status><Assertion xmlns=\"urn:oasis:names:tc:SAML:1.0:assertion\" AssertionID=\"_2b3923d92896daa3a6f9a944ea95111d\" IssueInstant=\"2010-11-15T14:53:35.266Z\" Issuer=\"ct-security\" MajorVersion=\"1\" MinorVersion=\"1\"><Conditions NotBefore=\"2010-11-15T14:53:35.266Z\" NotOnOrAfter=\"2010-11-15T15:53:35.266Z\"></Conditions><AuthenticationStatement AuthenticationInstant=\"2010-11-15T14:53:35.266Z\" AuthenticationMethod=\"urn:oasis:names:tc:SAML:1.0:am:password\"><Subject><NameIdentifier Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\">rga</NameIdentifier></Subject></AuthenticationStatement><AttributeStatement><Subject><NameIdentifier Format=\"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\">rga</NameIdentifier></Subject><Attribute AttributeName=\"urn:conterra:names:sdi-smarteditor:policy:attribute:user-id\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">uid=rga,ou=People,dc=inspire,dc=esri,dc=com</AttributeValue></Attribute><Attribute AttributeName=\"urn:conterra:names:sdi-smarteditor:policy:attribute:group-id\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">INSPIRE-Users</AttributeValue></Attribute><Attribute AttributeName=\"mail\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">r.gartmann@conterra.de</AttributeValue></Attribute><Attribute AttributeName=\"urn:conterra:names:sdi-smarteditor:policy:attribute:group-name\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">INSPIRE-Users</AttributeValue></Attribute><Attribute AttributeName=\"urn:conterra:names:sdi-smarteditor:policy:attribute:role\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">mon_Administrator</AttributeValue><AttributeValue xsi:type=\"xsd:string\">inspireuser</AttributeValue><AttributeValue xsi:type=\"xsd:string\">gptRegisteredUser</AttributeValue></Attribute><Attribute AttributeName=\"daswae\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\"></AttributeValue></Attribute><Attribute AttributeName=\"postalAddress\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\"></AttributeValue></Attribute><Attribute AttributeName=\"uuid\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">ff0ccdd7-821e-3de8-a0d8-3be9d1445f85</AttributeValue></Attribute><Attribute AttributeName=\"dn\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">uid=rga,ou=people,dc=inspire,dc=esri,dc=com</AttributeValue></Attribute><Attribute AttributeName=\"familyname\" AttributeNamespace=\"urn:ct:names\"><AttributeValue xsi:type=\"xsd:string\">Gartmann</AttributeValue></Attribute></AttributeStatement><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\n<ds:SignedInfo>\n<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></ds:CanonicalizationMethod>\n<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"></ds:SignatureMethod>\n<ds:Reference URI=\"#_2b3923d92896daa3a6f9a944ea95111d\">\n<ds:Transforms>\n<ds:Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"></ds:Transform>\n<ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"><ec:InclusiveNamespaces xmlns:ec=\"http://www.w3.org/2001/10/xml-exc-c14n#\" PrefixList=\"code ds kind rw saml samlp typens #default xsd xsi\"></ec:InclusiveNamespaces></ds:Transform>\n</ds:Transforms>\n<ds:DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"></ds:DigestMethod>\n<ds:DigestValue>vyJtC+yLNAu6WueQucwZGEAmP2A=</ds:DigestValue>\n</ds:Reference>\n</ds:SignedInfo>\n<ds:SignatureValue>\nOIRsLidOVZP5SkjfZracAMgC4fUUltZ7+KEOZyzc6ZH1IExOCE+CxBZhnpsMo9btzqZZHsJwq5Kz\nnMisuXTMNZooBrcKQyqjQOqg8ZMVh/NLi2FC22kk+ZtmZkGKTwZCb+aWPqBQJY7kUL7DTOtE7zFN\nHeB+620aSZrHRlNwfps=\n</ds:SignatureValue>\n<ds:KeyInfo>\n<ds:X509Data>\n<ds:X509Certificate>\nMIICATCCAWqgAwIBAgIETKH4+TANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJFVTESMBAGA1UE\nChMJY29uIHRlcnJhMQ8wDQYDVQQLEwZzZXJ2ZXIxETAPBgNVBAMTCHNlY3VyaXR5MB4XDTEwMDky\nODE0MTcyOVoXDTE1MDkwMjE0MTcyOVowRTELMAkGA1UEBhMCRVUxEjAQBgNVBAoTCWNvbiB0ZXJy\nYTEPMA0GA1UECxMGc2VydmVyMREwDwYDVQQDEwhzZWN1cml0eTCBnzANBgkqhkiG9w0BAQEFAAOB\njQAwgYkCgYEAjabEyIsPDH/x4Liv+cakIWWhoTMos0Y2Oa30iJ/BZsFqo46OYC3j72thDKV5avE0\nqS1TYCmxG/5qrjQqs2Ye0EJVWZBXrx3ZD8P0er2ghqAryWrb1KTIfL8735jWX4IOWmRMcR2il7th\nZBsC8RYmimXhKIo3xXpPO9EnPf4eXi0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQBhdESIvbEqBlq5\nvm9q14ZJGCFwnptgTfvMPW0QMoNZhoGzU+qAx38wEuMPAKyIjjPHgzBmpjEKg0jYVZm76H8dMA4d\nvdh35DsjJrGHY2C44twjbiecXg4fBnpFuBaKJ2Ykbicf/fOOcNPbmqrpB1oMMuB2nyaqAJ33kzys\nSRyXPQ==\n</ds:X509Certificate>\n</ds:X509Data>\n</ds:KeyInfo></ds:Signature></Assertion></Response>").verify();
        } catch (SAMLException e) {
            LOG.error(e.getMessage(), e);
        }
    }
}
