package org.n52.security.authentication.saml2;

import java.security.Principal;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import org.n52.security.common.subject.AttributePrincipal;
import org.n52.security.common.subject.RolePrincipal;
import org.n52.security.common.subject.UsernameIDPrincipal;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.xml.schema.XSString;

/* loaded from: input_file:org/n52/security/authentication/saml2/DirectAssertionAttributeMapper.class */
public class DirectAssertionAttributeMapper implements AssertionAttributeMapper {
    private String m_roleAttributeName;

    @Override // org.n52.security.authentication.saml2.AssertionAttributeMapper
    public Subject mapAttributes(Assertion assertion, Subject subject) {
        String value = assertion.getSubject().getNameID().getValue();
        Set<Principal> principals = subject.getPrincipals();
        principals.add(new UsernameIDPrincipal(value));
        Iterator it = assertion.getAttributeStatements().iterator();
        while (it.hasNext()) {
            for (Attribute attribute : ((AttributeStatement) it.next()).getAttributes()) {
                for (XSString xSString : attribute.getAttributeValues()) {
                    if (xSString instanceof XSString) {
                        XSString xSString2 = xSString;
                        if (isRoleAttribute(attribute)) {
                            principals.add(new RolePrincipal(xSString2.getValue()));
                        } else {
                            principals.add(new AttributePrincipal(attribute.getName(), xSString2.getValue()));
                        }
                    }
                }
            }
        }
        return subject;
    }

    private boolean isRoleAttribute(Attribute attribute) {
        return attribute.getName().equals(this.m_roleAttributeName);
    }

    public String getRoleAttributeName() {
        return this.m_roleAttributeName;
    }

    public void setRoleAttributeName(String str) {
        this.m_roleAttributeName = str;
    }
}
