package org.n52.security.authentication.saml2;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.security.auth.Subject;
import org.n52.security.common.subject.AttributePrincipal;
import org.n52.security.common.subject.RolePrincipal;
import org.n52.security.common.subject.UsernameIDPrincipal;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.schema.XSString;

/* loaded from: input_file:org/n52/security/authentication/saml2/ConfigurableAssertionAttributeMapper.class */
public class ConfigurableAssertionAttributeMapper implements AssertionAttributeMapper {
    private Map<String, String> m_sourceNameToTargetName = Collections.emptyMap();
    private Iterable<RoleAttributeMapper> m_roleMapper = Collections.emptyList();
    private UserIdMapper m_userIdMapper = new NameIdValueUserIdMapper();

    /* loaded from: input_file:org/n52/security/authentication/saml2/ConfigurableAssertionAttributeMapper$NameIdValueUserIdMapper.class */
    public static class NameIdValueUserIdMapper implements UserIdMapper {
        @Override // org.n52.security.authentication.saml2.ConfigurableAssertionAttributeMapper.UserIdMapper
        public Principal mapToUserIdPrincipal(Assertion assertion) {
            return new UsernameIDPrincipal(assertion.getSubject().getNameID().getValue());
        }
    }

    /* loaded from: input_file:org/n52/security/authentication/saml2/ConfigurableAssertionAttributeMapper$NameRoleAttributeMapper.class */
    public static class NameRoleAttributeMapper implements RoleAttributeMapper {
        private String m_roleAttributeName;
        private Pattern m_valueFilterPattern;

        @Override // org.n52.security.authentication.saml2.ConfigurableAssertionAttributeMapper.RoleAttributeMapper
        public Collection<RolePrincipal> mapToRoles(String str, String str2) {
            if (!str.equals(this.m_roleAttributeName)) {
                return Collections.emptyList();
            }
            String filterValue = filterValue(str2);
            return (filterValue == null || filterValue.isEmpty()) ? Collections.emptyList() : mapValueToRoles(filterValue);
        }

        protected String filterValue(String str) {
            if (this.m_valueFilterPattern == null) {
                return str;
            }
            Matcher matcher = this.m_valueFilterPattern.matcher(str);
            return !matcher.matches() ? "" : matcher.group(1);
        }

        protected Collection<RolePrincipal> mapValueToRoles(String str) {
            return Collections.singletonList(new RolePrincipal(str));
        }

        public void setRoleAttributeName(String str) {
            this.m_roleAttributeName = str;
        }

        public String getRoleAttributeName() {
            return this.m_roleAttributeName;
        }

        public Pattern getValueFilterPattern() {
            return this.m_valueFilterPattern;
        }

        public void setValueFilterPattern(Pattern pattern) {
            this.m_valueFilterPattern = pattern;
        }
    }

    /* loaded from: input_file:org/n52/security/authentication/saml2/ConfigurableAssertionAttributeMapper$NameValueRoleAttributeMapper.class */
    public static class NameValueRoleAttributeMapper extends NameRoleAttributeMapper {
        private Map<String, List<String>> m_sourceValueToRoles = new HashMap();

        @Override // org.n52.security.authentication.saml2.ConfigurableAssertionAttributeMapper.NameRoleAttributeMapper
        protected Collection<RolePrincipal> mapValueToRoles(String str) {
            if (!this.m_sourceValueToRoles.containsKey(str)) {
                return Collections.emptyList();
            }
            List<String> list = this.m_sourceValueToRoles.get(str);
            ArrayList arrayList = new ArrayList();
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(new RolePrincipal(it.next()));
            }
            return arrayList;
        }

        public void setSourceValueToRoles(Map<String, List<String>> map) {
            this.m_sourceValueToRoles = map;
        }

        public Map<String, List<String>> getSourceValueToRoles() {
            return this.m_sourceValueToRoles;
        }
    }

    /* loaded from: input_file:org/n52/security/authentication/saml2/ConfigurableAssertionAttributeMapper$RoleAttributeMapper.class */
    public interface RoleAttributeMapper {
        Collection<RolePrincipal> mapToRoles(String str, String str2);
    }

    /* loaded from: input_file:org/n52/security/authentication/saml2/ConfigurableAssertionAttributeMapper$UserIdMapper.class */
    public interface UserIdMapper {
        Principal mapToUserIdPrincipal(Assertion assertion);
    }

    @Override // org.n52.security.authentication.saml2.AssertionAttributeMapper
    public Subject mapAttributes(Assertion assertion, Subject subject) {
        Set<Principal> principals = subject.getPrincipals();
        principals.add(mapToUserIdPrincipal(assertion));
        Iterator it = assertion.getAttributeStatements().iterator();
        while (it.hasNext()) {
            for (Attribute attribute : ((AttributeStatement) it.next()).getAttributes()) {
                Iterator it2 = attribute.getAttributeValues().iterator();
                while (it2.hasNext()) {
                    principals.addAll(mapToPrincipals(attribute, (XMLObject) it2.next()));
                }
            }
        }
        return subject;
    }

    private Principal mapToUserIdPrincipal(Assertion assertion) {
        return this.m_userIdMapper.mapToUserIdPrincipal(assertion);
    }

    protected Collection<? extends Principal> mapToPrincipals(Attribute attribute, XMLObject xMLObject) {
        List emptyList = Collections.emptyList();
        if (!(xMLObject instanceof XSString)) {
            return emptyList;
        }
        Collection<? extends Principal> mapToRolePrincipals = mapToRolePrincipals(attribute, xMLObject);
        if (mapToRolePrincipals.isEmpty()) {
            mapToRolePrincipals = mapToAttributePrincipals(attribute, xMLObject);
        }
        return mapToRolePrincipals;
    }

    protected Collection<Principal> mapToAttributePrincipals(Attribute attribute, XMLObject xMLObject) {
        String name = attribute.getName();
        if (this.m_sourceNameToTargetName.containsKey(name)) {
            name = this.m_sourceNameToTargetName.get(name);
        }
        return Collections.singletonList(new AttributePrincipal(name, ((XSString) xMLObject).getValue()));
    }

    protected Collection<? extends Principal> mapToRolePrincipals(Attribute attribute, XMLObject xMLObject) {
        Iterator<RoleAttributeMapper> it = getRoleMapper().iterator();
        while (it.hasNext()) {
            Collection<RolePrincipal> mapToRoles = it.next().mapToRoles(attribute.getName(), ((XSString) xMLObject).getValue());
            if (!mapToRoles.isEmpty()) {
                return mapToRoles;
            }
        }
        return Collections.emptyList();
    }

    public void setSourceNameToTargetName(Map<String, String> map) {
        this.m_sourceNameToTargetName = map;
    }

    public Map<String, String> getSourceNameToTargetName() {
        return this.m_sourceNameToTargetName;
    }

    public void setRoleMapper(Iterable<RoleAttributeMapper> iterable) {
        this.m_roleMapper = iterable;
    }

    public Iterable<RoleAttributeMapper> getRoleMapper() {
        return this.m_roleMapper;
    }

    public UserIdMapper getUserIdMapper() {
        return this.m_userIdMapper;
    }

    public void setUserIdMapper(UserIdMapper userIdMapper) {
        this.m_userIdMapper = userIdMapper;
    }
}
