package org.n52.security.authentication;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import org.apache.log4j.Logger;
import org.n52.security.authentication.principals.AttributePrincipal;
import org.n52.security.authentication.principals.NamedScope;
import org.n52.security.authentication.principals.RolePrincipal;
import org.n52.security.authentication.principals.Scope;
import org.n52.security.authentication.principals.UsernameIDPrincipal;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAttribute;
import org.opensaml.SAMLAttributeStatement;
import org.opensaml.SAMLAuthenticationStatement;
import org.opensaml.SAMLException;
import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLStatement;
import org.opensaml.SAMLSubject;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/n52/security/authentication/SAMLTicket.class */
public class SAMLTicket {
    private static Logger sLogger;
    protected org.opensaml.SAMLResponse mSAMLResponse;
    static Class class$org$n52$security$authentication$SAMLTicket;
    static Class class$org$n52$security$authentication$principals$UsernameIDPrincipal;
    static Class class$org$n52$security$authentication$principals$AttributePrincipal;
    static Class class$org$n52$security$authentication$principals$RolePrincipal;

    public SAMLTicket(String str) throws SAMLException {
        try {
            this.mSAMLResponse = new org.opensaml.SAMLResponse(new ByteArrayInputStream(str.getBytes("UTF-8")));
        } catch (UnsupportedEncodingException e) {
            sLogger.error("Error while creating SAMLTicket from String", e);
            throw new SAMLException("Error while creating SAMLTicket from String", e);
        }
    }

    public SAMLTicket(Document document) throws SAMLException {
        this(new org.opensaml.SAMLResponse(document.getDocumentElement()));
    }

    public SAMLTicket(org.opensaml.SAMLResponse sAMLResponse) throws SAMLException {
        this.mSAMLResponse = sAMLResponse;
    }

    public void verify() throws SAMLException {
        this.mSAMLResponse.verify();
    }

    public void verify(Certificate certificate) throws SAMLException {
        this.mSAMLResponse.verify(certificate);
    }

    public boolean isExpired() {
        return isExpired(0L);
    }

    public boolean isExpired(long j) {
        long currentTimeMillis = System.currentTimeMillis();
        Iterator assertions = this.mSAMLResponse.getAssertions();
        while (assertions.hasNext()) {
            SAMLAssertion sAMLAssertion = (SAMLAssertion) assertions.next();
            Date notBefore = sAMLAssertion.getNotBefore();
            if (notBefore != null && notBefore.getTime() - j > currentTimeMillis) {
                return true;
            }
            Date notOnOrAfter = sAMLAssertion.getNotOnOrAfter();
            if (notOnOrAfter != null && notOnOrAfter.getTime() + j <= currentTimeMillis) {
                return true;
            }
        }
        return false;
    }

    public Subject asSubject() {
        Subject subject = new Subject();
        updateSubject(subject);
        return subject;
    }

    public String asString() {
        return this.mSAMLResponse.toString();
    }

    public String asBase64String() {
        try {
            return new String(this.mSAMLResponse.toBase64());
        } catch (SAMLException e) {
            sLogger.error(e);
            return null;
        } catch (IOException e2) {
            sLogger.error(e2);
            return null;
        }
    }

    public void updateSubject(Subject subject) {
        if (subject == null) {
            throw new IllegalArgumentException("Subject must not be null.");
        }
        subject.getPrincipals().addAll(retrievePrincipals());
    }

    private Set retrievePrincipals() {
        HashSet hashSet = new HashSet(8);
        Iterator statements = ((SAMLAssertion) this.mSAMLResponse.getAssertions().next()).getStatements();
        while (statements.hasNext()) {
            SAMLAuthenticationStatement sAMLAuthenticationStatement = (SAMLStatement) statements.next();
            if (sAMLAuthenticationStatement instanceof SAMLAuthenticationStatement) {
                SAMLSubject subject = sAMLAuthenticationStatement.getSubject();
                String name = subject.getNameIdentifier().getName();
                String nameQualifier = subject.getNameIdentifier().getNameQualifier();
                hashSet.add(new UsernameIDPrincipal(name, nameQualifier == null ? Scope.GLOBAL : new NamedScope(nameQualifier)));
            }
            if (sAMLAuthenticationStatement instanceof SAMLAttributeStatement) {
                Iterator attributes = ((SAMLAttributeStatement) sAMLAuthenticationStatement).getAttributes();
                while (attributes.hasNext()) {
                    SAMLAttribute sAMLAttribute = (SAMLAttribute) attributes.next();
                    Iterator values = sAMLAttribute.getValues();
                    while (values.hasNext()) {
                        hashSet.add(new AttributePrincipal(sAMLAttribute.getName(), (String) values.next()));
                    }
                }
            }
        }
        return hashSet;
    }

    public static String createSAMLResponseFromPrincipals(AuthenticationContext authenticationContext, String str, String str2, String str3, int i, String str4, Key key, Certificate certificate, boolean z) throws SAMLException, IOException {
        Class cls;
        Subject subject = authenticationContext.getSubject();
        if (class$org$n52$security$authentication$principals$UsernameIDPrincipal == null) {
            cls = class$("org.n52.security.authentication.principals.UsernameIDPrincipal");
            class$org$n52$security$authentication$principals$UsernameIDPrincipal = cls;
        } else {
            cls = class$org$n52$security$authentication$principals$UsernameIDPrincipal;
        }
        UsernameIDPrincipal usernameIDPrincipal = (UsernameIDPrincipal) subject.getPrincipals(cls).iterator().next();
        String name = usernameIDPrincipal.getName();
        String name2 = usernameIDPrincipal.getScope().getName();
        Date authenticationTime = authenticationContext.getAuthenticationTime();
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = (Calendar) calendar.clone();
        calendar.add(13, i);
        SAMLSubject sAMLSubject = new SAMLSubject(new SAMLNameIdentifier(name, name2, "#ID"), (Collection) null, (Element) null, (Object) null);
        ArrayList arrayList = new ArrayList();
        try {
            arrayList.add(new SAMLAuthenticationStatement((SAMLSubject) sAMLSubject.clone(), str4, authenticationTime, (String) null, (String) null, (Collection) null));
            Map attributesFromSubject = getAttributesFromSubject(subject, str);
            ArrayList arrayList2 = new ArrayList();
            for (Map.Entry entry : attributesFromSubject.entrySet()) {
                arrayList2.add(new SAMLAttribute((String) entry.getKey(), "def", (QName) null, 0L, (Collection) entry.getValue()));
            }
            if (!arrayList2.isEmpty()) {
                arrayList.add(new SAMLAttributeStatement((SAMLSubject) sAMLSubject.clone(), arrayList2));
            }
        } catch (CloneNotSupportedException e) {
            sLogger.error("Error during SAMLAuthentication Statement creation.", e);
        }
        SAMLAssertion sAMLAssertion = new SAMLAssertion(str2, calendar2.getTime(), calendar.getTime(), (Collection) null, (Collection) null, arrayList);
        ArrayList arrayList3 = new ArrayList(1);
        arrayList3.add(sAMLAssertion);
        org.opensaml.SAMLResponse sAMLResponse = new org.opensaml.SAMLResponse((String) null, str3, arrayList3, (SAMLException) null);
        sLogger.debug(new StringBuffer().append("Generated SAMLResponse (yet unsigned):\n").append(sAMLResponse).toString());
        ArrayList arrayList4 = new ArrayList(4);
        if (certificate != null) {
            arrayList4.add(certificate);
            sAMLResponse.sign("http://www.w3.org/2000/09/xmldsig#rsa-sha1", key, arrayList4);
        }
        return z ? new String(sAMLResponse.toBase64()) : sAMLResponse.toString();
    }

    private static Map getAttributesFromSubject(Subject subject, String str) {
        Class cls;
        Class cls2;
        HashMap hashMap = new HashMap();
        if (class$org$n52$security$authentication$principals$AttributePrincipal == null) {
            cls = class$("org.n52.security.authentication.principals.AttributePrincipal");
            class$org$n52$security$authentication$principals$AttributePrincipal = cls;
        } else {
            cls = class$org$n52$security$authentication$principals$AttributePrincipal;
        }
        for (AttributePrincipal attributePrincipal : subject.getPrincipals(cls)) {
            String name = attributePrincipal.getName();
            Collection collection = (Collection) hashMap.get(name);
            if (collection == null) {
                collection = new LinkedList();
                hashMap.put(name, collection);
            }
            collection.add(attributePrincipal.getValue());
        }
        if (class$org$n52$security$authentication$principals$RolePrincipal == null) {
            cls2 = class$("org.n52.security.authentication.principals.RolePrincipal");
            class$org$n52$security$authentication$principals$RolePrincipal = cls2;
        } else {
            cls2 = class$org$n52$security$authentication$principals$RolePrincipal;
        }
        Iterator it = subject.getPrincipals(cls2).iterator();
        LinkedList linkedList = new LinkedList();
        while (it.hasNext()) {
            linkedList.add(((RolePrincipal) it.next()).getName());
        }
        if (!linkedList.isEmpty()) {
            hashMap.put(str, linkedList);
        }
        return hashMap;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$authentication$SAMLTicket == null) {
            cls = class$("org.n52.security.authentication.SAMLTicket");
            class$org$n52$security$authentication$SAMLTicket = cls;
        } else {
            cls = class$org$n52$security$authentication$SAMLTicket;
        }
        sLogger = Logger.getLogger(cls);
    }
}
