package edu.internet2.middleware.shibboleth.idp.ext.ecp.saml.encoder;

import org.opensaml.Configuration;
import org.opensaml.common.SignableSAMLObject;
import org.opensaml.common.binding.SAMLMessageContext;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.SecurityConfiguration;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.Signer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/idp/ext/ecp/saml/encoder/SAMLEncoderHelper.class */
public final class SAMLEncoderHelper {
    private static final Logger LOG = LoggerFactory.getLogger(SAMLEncoderHelper.class);

    private SAMLEncoderHelper() {
    }

    public static void signMessage(SAMLMessageContext sAMLMessageContext) throws MessageEncodingException {
        SignableSAMLObject outboundSAMLMessage = sAMLMessageContext.getOutboundSAMLMessage();
        Credential ouboundSAMLMessageSigningCredential = sAMLMessageContext.getOuboundSAMLMessageSigningCredential();
        if (!(outboundSAMLMessage instanceof SignableSAMLObject) || ouboundSAMLMessageSigningCredential == null) {
            return;
        }
        SignableSAMLObject signableSAMLObject = outboundSAMLMessage;
        Signature buildObject = Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME);
        buildObject.setSigningCredential(ouboundSAMLMessageSigningCredential);
        try {
            SecurityHelper.prepareSignatureParams(buildObject, ouboundSAMLMessageSigningCredential, (SecurityConfiguration) null, (String) null);
            signableSAMLObject.setSignature(buildObject);
            try {
                Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(signableSAMLObject);
                if (marshaller == null) {
                    throw new MessageEncodingException("No marshaller registered for " + signableSAMLObject.getElementQName() + ", unable to marshall in preperation for signing");
                }
                marshaller.marshall(signableSAMLObject);
                Signer.signObject(buildObject);
            } catch (MarshallingException e) {
                LOG.error("Unable to marshall protocol message in preparation for signing", e);
                throw new MessageEncodingException("Unable to marshall protocol message in preparation for signing", e);
            } catch (SignatureException e2) {
                LOG.error("Unable to sign protocol message", e2);
                throw new MessageEncodingException("Unable to sign protocol message", e2);
            }
        } catch (SecurityException e3) {
            throw new MessageEncodingException("Error preparing signature for signing", e3);
        }
    }
}
