package org.n52.security.authentication.loginmodule;

import javax.security.auth.callback.Callback;
import javax.security.auth.login.LoginException;
import org.n52.security.authentication.SAML2Credential;
import org.n52.security.authentication.callbacks.CredentialCallback;
import org.n52.security.common.subject.RolePrincipal;
import org.n52.security.common.xml.XMLPathCtx;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/authentication/loginmodule/SAML2TicketLoginModule.class */
public class SAML2TicketLoginModule extends AbstractLoginModule {
    private static final Logger LOG = LoggerFactory.getLogger(SAML2TicketLoginModule.class);
    private SAML2Credential m_samlCredential;
    private XMLPathCtx xmlCtx;

    protected boolean performLogin() throws LoginException {
        CredentialCallback credentialCallback = new CredentialCallback(SAML2Credential.class);
        handleCallbacks(new Callback[]{credentialCallback});
        SAML2Credential sAML2Credential = (SAML2Credential) credentialCallback.getCredential();
        if (sAML2Credential != null) {
            this.m_samlCredential = sAML2Credential;
            return true;
        }
        if (!LOG.isDebugEnabled()) {
            return false;
        }
        LOG.debug("No SAML2 credential available. Skipping login for this module.");
        return false;
    }

    protected void clearAuthenticationState() throws LoginException {
    }

    protected void prepareCommitState() throws LoginException {
        this.m_subject.getPrincipals().add(new RolePrincipal(this.xmlCtx.findIn(this.m_samlCredential.getSAMLTicket()).node("/SOAP-ENV:Envelope/SOAP-ENV:Body/samlp:Response/saml:Assertion/saml:Subject/saml:NameID/text()").get().getNodeValue()));
    }

    protected void initialize() {
        this.xmlCtx = XMLPathCtx.createNew().addNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol").addNamespace("SOAP-ENV", "http://schemas.xmlsoap.org/soap/envelope/").addNamespace("paos", "urn:liberty:paos:2003-08").addNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
    }

    protected String getDescription() {
        return getClass().getName();
    }
}
