package com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.assertions.saml2;

import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.ParseException;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.SerializeException;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.assertions.AssertionDetails;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.id.Audience;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.id.Identifier;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.id.Issuer;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.id.Subject;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.util.CollectionUtils;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.oauth2.sdk.util.MapUtils;
import com.obyte.starface.addressbookconnector.core.lib.nimbusds.openid.connect.sdk.claims.ACR;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import net.jcip.annotations.Immutable;
import org.joda.time.DateTime;
import org.opensaml.core.config.InitializationException;
import org.opensaml.core.config.InitializationService;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.schema.XSString;
import org.opensaml.core.xml.schema.impl.XSStringBuilder;
import org.opensaml.saml.saml2.assertion.SAML20AssertionValidator;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.opensaml.saml.saml2.core.AttributeValue;
import org.opensaml.saml.saml2.core.AudienceRestriction;
import org.opensaml.saml.saml2.core.AuthnContext;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.Conditions;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.SubjectConfirmation;
import org.opensaml.saml.saml2.core.SubjectConfirmationData;

@Immutable
/* loaded from: input_file:addressbookconnector-2.16-SNAPSHOT-jar-with-dependencies.jar:com/obyte/starface/addressbookconnector/core/lib/nimbusds/oauth2/sdk/assertions/saml2/SAML2AssertionDetails.class */
public class SAML2AssertionDetails extends AssertionDetails {
    private final String subjectFormat;
    private final Date subjectAuthTime;
    private final ACR subjectACR;
    private final Date nbf;
    private final InetAddress clientAddress;
    private final Map<String, List<String>> attrStatement;

    public SAML2AssertionDetails(Issuer issuer, Subject subject, Audience audience) {
        this(issuer, subject, null, null, null, audience.toSingleAudienceList(), new Date(new Date().getTime() + SAML20AssertionValidator.DEFAULT_CLOCK_SKEW), null, new Date(), new Identifier(), null, null);
    }

    public SAML2AssertionDetails(Issuer issuer, Subject subject, String str, Date date, ACR acr, List<Audience> list, Date date2, Date date3, Date date4, Identifier identifier, InetAddress inetAddress, Map<String, List<String>> map) {
        super(issuer, subject, list, date4, date2, identifier);
        if (date4 == null) {
            throw new IllegalArgumentException("The issue time must not be null");
        }
        if (identifier == null) {
            throw new IllegalArgumentException("The assertion identifier must not be null");
        }
        this.subjectFormat = str;
        this.subjectAuthTime = date;
        this.subjectACR = acr;
        this.clientAddress = inetAddress;
        this.nbf = date3;
        this.attrStatement = map;
    }

    public String getSubjectFormat() {
        return this.subjectFormat;
    }

    public Date getSubjectAuthenticationTime() {
        return this.subjectAuthTime;
    }

    public ACR getSubjectACR() {
        return this.subjectACR;
    }

    public Date getNotBeforeTime() {
        return this.nbf;
    }

    public InetAddress getClientInetAddress() {
        return this.clientAddress;
    }

    public Map<String, List<String>> getAttributeStatement() {
        return this.attrStatement;
    }

    public Assertion toSAML2Assertion() throws SerializeException {
        try {
            InitializationService.initialize();
            Assertion assertion = (Assertion) SAML2Utils.buildSAMLObject(Assertion.class);
            assertion.setID(getID().getValue());
            assertion.setIssueInstant(new DateTime(getIssueTime()));
            org.opensaml.saml.saml2.core.Issuer issuer = (org.opensaml.saml.saml2.core.Issuer) SAML2Utils.buildSAMLObject(org.opensaml.saml.saml2.core.Issuer.class);
            issuer.setValue(getIssuer().getValue());
            assertion.setIssuer(issuer);
            Conditions conditions = (Conditions) SAML2Utils.buildSAMLObject(Conditions.class);
            AudienceRestriction audienceRestriction = (AudienceRestriction) SAML2Utils.buildSAMLObject(AudienceRestriction.class);
            for (Audience audience : getAudience()) {
                org.opensaml.saml.saml2.core.Audience audience2 = (org.opensaml.saml.saml2.core.Audience) SAML2Utils.buildSAMLObject(org.opensaml.saml.saml2.core.Audience.class);
                audience2.setAudienceURI(audience.getValue());
                audienceRestriction.getAudiences().add(audience2);
            }
            conditions.getAudienceRestrictions().add(audienceRestriction);
            assertion.setConditions(conditions);
            org.opensaml.saml.saml2.core.Subject subject = (org.opensaml.saml.saml2.core.Subject) SAML2Utils.buildSAMLObject(org.opensaml.saml.saml2.core.Subject.class);
            NameID nameID = (NameID) SAML2Utils.buildSAMLObject(NameID.class);
            nameID.setFormat(this.subjectFormat);
            nameID.setValue(getSubject().getValue());
            subject.setNameID(nameID);
            SubjectConfirmation subjectConfirmation = (SubjectConfirmation) SAML2Utils.buildSAMLObject(SubjectConfirmation.class);
            subjectConfirmation.setMethod(SubjectConfirmation.METHOD_BEARER);
            SubjectConfirmationData subjectConfirmationData = (SubjectConfirmationData) SAML2Utils.buildSAMLObject(SubjectConfirmationData.class);
            subjectConfirmationData.setNotOnOrAfter(new DateTime(getExpirationTime()));
            subjectConfirmationData.setNotBefore(getNotBeforeTime() != null ? new DateTime(getNotBeforeTime()) : null);
            subjectConfirmationData.setRecipient(getAudience().get(0).getValue());
            if (this.clientAddress != null) {
                subjectConfirmationData.setAddress(this.clientAddress.getHostAddress());
            }
            subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
            subject.getSubjectConfirmations().add(subjectConfirmation);
            assertion.setSubject(subject);
            if (this.subjectAuthTime != null || this.subjectACR != null) {
                AuthnStatement authnStatement = (AuthnStatement) SAML2Utils.buildSAMLObject(AuthnStatement.class);
                if (this.subjectAuthTime != null) {
                    authnStatement.setAuthnInstant(new DateTime(this.subjectAuthTime));
                }
                if (this.subjectACR != null) {
                    AuthnContext authnContext = (AuthnContext) SAML2Utils.buildSAMLObject(AuthnContext.class);
                    AuthnContextClassRef authnContextClassRef = (AuthnContextClassRef) SAML2Utils.buildSAMLObject(AuthnContextClassRef.class);
                    authnContextClassRef.setAuthnContextClassRef(this.subjectACR.getValue());
                    authnContext.setAuthnContextClassRef(authnContextClassRef);
                    authnStatement.setAuthnContext(authnContext);
                }
                assertion.getAuthnStatements().add(authnStatement);
            }
            if (MapUtils.isNotEmpty(this.attrStatement)) {
                AttributeStatement attributeStatement = (AttributeStatement) SAML2Utils.buildSAMLObject(AttributeStatement.class);
                for (Map.Entry<String, List<String>> entry : this.attrStatement.entrySet()) {
                    Attribute attribute = (Attribute) SAML2Utils.buildSAMLObject(Attribute.class);
                    attribute.setName(entry.getKey());
                    XSStringBuilder xSStringBuilder = (XSStringBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
                    for (String str : entry.getValue()) {
                        XSString buildObject = xSStringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
                        buildObject.setValue(str);
                        attribute.getAttributeValues().add(buildObject);
                    }
                    attributeStatement.getAttributes().add(attribute);
                }
                assertion.getAttributeStatements().add(attributeStatement);
            }
            return assertion;
        } catch (InitializationException e) {
            throw new SerializeException(e.getMessage(), e);
        }
    }

    public static SAML2AssertionDetails parse(Assertion assertion) throws ParseException {
        if (assertion.getIssuer() == null) {
            throw new ParseException("Missing Assertion Issuer element");
        }
        Issuer issuer = new Issuer(assertion.getIssuer().getValue());
        if (assertion.getSubject() == null) {
            throw new ParseException("Missing Assertion Subject element");
        }
        if (assertion.getSubject().getNameID() == null) {
            throw new ParseException("Missing Assertion Subject NameID element");
        }
        Subject subject = new Subject(assertion.getSubject().getNameID().getValue());
        String format = assertion.getSubject().getNameID().getFormat();
        Date date = null;
        ACR acr = null;
        if (CollectionUtils.isNotEmpty(assertion.getAuthnStatements())) {
            for (AuthnStatement authnStatement : assertion.getAuthnStatements()) {
                if (authnStatement != null) {
                    if (authnStatement.getAuthnInstant() != null) {
                        date = authnStatement.getAuthnInstant().toDate();
                    }
                    if (authnStatement.getAuthnContext() != null && authnStatement.getAuthnContext().getAuthnContextClassRef() != null) {
                        acr = new ACR(authnStatement.getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef());
                    }
                }
            }
        }
        List<SubjectConfirmation> subjectConfirmations = assertion.getSubject().getSubjectConfirmations();
        if (CollectionUtils.isEmpty(subjectConfirmations)) {
            throw new ParseException("Missing SubjectConfirmation element");
        }
        boolean z = false;
        Iterator<SubjectConfirmation> it = subjectConfirmations.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (SubjectConfirmation.METHOD_BEARER.equals(it.next().getMethod())) {
                z = true;
                break;
            }
        }
        if (!z) {
            throw new ParseException("Missing SubjectConfirmation Method urn:oasis:names:tc:SAML:2.0:cm:bearer attribute");
        }
        Conditions conditions = assertion.getConditions();
        if (conditions == null) {
            throw new ParseException("Missing Conditions element");
        }
        List<AudienceRestriction> audienceRestrictions = conditions.getAudienceRestrictions();
        if (CollectionUtils.isEmpty(audienceRestrictions)) {
            throw new ParseException("Missing AudienceRestriction element");
        }
        HashSet hashSet = new HashSet();
        for (AudienceRestriction audienceRestriction : audienceRestrictions) {
            if (!CollectionUtils.isEmpty(audienceRestriction.getAudiences())) {
                Iterator<org.opensaml.saml.saml2.core.Audience> it2 = audienceRestriction.getAudiences().iterator();
                while (it2.hasNext()) {
                    hashSet.add(new Audience(it2.next().getAudienceURI()));
                }
            }
        }
        for (SubjectConfirmation subjectConfirmation : subjectConfirmations) {
            if (subjectConfirmation.getSubjectConfirmationData() != null) {
                if (subjectConfirmation.getSubjectConfirmationData().getRecipient() == null) {
                    throw new ParseException("Missing SubjectConfirmationData Recipient attribute");
                }
                hashSet.add(new Audience(subjectConfirmation.getSubjectConfirmationData().getRecipient()));
            }
        }
        Date date2 = conditions.getNotOnOrAfter() != null ? conditions.getNotOnOrAfter().toDate() : null;
        Date date3 = conditions.getNotBefore() != null ? conditions.getNotBefore().toDate() : null;
        if (date2 == null) {
            for (SubjectConfirmation subjectConfirmation2 : subjectConfirmations) {
                if (subjectConfirmation2.getSubjectConfirmationData() != null) {
                    date2 = subjectConfirmation2.getSubjectConfirmationData().getNotOnOrAfter() != null ? subjectConfirmation2.getSubjectConfirmationData().getNotOnOrAfter().toDate() : null;
                    date3 = subjectConfirmation2.getSubjectConfirmationData().getNotBefore() != null ? subjectConfirmation2.getSubjectConfirmationData().getNotBefore().toDate() : null;
                }
            }
        }
        if (assertion.getID() == null) {
            throw new ParseException("Missing Assertion ID attribute");
        }
        Identifier identifier = new Identifier(assertion.getID());
        if (assertion.getIssueInstant() == null) {
            throw new ParseException("Missing Assertion IssueInstant attribute");
        }
        Date date4 = assertion.getIssueInstant().toDate();
        InetAddress inetAddress = null;
        for (SubjectConfirmation subjectConfirmation3 : subjectConfirmations) {
            if (subjectConfirmation3.getSubjectConfirmationData() != null && subjectConfirmation3.getSubjectConfirmationData().getAddress() != null) {
                try {
                    inetAddress = InetAddress.getByName(subjectConfirmation3.getSubjectConfirmationData().getAddress());
                } catch (UnknownHostException e) {
                    throw new ParseException("Invalid Address: " + e.getMessage(), e);
                }
            }
        }
        HashMap hashMap = null;
        if (CollectionUtils.isNotEmpty(assertion.getAttributeStatements())) {
            hashMap = new HashMap();
            for (AttributeStatement attributeStatement : assertion.getAttributeStatements()) {
                if (attributeStatement != null) {
                    for (Attribute attribute : attributeStatement.getAttributes()) {
                        String name = attribute.getName();
                        LinkedList linkedList = new LinkedList();
                        Iterator<XMLObject> it3 = attribute.getAttributeValues().iterator();
                        while (it3.hasNext()) {
                            linkedList.add(it3.next().getDOM().getTextContent());
                        }
                        hashMap.put(name, linkedList);
                    }
                }
            }
        }
        return new SAML2AssertionDetails(issuer, subject, format, date, acr, new ArrayList(hashSet), date2, date3, date4, identifier, inetAddress, hashMap);
    }
}
