package eu.unicore.security.wsutil.samlclient;

import eu.unicore.samly2.SAMLBindings;
import eu.unicore.samly2.assertion.AssertionParser;
import eu.unicore.samly2.assertion.AttributeAssertionParser;
import eu.unicore.samly2.elements.NameID;
import eu.unicore.samly2.exceptions.SAMLResponderException;
import eu.unicore.samly2.exceptions.SAMLValidationException;
import eu.unicore.samly2.proto.AuthnRequest;
import eu.unicore.samly2.trust.PKISamlTrustChecker;
import eu.unicore.samly2.validators.AssertionValidator;
import eu.unicore.samly2.validators.SSOAuthnResponseValidator;
import eu.unicore.samly2.webservice.SAMLAuthnInterface;
import eu.unicore.util.httpclient.IClientConfiguration;
import java.net.MalformedURLException;
import java.util.ArrayList;
import java.util.List;
import javax.xml.ws.soap.SOAPFaultException;
import xmlbeans.org.oasis.saml2.assertion.AssertionDocument;
import xmlbeans.org.oasis.saml2.protocol.AuthnRequestDocument;
import xmlbeans.org.oasis.saml2.protocol.ResponseDocument;

/* loaded from: input_file:eu/unicore/security/wsutil/samlclient/SAMLAuthnClient.class */
public class SAMLAuthnClient extends AbstractSAMLClient {
    private SAMLAuthnInterface authnProxy;

    public SAMLAuthnClient(String str, IClientConfiguration iClientConfiguration) throws MalformedURLException {
        super(str, iClientConfiguration, new PKISamlTrustChecker(iClientConfiguration.getValidator(), true));
        this.authnProxy = (SAMLAuthnInterface) this.factory.createPlainWSProxy(SAMLAuthnInterface.class, str);
    }

    public AuthnResponseAssertions authenticate(String str, NameID nameID, String str2) throws SAMLValidationException {
        return getAssertionsGeneric(str, str2, nameID);
    }

    public AuthnResponseAssertions authenticate(NameID nameID, String str) throws SAMLValidationException {
        return getAssertionsGeneric(null, str, nameID);
    }

    public AuthnResponseAssertions authenticate(AuthnRequestDocument authnRequestDocument) throws SAMLValidationException {
        return performSAMLQuery(authnRequestDocument);
    }

    protected AuthnResponseAssertions getAssertionsGeneric(String str, String str2, NameID nameID) throws SAMLValidationException {
        if (nameID == null) {
            nameID = getLocalIssuer();
        }
        if (nameID == null) {
            throw new SAMLValidationException("No SAML issuer was given and it is not possible to generate one as local credential is missing.");
        }
        AuthnRequest authnRequest = new AuthnRequest(nameID.getXBean());
        if (str != null) {
            authnRequest.setFormat(str);
        }
        if (str2 != null) {
            authnRequest.getXMLBean().setAssertionConsumerServiceURL(str2);
        }
        return performSAMLQuery((AuthnRequestDocument) authnRequest.getXMLBeanDoc());
    }

    protected AuthnResponseAssertions performSAMLQuery(AuthnRequestDocument authnRequestDocument) throws SAMLValidationException {
        try {
            ResponseDocument authnRequest = this.authnProxy.authnRequest(authnRequestDocument);
            SSOAuthnResponseValidator sSOAuthnResponseValidator = new SSOAuthnResponseValidator(null, null, authnRequestDocument.getAuthnRequest().getID(), AssertionValidator.DEFAULT_VALIDITY_GRACE_PERIOD, this.trustChecker, null, SAMLBindings.SOAP);
            sSOAuthnResponseValidator.validate(authnRequest);
            List<AssertionDocument> authNAssertions = sSOAuthnResponseValidator.getAuthNAssertions();
            ArrayList arrayList = new ArrayList(authNAssertions.size());
            for (int i = 0; i < authNAssertions.size(); i++) {
                arrayList.add(new AssertionParser(authNAssertions.get(i)));
            }
            List<AssertionDocument> otherAssertions = sSOAuthnResponseValidator.getOtherAssertions();
            ArrayList arrayList2 = new ArrayList(otherAssertions.size());
            int i2 = 0;
            while (i2 < otherAssertions.size()) {
                if (otherAssertions.get(i2).getAssertion().sizeOfAttributeStatementArray() > 0) {
                    arrayList2.add(new AttributeAssertionParser(otherAssertions.get(i2)));
                    otherAssertions.remove(i2);
                    i2--;
                }
                i2++;
            }
            return new AuthnResponseAssertions(arrayList, arrayList2, otherAssertions);
        } catch (SOAPFaultException e) {
            throw new SAMLResponderException("SAML service invocation failed: " + e.getMessage(), (Throwable) e);
        }
    }
}
