package org.pac4j.saml.crypto;

import java.util.ArrayList;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.opensaml.saml.criterion.RoleDescriptorCriterion;
import org.opensaml.saml.saml2.metadata.SSODescriptor;
import org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver;
import org.opensaml.xmlsec.SignatureSigningConfiguration;
import org.opensaml.xmlsec.SignatureSigningParameters;
import org.opensaml.xmlsec.config.DefaultSecurityConfigurationBootstrap;
import org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion;
import org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration;
import org.pac4j.saml.exceptions.SAMLException;

/* loaded from: input_file:org/pac4j/saml/crypto/DefaultSignatureSigningParametersProvider.class */
public class DefaultSignatureSigningParametersProvider implements SignatureSigningParametersProvider {
    private final CredentialProvider credentialProvider;

    public DefaultSignatureSigningParametersProvider(CredentialProvider credentialProvider) {
        this.credentialProvider = credentialProvider;
    }

    @Override // org.pac4j.saml.crypto.SignatureSigningParametersProvider
    public SignatureSigningParameters build(SSODescriptor sSODescriptor) {
        try {
            CriteriaSet criteriaSet = new CriteriaSet();
            criteriaSet.add(new SignatureSigningConfigurationCriterion(new SignatureSigningConfiguration[]{getSignatureSigningConfiguration()}));
            criteriaSet.add(new RoleDescriptorCriterion(sSODescriptor));
            SignatureSigningParameters resolveSingle = new SAMLMetadataSignatureSigningParametersResolver().resolveSingle(criteriaSet);
            if (resolveSingle == null) {
                throw new SAMLException("Could not determine the signature parameters");
            }
            return resolveSingle;
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    private SignatureSigningConfiguration getSignatureSigningConfiguration() {
        BasicSignatureSigningConfiguration buildDefaultSignatureSigningConfiguration = DefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration();
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.credentialProvider.getCredential());
        buildDefaultSignatureSigningConfiguration.setSigningCredentials(arrayList);
        return buildDefaultSignatureSigningConfiguration;
    }
}
