package org.pac4j.saml.crypto;

import lombok.Generated;
import net.shibboleth.shared.resolver.CriteriaSet;
import org.opensaml.security.SecurityException;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.CredentialResolver;
import org.opensaml.security.trust.TrustedCredentialTrustEngine;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.signature.Signature;
import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/pac4j/saml/crypto/LogOnlySignatureTrustEngineProvider.class */
public class LogOnlySignatureTrustEngineProvider implements SAML2SignatureTrustEngineProvider {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(LogOnlySignatureTrustEngineProvider.class);
    private final SAML2SignatureTrustEngineProvider wrapped;

    /* loaded from: input_file:org/pac4j/saml/crypto/LogOnlySignatureTrustEngineProvider$LogOnlySignatureTrustEngine.class */
    private static class LogOnlySignatureTrustEngine implements TrustedCredentialTrustEngine<Signature>, SignatureTrustEngine {
        private final SignatureTrustEngine wrapped;

        public LogOnlySignatureTrustEngine(SignatureTrustEngine signatureTrustEngine) {
            LogOnlySignatureTrustEngineProvider.LOGGER.error("SIGNATURE VALIDATION DISABLED, DO NOT USE THIS ON PRODUCTION");
            this.wrapped = signatureTrustEngine;
        }

        public CredentialResolver getCredentialResolver() {
            return this.wrapped.getCredentialResolver();
        }

        public KeyInfoCredentialResolver getKeyInfoResolver() {
            return this.wrapped.getKeyInfoResolver();
        }

        public boolean validate(Signature signature, CriteriaSet criteriaSet) throws SecurityException {
            try {
                if (!this.wrapped.validate(signature, criteriaSet)) {
                    LogOnlySignatureTrustEngineProvider.LOGGER.error("Signature validation failed, continuing anyway. Criteria: " + criteriaSet);
                }
                return true;
            } catch (SecurityException e) {
                LogOnlySignatureTrustEngineProvider.LOGGER.error("Signature validation failed, continuing anyway. Criteria: " + criteriaSet + ", cause: " + e.getMessage(), e);
                return true;
            }
        }

        public boolean validate(byte[] bArr, byte[] bArr2, String str, CriteriaSet criteriaSet, Credential credential) throws SecurityException {
            try {
                if (!this.wrapped.validate(bArr, bArr2, str, criteriaSet, credential)) {
                    LogOnlySignatureTrustEngineProvider.LOGGER.error("Signature validation failed, continuing anyway. Criteria: " + criteriaSet);
                }
                return true;
            } catch (SecurityException e) {
                LogOnlySignatureTrustEngineProvider.LOGGER.error("Signature validation failed, continuing anyway. Criteria: " + criteriaSet + ", cause: " + e.getMessage(), e);
                return true;
            }
        }
    }

    public LogOnlySignatureTrustEngineProvider(SAML2SignatureTrustEngineProvider sAML2SignatureTrustEngineProvider) {
        this.wrapped = sAML2SignatureTrustEngineProvider;
    }

    @Override // org.pac4j.saml.crypto.SAML2SignatureTrustEngineProvider
    public SignatureTrustEngine build() {
        return new LogOnlySignatureTrustEngine(this.wrapped.build());
    }
}
