package org.opensaml.saml.saml1.profile.impl;

import com.google.common.base.Function;
import com.google.common.base.Functions;
import com.google.common.base.Predicates;
import com.google.common.collect.Collections2;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullElements;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.messaging.context.navigate.MessageLookup;
import org.opensaml.profile.action.AbstractProfileAction;
import org.opensaml.profile.action.ActionSupport;
import org.opensaml.profile.action.EventIds;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.profile.context.navigate.OutboundMessageContextLookup;
import org.opensaml.saml.common.SAMLObjectBuilder;
import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml1.core.Assertion;
import org.opensaml.saml.saml1.core.ConfirmationMethod;
import org.opensaml.saml.saml1.core.Response;
import org.opensaml.saml.saml1.core.Statement;
import org.opensaml.saml.saml1.core.Subject;
import org.opensaml.saml.saml1.core.SubjectConfirmation;
import org.opensaml.saml.saml1.core.SubjectStatement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/opensaml-saml-impl-3.3.1.jar:org/opensaml/saml/saml1/profile/impl/AddSubjectConfirmationToSubjects.class */
public class AddSubjectConfirmationToSubjects extends AbstractProfileAction {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) AddSubjectConfirmationToSubjects.class);

    @Nonnull
    private final SAMLObjectBuilder<Subject> subjectBuilder = (SAMLObjectBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(Subject.DEFAULT_ELEMENT_NAME);

    @Nonnull
    private final SAMLObjectBuilder<SubjectConfirmation> confirmationBuilder = (SAMLObjectBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(SubjectConfirmation.DEFAULT_ELEMENT_NAME);

    @Nonnull
    private final SAMLObjectBuilder<ConfirmationMethod> confirmationMethodBuilder = (SAMLObjectBuilder) XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(ConfirmationMethod.DEFAULT_ELEMENT_NAME);
    private boolean overwriteExisting = true;

    @Nonnull
    private Function<ProfileRequestContext, Response> responseLookupStrategy = Functions.compose(new MessageLookup(Response.class), new OutboundMessageContextLookup());

    @NonnullElements
    @Nonnull
    private Collection<String> confirmationMethods = Collections.emptyList();

    @Nullable
    private Response response;
    private boolean artifactProfile;

    public void setOverwriteExisting(boolean z) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.overwriteExisting = z;
    }

    public void setResponseLookupStrategy(@Nonnull Function<ProfileRequestContext, Response> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.responseLookupStrategy = (Function) Constraint.isNotNull(function, "Response lookup strategy cannot be null");
    }

    public void setMethods(@NonnullElements @Nonnull Collection<String> collection) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        Constraint.isNotEmpty(collection, "Confirmation method collection cannot be null or empty");
        this.confirmationMethods = new ArrayList(Collections2.filter(collection, Predicates.notNull()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.confirmationMethods.isEmpty()) {
            throw new ComponentInitializationException("Confirmation method list cannot be empty");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.profile.action.AbstractProfileAction
    public boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext) {
        this.log.debug("{} Attempting to add SubjectConfirmation to assertions in outgoing Response", getLogPrefix());
        this.response = this.responseLookupStrategy.apply(profileRequestContext);
        if (this.response == null) {
            this.log.debug("{} No SAML response located in current profile request context", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MSG_CTX);
            return false;
        }
        if (this.response.getAssertions().isEmpty()) {
            this.log.debug("{} No assertions in response message, nothing to do", getLogPrefix());
            return false;
        }
        SAMLBindingContext sAMLBindingContext = (SAMLBindingContext) profileRequestContext.getOutboundMessageContext().getSubcontext(SAMLBindingContext.class, false);
        this.artifactProfile = sAMLBindingContext != null && Objects.equals(sAMLBindingContext.getBindingUri(), SAMLConstants.SAML1_ARTIFACT_BINDING_URI);
        return super.doPreExecute(profileRequestContext);
    }

    @Override // org.opensaml.profile.action.AbstractProfileAction
    protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext) {
        SubjectConfirmation mo7690buildObject = this.confirmationBuilder.mo7690buildObject();
        for (String str : this.confirmationMethods) {
            if (this.artifactProfile && ConfirmationMethod.METHOD_BEARER.equals(str)) {
                str = ConfirmationMethod.METHOD_ARTIFACT;
            }
            ConfirmationMethod mo7690buildObject2 = this.confirmationMethodBuilder.mo7690buildObject();
            mo7690buildObject2.setConfirmationMethod(str);
            mo7690buildObject.getConfirmationMethods().add(mo7690buildObject2);
        }
        int i = 0;
        Iterator<Assertion> it = this.response.getAssertions().iterator();
        while (it.hasNext()) {
            for (Statement statement : it.next().getStatements()) {
                if (statement instanceof SubjectStatement) {
                    Subject statementSubject = getStatementSubject((SubjectStatement) statement);
                    if (statementSubject.getSubjectConfirmation() == null || this.overwriteExisting) {
                        statementSubject.setSubjectConfirmation(i > 0 ? cloneConfirmation(mo7690buildObject) : mo7690buildObject);
                    }
                    i++;
                }
            }
        }
        if (i > 0) {
            this.log.debug("{} Added SubjectConfirmation with methods {} to {} statement subject(s)", getLogPrefix(), this.confirmationMethods, Integer.valueOf(i));
        }
    }

    @Nonnull
    private Subject getStatementSubject(@Nonnull SubjectStatement subjectStatement) {
        if (subjectStatement.getSubject() != null) {
            return subjectStatement.getSubject();
        }
        Subject mo7690buildObject = this.subjectBuilder.mo7690buildObject();
        subjectStatement.setSubject(mo7690buildObject);
        return mo7690buildObject;
    }

    @Nonnull
    private SubjectConfirmation cloneConfirmation(@Nonnull SubjectConfirmation subjectConfirmation) {
        SubjectConfirmation mo7690buildObject = this.confirmationBuilder.mo7690buildObject();
        for (ConfirmationMethod confirmationMethod : subjectConfirmation.getConfirmationMethods()) {
            ConfirmationMethod mo7690buildObject2 = this.confirmationMethodBuilder.mo7690buildObject();
            mo7690buildObject2.setConfirmationMethod(confirmationMethod.getConfirmationMethod());
            mo7690buildObject.getConfirmationMethods().add(mo7690buildObject2);
        }
        return mo7690buildObject;
    }
}
