package ddf.security.service.impl;

import ddf.security.assertion.SecurityAssertion;
import ddf.security.assertion.impl.SecurityAssertionImpl;
import java.security.Principal;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import org.apache.cxf.message.Message;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.cxf.ws.security.tokenstore.TokenStore;
import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
import org.apache.wss4j.common.principal.SAMLTokenPrincipal;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
import org.apache.wss4j.dom.handler.WSHandlerResult;

/* loaded from: input_file:ddf-security-common-2.9.1.jar:ddf/security/service/impl/SecurityAssertionStore.class */
public final class SecurityAssertionStore {
    public static SecurityAssertion getSecurityAssertion(Message message) {
        List list;
        if (message != null) {
            TokenStore tokenStore = getTokenStore(message);
            SecurityContext securityContext = (SecurityContext) message.get(SecurityContext.class);
            Principal userPrincipal = securityContext != null ? securityContext.getUserPrincipal() : null;
            if (!(userPrincipal instanceof SAMLTokenPrincipal) && (list = (List) List.class.cast(message.get("RECV_RESULTS"))) != null) {
                for (Object obj : list) {
                    if (obj instanceof WSHandlerResult) {
                        Iterator it = ((WSHandlerResult) obj).getResults().iterator();
                        while (true) {
                            if (it.hasNext()) {
                                Object obj2 = ((WSSecurityEngineResult) it.next()).get("principal");
                                if (obj2 instanceof SAMLTokenPrincipal) {
                                    userPrincipal = (SAMLTokenPrincipal) obj2;
                                    break;
                                }
                            }
                        }
                    }
                }
            }
            if (tokenStore != null && userPrincipal != null && (userPrincipal instanceof SAMLTokenPrincipal)) {
                String id = ((SAMLTokenPrincipal) userPrincipal).getId();
                SamlAssertionWrapper token = ((SAMLTokenPrincipal) userPrincipal).getToken();
                SecurityToken token2 = tokenStore.getToken(id);
                if (token2 == null) {
                    if (token.getSaml2().getIssueInstant() == null || token.getSaml2().getConditions() == null || token.getSaml2().getConditions().getNotOnOrAfter() == null) {
                        Date date = new Date();
                        token2 = new SecurityToken(id, token.getElement(), date, new Date(date.getTime() + TimeUnit.MINUTES.toMillis(1L)));
                    } else {
                        token2 = new SecurityToken(id, token.getElement(), token.getSaml2().getIssueInstant().toDate(), token.getSaml2().getConditions().getNotOnOrAfter().toDate());
                    }
                    tokenStore.add(token2);
                }
                return new SecurityAssertionImpl(token2);
            }
        }
        return new SecurityAssertionImpl();
    }

    public static TokenStore getTokenStore(Message message) {
        return TokenStoreUtils.getTokenStore(message);
    }
}
