package com.sun.xml.ws.security.trust.impl;

import com.sun.xml.rpc.wsdl.parser.Constants;
import com.sun.xml.ws.api.security.trust.Claims;
import com.sun.xml.ws.api.security.trust.STSAttributeProvider;
import com.sun.xml.ws.api.security.trust.client.STSIssuedTokenConfiguration;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.saml.Assertion;
import com.sun.xml.wss.saml.AssertionUtil;
import com.sun.xml.wss.saml.Attribute;
import com.sun.xml.wss.saml.AttributeStatement;
import com.sun.xml.wss.saml.AuthenticationStatement;
import com.sun.xml.wss.saml.NameID;
import com.sun.xml.wss.saml.NameIdentifier;
import com.sun.xml.wss.saml.SAMLException;
import com.sun.xml.wss.saml.util.SAMLUtil;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamReader;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/xml/ws/security/trust/impl/DefaultSTSAttributeProvider.class */
public class DefaultSTSAttributeProvider implements STSAttributeProvider {
    @Override // com.sun.xml.ws.api.security.trust.STSAttributeProvider
    public Map<QName, List<String>> getClaimedAttributes(Subject subject, String str, String str2, Claims claims) {
        Set<Principal> principals = subject.getPrincipals();
        HashMap hashMap = new HashMap();
        if (principals == null || principals.isEmpty()) {
            Element element = null;
            try {
                Iterator<Object> it = subject.getPublicCredentials().iterator();
                if (it.hasNext()) {
                    Object next = it.next();
                    if (next instanceof XMLStreamReader) {
                        element = SAMLUtil.createSAMLAssertion((XMLStreamReader) next);
                    } else if (next instanceof Element) {
                        element = (Element) next;
                    }
                }
                if (element != null) {
                    addAttributes(element, hashMap, false);
                }
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } else {
            Iterator<Principal> it2 = principals.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                String name = principals.iterator().next().getName();
                if (name != null) {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(name);
                    hashMap.put(new QName("http://sun.com", STSAttributeProvider.NAME_IDENTIFIER), arrayList);
                    break;
                }
            }
        }
        if (Constants.TRUE.equals(claims.getOtherAttributes().get(new QName(STSIssuedTokenConfiguration.ACT_AS)))) {
            Element element2 = null;
            Iterator<Object> it3 = claims.getSupportingProperties().iterator();
            while (true) {
                if (!it3.hasNext()) {
                    break;
                }
                Object next2 = it3.next();
                if (next2 instanceof Subject) {
                    element2 = (Element) ((Subject) next2).getPublicCredentials().iterator().next();
                    break;
                }
            }
            if (element2 != null) {
                try {
                    addAttributes(element2, hashMap, true);
                } catch (Exception e2) {
                    throw new RuntimeException(e2);
                }
            }
        }
        if (hashMap.size() < 2) {
            QName qName = new QName("http://sun.com", "token-requestor");
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add("authenticated");
            hashMap.put(qName, arrayList2);
        }
        return hashMap;
    }

    private void addAttributes(Element element, Map<QName, List<String>> map, boolean z) throws SAMLException {
        com.sun.xml.wss.saml.Subject subject;
        String str = null;
        String str2 = null;
        String localName = element.getLocalName();
        if ("UsernameToken".equals(localName)) {
            str = element.getElementsByTagNameNS("*", "Username").item(0).getFirstChild().getNodeValue();
        } else if (MessageConstants.SAML_ASSERTION_LNAME.equals(localName)) {
            Assertion fromElement = AssertionUtil.fromElement(element);
            try {
                subject = fromElement.getSubject();
            } catch (Exception e) {
                subject = null;
            }
            NameID nameId = subject != null ? subject.getNameId() : null;
            for (Object obj : fromElement.getStatements()) {
                if (obj instanceof AttributeStatement) {
                    for (Attribute attribute : ((AttributeStatement) obj).getAttributes()) {
                        String name = attribute.getName();
                        String nameFormat = attribute.getNameFormat();
                        List<Object> attributes = attribute.getAttributes();
                        ArrayList arrayList = new ArrayList();
                        Iterator<Object> it = attributes.iterator();
                        while (it.hasNext()) {
                            arrayList.add(((Element) it.next()).getFirstChild().getNodeValue());
                        }
                        map.put(new QName(nameFormat, name), arrayList);
                    }
                    if (subject == null) {
                        subject = ((AttributeStatement) obj).mo1485getSubject();
                    }
                } else if (obj instanceof AuthenticationStatement) {
                    subject = ((AuthenticationStatement) obj).mo1482getSubject();
                }
            }
            if (nameId != null) {
                str = nameId.getValue();
                str2 = nameId.getNameQualifier();
            } else {
                NameIdentifier nameIdentifier = subject.getNameIdentifier();
                if (nameIdentifier != null) {
                    str = nameIdentifier.getValue();
                    str2 = nameIdentifier.getNameQualifier();
                }
            }
        }
        String str3 = z ? STSIssuedTokenConfiguration.ACT_AS : STSAttributeProvider.NAME_IDENTIFIER;
        ArrayList arrayList2 = new ArrayList();
        if (str != null) {
            arrayList2.add(str);
        }
        map.put(new QName(str2, str3), arrayList2);
    }
}
