package org.jboss.identity.federation.web.handlers.saml2;

import java.security.KeyPair;
import java.security.PublicKey;
import org.apache.log4j.Logger;
import org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerRequest;
import org.jboss.identity.federation.core.saml.v2.interfaces.SAML2HandlerResponse;
import org.jboss.identity.federation.core.util.XMLSignatureUtil;
import org.jboss.identity.federation.web.constants.GeneralConstants;
import org.w3c.dom.Document;

/* loaded from: input_file:org/jboss/identity/federation/web/handlers/saml2/SAML2SignatureHandler.class */
public class SAML2SignatureHandler extends BaseSAML2Handler {
    private static Logger log = Logger.getLogger(SAML2SignatureHandler.class);
    private boolean trace = log.isTraceEnabled();

    @Override // org.jboss.identity.federation.web.handlers.saml2.BaseSAML2Handler
    public void generateSAMLRequest(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        Document resultingDocument = sAML2HandlerResponse.getResultingDocument();
        if (resultingDocument == null && this.trace) {
            log.trace("No document generated in the handler chain. Cannot generate signature");
            return;
        }
        KeyPair keyPair = (KeyPair) this.handlerChainConfig.getParameter(GeneralConstants.KEYPAIR);
        if (keyPair == null) {
            log.error("Key Pair cannot be found");
            throw new ProcessingException("KeyPair not found");
        }
        try {
            new SAML2Signature().sign(resultingDocument, resultingDocument.getDocumentElement().getAttribute("ID"), keyPair);
        } catch (Exception e) {
            log.error("Unable to sign:", e);
            throw new ProcessingException("Unable to sign");
        }
    }

    public void handleRequestType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        validateSender(sAML2HandlerRequest.getRequestDocument(), (PublicKey) sAML2HandlerRequest.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY));
    }

    @Override // org.jboss.identity.federation.web.handlers.saml2.BaseSAML2Handler
    public void handleStatusResponseType(SAML2HandlerRequest sAML2HandlerRequest, SAML2HandlerResponse sAML2HandlerResponse) throws ProcessingException {
        validateSender(sAML2HandlerRequest.getRequestDocument(), (PublicKey) sAML2HandlerRequest.getOptions().get(GeneralConstants.SENDER_PUBLIC_KEY));
    }

    private void validateSender(Document document, PublicKey publicKey) throws ProcessingException {
        try {
            XMLSignatureUtil.validate(document, publicKey);
        } catch (Exception e) {
            log.error("Error validating signature:", e);
            throw new ProcessingException("Error validating signature.");
        }
    }
}
