package net.shibboleth.idp.saml.nameid.impl;

import com.google.common.base.Function;
import com.google.common.base.Functions;
import com.google.common.base.Predicate;
import com.google.common.base.Predicates;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.attribute.AttributeEncoder;
import net.shibboleth.idp.attribute.AttributeEncodingException;
import net.shibboleth.idp.attribute.IdPAttribute;
import net.shibboleth.idp.attribute.context.AttributeContext;
import net.shibboleth.idp.profile.context.RelyingPartyContext;
import net.shibboleth.idp.saml.nameid.NameIdentifierAttributeEncoder;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.component.AbstractIdentifiableInitializableComponent;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.opensaml.messaging.context.navigate.ChildContextLookup;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.common.SAMLException;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.profile.NameIdentifierGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/idp-saml-impl-3.3.3.jar:net/shibboleth/idp/saml/nameid/impl/LegacyNameIdentifierGenerator.class */
public class LegacyNameIdentifierGenerator<NameIdType extends SAMLObject> extends AbstractIdentifiableInitializableComponent implements NameIdentifierGenerator<NameIdType> {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) LegacyNameIdentifierGenerator.class);

    @Nonnull
    private Predicate<ProfileRequestContext> activationCondition = Predicates.alwaysTrue();

    @Nonnull
    private Function<ProfileRequestContext, AttributeContext> attributeContextLookupStrategy = Functions.compose(new ChildContextLookup(AttributeContext.class), new ChildContextLookup(RelyingPartyContext.class));

    @Nonnull
    private Class<? extends NameIdentifierAttributeEncoder> encoderType;

    /* JADX INFO: Access modifiers changed from: protected */
    public LegacyNameIdentifierGenerator(@Nonnull Class<? extends NameIdentifierAttributeEncoder> cls) {
        this.encoderType = (Class) Constraint.isNotNull(cls, "Encoder class type cannot be null");
    }

    public void setActivationCondition(@Nonnull Predicate<ProfileRequestContext> predicate) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.activationCondition = (Predicate) Constraint.isNotNull(predicate, "Predicate cannot be null");
    }

    public void setAttributeContextLookupStrategy(@Nonnull Function<ProfileRequestContext, AttributeContext> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.attributeContextLookupStrategy = (Function) Constraint.isNotNull(function, "AttributeContext lookup strategy cannot be null");
    }

    @Override // org.opensaml.saml.common.profile.NameIdentifierGenerator
    @Nullable
    public NameIdType generate(@Nonnull ProfileRequestContext profileRequestContext, @NotEmpty @Nonnull String str) throws SAMLException {
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        Constraint.isNotNull(str, "Format cannot be null or empty");
        if (!this.activationCondition.apply(profileRequestContext)) {
            return null;
        }
        AttributeContext apply = this.attributeContextLookupStrategy.apply(profileRequestContext);
        if (apply == null || apply.getIdPAttributes().isEmpty()) {
            this.log.debug("No AttributeContext or resolved IdPAttributes found, nothing to do");
            return null;
        }
        for (IdPAttribute idPAttribute : apply.getIdPAttributes().values()) {
            if (!idPAttribute.getValues().isEmpty()) {
                for (AttributeEncoder<?> attributeEncoder : idPAttribute.getEncoders()) {
                    if (this.encoderType.isInstance(attributeEncoder) && ((NameIdentifierAttributeEncoder) attributeEncoder).apply(str) && attributeEncoder.getActivationCondition().apply(profileRequestContext)) {
                        try {
                            NameIdType nameidtype = (NameIdType) attributeEncoder.encode(idPAttribute);
                            this.log.debug("Encoded attribute {} into name identifier with format {}", idPAttribute.getId(), str);
                            return nameidtype;
                        } catch (AttributeEncodingException e) {
                            this.log.error("Error encoding IdPAttribute into name identifier", (Throwable) e);
                        }
                    }
                }
            }
        }
        this.log.debug("Unable to obtain name identifier from legacy attribute encoders");
        return null;
    }
}
