package org.wso2.carbon.identity.saml.application.listener.util;

import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.KeyDescriptor;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.xml.security.keyinfo.KeyInfoHelper;
import org.wso2.carbon.identity.core.model.SAMLSSOServiceProviderDO;
import org.wso2.carbon.identity.sp.metadata.saml2.util.MetadataParser;

/* loaded from: input_file:org/wso2/carbon/identity/saml/application/listener/util/SAMLMetadataParser.class */
public class SAMLMetadataParser extends MetadataParser {
    private static Log log = LogFactory.getLog(SAMLMetadataParser.class);
    private String certificate;

    public String getCertificate() {
        return this.certificate;
    }

    protected void setX509Certificate(EntityDescriptor entityDescriptor, SPSSODescriptor sPSSODescriptor, SAMLSSOServiceProviderDO sAMLSSOServiceProviderDO) {
        KeyDescriptor keyDescriptor;
        List keyDescriptors = sPSSODescriptor.getKeyDescriptors();
        if (keyDescriptors == null || keyDescriptors.size() <= 0 || (keyDescriptor = (KeyDescriptor) keyDescriptors.get(0)) == null || !keyDescriptor.getUse().toString().toUpperCase().equals("SIGNING")) {
            return;
        }
        try {
            this.certificate = convertToPem((X509Certificate) KeyInfoHelper.getCertificates(keyDescriptor.getKeyInfo()).get(0));
            sAMLSSOServiceProviderDO.setCertAlias(entityDescriptor.getEntityID());
        } catch (CertificateException e) {
            log.error("Error While setting Certificate and alias", e);
        } catch (Exception e2) {
            log.error("Error While setting Certificate and alias", e2);
        }
    }

    private String convertToPem(X509Certificate x509Certificate) throws CertificateEncodingException {
        return new String(Base64.encodeBase64(x509Certificate.getEncoded()));
    }
}
