package org.wso2.carbon.identity.provider;

import java.util.Iterator;
import java.util.Vector;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasData;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAttribute;
import org.opensaml.SAMLAttributeStatement;
import org.wso2.carbon.identity.base.IdentityConstants;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.user.core.Claim;

/* loaded from: input_file:org/wso2/carbon/identity/provider/IdentityProviderData.class */
public class IdentityProviderData extends GenericIdentityProviderData {
    private static Log log = LogFactory.getLog(IdentityProviderData.class);
    private SAMLAssertion assertion;

    public IdentityProviderData(RahasData rahasData) throws IdentityProviderException, ClassNotFoundException {
        super(rahasData);
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    protected void processInfoCardReference(OMElement oMElement) throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Processing information card reference");
        }
        this.cardID = oMElement.getFirstChildWithName(new QName("http://schemas.xmlsoap.org/ws/2005/05/identity", "InformationCardReference")).getFirstChildWithName(new QName("http://schemas.xmlsoap.org/ws/2005/05/identity", "CardId")).getText();
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    protected void readAuthenticationMechanism(RahasData rahasData) throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Reading authentication mechanism");
        }
        Vector vector = (Vector) rahasData.getInMessageContext().getProperty("RECV_RESULTS");
        if (vector == null) {
            log.error("Missing authentication mechanism");
            throw new IdentityProviderException("Missing authentication mechanism");
        }
        for (int i = 0; i < vector.size(); i++) {
            Vector results = ((WSHandlerResult) vector.get(i)).getResults();
            for (int i2 = 0; i2 < results.size(); i2++) {
                WSSecurityEngineResult wSSecurityEngineResult = (WSSecurityEngineResult) results.get(i2);
                int intValue = ((Integer) wSSecurityEngineResult.get("action")).intValue();
                if (intValue == 8) {
                    this.authMechanism = 4;
                    this.assertion = (SAMLAssertion) wSSecurityEngineResult.get("saml-assertion");
                } else if (intValue == 1 && wSSecurityEngineResult.get("principal") != null) {
                    this.authMechanism = 1;
                }
            }
        }
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    protected void processUserIdentifier(RahasData rahasData) throws IdentityProviderException {
        if (log.isDebugEnabled()) {
            log.debug("Processing user identifier");
        }
        if (this.authMechanism != 4) {
            if (this.authMechanism == 1) {
                this.userIdentifier = rahasData.getPrincipal().getName();
                return;
            } else {
                log.error("Invalid authentication mechanism");
                throw new IdentityProviderException("Invalid authentication mechanism");
            }
        }
        Iterator statements = this.assertion.getStatements();
        String str = null;
        while (statements.hasNext()) {
            SAMLAttribute sAMLAttribute = (SAMLAttribute) ((SAMLAttributeStatement) statements.next()).getAttributes().next();
            if ("privatepersonalidentifier".equals(sAMLAttribute.getName()) && "http://schemas.xmlsoap.org/ws/2005/05/identity/claims".equals(sAMLAttribute.getNamespace())) {
                str = (String) sAMLAttribute.getValues().next();
            }
        }
        if (str == null) {
            log.error("Invalid SAML attribute assertion");
            throw new IdentityProviderException("Invalid SAML attribute assertio");
        }
        String userName = getUserName(str);
        if (userName == null) {
            log.error("Alian PPID");
            throw new IdentityProviderException("Alian PPID");
        }
        ((XMLSignature) this.assertion.getNativeSignature()).getKeyInfo();
        this.userIdentifier = userName;
    }

    private String getUserName(String str) throws IdentityProviderException {
        try {
            return IdentityPersistenceManager.getPersistanceManager((Registry) null).getUserByPPID(str);
        } catch (IdentityException e) {
            throw new IdentityProviderException(e.getMessage(), e);
        }
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    public String getUserIdentifier() {
        return this.userIdentifier;
    }

    public void setUserIdentifier(String str) {
        this.userIdentifier = str;
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    public String getDisplayName(String str) {
        if (log.isDebugEnabled()) {
            log.debug("");
        }
        Claim claim = this.supportedClaims.get(str);
        if (claim != null) {
            return "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier".equals(claim.getClaimUri()) ? IdentityConstants.PPID_DISPLAY_VALUE : claim.getDisplayTag();
        }
        return null;
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    public String getCardID() {
        return this.cardID;
    }

    @Override // org.wso2.carbon.identity.provider.GenericIdentityProviderData
    public String getDisplayTokenLang() {
        return this.displayTokenLang;
    }
}
