package org.apache.ws.security.processor;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.util.Vector;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDocInfo;
import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.saml.SAML2Util;
import org.apache.ws.security.util.XMLUtils;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.io.UnmarshallingException;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/lib/wss4j-1.5.11-wso2v20.jar:org/apache/ws/security/processor/SAML2TokenProcessor.class */
public class SAML2TokenProcessor implements Processor {
    private static final Log log = LogFactory.getLog(SAML2TokenProcessor.class.getName());
    private String id;
    private Element samlTokenElement;

    @Override // org.apache.ws.security.processor.Processor
    public void handleToken(Element element, Crypto crypto, Crypto crypto2, CallbackHandler callbackHandler, WSDocInfo wSDocInfo, Vector vector, WSSConfig wSSConfig) throws WSSecurityException {
        Assertion buildAssertion = buildAssertion(element);
        if (buildAssertion.getSignature() != null) {
            SAML2Util.validateSignature(buildAssertion, crypto);
        }
        this.id = buildAssertion.getID();
        this.samlTokenElement = element;
        WSSecurityEngineResult wSSecurityEngineResult = new WSSecurityEngineResult(8, buildAssertion);
        vector.add(0, wSSecurityEngineResult);
        wSSecurityEngineResult.put(WSConstants.SAML_VERSION, "urn:oasis:names:tc:SAML:2.0:assertion");
        vector.add(0, new WSSecurityEngineResult(17, SAML2Util.getTimestampForSAMLAssertion(buildAssertion)));
        wSSecurityEngineResult.put("Issuer", buildAssertion.getIssuer());
        wSSecurityEngineResult.put("Claims", SAML2Util.getClaims(buildAssertion));
        wSSecurityEngineResult.put(WSConstants.SAML_TOKEN_SIGNED, Boolean.valueOf(buildAssertion.isSigned()));
    }

    public Assertion buildAssertion(Element element) throws WSSecurityException {
        try {
            DefaultBootstrap.bootstrap();
            Element documentElement = XMLUtils.getSecuredDocumentBuilder().newDocumentBuilder().parse(new ByteArrayInputStream(element.toString().trim().getBytes())).getDocumentElement();
            Assertion unmarshall = Configuration.getUnmarshallerFactory().getUnmarshaller(documentElement).unmarshall(documentElement);
            if (log.isDebugEnabled()) {
                log.debug("SAML2 Token was validated successfully.");
            }
            return unmarshall;
        } catch (IOException e) {
            throw new WSSecurityException(0, "Failure in unmarshelling the assertion", null, e);
        } catch (ParserConfigurationException e2) {
            throw new WSSecurityException(0, "Failure in unmarshelling the assertion", null, e2);
        } catch (SAXException e3) {
            throw new WSSecurityException(0, "Failure in unmarshelling the assertion", null, e3);
        } catch (UnmarshallingException e4) {
            throw new WSSecurityException(0, "Failure in unmarshelling the assertion", null, e4);
        } catch (ConfigurationException e5) {
            throw new WSSecurityException(0, "Failure in bootstrapping", null, e5);
        }
    }

    public Element getSamlTokenElement() {
        return this.samlTokenElement;
    }

    public void setSamlTokenElement(Element element) {
        this.samlTokenElement = element;
    }

    @Override // org.apache.ws.security.processor.Processor
    public String getId() {
        return this.id;
    }
}
