package com.alfaariss.oa.util.saml2.opensaml;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.engine.core.Engine;
import com.alfaariss.oa.engine.core.crypto.CryptoManager;
import com.alfaariss.oa.util.saml2.crypto.SAML2CryptoUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.xml.security.BasicSecurityConfiguration;
import org.opensaml.xml.security.DefaultSecurityConfigurationBootstrap;

/* loaded from: input_file:com/alfaariss/oa/util/saml2/opensaml/CustomOpenSAMLSecurityConfigurationBootstrap.class */
public class CustomOpenSAMLSecurityConfigurationBootstrap extends DefaultSecurityConfigurationBootstrap {
    public static BasicSecurityConfiguration buildDefaultConfig() {
        BasicSecurityConfiguration basicSecurityConfiguration = new BasicSecurityConfiguration();
        populateSignatureParams(basicSecurityConfiguration);
        populateEncryptionParams(basicSecurityConfiguration);
        populateKeyInfoCredentialResolverParams(basicSecurityConfiguration);
        populateKeyInfoGeneratorManager(basicSecurityConfiguration);
        populateKeyParams(basicSecurityConfiguration);
        return basicSecurityConfiguration;
    }

    protected static void populateSignatureParams(BasicSecurityConfiguration basicSecurityConfiguration) {
        Log log = LogFactory.getLog(CustomOpenSAMLSecurityConfigurationBootstrap.class);
        CryptoManager cryptoManager = Engine.getInstance().getCryptoManager();
        String str = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
        String str2 = "http://www.w3.org/2000/09/xmldsig#sha1";
        try {
            str = SAML2CryptoUtils.getXMLSignatureURI(cryptoManager);
        } catch (OAException e) {
            log.warn("Could not resolve signature algorithm from OA Crypto configuration, using default: " + str);
        }
        try {
            str2 = SAML2CryptoUtils.getXMLDigestMethodURI(cryptoManager.getMessageDigest());
        } catch (OAException e2) {
            log.warn("Could not resolve digest algorithm from OA Crypto configuration, using default: " + str2);
        }
        basicSecurityConfiguration.registerSignatureAlgorithmURI("RSA", str);
        basicSecurityConfiguration.registerSignatureAlgorithmURI("DSA", "http://www.w3.org/2000/09/xmldsig#dsa-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("ECDSA", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("AES", "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        basicSecurityConfiguration.registerSignatureAlgorithmURI("DESede", "http://www.w3.org/2000/09/xmldsig#hmac-sha1");
        basicSecurityConfiguration.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
        basicSecurityConfiguration.setSignatureHMACOutputLength((Integer) null);
        basicSecurityConfiguration.setSignatureReferenceDigestMethod(str2);
    }
}
