package com.alfaariss.oa.util.saml2.metadata.role.sso;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.api.configuration.ConfigurationException;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.engine.core.crypto.CryptoManager;
import com.alfaariss.oa.util.saml2.NameIDFormatter;
import com.alfaariss.oa.util.saml2.binding.BindingProperties;
import com.alfaariss.oa.util.saml2.crypto.SAML2CryptoUtils;
import com.alfaariss.oa.util.saml2.metadata.AbstractMetadataBuilder;
import com.alfaariss.oa.util.saml2.metadata.role.IRoleDescriptorBuilder;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.common.SAMLObjectBuilder;
import org.opensaml.saml2.common.Extensions;
import org.opensaml.saml2.common.impl.ExtensionsBuilder;
import org.opensaml.saml2.metadata.ArtifactResolutionService;
import org.opensaml.saml2.metadata.KeyDescriptor;
import org.opensaml.saml2.metadata.NameIDFormat;
import org.opensaml.saml2.metadata.SSODescriptor;
import org.opensaml.saml2.metadata.SingleLogoutService;
import org.opensaml.saml2.metadata.impl.NameIDFormatBuilder;
import org.opensaml.xml.Configuration;
import org.opensaml.xml.schema.XSAny;
import org.opensaml.xml.schema.impl.XSAnyBuilder;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.credential.UsageType;
import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
import org.opensaml.xml.security.x509.X509Credential;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/alfaariss/oa/util/saml2/metadata/role/sso/AbstractSSODescriptorBuilder.class */
public abstract class AbstractSSODescriptorBuilder<RD extends SSODescriptor> extends AbstractMetadataBuilder implements IRoleDescriptorBuilder<RD> {
    private Log _logger = LogFactory.getLog(AbstractSSODescriptorBuilder.class);
    protected IConfigurationManager _configuration;
    protected Element _eProfile;
    protected RD _result;

    public AbstractSSODescriptorBuilder(IConfigurationManager iConfigurationManager, Element element) {
        this._configuration = iConfigurationManager;
        this._eProfile = element;
    }

    @Override // com.alfaariss.oa.util.saml2.metadata.role.IRoleDescriptorBuilder
    public void buildID() throws OAException {
        try {
            String param = this._configuration.getParam(this._eProfile, "id");
            if (param == null || param.trim().length() <= 0) {
                this._logger.error("Empty 'id' item in 'profile' section in configuration");
                throw new OAException(17);
            }
            this._result.setID(param);
        } catch (ConfigurationException e) {
            this._logger.error("Could not read from configuration", e);
            throw new OAException(17);
        }
    }

    @Override // com.alfaariss.oa.util.saml2.metadata.role.IRoleDescriptorBuilder
    public void buildProtocolSupportEnumeration() {
        this._result.addSupportedProtocol("urn:oasis:names:tc:SAML:2.0:protocol");
    }

    @Override // com.alfaariss.oa.util.saml2.metadata.role.IRoleDescriptorBuilder
    public void buildErrorURL() {
    }

    @Override // com.alfaariss.oa.util.saml2.metadata.role.IRoleDescriptorBuilder
    public void buildSigningKeyDescriptor(CryptoManager cryptoManager, String str) throws OAException {
        try {
            KeyDescriptor buildObject = this._builderFactory.getBuilder(KeyDescriptor.DEFAULT_ELEMENT_NAME).buildObject();
            buildObject.setUse(UsageType.SIGNING);
            X509Credential retrieveMySigningCredentials = SAML2CryptoUtils.retrieveMySigningCredentials(cryptoManager, str);
            KeyInfoGenerator newInstance = Configuration.getGlobalSecurityConfiguration().getKeyInfoGeneratorManager().getDefaultManager().getFactory(retrieveMySigningCredentials).newInstance();
            if (newInstance != null) {
                buildObject.setKeyInfo(newInstance.generate(retrieveMySigningCredentials));
            }
            this._result.getKeyDescriptors().add(buildObject);
        } catch (SecurityException e) {
            this._logger.error("Could not generate SigningKeyDescriptor", e);
            throw new OAException(1);
        }
    }

    public void buildArtifactResolutionService(String str) {
        SAMLObjectBuilder builder = this._builderFactory.getBuilder(ArtifactResolutionService.DEFAULT_ELEMENT_NAME);
        List artifactResolutionServices = this._result.getArtifactResolutionServices();
        ArtifactResolutionService buildObject = builder.buildObject();
        buildObject.setIndex(new Integer(artifactResolutionServices.size()));
        buildObject.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:SOAP");
        buildObject.setLocation(str);
        artifactResolutionServices.add(buildObject);
    }

    public void buildSingleLogoutService(String str, BindingProperties bindingProperties) {
        SAMLObjectBuilder builder = this._builderFactory.getBuilder(SingleLogoutService.DEFAULT_ELEMENT_NAME);
        for (String str2 : bindingProperties.getBindings()) {
            SingleLogoutService buildObject = builder.buildObject();
            buildObject.setBinding(str2);
            buildObject.setLocation(str);
            this._result.getSingleLogoutServices().add(buildObject);
        }
    }

    public void buildManageNameIDService() {
    }

    public void buildNameIDFormats() throws OAException {
        try {
            Element section = this._configuration.getSection(this._eProfile, "nameid");
            if (section != null) {
                List nameIDFormats = this._result.getNameIDFormats();
                NameIDFormatBuilder builder = this._builderFactory.getBuilder(NameIDFormat.DEFAULT_ELEMENT_NAME);
                Element section2 = this._configuration.getSection(section, NameIDFormatter.EL_FORMAT);
                while (section2 != null) {
                    String param = this._configuration.getParam(section2, "id");
                    if (param == null) {
                        this._logger.error("No 'id' item found in 'format' section in configuration");
                        throw new OAException(17);
                    }
                    boolean z = false;
                    Iterator it = nameIDFormats.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        } else if (param.equals(((NameIDFormat) it.next()).getFormat())) {
                            z = true;
                            break;
                        }
                    }
                    if (!z) {
                        NameIDFormat buildObject = builder.buildObject();
                        buildObject.setFormat(param);
                        nameIDFormats.add(buildObject);
                    }
                    section2 = this._configuration.getNextSection(section2);
                }
            }
        } catch (ConfigurationException e) {
            this._logger.error("Could not read from configuration", e);
            throw new OAException(17);
        }
    }

    @Override // com.alfaariss.oa.util.saml2.metadata.role.IRoleDescriptorBuilder
    public void buildExtensions() throws OAException {
        Element section;
        Element section2 = this._configuration.getSection(this._eProfile, "metadata");
        if (section2 == null || (section = this._configuration.getSection(section2, "Extensions")) == null) {
            return;
        }
        this._logger.debug("Adding configured metadata Extensions");
        Extensions buildObject = new ExtensionsBuilder().buildObject();
        NodeList childNodes = section.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node cloneNode = childNodes.item(i).cloneNode(true);
            if (cloneNode.getNodeType() == 1) {
                Element element = (Element) cloneNode;
                XSAny buildObject2 = new XSAnyBuilder().buildObject(new QName(""));
                buildObject2.setDOM(element);
                buildObject.getUnknownXMLObjects().add(buildObject2);
            }
        }
        this._result.setExtensions(buildObject);
    }
}
