package com.sun.identity.saml.plugins;

import com.sun.identity.saml.assertion.Assertion;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.assertion.Subject;
import com.sun.identity.saml.assertion.SubjectConfirmation;
import com.sun.identity.saml.assertion.SubjectStatement;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.protocol.SubjectQuery;
import com.sun.identity.sm.SMSEntry;
import com.sun.identity.wss.sts.STSConstants;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.ldap.RDN;
import org.forgerock.opendj.ldap.SearchScope;

/* loaded from: input_file:com/sun/identity/saml/plugins/DefaultPartnerAccountMapper.class */
public class DefaultPartnerAccountMapper implements PartnerAccountMapper {
    static String ANONYMOUS_USER = "anonymous";

    public Map getUser(List list, String str, String str2) {
        Subject subject;
        SubjectConfirmation subjectConfirmation;
        Set confirmationMethod;
        String str3;
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message("DefaultPartnerAccountMapper:getUser(List) targetURL = " + str2);
        }
        Map<String, String> hashMap = new HashMap<>();
        Subject subject2 = null;
        Assertion assertion = (Assertion) list.get(0);
        for (SubjectStatement subjectStatement : assertion.getStatement()) {
            if (subjectStatement.getStatementType() == 1 && (subjectConfirmation = (subject = subjectStatement.getSubject()).getSubjectConfirmation()) != null && (confirmationMethod = subjectConfirmation.getConfirmationMethod()) != null && !confirmationMethod.isEmpty() && (str3 = (String) confirmationMethod.iterator().next()) != null && (str3.equals(SAMLConstants.CONFIRMATION_METHOD_ARTIFACT) || str3.equals("urn:oasis:names:tc:SAML:1.0:cm:artifact-01") || str3.equals(STSConstants.SAML_BEARER_1_0))) {
                subject2 = subject;
                break;
            }
        }
        if (subject2 != null) {
            getUser(subject2, str, hashMap);
            HashMap hashMap2 = new HashMap();
            SAMLUtils.addEnvParamsFromAssertion(hashMap2, assertion, subject2);
            if (!hashMap2.isEmpty()) {
                hashMap.put("attribute", hashMap2);
            }
        }
        return hashMap;
    }

    public Map getUser(SubjectQuery subjectQuery, String str) {
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message("DefaultPartnerAccountMapper:getUser(SubjectQuery)");
        }
        HashMap hashMap = new HashMap();
        getUser(subjectQuery.getSubject(), str, hashMap);
        return hashMap;
    }

    protected void getUser(Subject subject, String str, Map<String, String> map) {
        NameIdentifier nameIdentifier = subject.getNameIdentifier();
        if (nameIdentifier != null) {
            String name = nameIdentifier.getName();
            String nameQualifier = nameIdentifier.getNameQualifier();
            String rootSuffix = SMSEntry.getRootSuffix();
            if (name == null || name.length() == 0) {
                SAMLUtils.debug.warning("DefaultAccountMapper: Name is null");
                map.put("name", ANONYMOUS_USER);
            } else if (nameQualifier == null || nameQualifier.length() == 0) {
                SAMLUtils.debug.warning("DefaultAccountMapper: Org null.");
                map.put("name", ANONYMOUS_USER);
            } else {
                DN valueOf = DN.valueOf(name);
                if (valueOf.isInScopeOf(DN.valueOf(nameQualifier), SearchScope.SUBORDINATES)) {
                    StringBuilder sb = new StringBuilder(50);
                    Iterator it = valueOf.iterator();
                    while (it.hasNext()) {
                        sb.append(((RDN) it.next()).toString()).append(",");
                    }
                    sb.append(rootSuffix);
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("DefaultPAccountMapper: name = " + sb.toString());
                    }
                    map.put("name", sb.toString());
                } else {
                    SAMLUtils.debug.warning("DefaultPAMapper:to anonymous");
                    map.put("name", ANONYMOUS_USER);
                }
            }
            map.put("org", "/");
        }
    }
}
