package com.sun.identity.workflow;

import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaSecurityUtils;
import com.sun.identity.saml2.meta.SAML2MetaUtils;
import com.sun.identity.shared.configuration.SystemPropertiesManager;
import com.sun.identity.wss.security.WSSConstants;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:com/sun/identity/workflow/CreateSAML2HostedProviderTemplate.class */
public class CreateSAML2HostedProviderTemplate {
    private CreateSAML2HostedProviderTemplate() {
    }

    private static String getHostURL() {
        return SystemPropertiesManager.get("com.iplanet.am.server.protocol") + "://" + SystemPropertiesManager.get("com.iplanet.am.server.host") + ":" + SystemPropertiesManager.get("com.iplanet.am.server.port") + SystemPropertiesManager.get("com.iplanet.am.services.deploymentDescriptor");
    }

    public static String createExtendedDataTemplate(String str, Map map, String str2) {
        return createExtendedDataTemplate(str, map, str2, true);
    }

    public static String createExtendedDataTemplate(String str, Map map, String str2, boolean z) {
        if (str2 == null) {
            str2 = getHostURL();
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<EntityConfig xmlns=\"urn:sun:fm:SAML:2.0:entityconfig\"\n    xmlns:fm=\"urn:sun:fm:SAML:2.0:entityconfig\"\n    hosted=\"" + (z ? "1" : "0") + "\"\n    entityID=\"" + str + "\">\n\n");
        String str3 = (String) map.get("idp");
        if (str3 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str3);
            buildIDPConfigTemplate(stringBuffer, str3, str2, map);
        }
        String str4 = (String) map.get(MetaTemplateParameters.P_SP);
        if (str4 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str4);
            buildSPConfigTemplate(stringBuffer, str4, str2, map);
        }
        String str5 = (String) map.get(MetaTemplateParameters.P_ATTR_AUTHORITY);
        if (str5 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str5);
            buildAttributeAuthorityConfigTemplate(stringBuffer, str5, str2, map);
        }
        String str6 = (String) map.get(MetaTemplateParameters.P_ATTR_QUERY_PROVIDER);
        if (str6 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str6);
            buildAttributeQueryConfigTemplate(stringBuffer, str6, str2, map);
        }
        String str7 = (String) map.get(MetaTemplateParameters.P_AUTHN_AUTHORITY);
        if (str7 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str7);
            buildAuthnAuthorityConfigTemplate(stringBuffer, str7, str2, map);
        }
        String str8 = (String) map.get(MetaTemplateParameters.P_AFFILIATION);
        if (str8 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str8);
            buildAffiliationConfigTemplate(stringBuffer, str8, str2, map);
        }
        String str9 = (String) map.get(MetaTemplateParameters.P_PDP);
        if (str9 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str9);
            buildPDPConfigTemplate(stringBuffer, str9, map);
        }
        String str10 = (String) map.get(MetaTemplateParameters.P_PEP);
        if (str10 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str10);
            buildPEPConfigTemplate(stringBuffer, str10, map);
        }
        stringBuffer.append("</EntityConfig>\n");
        return stringBuffer.toString();
    }

    private static void buildIDPConfigTemplate(StringBuffer stringBuffer, String str, String str2, Map map) {
        String str3 = (String) map.get("idpscert");
        String str4 = (String) map.get("idpecert");
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        stringBuffer.append("    <IDPSSOConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"description\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str4 + "</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthOn\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthUser\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"basicAuthPassword\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"autofedEnabled\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"autofedAttribute\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"assertionEffectiveTime\">\n            <Value>600</Value>\n        </Attribute>\n        <Attribute name=\"idpAuthncontextMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultIDPAuthnContextMapper</Value>\n        </Attribute>\n        <Attribute name=\"idpAuthncontextClassrefMapping\">\n            <Value>" + WSSConstants.PASSWORD_PROTECTED_AUTH_CTX_CLASS_REF + "|0||default</Value>\n        </Attribute>\n        <Attribute name=\"idpAccountMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultIDPAccountMapper</Value>\n        </Attribute>\n        <Attribute name=\"idpDisableNameIDPersistence\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"idpAttributeMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultIDPAttributeMapper</Value>\n        </Attribute>\n        <Attribute name=\"assertionIDRequestMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultAssertionIDRequestMapper</Value>\n        </Attribute>\n        <Attribute name=\"nameIDFormatMap\">\n           <Value>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress=mail</Value>\n           <Value>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName=</Value>\n           <Value>urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName=</Value>\n           <Value>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos=</Value>\n           <Value>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified=</Value>\n        </Attribute>\n        <Attribute name=\"idpECPSessionMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultIDPECPSessionMapper</Value>\n        </Attribute>\n        <Attribute name=\"attributeMap\">\n        </Attribute>\n        <Attribute name=\"wantNameIDEncrypted\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantArtifactResolveSigned\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantLogoutRequestSigned\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantLogoutResponseSigned\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantMNIRequestSigned\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantMNIResponseSigned\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"cotlist\">\n        </Attribute>\n        <Attribute name=\"discoveryBootstrappingEnabled\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"assertionCacheEnabled\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"assertionNotBeforeTimeSkew\">\n            <Value>600</Value>\n        </Attribute>\n        <Attribute name=\"saeAppSecretList\">\n        </Attribute>\n        <Attribute name=\"saeIDPUrl\">\n            <Value>" + str2 + "/idpsaehandler/metaAlias" + str + "</Value>\n        </Attribute>\n        <Attribute name=\"AuthUrl\">\n            <Value></Value>\n        </Attribute>\n       <Attribute name=\"appLogoutUrl\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"idpSessionSyncEnabled\">\n           <Value>false</Value>\n       </Attribute>\n        <Attribute name=\"relayStateUrlList\">\n        </Attribute>\n    </IDPSSOConfig>\n");
    }

    private static void buildSPConfigTemplate(StringBuffer stringBuffer, String str, String str2, Map map) {
        String str3 = (String) map.get(MetaTemplateParameters.P_SP_S_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_SP_E_CERT);
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        stringBuffer.append("    <SPSSOConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"description\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str4 + "</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthOn\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthUser\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"basicAuthPassword\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"autofedEnabled\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"autofedAttribute\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"transientUser\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"spAdapter\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"spAdapterEnv\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"spAccountMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultSPAccountMapper</Value>\n        </Attribute>\n        <Attribute name=\"useNameIDAsSPUserID\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"spAttributeMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultSPAttributeMapper</Value>\n        </Attribute>\n        <Attribute name=\"includeRequestedAuthnContext\">\n            <Value>true</Value>\n        </Attribute>\n        <Attribute name=\"spAuthncontextMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultSPAuthnContextMapper</Value>\n        </Attribute>\n        <Attribute name=\"spAuthncontextClassrefMapping\">\n            <Value>" + SAML2Constants.SP_AUTHCONTEXT_CLASSREF_VALUE + "</Value>\n        </Attribute>\n        <Attribute name=\"spAuthncontextComparisonType\">\n           <Value>exact</Value>\n        </Attribute>\n        <Attribute name=\"attributeMap\">\n        </Attribute>\n        <Attribute name=\"saml2AuthModuleName\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"localAuthURL\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"intermediateUrl\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"defaultRelayState\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"appLogoutUrl\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"assertionTimeSkew\">\n           <Value>300</Value>\n       </Attribute>\n       <Attribute name=\"wantAttributeEncrypted\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantAssertionEncrypted\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantNameIDEncrypted\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantPOSTResponseSigned\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantArtifactResponseSigned\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantLogoutRequestSigned\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantLogoutResponseSigned\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantMNIRequestSigned\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"wantMNIResponseSigned\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"responseArtifactMessageEncoding\">\n           <Value>" + WSSConstants.TAG_URI + "</Value>\n       </Attribute>\n       <Attribute name=\"cotlist\">\n       </Attribute>\n       <Attribute name=\"saeAppSecretList\">\n       </Attribute>\n       <Attribute name=\"saeSPUrl\">\n           <Value>" + str2 + "/spsaehandler/metaAlias" + str + "</Value>\n       </Attribute>\n       <Attribute name=\"saeSPLogoutUrl\">\n       </Attribute>\n       <Attribute name=\"ECPRequestIDPListFinderImpl\">\n           <Value>com.sun.identity.saml2.plugins.ECPIDPFinder</Value>\n       </Attribute>\n       <Attribute name=\"ECPRequestIDPList\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"ECPRequestIDPListGetComplete\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"enableIDPProxy\">\n           <Value>false</Value>\n       </Attribute>\n       <Attribute name=\"idpProxyList\">\n           <Value></Value>\n       </Attribute>\n       <Attribute name=\"idpProxyCount\">\n           <Value>0</Value>\n       </Attribute>\n       <Attribute name=\"useIntroductionForIDPProxy\">\n           <Value>false</Value>\n       </Attribute>\n       <Attribute name=\"spSessionSyncEnabled\">\n           <Value>false</Value>\n       </Attribute>\n        <Attribute name=\"relayStateUrlList\">\n        </Attribute>\n    </SPSSOConfig>\n");
    }

    private static void buildAttributeAuthorityConfigTemplate(StringBuffer stringBuffer, String str, String str2, Map map) {
        String str3 = (String) map.get(MetaTemplateParameters.P_ATTR_AUTHORITY_E_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_ATTR_AUTHORITY_S_CERT);
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        stringBuffer.append("    <AttributeAuthorityConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str4 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"default_attributeAuthorityMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultAttributeAuthorityMapper</Value>\n        </Attribute>\n        <Attribute name=\"x509Subject_attributeAuthorityMapper\">\n            <Value>com.sun.identity.saml2.plugins.X509SubjectAttributeAuthorityMapper</Value>\n        </Attribute>\n        <Attribute name=\"x509SubjectDataStoreAttrName\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"assertionIDRequestMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultAssertionIDRequestMapper</Value>\n        </Attribute>\n    </AttributeAuthorityConfig>\n");
    }

    private static void buildAttributeQueryConfigTemplate(StringBuffer stringBuffer, String str, String str2, Map map) {
        String str3 = (String) map.get(MetaTemplateParameters.P_ATTR_QUERY_PROVIDER_S_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_ATTR_QUERY_PROVIDER_E_CERT);
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        stringBuffer.append("    <AttributeQueryConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str4 + "</Value>\n        </Attribute>\n    </AttributeQueryConfig>\n");
    }

    private static void buildAuthnAuthorityConfigTemplate(StringBuffer stringBuffer, String str, String str2, Map map) {
        String str3 = (String) map.get(MetaTemplateParameters.P_AUTHN_AUTHORITY_E_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_AUTHN_AUTHORITY_S_CERT);
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        stringBuffer.append("    <AuthnAuthorityConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str4 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"assertionIDRequestMapper\">\n            <Value>com.sun.identity.saml2.plugins.DefaultAssertionIDRequestMapper</Value>\n        </Attribute>\n    </AuthnAuthorityConfig>\n");
    }

    private static void buildAffiliationConfigTemplate(StringBuffer stringBuffer, String str, String str2, Map map) {
        String str3 = (String) map.get(MetaTemplateParameters.P_AFFI_E_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_AFFI_S_CERT);
        if (str3 == null) {
            str3 = "";
        }
        if (str4 == null) {
            str4 = "";
        }
        stringBuffer.append("    <AffiliationConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str4 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n    </AffiliationConfig>\n");
    }

    private static void buildPDPConfigTemplate(StringBuffer stringBuffer, String str, Map map) {
        String str2 = (String) map.get(MetaTemplateParameters.P_PDP_E_CERT);
        String str3 = (String) map.get(MetaTemplateParameters.P_PDP_S_CERT);
        if (str2 == null) {
            str2 = "";
        }
        if (str3 == null) {
            str3 = "";
        }
        stringBuffer.append("    <XACMLPDPConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str2 + "</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthOn\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthUser\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"basicAuthPassword\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantXACMLAuthzDecisionQuerySigned\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"cotlist\">\n        </Attribute>\n   </XACMLPDPConfig>\n");
    }

    private static void buildPEPConfigTemplate(StringBuffer stringBuffer, String str, Map map) {
        String str2 = (String) map.get(MetaTemplateParameters.P_PEP_E_CERT);
        String str3 = (String) map.get(MetaTemplateParameters.P_PEP_S_CERT);
        if (str2 == null) {
            str2 = "";
        }
        if (str3 == null) {
            str3 = "";
        }
        stringBuffer.append("   <XACMLAuthzDecisionQueryConfig metaAlias=\"" + str + "\">\n        <Attribute name=\"signingCertAlias\">\n            <Value>" + str3 + "</Value>\n        </Attribute>\n        <Attribute name=\"encryptionCertAlias\">\n            <Value>" + str2 + "</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthOn\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"basicAuthUser\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"basicAuthPassword\">\n            <Value></Value>\n        </Attribute>\n        <Attribute name=\"wantXACMLAuthzDecisionResponseSigned\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"wantAssertionEncrypted\">\n            <Value>false</Value>\n        </Attribute>\n        <Attribute name=\"cotlist\">\n        </Attribute>\n  </XACMLAuthzDecisionQueryConfig>\n");
    }

    public static String buildMetaDataTemplate(String str, Map map, String str2) throws SAML2MetaException {
        StringBuffer stringBuffer = new StringBuffer();
        if (str2 == null) {
            str2 = getHostURL();
        }
        stringBuffer.append("<EntityDescriptor\n    xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"\n    entityID=\"" + str + "\">\n");
        String str3 = (String) map.get("idp");
        if (str3 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str3);
            addIdentityProviderTemplate(stringBuffer, str3, str2, map);
        }
        String str4 = (String) map.get(MetaTemplateParameters.P_SP);
        if (str4 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str4);
            addServiceProviderTemplate(stringBuffer, str4, str2, map);
        }
        String str5 = (String) map.get(MetaTemplateParameters.P_ATTR_AUTHORITY);
        if (str5 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str5);
            addAttributeAuthorityTemplate(stringBuffer, str5, str2, map);
        }
        String str6 = (String) map.get(MetaTemplateParameters.P_ATTR_QUERY_PROVIDER);
        if (str6 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str6);
            addAttributeQueryTemplate(stringBuffer, str6, str2, map);
        }
        String str7 = (String) map.get(MetaTemplateParameters.P_AUTHN_AUTHORITY);
        if (str7 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str7);
            addAuthnAuthorityTemplate(stringBuffer, str7, str2, map);
        }
        String str8 = (String) map.get(MetaTemplateParameters.P_AFFILIATION);
        if (str8 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str8);
            addAffiliationTemplate(stringBuffer, (String) map.get(MetaTemplateParameters.P_AFFI_OWNERID), str8, str2, map);
        }
        String str9 = (String) map.get(MetaTemplateParameters.P_PDP);
        if (str9 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str9);
            addPDPTemplate(stringBuffer, str9, str2, map);
        }
        String str10 = (String) map.get(MetaTemplateParameters.P_PEP);
        if (str10 != null) {
            SAML2MetaUtils.getRealmByMetaAlias(str10);
            addPEPTemplate(stringBuffer, str2, map);
        }
        stringBuffer.append("</EntityDescriptor>\n");
        return stringBuffer.toString();
    }

    private static void addIdentityProviderTemplate(StringBuffer stringBuffer, String str, String str2, Map map) throws SAML2MetaException {
        String buildMetaAliasInURI = buildMetaAliasInURI(str);
        stringBuffer.append("    <IDPSSODescriptor\n        WantAuthnRequestsSigned=\"false\"\n        protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str3 = (String) map.get("idpscert");
        String str4 = (String) map.get("idpecert");
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate(str3);
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str4);
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("        <ArtifactResolutionService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/ArtifactResolver" + buildMetaAliasInURI + "\"\n            index=\"0\"\n            isDefault=\"1\"/>\n        <SingleLogoutService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n            Location=\"" + str2 + "/IDPSloRedirect" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/IDPSloRedirect" + buildMetaAliasInURI + "\"/>\n        <SingleLogoutService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n            Location=\"" + str2 + "/IDPSloPOST" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/IDPSloPOST" + buildMetaAliasInURI + "\"/>\n        <SingleLogoutService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/IDPSloSoap" + buildMetaAliasInURI + "\"/>\n        <ManageNameIDService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n            Location=\"" + str2 + "/IDPMniRedirect" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/IDPMniRedirect" + buildMetaAliasInURI + "\"/>\n        <ManageNameIDService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n            Location=\"" + str2 + "/IDPMniPOST" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/IDPMniPOST" + buildMetaAliasInURI + "\"/>\n        <ManageNameIDService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/IDPMniSoap" + buildMetaAliasInURI + "\"/>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:transient\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\n        </NameIDFormat>\n        <NameIDFormat>\n          urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\n        </NameIDFormat>\n        <SingleSignOnService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n            Location=\"" + str2 + "/SSORedirect" + buildMetaAliasInURI + "\"/>\n        <SingleSignOnService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n            Location=\"" + str2 + "/SSOPOST" + buildMetaAliasInURI + "\"/>\n        <SingleSignOnService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/SSOSoap" + buildMetaAliasInURI + "\"/>\n        <NameIDMappingService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/NIMSoap" + buildMetaAliasInURI + "\"/>\n        <AssertionIDRequestService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/AIDReqSoap/IDPRole" + buildMetaAliasInURI + "\"/>\n        <AssertionIDRequestService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:URI\"\n            Location=\"" + str2 + "/AIDReqUri/IDPRole" + buildMetaAliasInURI + "\"/>\n    </IDPSSODescriptor>\n");
    }

    private static void addServiceProviderTemplate(StringBuffer stringBuffer, String str, String str2, Map map) throws SAML2MetaException {
        String buildMetaAliasInURI = buildMetaAliasInURI(str);
        stringBuffer.append("    <SPSSODescriptor\n        AuthnRequestsSigned=\"false\"\n        WantAssertionsSigned=\"false\"\n        protocolSupportEnumeration=\n            \"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str3 = (String) map.get(MetaTemplateParameters.P_SP_S_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_SP_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate(str3);
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str4);
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("        <SingleLogoutService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n            Location=\"" + str2 + "/SPSloRedirect" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/SPSloRedirect" + buildMetaAliasInURI + "\"/>\n        <SingleLogoutService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n            Location=\"" + str2 + "/SPSloPOST" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/SPSloPOST" + buildMetaAliasInURI + "\"/>\n        <SingleLogoutService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/SPSloSoap" + buildMetaAliasInURI + "\"/>\n        <ManageNameIDService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n            Location=\"" + str2 + "/SPMniRedirect" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/SPMniRedirect" + buildMetaAliasInURI + "\"/>\n        <ManageNameIDService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n            Location=\"" + str2 + "/SPMniPOST" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/SPMniPOST" + buildMetaAliasInURI + "\"/>\n        <ManageNameIDService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/SPMniSoap" + buildMetaAliasInURI + "\"\n            ResponseLocation=\"" + str2 + "/SPMniSoap" + buildMetaAliasInURI + "\"/>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:transient\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified\n        </NameIDFormat>\n        <NameIDFormat>\n          urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\n        </NameIDFormat>\n        <AssertionConsumerService\n            isDefault=\"true\"\n            index=\"0\"\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact\"\n            Location=\"" + str2 + "/Consumer" + buildMetaAliasInURI + "\"/>\n        <AssertionConsumerService\n            index=\"1\"\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n            Location=\"" + str2 + "/Consumer" + buildMetaAliasInURI + "\"/>\n        <AssertionConsumerService\n            index=\"2\"\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:PAOS\"\n            Location=\"" + str2 + "/Consumer/ECP" + buildMetaAliasInURI + "\"/>\n    </SPSSODescriptor>\n");
    }

    private static void addAttributeAuthorityTemplate(StringBuffer stringBuffer, String str, String str2, Map map) throws SAML2MetaException {
        String buildMetaAliasInURI = buildMetaAliasInURI(str);
        stringBuffer.append("    <AttributeAuthorityDescriptor\n        protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str3 = (String) map.get(MetaTemplateParameters.P_ATTR_AUTHORITY_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate((String) map.get(MetaTemplateParameters.P_ATTR_AUTHORITY_S_CERT));
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str3);
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("        <AttributeService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/AttributeServiceSoap/default" + buildMetaAliasInURI + "\"/>\n        <AttributeService\n            xmlns:x509qry=\"urn:oasis:names:tc:SAML:metadata:X509:query\"\n            x509qry:supportsX509Query=\"true\"\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/AttributeServiceSoap/x509Subject" + buildMetaAliasInURI + "\"/>\n        <AssertionIDRequestService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/AIDReqSoap/AttrAuthRole" + buildMetaAliasInURI + "\"/>\n        <AssertionIDRequestService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:URI\"\n            Location=\"" + str2 + "/AIDReqUri/AttrAuthRole" + buildMetaAliasInURI + "\"/>\n        <AttributeProfile>urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic</AttributeProfile>\n    </AttributeAuthorityDescriptor>\n");
    }

    private static void addAttributeQueryTemplate(StringBuffer stringBuffer, String str, String str2, Map map) throws SAML2MetaException {
        buildMetaAliasInURI(str);
        stringBuffer.append("    <RoleDescriptor\n        xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n        xmlns:query=\"urn:oasis:names:tc:SAML:metadata:ext:query\"\n        xsi:type=\"query:AttributeQueryDescriptorType\"\n        protocolSupportEnumeration=\n            \"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str3 = (String) map.get(MetaTemplateParameters.P_ATTR_QUERY_PROVIDER_S_CERT);
        String str4 = (String) map.get(MetaTemplateParameters.P_ATTR_QUERY_PROVIDER_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate(str3);
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str4);
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:persistent\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:2.0:nameid-format:transient\n        </NameIDFormat>\n        <NameIDFormat>\n            urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName\n        </NameIDFormat>\n    </RoleDescriptor>\n");
    }

    private static void addAuthnAuthorityTemplate(StringBuffer stringBuffer, String str, String str2, Map map) throws SAML2MetaException {
        String buildMetaAliasInURI = buildMetaAliasInURI(str);
        stringBuffer.append("    <AuthnAuthorityDescriptor\n        protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str3 = (String) map.get(MetaTemplateParameters.P_AUTHN_AUTHORITY_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate((String) map.get(MetaTemplateParameters.P_AUTHN_AUTHORITY_S_CERT));
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str3);
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("        <AuthnQueryService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/AuthnQueryServiceSoap" + buildMetaAliasInURI + "\"/>\n        <AssertionIDRequestService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\"\n            Location=\"" + str2 + "/AIDReqSoap/AuthnAuthRole" + buildMetaAliasInURI + "\"/>\n        <AssertionIDRequestService\n            Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:URI\"\n            Location=\"" + str2 + "/AIDReqUri/AuthnAuthRole" + buildMetaAliasInURI + "\"/>\n    </AuthnAuthorityDescriptor>\n");
    }

    private static void addAffiliationTemplate(StringBuffer stringBuffer, String str, String str2, String str3, Map map) throws SAML2MetaException {
        buildMetaAliasInURI(str2);
        stringBuffer.append("    <AffiliationDescriptor\n        affiliationOwnerID=\"" + str + "\">\n");
        Iterator it = ((List) map.get(MetaTemplateParameters.P_AFFI_MEMBERS)).iterator();
        while (it.hasNext()) {
            stringBuffer.append("        <AffiliateMember>" + ((String) it.next()) + "</AffiliateMember>\n");
        }
        String str4 = (String) map.get(MetaTemplateParameters.P_AFFI_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate((String) map.get(MetaTemplateParameters.P_AFFI_S_CERT));
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str4);
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("    </AffiliationDescriptor>\n");
    }

    private static void addPDPTemplate(StringBuffer stringBuffer, String str, String str2, Map map) throws SAML2MetaException {
        String buildMetaAliasInURI = buildMetaAliasInURI(str);
        stringBuffer.append("    <XACMLPDPDescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str3 = (String) map.get(MetaTemplateParameters.P_PDP_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate((String) map.get(MetaTemplateParameters.P_PDP_S_CERT));
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str3);
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("         <XACMLAuthzService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\" Location=\"" + str2 + "/saml2query" + buildMetaAliasInURI + "\"/>\n    </XACMLPDPDescriptor>\n");
    }

    private static void addPEPTemplate(StringBuffer stringBuffer, String str, Map map) throws SAML2MetaException {
        stringBuffer.append("    <XACMLAuthzDecisionQueryDescriptor WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n");
        String str2 = (String) map.get(MetaTemplateParameters.P_PEP_E_CERT);
        String buildX509Certificate = SAML2MetaSecurityUtils.buildX509Certificate((String) map.get(MetaTemplateParameters.P_PEP_S_CERT));
        String buildX509Certificate2 = SAML2MetaSecurityUtils.buildX509Certificate(str2);
        if (buildX509Certificate != null) {
            stringBuffer.append("        <KeyDescriptor use=\"signing\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n        </KeyDescriptor>\n");
        }
        if (buildX509Certificate2 != null) {
            stringBuffer.append("        <KeyDescriptor use=\"encryption\">\n            <KeyInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">\n                <X509Data>\n                    <X509Certificate>\n" + buildX509Certificate2 + "                    </X509Certificate>\n                </X509Data>\n            </KeyInfo>\n            <EncryptionMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#aes128-cbc\">\n                <KeySize xmlns=\"http://www.w3.org/2001/04/xmlenc#\">128</KeySize>\n            </EncryptionMethod>\n        </KeyDescriptor>\n");
        }
        stringBuffer.append("    </XACMLAuthzDecisionQueryDescriptor>\n");
    }

    private static String buildMetaAliasInURI(String str) {
        return "/metaAlias" + str;
    }
}
