package com.sun.identity.saml2.plugins;

import com.sun.identity.plugin.datastore.DataStoreProvider;
import com.sun.identity.plugin.datastore.DataStoreProviderException;
import com.sun.identity.saml.xmlsig.KeyProvider;
import com.sun.identity.saml2.assertion.EncryptedID;
import com.sun.identity.saml2.assertion.NameID;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.common.SAML2Utils;
import com.sun.identity.saml2.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.saml2.key.KeyUtil;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaManager;
import com.sun.identity.saml2.meta.SAML2MetaUtils;
import com.sun.identity.saml2.protocol.ManageNameIDRequest;
import com.sun.identity.shared.debug.Debug;
import java.util.List;
import java.util.Map;
import java.util.ResourceBundle;

/* loaded from: input_file:com/sun/identity/saml2/plugins/DefaultAccountMapper.class */
public class DefaultAccountMapper {
    protected static DataStoreProvider dsProvider;
    protected static SAML2MetaManager metaManager;
    protected static final String IDP = "IDPRole";
    protected static final String SP = "SPRole";
    protected String role = null;
    protected static Debug debug = SAML2Utils.debug;
    protected static ResourceBundle bundle = SAML2Utils.bundle;
    protected static KeyProvider keyProvider = KeyUtil.getKeyProviderInstance();

    public DefaultAccountMapper() {
        debug.message("DefaultAccountMapper.constructor: ");
    }

    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable, com.sun.identity.plugin.datastore.DataStoreProviderException] */
    public String getIdentity(ManageNameIDRequest manageNameIDRequest, String str, String str2) throws SAML2Exception {
        if (manageNameIDRequest == null) {
            throw new SAML2Exception(bundle.getString("nullManageIDRequest"));
        }
        if (str == null) {
            throw new SAML2Exception(bundle.getString("nullHostEntityID"));
        }
        if (str2 == null) {
            throw new SAML2Exception(bundle.getString("nullRealm"));
        }
        NameID nameID = null;
        EncryptedID encryptedID = manageNameIDRequest.getEncryptedID();
        if (encryptedID != null) {
            try {
                nameID = encryptedID.decrypt(KeyUtil.getDecryptionKeys(getSSOConfig(str2, str)));
            } catch (SAML2MetaException e) {
                debug.error("Unable to retrieve SAML entity config for entity: " + str, e);
            }
        } else {
            nameID = manageNameIDRequest.getNameID();
        }
        String value = manageNameIDRequest.getIssuer().getValue();
        if (debug.messageEnabled()) {
            debug.message("DefaultAccountMapper.getIdentity(ManageNameIDReq) realm = " + str2 + " hostEntityID = " + str);
        }
        try {
            return dsProvider.getUserID(str2, SAML2Utils.getNameIDKeyMap(nameID, str, value, str2, this.role));
        } catch (DataStoreProviderException e2) {
            debug.error("DefaultAccountMapper.getIdentity(MNIRequest,): DataStoreProviderException", (Throwable) e2);
            throw new SAML2Exception(e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAttribute(String str, String str2, String str3) {
        if (str == null || str2 == null || str3 == null) {
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message("DefaultAccountMapper.getAttribute: null input parameters.");
            return null;
        }
        try {
            Map<String, List<String>> attributes = SAML2MetaUtils.getAttributes(getSSOConfig(str, str2));
            if (attributes == null || attributes.isEmpty()) {
                if (!debug.messageEnabled()) {
                    return null;
                }
                debug.message("DefaultAccountMapper.getAttribute: attribute configuration is not defined for Entity " + str2 + " realm =" + str + " role=" + this.role);
                return null;
            }
            List<String> list = attributes.get(str3);
            if (list != null && list.size() > 0) {
                return list.iterator().next();
            }
            if (!debug.messageEnabled()) {
                return null;
            }
            debug.message("DefaultSPAccountMapper.getAttribute: " + str3 + " is not configured.");
            return null;
        } catch (SAML2MetaException e) {
            if (!debug.warningEnabled()) {
                return null;
            }
            debug.warning("DefaultSPAccountMapper.getAttribute:Meta Exception", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final BaseConfigType getSSOConfig(String str, String str2) throws SAML2MetaException {
        return "IDPRole".equals(this.role) ? metaManager.getIDPSSOConfig(str, str2) : metaManager.getSPSSOConfig(str, str2);
    }

    static {
        dsProvider = null;
        metaManager = null;
        try {
            dsProvider = SAML2Utils.getDataStoreProvider();
            metaManager = new SAML2MetaManager();
        } catch (Exception e) {
            debug.error("DefaultAccountMapper.static intialization failed", e);
        }
    }
}
