package org.forgerock.openam.saml2.plugins;

import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.common.SAML2SDKUtils;
import com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement;
import com.sun.identity.saml2.meta.SAML2MetaException;
import com.sun.identity.saml2.meta.SAML2MetaManager;
import com.sun.identity.saml2.meta.SAML2MetaUtils;
import com.sun.identity.shared.debug.Debug;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import org.forgerock.openam.shared.security.whitelist.ValidDomainExtractor;

/* loaded from: input_file:org/forgerock/openam/saml2/plugins/ValidRelayStateExtractor.class */
public class ValidRelayStateExtractor implements ValidDomainExtractor<SAMLEntityInfo> {
    private static final Debug DEBUG = Debug.getInstance(SAML2SDKUtils.BUNDLE_NAME);

    /* loaded from: input_file:org/forgerock/openam/saml2/plugins/ValidRelayStateExtractor$SAMLEntityInfo.class */
    public static final class SAMLEntityInfo {
        private final String realm;
        private final String entityID;
        private final String role;

        private SAMLEntityInfo(String str, String str2, String str3) {
            this.realm = str;
            this.entityID = str2;
            this.role = str3;
        }

        public static SAMLEntityInfo from(String str, String str2, String str3) {
            return new SAMLEntityInfo(str, str2, str3);
        }

        public String toString() {
            return "SAMLEntityInfo{realm=" + this.realm + ", entityID=" + this.entityID + ", role=" + this.role + '}';
        }
    }

    public Collection<String> extractValidDomains(SAMLEntityInfo sAMLEntityInfo) {
        try {
            SAML2MetaManager sAML2MetaManager = new SAML2MetaManager();
            SPSSOConfigElement sPSSOConfig = SAML2Constants.SP_ROLE.equalsIgnoreCase(sAMLEntityInfo.role) ? sAML2MetaManager.getSPSSOConfig(sAMLEntityInfo.realm, sAMLEntityInfo.entityID) : sAML2MetaManager.getIDPSSOConfig(sAMLEntityInfo.realm, sAMLEntityInfo.entityID);
            if (sPSSOConfig == null) {
                DEBUG.warning("ValidRelayStateExtractor.getValidDomains: Entity config is null for entityInfo: " + sAMLEntityInfo);
                return null;
            }
            Map<String, List<String>> attributes = SAML2MetaUtils.getAttributes(sPSSOConfig);
            if (attributes == null) {
                DEBUG.warning("ValidRelayStateExtractor.getValidDomains: Cannot find extended attributes");
                return null;
            }
            List<String> list = attributes.get(SAML2Constants.RELAY_STATE_URL_LIST);
            if (list == null || list.isEmpty()) {
                return null;
            }
            return list;
        } catch (SAML2MetaException e) {
            DEBUG.warning("Unable to retrieve extended configuration", e);
            return null;
        }
    }
}
