package com.sun.identity.wsfederation.plugins;

import com.sun.identity.plugin.datastore.DataStoreProviderException;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.shared.encode.Base64;
import com.sun.identity.wsfederation.common.WSFederationConstants;
import com.sun.identity.wsfederation.common.WSFederationException;
import com.sun.identity.wsfederation.common.WSFederationUtils;
import com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement;
import com.sun.identity.wsfederation.meta.WSFederationMetaUtils;
import java.util.Set;
import org.forgerock.openam.utils.AttributeUtils;
import org.forgerock.openam.utils.CollectionUtils;
import org.forgerock.openam.utils.StringUtils;

/* loaded from: input_file:com/sun/identity/wsfederation/plugins/DefaultIDPAccountMapper.class */
public class DefaultIDPAccountMapper extends DefaultAccountMapper implements IDPAccountMapper {
    public DefaultIDPAccountMapper() {
        debug.message("DefaultIDPAccountMapper.constructor");
        this.role = SAML2Constants.IDP_ROLE;
    }

    @Override // com.sun.identity.wsfederation.plugins.IDPAccountMapper
    public NameIdentifier getNameID(Object obj, String str, String str2, String str3) throws WSFederationException {
        String str4;
        try {
            String principalName = SessionManager.getProvider().getPrincipalName(obj);
            IDPSSOConfigElement iDPSSOConfig = WSFederationUtils.getMetaManager().getIDPSSOConfig(str, str2);
            String str5 = null;
            try {
                String attribute = WSFederationMetaUtils.getAttribute(iDPSSOConfig, WSFederationConstants.NAMEID_ATTRIBUTE);
                if (StringUtils.isEmpty(attribute)) {
                    attribute = WSFederationConstants.UID;
                }
                if (AttributeUtils.isBinaryAttribute(attribute)) {
                    attribute = AttributeUtils.removeBinaryAttributeFlag(attribute);
                    byte[][] binaryAttribute = dsProvider.getBinaryAttribute(principalName, attribute);
                    if (binaryAttribute != null && binaryAttribute.length > 0) {
                        str5 = Base64.encode(binaryAttribute[0]);
                    }
                } else {
                    Set<String> attribute2 = dsProvider.getAttribute(principalName, attribute);
                    if (CollectionUtils.isNotEmpty(attribute2)) {
                        str5 = attribute2.iterator().next();
                    }
                }
                if (str5 == null) {
                    throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "missingNameAttribute", new String[]{attribute, principalName});
                }
                String attribute3 = WSFederationMetaUtils.getAttribute(iDPSSOConfig, WSFederationConstants.NAMEID_FORMAT);
                if (attribute3 == null || attribute3.length() == 0) {
                    attribute3 = WSFederationConstants.NAMED_CLAIM_TYPES[0];
                }
                boolean booleanValue = Boolean.valueOf(WSFederationMetaUtils.getAttribute(iDPSSOConfig, WSFederationConstants.NAME_INCLUDES_DOMAIN)).booleanValue();
                if (!attribute3.equals(WSFederationConstants.NAMED_CLAIM_TYPES[0]) || booleanValue) {
                    str4 = str5;
                } else {
                    String attribute4 = WSFederationMetaUtils.getAttribute(iDPSSOConfig, WSFederationConstants.DOMAIN_ATTRIBUTE);
                    String str6 = null;
                    if (attribute4 != null && attribute4.length() > 0) {
                        try {
                            Set<String> attribute5 = dsProvider.getAttribute(principalName, attribute4);
                            if (attribute5 != null && !attribute5.isEmpty()) {
                                str6 = attribute5.iterator().next();
                            }
                        } catch (DataStoreProviderException e) {
                            throw new WSFederationException((Throwable) e);
                        }
                    }
                    if (str6 == null || str6.length() == 0) {
                        str6 = WSFederationMetaUtils.getAttribute(iDPSSOConfig, WSFederationConstants.UPN_DOMAIN);
                    }
                    if (str6 == null || str6.length() == 0) {
                        throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "noDomainConfigured", null);
                    }
                    str4 = str5 + "@" + str6;
                }
                try {
                    return new NameIdentifier(str4, null, attribute3);
                } catch (SAMLException e2) {
                    throw new WSFederationException((Throwable) e2);
                }
            } catch (DataStoreProviderException e3) {
                throw new WSFederationException((Throwable) e3);
            }
        } catch (SessionException e4) {
            throw new WSFederationException(WSFederationUtils.bundle.getString("invalidSSOToken"));
        }
    }
}
