package com.sun.identity.liberty.ws.security;

import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.liberty.ws.common.wsse.WSSEConstants;
import com.sun.identity.saml.assertion.Advice;
import com.sun.identity.saml.assertion.Assertion;
import com.sun.identity.saml.assertion.Conditions;
import com.sun.identity.saml.assertion.Statement;
import com.sun.identity.saml.assertion.Subject;
import com.sun.identity.saml.assertion.SubjectConfirmation;
import com.sun.identity.saml.assertion.SubjectStatement;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.xmlsig.XMLSignatureManager;
import com.sun.identity.shared.DateUtils;
import com.sun.identity.shared.xml.XMLUtils;
import java.util.Date;
import java.util.Iterator;
import java.util.Set;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/identity/liberty/ws/security/SecurityAssertion.class */
public class SecurityAssertion extends Assertion {
    private String verifyingCertAlias;

    public SecurityAssertion(Element element) throws SAMLException {
        this.verifyingCertAlias = null;
        parseAssertionElement(element);
    }

    public SecurityAssertion(String str, String str2, Date date, Set set) throws SAMLException {
        super(str, str2, date, set);
        this.verifyingCertAlias = null;
    }

    public SecurityAssertion(String str, String str2, Date date, Conditions conditions, Set set) throws SAMLException {
        super(str, str2, date, conditions, set);
        this.verifyingCertAlias = null;
    }

    public SecurityAssertion(String str, String str2, Date date, Conditions conditions, Advice advice, Set set) throws SAMLException {
        super(str, str2, date, conditions, advice, set);
        this.verifyingCertAlias = null;
    }

    public void setVerifyingCertAlias(String str) {
        this.verifyingCertAlias = str;
    }

    @Override // com.sun.identity.saml.assertion.Assertion, com.sun.identity.saml.assertion.AssertionBase
    public boolean isSignatureValid() {
        if (this.signed & (!this.validationDone)) {
            try {
                this.valid = XMLSignatureManager.getInstance().verifyXMLSignature(this.xmlString, "AssertionID", this.verifyingCertAlias);
            } catch (Exception e) {
                if (SAMLUtils.debug.warningEnabled()) {
                    SAMLUtils.debug.warning("SecurityAssertion.isSignatureValid:  signature validation exception", e);
                }
                this.valid = false;
            }
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("SAMLUtils.checkSignatureValid: valid = " + this.valid);
            }
            this.validationDone = true;
        }
        return this.valid;
    }

    public boolean isBearer() {
        Subject subject;
        SubjectConfirmation subjectConfirmation;
        Set confirmationMethod;
        if (this._statements == null || this._statements.isEmpty()) {
            return false;
        }
        for (Object obj : this._statements) {
            if ((obj instanceof SubjectStatement) && (subject = ((SubjectStatement) obj).getSubject()) != null && (subjectConfirmation = subject.getSubjectConfirmation()) != null && (confirmationMethod = subjectConfirmation.getConfirmationMethod()) != null && !confirmationMethod.isEmpty() && confirmationMethod.contains("urn:oasis:names:tc:SAML:1.0:cm:bearer")) {
                return true;
            }
        }
        return false;
    }

    public Subject getBearerSubject() {
        Subject subject;
        SubjectConfirmation subjectConfirmation;
        Set confirmationMethod;
        if (this._statements == null || this._statements.isEmpty()) {
            return null;
        }
        for (Object obj : this._statements) {
            if ((obj instanceof SubjectStatement) && (subject = ((SubjectStatement) obj).getSubject()) != null && (subjectConfirmation = subject.getSubjectConfirmation()) != null && (confirmationMethod = subjectConfirmation.getConfirmationMethod()) != null && !confirmationMethod.isEmpty() && confirmationMethod.contains("urn:oasis:names:tc:SAML:1.0:cm:bearer")) {
                return subject;
            }
        }
        return null;
    }

    @Override // com.sun.identity.saml.assertion.AssertionBase
    public String toString() {
        return toString(true, false);
    }

    @Override // com.sun.identity.saml.assertion.AssertionBase
    public String toString(boolean z, boolean z2) {
        if (this.signed && this.xmlString != null) {
            return this.xmlString;
        }
        StringBuffer stringBuffer = new StringBuffer(IFSConstants.MAX_IDLE_TIME);
        String str = z2 ? " xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"" : "";
        String str2 = z ? "saml:" : "";
        String str3 = null;
        if (this._issueInstant != null) {
            str3 = DateUtils.toUTCDateFormat(this._issueInstant);
        }
        StringBuffer append = stringBuffer.append("<").append(str2).append("Assertion").append(" ").append(str).append(" ").append(IFSConstants.MAJOR_VERSION).append("=\"").append(this._majorVersion).append("\"").append(" ").append(IFSConstants.MINOR_VERSION).append("=\"").append(this._minorVersion).append("\"").append(" ").append("AssertionID=\"").append(this._assertionID.getAssertionIDReference()).append("\"").append(" ").append("Issuer").append("=\"").append(this._issuer).append("\"").append(" ").append("IssueInstant").append("=\"").append(str3).append("\"").append(" ").append(">");
        SAMLConstants sAMLConstants = sc;
        append.append("\n");
        if (this._conditions != null) {
            stringBuffer.append(this._conditions.toString(z, false));
        }
        if (this._advice != null) {
            stringBuffer.append(this._advice.toString(z, false));
        }
        Iterator it = getStatement().iterator();
        while (it.hasNext()) {
            stringBuffer.append(((Statement) it.next()).toString(z, z2));
        }
        if (this.signed && this.signatureString != null) {
            stringBuffer.append(this.signatureString);
        }
        stringBuffer.append(SAMLUtils.makeEndElementTagXML("Assertion", z));
        return stringBuffer.toString();
    }

    @Override // com.sun.identity.saml.assertion.Assertion
    protected boolean processUnknownElement(Element element) throws SAMLException {
        if (super.processUnknownElement(element)) {
            if (!SAMLUtils.debug.messageEnabled()) {
                return true;
            }
            SAMLUtils.debug.message("SecurityAssertion.processUnknownElement: super returns true");
            return true;
        }
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message("SecurityAssertion.processUnknownElement: super returns false");
        }
        String localName = element.getLocalName();
        if (localName.equals(WSSEConstants.TAG_RESOURCEACCESSSTATEMENT)) {
            this._statements.add(new ResourceAccessStatement(element));
            return true;
        }
        if (!localName.equals(WSSEConstants.TAG_SESSIONCONTEXTSTATEMENT)) {
            return false;
        }
        this._statements.add(new SessionContextStatement(element));
        return true;
    }

    @Override // com.sun.identity.saml.assertion.Assertion
    protected int getMinAssertionMinorVersion() {
        SAMLConstants sAMLConstants = sc;
        return SAMLConstants.ASSERTION_MINOR_VERSION;
    }

    @Override // com.sun.identity.saml.assertion.Assertion
    protected int getMaxAssertionMinorVersion() {
        SAMLConstants sAMLConstants = sc;
        return SAMLConstants.ASSERTION_MINOR_VERSION;
    }

    public void addToParent(Element element) throws Exception {
        Document ownerDocument = element.getOwnerDocument();
        Element createElementNS = ownerDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Security");
        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", WSSEConstants.TAG_XML_WSSE, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        element.appendChild(createElementNS);
        createElementNS.appendChild(ownerDocument.importNode(XMLUtils.toDOMDocument(toString(true, true), SAMLUtils.debug).getDocumentElement(), true));
    }
}
