package com.sun.identity.saml2.profile;

import com.sun.identity.federation.message.common.AuthnContext;
import com.sun.identity.federation.message.common.EncryptedNameIdentifier;
import com.sun.identity.federation.message.common.IDPProvidedNameIdentifier;
import com.sun.identity.liberty.ws.disco.ResourceOffering;
import com.sun.identity.liberty.ws.disco.common.DiscoConstants;
import com.sun.identity.liberty.ws.disco.common.DiscoSDKUtils;
import com.sun.identity.liberty.ws.disco.common.DiscoServiceManager;
import com.sun.identity.liberty.ws.disco.common.DiscoUtils;
import com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory;
import com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType;
import com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType;
import com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement;
import com.sun.identity.liberty.ws.interfaces.ResourceIDMapper;
import com.sun.identity.liberty.ws.security.SessionContext;
import com.sun.identity.liberty.ws.security.SessionSubject;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.saml.assertion.Assertion;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.assertion.SubjectConfirmation;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml2.assertion.Advice;
import com.sun.identity.saml2.assertion.AssertionFactory;
import com.sun.identity.saml2.assertion.Attribute;
import com.sun.identity.saml2.assertion.AttributeStatement;
import com.sun.identity.saml2.assertion.NameID;
import com.sun.identity.saml2.assertion.Subject;
import com.sun.identity.saml2.assertion.SubjectConfirmationData;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.common.SAML2Utils;
import com.sun.identity.saml2.key.EncInfo;
import com.sun.identity.saml2.key.KeyUtil;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:com/sun/identity/saml2/profile/DiscoveryBootstrap.class */
public class DiscoveryBootstrap {
    private AttributeStatement bootstrapStatement;
    private List assertions = null;
    private Object session;

    public DiscoveryBootstrap(Object obj, Subject subject, String str, String str2, String str3) throws SAML2Exception {
        this.bootstrapStatement = null;
        this.session = null;
        this.session = obj;
        try {
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(getResourceOffering(str, subject, str2, str3));
            Attribute createAttribute = AssertionFactory.getInstance().createAttribute();
            createAttribute.setName(SAML2Constants.DISCOVERY_BOOTSTRAP_ATTRIBUTE_NAME);
            createAttribute.setNameFormat(SAML2Constants.DISCOVERY_BOOTSTRAP_ATTRIBUTE_NAME_FORMAT);
            createAttribute.setAttributeValueString(arrayList2);
            arrayList.add(createAttribute);
            this.bootstrapStatement = AssertionFactory.getInstance().createAttributeStatement();
            this.bootstrapStatement.setAttribute(arrayList);
        } catch (Exception e) {
            SAML2Utils.debug.error("DiscoveryBootstrap.DiscoveryBootstrap: while creating discovery bootstrap statement", e);
            throw new SAML2Exception(e);
        }
    }

    private String getResourceOffering(String str, Subject subject, String str2, String str3) throws SAML2Exception {
        SessionSubject sessionSubject;
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering:Init");
        }
        DiscoEntryElement bootstrappingDiscoEntry = DiscoServiceManager.getBootstrappingDiscoEntry();
        if (bootstrappingDiscoEntry == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("missingUnivID"));
        }
        try {
            String[] property = SessionManager.getProvider().getProperty(this.session, "sun.am.UniversalIdentifier");
            if (property == null || property.length == 0) {
                throw new SAML2Exception(SAML2Utils.bundle.getString("missingDiscoOffering"));
            }
            String str4 = property[0];
            try {
                ResourceOfferingType resourceOffering = bootstrappingDiscoEntry.getResourceOffering();
                String providerID = resourceOffering.getServiceInstance().getProviderID();
                if (DiscoServiceManager.useImpliedResource()) {
                    ResourceIDType createResourceIDType = new ObjectFactory().createResourceIDType();
                    createResourceIDType.setValue(DiscoConstants.IMPLIED_RESOURCE);
                    resourceOffering.setResourceID(createResourceIDType);
                } else {
                    ResourceIDMapper resourceIDMapper = DiscoServiceManager.getResourceIDMapper(providerID);
                    if (resourceIDMapper == null) {
                        resourceIDMapper = DiscoServiceManager.getDefaultResourceIDMapper();
                    }
                    ResourceIDType createResourceIDType2 = new ObjectFactory().createResourceIDType();
                    String resourceID = resourceIDMapper.getResourceID(providerID, str4);
                    if (SAML2Utils.debug.messageEnabled()) {
                        SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering: ResourceID Value:" + resourceID);
                    }
                    createResourceIDType2.setValue(resourceID);
                    resourceOffering.setResourceID(createResourceIDType2);
                }
                ArrayList arrayList = new ArrayList();
                arrayList.add(bootstrappingDiscoEntry);
                if (DiscoServiceManager.encryptNIinSessionContext()) {
                    EncInfo encInfo = KeyUtil.getEncInfo(SAML2Utils.getSAML2MetaManager().getIDPSSODescriptor(str3, providerID), str2, SAML2Constants.IDP_ROLE);
                    sessionSubject = new SessionSubject(EncryptedNameIdentifier.getEncryptedNameIdentifier(convertSPNameID(subject.getNameID()), providerID, encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength()), convertSC(subject.getSubjectConfirmation()), convertIDPNameID(subject.getNameID()));
                } else {
                    sessionSubject = new SessionSubject(convertSPNameID(subject.getNameID()), convertSC(subject.getSubjectConfirmation()), convertIDPNameID(subject.getNameID()));
                }
                AuthnContext authnContext = new AuthnContext(str, null);
                authnContext.setMinorVersion(2);
                Map checkPolicyAndHandleDirectives = DiscoUtils.checkPolicyAndHandleDirectives(str4, null, arrayList, null, new SessionContext(sessionSubject, authnContext, providerID), str2, this.session);
                List list = (List) checkPolicyAndHandleDirectives.get(DiscoSDKUtils.OFFERINGS);
                if (list.isEmpty()) {
                    if (SAML2Utils.debug.messageEnabled()) {
                        SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering:no ResourceOffering");
                    }
                    throw new SAML2Exception(SAML2Utils.bundle.getString("missingDiscoOffering"));
                }
                ResourceOffering resourceOffering2 = (ResourceOffering) list.get(0);
                this.assertions = (List) checkPolicyAndHandleDirectives.get(DiscoSDKUtils.CREDENTIALS);
                if (SAML2Utils.debug.messageEnabled()) {
                    SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering: Resource Offering:" + resourceOffering2);
                }
                return resourceOffering2.toString();
            } catch (Exception e) {
                SAML2Utils.debug.error("DiscoveryBootstrap.getResourceOffering:Exception while creating resource offering.", e);
                throw new SAML2Exception(e);
            }
        } catch (SessionException e2) {
            throw new SAML2Exception((Throwable) e2);
        }
    }

    public AttributeStatement getBootstrapStatement() {
        return this.bootstrapStatement;
    }

    public Advice getCredentials() throws SAML2Exception {
        Advice advice = null;
        if (this.assertions != null && this.assertions.size() != 0) {
            ArrayList arrayList = new ArrayList();
            Iterator it = this.assertions.iterator();
            while (it.hasNext()) {
                arrayList.add(((Assertion) it.next()).toString(true, true));
            }
            advice = AssertionFactory.getInstance().createAdvice();
            advice.setAdditionalInfo(arrayList);
        }
        return advice;
    }

    private static NameIdentifier convertSPNameID(NameID nameID) throws SAMLException {
        return new NameIdentifier(nameID.getValue(), nameID.getSPNameQualifier(), nameID.getFormat());
    }

    private static IDPProvidedNameIdentifier convertIDPNameID(NameID nameID) throws SAMLException {
        return new IDPProvidedNameIdentifier(nameID.getValue(), nameID.getNameQualifier(), nameID.getFormat());
    }

    private static SubjectConfirmation convertSC(List list) throws SAMLException {
        List content;
        if (list == null || list.isEmpty()) {
            return null;
        }
        com.sun.identity.saml2.assertion.SubjectConfirmation subjectConfirmation = (com.sun.identity.saml2.assertion.SubjectConfirmation) list.get(0);
        SubjectConfirmation subjectConfirmation2 = new SubjectConfirmation(subjectConfirmation.getMethod());
        SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
        if (subjectConfirmationData != null && (content = subjectConfirmationData.getContent()) != null && !content.isEmpty()) {
            subjectConfirmation2.setSubjectConfirmationData((String) content.get(0));
        }
        return subjectConfirmation2;
    }
}
