package com.sun.identity.wsfederation.plugins;

import com.sun.identity.plugin.datastore.DataStoreProviderException;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.saml.assertion.Attribute;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.shared.xml.XMLUtils;
import com.sun.identity.wsfederation.common.WSFederationConstants;
import com.sun.identity.wsfederation.common.WSFederationException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import org.forgerock.openam.utils.CollectionUtils;
import org.forgerock.util.encode.Base64;

/* loaded from: input_file:com/sun/identity/wsfederation/plugins/DefaultIDPAttributeMapper.class */
public class DefaultIDPAttributeMapper extends DefaultAttributeMapper implements IDPAttributeMapper {
    private static final String BINARY_FLAG = ";binary";

    public DefaultIDPAttributeMapper() {
        debug.message("DefaultIDPAttributeMapper.Constructor");
        this.role = "IDP";
    }

    @Override // com.sun.identity.wsfederation.plugins.IDPAttributeMapper
    public List getAttributes(Object obj, String str, String str2, String str3) throws WSFederationException {
        if (str == null) {
            throw new WSFederationException(bundle.getString("nullHostEntityID"));
        }
        if (str3 == null) {
            throw new WSFederationException(bundle.getString("nullRealm"));
        }
        if (obj == null) {
            throw new WSFederationException(bundle.getString("nullSSOToken"));
        }
        try {
            if (!SessionManager.getProvider().isValid(obj)) {
                if (!debug.warningEnabled()) {
                    return null;
                }
                debug.warning("DefaultIDPAttributeMapper.getAttributes: Invalid session");
                return null;
            }
            Map configAttributeMap = getConfigAttributeMap(str3, str);
            if (CollectionUtils.isEmpty(configAttributeMap)) {
                if (!debug.messageEnabled()) {
                    return null;
                }
                debug.message("DefaultIDPAttributeMapper.getAttributes: Configuration map is not defined.");
                return null;
            }
            ArrayList arrayList = new ArrayList();
            Map<String, byte[][]> map = null;
            try {
                HashSet hashSet = new HashSet(configAttributeMap.size());
                HashSet hashSet2 = new HashSet(configAttributeMap.size());
                for (String str4 : configAttributeMap.values()) {
                    if (isBinaryAttributeValue(str4)) {
                        hashSet2.add(removeBinaryFlag(str4));
                    } else {
                        hashSet.add(str4);
                    }
                }
                r13 = hashSet.isEmpty() ? null : dsProvider.getAttributes(SessionManager.getProvider().getPrincipalName(obj), hashSet);
                if (!hashSet2.isEmpty()) {
                    map = dsProvider.getBinaryAttributes(SessionManager.getProvider().getPrincipalName(obj), hashSet2);
                }
            } catch (DataStoreProviderException e) {
                if (debug.warningEnabled()) {
                    debug.warning("DefaultIDPAttributeMapper.getAttributes: Datastore exception", e);
                }
            }
            for (Map.Entry entry : configAttributeMap.entrySet()) {
                String str5 = null;
                String str6 = (String) entry.getKey();
                StringTokenizer stringTokenizer = new StringTokenizer(str6, "|");
                if (stringTokenizer.countTokens() > 1) {
                    str5 = stringTokenizer.nextToken();
                    str6 = stringTokenizer.nextToken();
                }
                String str7 = (String) entry.getValue();
                Set<String> set = null;
                if (isBinaryAttributeValue(str7)) {
                    str7 = removeBinaryFlag(str7);
                    set = getBinaryAttributeValues(str6, str7, map);
                } else if (CollectionUtils.isNotEmpty(r13)) {
                    set = r13.get(str7);
                } else if (debug.messageEnabled()) {
                    debug.message("DefaultIDPAttributeMapper.getAttribute: " + str7 + " string value map was empty or null");
                }
                if (CollectionUtils.isEmpty(set)) {
                    if (debug.messageEnabled()) {
                        debug.message("DefaultIDPAttributeMapper.getAttribute: user profile does not have value for " + str7 + " but is going to check ssotoken:");
                    }
                    set = CollectionUtils.asSet(SessionManager.getProvider().getProperty(obj, str7));
                }
                if (!CollectionUtils.isEmpty(set)) {
                    arrayList.add(getSAMLAttribute(str5, str6, set));
                } else if (debug.messageEnabled()) {
                    debug.message("DefaultIDPAttributeMapper.getAttribute: user does not have " + str7);
                }
            }
            return arrayList;
        } catch (SessionException e2) {
            debug.error("DefaultIDPAttributeMapper.getAttributes: SessionException", e2);
            throw new WSFederationException((Throwable) e2);
        } catch (WSFederationException e3) {
            debug.error("DefaultIDPAttributeMapper.getAttributes: SAML Exception", e3);
            throw new WSFederationException((Throwable) e3);
        }
    }

    protected Attribute getSAMLAttribute(String str, String str2, Set<String> set) throws WSFederationException {
        if (str2 == null) {
            throw new WSFederationException(bundle.getString("nullInput"));
        }
        if (str == null) {
            str = WSFederationConstants.CLAIMS_URI;
        }
        Attribute attribute = null;
        if (set != null) {
            ArrayList arrayList = new ArrayList(set.size());
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                arrayList.add(XMLUtils.toDOMDocument(SAMLUtils.makeStartElementTagXML("AttributeValue", true, true) + XMLUtils.escapeSpecialCharacters(it.next()) + SAMLUtils.makeEndElementTagXML("AttributeValue", true), debug).getDocumentElement());
            }
            try {
                attribute = new Attribute(str2, str, arrayList);
            } catch (SAMLException e) {
                throw new WSFederationException((Throwable) e);
            }
        }
        return attribute;
    }

    private Set<String> getBinaryAttributeValues(String str, String str2, Map<String, byte[][]> map) {
        HashSet hashSet = null;
        if (CollectionUtils.isNotEmpty(map)) {
            byte[][] bArr = map.get(str2);
            if (bArr != null && bArr.length > 0) {
                hashSet = new HashSet(bArr.length);
                for (byte[] bArr2 : bArr) {
                    hashSet.add(Base64.encode(bArr2));
                }
                if (debug.messageEnabled()) {
                    debug.message("DefaultIDPAttributeMapper.getBinaryAttributeValues: adding '{}' as binary for attribute named '{}'.", new Object[]{str2, str});
                }
            } else if (debug.messageEnabled()) {
                debug.message("DefaultIDPAttributeMapper.getBinaryAttributeValues: '{}' was flagged as binary but no value was found.", new Object[]{str2});
            }
        } else if (debug.messageEnabled()) {
            debug.message("DefaultIDPAttributeMapper.getBinaryAttributeValues: '{}' was flagged as binary but binary value map was empty or null.", new Object[]{str2});
        }
        return hashSet;
    }

    private boolean isBinaryAttributeValue(String str) {
        return str != null && str.endsWith(BINARY_FLAG);
    }

    private String removeBinaryFlag(String str) {
        return str.substring(0, str.lastIndexOf(BINARY_FLAG));
    }
}
