package edu.internet2.middleware.shibboleth.idp.profile.saml1;

import edu.internet2.middleware.shibboleth.common.attribute.AttributeRequestException;
import edu.internet2.middleware.shibboleth.common.attribute.BaseAttribute;
import edu.internet2.middleware.shibboleth.common.attribute.encoding.AttributeEncodingException;
import edu.internet2.middleware.shibboleth.common.attribute.encoding.SAML1NameIdentifierEncoder;
import edu.internet2.middleware.shibboleth.common.attribute.provider.SAML1AttributeAuthority;
import edu.internet2.middleware.shibboleth.common.log.AuditLogEntry;
import edu.internet2.middleware.shibboleth.common.profile.ProfileException;
import edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext;
import edu.internet2.middleware.shibboleth.common.relyingparty.provider.CryptoOperationRequirementLevel;
import edu.internet2.middleware.shibboleth.common.relyingparty.provider.saml1.AbstractSAML1ProfileConfiguration;
import edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler;
import edu.internet2.middleware.shibboleth.idp.session.ServiceInformation;
import edu.internet2.middleware.shibboleth.idp.session.Session;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import org.joda.time.DateTime;
import org.opensaml.Configuration;
import org.opensaml.common.SAMLObjectBuilder;
import org.opensaml.common.SAMLVersion;
import org.opensaml.common.binding.encoding.SAMLMessageEncoder;
import org.opensaml.saml1.core.Assertion;
import org.opensaml.saml1.core.AttributeQuery;
import org.opensaml.saml1.core.AttributeStatement;
import org.opensaml.saml1.core.Audience;
import org.opensaml.saml1.core.AudienceRestrictionCondition;
import org.opensaml.saml1.core.Conditions;
import org.opensaml.saml1.core.ConfirmationMethod;
import org.opensaml.saml1.core.NameIdentifier;
import org.opensaml.saml1.core.RequestAbstractType;
import org.opensaml.saml1.core.Response;
import org.opensaml.saml1.core.ResponseAbstractType;
import org.opensaml.saml1.core.Statement;
import org.opensaml.saml1.core.Status;
import org.opensaml.saml1.core.StatusCode;
import org.opensaml.saml1.core.StatusMessage;
import org.opensaml.saml1.core.Subject;
import org.opensaml.saml1.core.SubjectConfirmation;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.xml.XMLObjectBuilder;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.SecurityConfiguration;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.Signer;
import org.opensaml.xml.util.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler.class */
public abstract class AbstractSAML1ProfileHandler extends AbstractSAMLProfileHandler {
    public static final SAMLVersion SAML_VERSION = SAMLVersion.VERSION_11;
    private static Logger log = LoggerFactory.getLogger(AbstractSAML1ProfileHandler.class);
    private SAMLObjectBuilder<Response> responseBuilder = getBuilderFactory().getBuilder(Response.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<Assertion> assertionBuilder = getBuilderFactory().getBuilder(Assertion.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<Conditions> conditionsBuilder = getBuilderFactory().getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<AudienceRestrictionCondition> audienceRestrictionConditionBuilder = getBuilderFactory().getBuilder(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<Audience> audienceBuilder = getBuilderFactory().getBuilder(Audience.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<SubjectConfirmation> subjectConfirmationBuilder = getBuilderFactory().getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<ConfirmationMethod> confirmationMethodBuilder = getBuilderFactory().getBuilder(ConfirmationMethod.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<Subject> subjectBuilder = getBuilderFactory().getBuilder(Subject.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<Status> statusBuilder = getBuilderFactory().getBuilder(Status.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<StatusCode> statusCodeBuilder = getBuilderFactory().getBuilder(StatusCode.DEFAULT_ELEMENT_NAME);
    private SAMLObjectBuilder<StatusMessage> statusMessageBuilder = getBuilderFactory().getBuilder(StatusMessage.DEFAULT_ELEMENT_NAME);
    private XMLObjectBuilder<Signature> signatureBuilder = getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME);

    /* loaded from: input_file:edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler$SAML1AuditLogEntry.class */
    protected class SAML1AuditLogEntry extends AuditLogEntry {
        private Response samlResponse;

        protected SAML1AuditLogEntry() {
        }

        public Response getSAMLResponse() {
            return this.samlResponse;
        }

        public void setSAMLResponse(Response response) {
            this.samlResponse = response;
        }

        public String toString() {
            StringBuilder sb = new StringBuilder(super.toString());
            StringBuilder sb2 = new StringBuilder();
            List assertions = this.samlResponse.getAssertions();
            if (assertions != null && !assertions.isEmpty()) {
                Iterator it = assertions.iterator();
                while (it.hasNext()) {
                    sb2.append(((Assertion) it.next()).getID());
                    sb2.append(",");
                }
            }
            if (getNameIdValue() != null) {
                sb.append(getNameIdValue());
            }
            sb.append("|");
            sb.append(sb2.toString());
            sb.append("|");
            return sb.toString();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
    public void populateRequestContext(BaseSAMLProfileRequestContext baseSAMLProfileRequestContext) throws ProfileException {
        BaseSAML1ProfileRequestContext baseSAML1ProfileRequestContext = (BaseSAML1ProfileRequestContext) baseSAMLProfileRequestContext;
        try {
            super.populateRequestContext(baseSAMLProfileRequestContext);
        } catch (ProfileException e) {
            if (baseSAML1ProfileRequestContext.getFailureStatus() == null) {
                baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.REQUESTER, null, e.getMessage()));
            }
            throw e;
        }
    }

    @Override // edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
    protected void populateUserInformation(BaseSAMLProfileRequestContext baseSAMLProfileRequestContext) {
        NameIdentifier subjectNameIdentifier;
        Session userSession = getUserSession(baseSAMLProfileRequestContext.getInboundMessageTransport());
        if (userSession == null && (subjectNameIdentifier = baseSAMLProfileRequestContext.getSubjectNameIdentifier()) != null && subjectNameIdentifier.getNameIdentifier() != null) {
            userSession = getUserSession(subjectNameIdentifier.getNameIdentifier());
        }
        if (userSession != null) {
            baseSAMLProfileRequestContext.setUserSession(userSession);
            baseSAMLProfileRequestContext.setPrincipalName(userSession.getPrincipalName());
            ServiceInformation serviceInformation = userSession.getServicesInformation().get(baseSAMLProfileRequestContext.getInboundMessageIssuer());
            if (serviceInformation != null) {
                baseSAMLProfileRequestContext.setPrincipalAuthenticationMethod(serviceInformation.getAuthenticationMethod().getAuthenticationMethod());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkSamlVersion(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext) throws ProfileException {
        RequestAbstractType inboundSAMLMessage = baseSAML1ProfileRequestContext.getInboundSAMLMessage();
        if (inboundSAMLMessage instanceof RequestAbstractType) {
            RequestAbstractType requestAbstractType = inboundSAMLMessage;
            if (requestAbstractType.getMajorVersion() < 1) {
                baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.REQUESTER, StatusCode.REQUEST_VERSION_TOO_LOW, null));
                throw new ProfileException("SAML request major version too low");
            }
            if (requestAbstractType.getMajorVersion() > 1) {
                baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.REQUESTER, StatusCode.REQUEST_VERSION_TOO_HIGH, null));
                throw new ProfileException("SAML request major version too low");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response buildResponse(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, List<Statement> list) throws ProfileException {
        DateTime dateTime = new DateTime();
        Response buildObject = this.responseBuilder.buildObject();
        buildObject.setIssueInstant(dateTime);
        populateStatusResponse(baseSAML1ProfileRequestContext, buildObject);
        if (list != null && !list.isEmpty()) {
            Assertion buildAssertion = buildAssertion(baseSAML1ProfileRequestContext, dateTime);
            buildAssertion.getStatements().addAll(list);
            buildObject.getAssertions().add(buildAssertion);
            signAssertion(baseSAML1ProfileRequestContext, buildAssertion);
        }
        buildObject.setStatus(buildStatus(StatusCode.SUCCESS, null, null));
        return buildObject;
    }

    protected Assertion buildAssertion(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, DateTime dateTime) {
        Assertion buildObject = this.assertionBuilder.buildObject();
        buildObject.setID(getIdGenerator().generateIdentifier());
        buildObject.setIssueInstant(dateTime);
        buildObject.setVersion(SAMLVersion.VERSION_11);
        buildObject.setIssuer(baseSAML1ProfileRequestContext.getLocalEntityId());
        buildObject.setConditions(buildConditions(baseSAML1ProfileRequestContext, dateTime));
        return buildObject;
    }

    protected Conditions buildConditions(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, DateTime dateTime) {
        AbstractSAML1ProfileConfiguration profileConfiguration = baseSAML1ProfileRequestContext.getProfileConfiguration();
        Conditions buildObject = this.conditionsBuilder.buildObject();
        buildObject.setNotBefore(dateTime);
        buildObject.setNotOnOrAfter(dateTime.plus(profileConfiguration.getAssertionLifetime()));
        AudienceRestrictionCondition buildObject2 = this.audienceRestrictionConditionBuilder.buildObject();
        buildObject.getAudienceRestrictionConditions().add(buildObject2);
        Audience buildObject3 = this.audienceBuilder.buildObject();
        buildObject3.setUri(baseSAML1ProfileRequestContext.getInboundMessageIssuer());
        buildObject2.getAudiences().add(buildObject3);
        Collection<String> assertionAudiences = profileConfiguration.getAssertionAudiences();
        if (assertionAudiences != null && assertionAudiences.size() > 0) {
            for (String str : assertionAudiences) {
                Audience buildObject4 = this.audienceBuilder.buildObject();
                buildObject4.setUri(str);
                buildObject2.getAudiences().add(buildObject4);
            }
        }
        return buildObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Subject buildSubject(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, String str) throws ProfileException {
        ConfirmationMethod buildObject = this.confirmationMethodBuilder.buildObject();
        buildObject.setConfirmationMethod(str);
        SubjectConfirmation buildObject2 = this.subjectConfirmationBuilder.buildObject();
        buildObject2.getConfirmationMethods().add(buildObject);
        Subject buildObject3 = this.subjectBuilder.buildObject();
        buildObject3.setSubjectConfirmation(buildObject2);
        NameIdentifier buildNameId = buildNameId(baseSAML1ProfileRequestContext);
        if (buildNameId != null) {
            buildObject3.setNameIdentifier(buildNameId);
            baseSAML1ProfileRequestContext.setSubjectNameIdentifier(buildNameId);
        }
        return buildObject3;
    }

    protected NameIdentifier buildNameId(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext) throws ProfileException {
        try {
            Pair selectNameIDAttributeAndEncoder = selectNameIDAttributeAndEncoder(SAML1NameIdentifierEncoder.class, baseSAML1ProfileRequestContext);
            if (selectNameIDAttributeAndEncoder == null) {
                return null;
            }
            BaseAttribute baseAttribute = (BaseAttribute) selectNameIDAttributeAndEncoder.getFirst();
            baseSAML1ProfileRequestContext.setNameIdentifierAttribute(baseAttribute);
            SAML1NameIdentifierEncoder sAML1NameIdentifierEncoder = (SAML1NameIdentifierEncoder) selectNameIDAttributeAndEncoder.getSecond();
            try {
                log.debug("Using attribute '{}' supporting name format '{}' to create the NameIdentifier for relying party '{}'", new Object[]{baseAttribute.getId(), sAML1NameIdentifierEncoder.getNameFormat(), baseSAML1ProfileRequestContext.getInboundMessageIssuer()});
                NameIdentifier nameIdentifier = (NameIdentifier) sAML1NameIdentifierEncoder.encode(baseAttribute);
                if (nameIdentifier.getNameQualifier() == null) {
                    nameIdentifier.setNameQualifier(baseSAML1ProfileRequestContext.getRelyingPartyConfiguration().getProviderId());
                }
                return nameIdentifier;
            } catch (AttributeEncodingException e) {
                baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, null, "Unable to encode NameIdentifier"));
                String str = "Unable to encode NameIdentifier for relying party " + baseSAML1ProfileRequestContext.getInboundMessageIssuer();
                log.error(str, e);
                throw new ProfileException(str, e);
            }
        } catch (ProfileException e2) {
            baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, null, "Required NameIdentifier format not supported"));
            throw e2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Response buildErrorResponse(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext) {
        Response buildObject = this.responseBuilder.buildObject();
        buildObject.setIssueInstant(new DateTime());
        populateStatusResponse(baseSAML1ProfileRequestContext, buildObject);
        buildObject.setStatus(baseSAML1ProfileRequestContext.getFailureStatus());
        return buildObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void populateStatusResponse(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, ResponseAbstractType responseAbstractType) {
        responseAbstractType.setID(getIdGenerator().generateIdentifier());
        RequestAbstractType inboundSAMLMessage = baseSAML1ProfileRequestContext.getInboundSAMLMessage();
        if (inboundSAMLMessage != null && (inboundSAMLMessage instanceof RequestAbstractType)) {
            responseAbstractType.setInResponseTo(inboundSAMLMessage.getID());
        }
        responseAbstractType.setVersion(SAMLVersion.VERSION_11);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Status buildStatus(QName qName, QName qName2, String str) {
        Status buildObject = this.statusBuilder.buildObject();
        StatusCode buildObject2 = this.statusCodeBuilder.buildObject();
        buildObject2.setValue(qName);
        buildObject.setStatusCode(buildObject2);
        if (qName2 != null) {
            StatusCode buildObject3 = this.statusCodeBuilder.buildObject();
            buildObject3.setValue(qName2);
            buildObject2.setStatusCode(buildObject3);
        }
        if (str != null) {
            StatusMessage buildObject4 = this.statusMessageBuilder.buildObject();
            buildObject4.setMessage(str);
            buildObject.setStatusMessage(buildObject4);
        }
        return buildObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void resolveAttributes(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext) throws ProfileException {
        SAML1AttributeAuthority attributeAuthority = baseSAML1ProfileRequestContext.getProfileConfiguration().getAttributeAuthority();
        try {
            log.debug("Resolving attributes for principal '{}' for SAML request from relying party '{}'", baseSAML1ProfileRequestContext.getPrincipalName(), baseSAML1ProfileRequestContext.getInboundMessageIssuer());
            baseSAML1ProfileRequestContext.setAttributes(attributeAuthority.getAttributes(baseSAML1ProfileRequestContext));
        } catch (AttributeRequestException e) {
            log.warn("Error resolving attributes for principal '{}'.  No name identifier or attribute statement will be included in response", baseSAML1ProfileRequestContext.getPrincipalName());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AttributeStatement buildAttributeStatement(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, String str) throws ProfileException {
        if (baseSAML1ProfileRequestContext.getAttributes() == null) {
            return null;
        }
        log.debug("Creating attribute statement about principal '{}'in response to SAML request from relying party '{}'", baseSAML1ProfileRequestContext.getPrincipalName(), baseSAML1ProfileRequestContext.getInboundMessageIssuer());
        SAML1AttributeAuthority attributeAuthority = baseSAML1ProfileRequestContext.getProfileConfiguration().getAttributeAuthority();
        try {
            AttributeStatement buildAttributeStatement = baseSAML1ProfileRequestContext.getInboundSAMLMessage() instanceof AttributeQuery ? attributeAuthority.buildAttributeStatement(baseSAML1ProfileRequestContext.getInboundSAMLMessage(), baseSAML1ProfileRequestContext.getAttributes().values()) : attributeAuthority.buildAttributeStatement((AttributeQuery) null, baseSAML1ProfileRequestContext.getAttributes().values());
            if (buildAttributeStatement != null) {
                buildAttributeStatement.setSubject(buildSubject(baseSAML1ProfileRequestContext, str));
            }
            return buildAttributeStatement;
        } catch (AttributeRequestException e) {
            baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, null, "Error resolving attributes"));
            String str2 = "Error encoding attributes for principal " + baseSAML1ProfileRequestContext.getPrincipalName();
            log.error(str2, e);
            throw new ProfileException(str2, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void resolvePrincipal(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext) throws ProfileException {
        SAML1AttributeAuthority attributeAuthority = baseSAML1ProfileRequestContext.getProfileConfiguration().getAttributeAuthority();
        log.debug("Resolving principal name for subject of SAML request from relying party '{}'", baseSAML1ProfileRequestContext.getInboundMessageIssuer());
        try {
            baseSAML1ProfileRequestContext.setPrincipalName(attributeAuthority.getPrincipal(baseSAML1ProfileRequestContext));
        } catch (AttributeRequestException e) {
            baseSAML1ProfileRequestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, StatusCode.REQUEST_DENIED, "Error resolving principal"));
            String str = "Error resolving principal name for SAML request from relying party '" + baseSAML1ProfileRequestContext.getInboundMessageIssuer() + "'. Cause: " + e.getMessage();
            log.warn(str);
            throw new ProfileException(str, e);
        }
    }

    protected void signAssertion(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext, Assertion assertion) throws ProfileException {
        log.debug("Determining if SAML assertion to relying party '{}' should be signed", baseSAML1ProfileRequestContext.getInboundMessageIssuer());
        if (isSignAssertion(baseSAML1ProfileRequestContext)) {
            AbstractSAML1ProfileConfiguration profileConfiguration = baseSAML1ProfileRequestContext.getProfileConfiguration();
            log.debug("Determining credential to use to sign assertion to relying party '{}'", baseSAML1ProfileRequestContext.getInboundMessageIssuer());
            Credential signingCredential = profileConfiguration.getSigningCredential();
            if (signingCredential == null) {
                signingCredential = baseSAML1ProfileRequestContext.getRelyingPartyConfiguration().getDefaultSigningCredential();
            }
            if (signingCredential == null) {
                String str = "No signing credential is specified for relying party configuration " + baseSAML1ProfileRequestContext.getRelyingPartyConfiguration().getProviderId();
                log.warn(str);
                throw new ProfileException(str);
            }
            log.debug("Signing assertion to relying party '{}'", baseSAML1ProfileRequestContext.getInboundMessageIssuer());
            Signature buildObject = this.signatureBuilder.buildObject(Signature.DEFAULT_ELEMENT_NAME);
            buildObject.setSigningCredential(signingCredential);
            try {
                SecurityHelper.prepareSignatureParams(buildObject, signingCredential, (SecurityConfiguration) null, (String) null);
                assertion.setSignature(buildObject);
                try {
                    Configuration.getMarshallerFactory().getMarshaller(assertion).marshall(assertion);
                    Signer.signObject(buildObject);
                } catch (MarshallingException e) {
                    log.error("Unable to marshall assertion for signing", e);
                    throw new ProfileException("Unable to marshall assertion for signing", e);
                } catch (SignatureException e2) {
                    log.error("Unable to sign assertion", e2);
                    throw new ProfileException("Unable to sign assertion", e2);
                }
            } catch (SecurityException e3) {
                log.error("Error preparing signature for signing");
                throw new ProfileException("Error preparing signature for signing", e3);
            }
        }
    }

    protected boolean isSignAssertion(BaseSAML1ProfileRequestContext<?, ?, ?> baseSAML1ProfileRequestContext) throws ProfileException {
        SAMLMessageEncoder outboundMessageEncoder = getOutboundMessageEncoder(baseSAML1ProfileRequestContext);
        AbstractSAML1ProfileConfiguration profileConfiguration = baseSAML1ProfileRequestContext.getProfileConfiguration();
        try {
            boolean z = profileConfiguration.getSignAssertions() == CryptoOperationRequirementLevel.always || (profileConfiguration.getSignAssertions() == CryptoOperationRequirementLevel.conditional && !outboundMessageEncoder.providesMessageIntegrity(baseSAML1ProfileRequestContext));
            log.debug("IdP relying party configuration '{}' indicates to sign assertions: {}", baseSAML1ProfileRequestContext.getRelyingPartyConfiguration().getRelyingPartyId(), Boolean.valueOf(z));
            if (!z && (baseSAML1ProfileRequestContext.getPeerEntityRoleMetadata() instanceof SPSSODescriptor)) {
                SPSSODescriptor peerEntityRoleMetadata = baseSAML1ProfileRequestContext.getPeerEntityRoleMetadata();
                if (peerEntityRoleMetadata.getWantAssertionsSigned() != null) {
                    z = peerEntityRoleMetadata.getWantAssertionsSigned().booleanValue();
                    log.debug("Entity metadata for relying party '{} 'indicates to sign assertions: {}", baseSAML1ProfileRequestContext.getInboundMessageIssuer(), Boolean.valueOf(z));
                }
            }
            return z;
        } catch (MessageEncodingException e) {
            log.error("Unable to determine if outbound encoding '{}' provides message integrity protection", outboundMessageEncoder.getBindingURI());
            throw new ProfileException("Unable to determine if outbound assertion should be signed");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.internet2.middleware.shibboleth.idp.profile.AbstractSAMLProfileHandler
    public void writeAuditLogEntry(BaseSAMLProfileRequestContext baseSAMLProfileRequestContext) {
        Object next;
        SAML1AuditLogEntry sAML1AuditLogEntry = new SAML1AuditLogEntry();
        sAML1AuditLogEntry.setSAMLResponse((Response) baseSAMLProfileRequestContext.getOutboundSAMLMessage());
        sAML1AuditLogEntry.setMessageProfile(getProfileId());
        sAML1AuditLogEntry.setPrincipalAuthenticationMethod(baseSAMLProfileRequestContext.getPrincipalAuthenticationMethod());
        sAML1AuditLogEntry.setPrincipalName(baseSAMLProfileRequestContext.getPrincipalName());
        sAML1AuditLogEntry.setAssertingPartyId(baseSAMLProfileRequestContext.getLocalEntityId());
        sAML1AuditLogEntry.setRelyingPartyId(baseSAMLProfileRequestContext.getInboundMessageIssuer());
        sAML1AuditLogEntry.setRequestBinding(baseSAMLProfileRequestContext.getMessageDecoder().getBindingURI());
        sAML1AuditLogEntry.setRequestId(baseSAMLProfileRequestContext.getInboundSAMLMessageId());
        sAML1AuditLogEntry.setResponseBinding(baseSAMLProfileRequestContext.getMessageEncoder().getBindingURI());
        sAML1AuditLogEntry.setResponseId(baseSAMLProfileRequestContext.getOutboundSAMLMessageId());
        if (baseSAMLProfileRequestContext.getReleasedAttributes() != null) {
            sAML1AuditLogEntry.getReleasedAttributes().addAll(baseSAMLProfileRequestContext.getReleasedAttributes());
        }
        if (baseSAMLProfileRequestContext.getNameIdentifierAttribute() != null && (next = baseSAMLProfileRequestContext.getNameIdentifierAttribute().getValues().iterator().next()) != null) {
            sAML1AuditLogEntry.setNameIdValue(next.toString());
        }
        getAduitLog().info(sAML1AuditLogEntry.toString());
    }
}
