package org.opensaml.saml1.binding.security;

import java.util.List;
import javax.servlet.ServletRequest;
import org.apache.log4j.Logger;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.security.SAMLSecurityPolicyContext;
import org.opensaml.common.binding.security.SAMLSecurityPolicyHelper;
import org.opensaml.saml1.core.Assertion;
import org.opensaml.saml1.core.RequestAbstractType;
import org.opensaml.saml1.core.Response;
import org.opensaml.saml1.core.ResponseAbstractType;
import org.opensaml.ws.security.SecurityPolicyContext;
import org.opensaml.ws.security.SecurityPolicyException;
import org.opensaml.ws.security.SecurityPolicyRule;
import org.opensaml.ws.security.SecurityPolicyRuleFactory;
import org.opensaml.xml.XMLObject;

/* loaded from: input_file:org/opensaml/saml1/binding/security/SAML1ProtocolMessageRuleFactory.class */
public class SAML1ProtocolMessageRuleFactory implements SecurityPolicyRuleFactory<ServletRequest> {
    private static Logger log = Logger.getLogger(SAML1ProtocolMessageRule.class);

    /* loaded from: input_file:org/opensaml/saml1/binding/security/SAML1ProtocolMessageRuleFactory$SAML1ProtocolMessageRule.class */
    public class SAML1ProtocolMessageRule implements SecurityPolicyRule<ServletRequest> {
        public SAML1ProtocolMessageRule() {
        }

        public void evaluate(ServletRequest servletRequest, XMLObject xMLObject, SecurityPolicyContext securityPolicyContext) throws SecurityPolicyException {
            SAMLSecurityPolicyContext sAMLSecurityPolicyContext = (SAMLSecurityPolicyContext) securityPolicyContext;
            if (sAMLSecurityPolicyContext == null) {
                SAML1ProtocolMessageRuleFactory.log.error("Supplied context was not an instance of SAMLSecurityPolicyContext");
                throw new IllegalArgumentException("Supplied context was not an instance of SAMLSecurityPolicyContext");
            }
            SAMLObject sAMLMessage = SAMLSecurityPolicyHelper.getSAMLMessage(xMLObject);
            if (sAMLMessage == null) {
                SAML1ProtocolMessageRuleFactory.log.warn("Could not extract SAML message");
                return;
            }
            if (sAMLMessage instanceof RequestAbstractType) {
                SAML1ProtocolMessageRuleFactory.log.debug("Extracting ID, issuer and issue instant from request");
                extractRequestInfo(sAMLSecurityPolicyContext, (RequestAbstractType) sAMLMessage);
            } else {
                if (!(sAMLMessage instanceof ResponseAbstractType)) {
                    throw new SecurityPolicyException("SAML 1.x message was not a request or a response");
                }
                SAML1ProtocolMessageRuleFactory.log.debug("Extracting ID, issuer and issue instant from response");
                extractResponseInfo(sAMLSecurityPolicyContext, (ResponseAbstractType) sAMLMessage);
            }
        }

        protected void extractResponseInfo(SAMLSecurityPolicyContext sAMLSecurityPolicyContext, ResponseAbstractType responseAbstractType) throws SecurityPolicyException {
            sAMLSecurityPolicyContext.setMessageID(responseAbstractType.getID());
            sAMLSecurityPolicyContext.setIssueInstant(responseAbstractType.getIssueInstant());
            if (responseAbstractType instanceof Response) {
                String str = null;
                List<Assertion> assertions = ((Response) responseAbstractType).getAssertions();
                if (assertions != null && assertions.size() > 0) {
                    SAML1ProtocolMessageRuleFactory.log.info("Attempting to extract issuer from enclosed SAML 1.x Assertion(s)");
                    for (Assertion assertion : assertions) {
                        if (assertion != null && assertion.getIssuer() != null) {
                            if (str != null && !str.equals(assertion.getIssuer())) {
                                throw new SecurityPolicyException("SAML 1.x assertions, within response " + responseAbstractType.getID() + " contain different issuer IDs");
                            }
                            str = assertion.getIssuer();
                        }
                    }
                }
                sAMLSecurityPolicyContext.setIssuer(str);
            }
            if (sAMLSecurityPolicyContext.getIssuer() == null) {
                SAML1ProtocolMessageRuleFactory.log.info("Issuer could not be extracted from standard SAML 1.x response message");
            }
        }

        protected void extractRequestInfo(SAMLSecurityPolicyContext sAMLSecurityPolicyContext, RequestAbstractType requestAbstractType) {
            sAMLSecurityPolicyContext.setMessageID(requestAbstractType.getID());
            sAMLSecurityPolicyContext.setIssueInstant(requestAbstractType.getIssueInstant());
        }
    }

    public SecurityPolicyRule<ServletRequest> createRuleInstance() {
        return new SAML1ProtocolMessageRule();
    }
}
