package edu.internet2.middleware.shibboleth.common.attribute.provider;

import edu.internet2.middleware.shibboleth.common.attribute.AttributeRequestException;
import edu.internet2.middleware.shibboleth.common.attribute.BaseAttribute;
import edu.internet2.middleware.shibboleth.common.attribute.encoding.AttributeEncoder;
import edu.internet2.middleware.shibboleth.common.attribute.encoding.AttributeEncodingException;
import edu.internet2.middleware.shibboleth.common.attribute.encoding.SAML2AttributeEncoder;
import edu.internet2.middleware.shibboleth.common.attribute.filtering.provider.ShibbolethAttributeFilteringEngine;
import edu.internet2.middleware.shibboleth.common.attribute.resolver.provider.ShibbolethAttributeResolver;
import edu.internet2.middleware.shibboleth.common.config.BaseService;
import edu.internet2.middleware.shibboleth.common.profile.provider.SAMLProfileRequestContext;
import edu.internet2.middleware.shibboleth.common.relyingparty.provider.saml2.AbstractSAML2ProfileConfiguration;
import edu.internet2.middleware.shibboleth.common.service.ServiceException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.opensaml.Configuration;
import org.opensaml.common.SAMLObjectBuilder;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeQuery;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.RequestAbstractType;
import org.opensaml.saml2.core.StatusResponseType;
import org.opensaml.saml2.metadata.AttributeAuthorityDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.xml.util.DatatypeHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/common/attribute/provider/ShibbolethSAML2AttributeAuthority.class */
public class ShibbolethSAML2AttributeAuthority extends BaseService implements SAML2AttributeAuthority {
    private final Logger log = LoggerFactory.getLogger(ShibbolethSAML2AttributeAuthority.class);
    private SAMLObjectBuilder<AttributeStatement> statementBuilder = Configuration.getBuilderFactory().getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);
    private ShibbolethAttributeResolver attributeResolver;
    private ShibbolethAttributeFilteringEngine filteringEngine;

    public ShibbolethSAML2AttributeAuthority(ShibbolethAttributeResolver shibbolethAttributeResolver) {
        this.attributeResolver = shibbolethAttributeResolver;
    }

    public ShibbolethAttributeResolver getAttributeResolver() {
        return this.attributeResolver;
    }

    public ShibbolethAttributeFilteringEngine getFilteringEngine() {
        return this.filteringEngine;
    }

    public void setFilteringEngine(ShibbolethAttributeFilteringEngine shibbolethAttributeFilteringEngine) {
        this.filteringEngine = shibbolethAttributeFilteringEngine;
    }

    @Override // edu.internet2.middleware.shibboleth.common.attribute.provider.SAML2AttributeAuthority
    public AttributeStatement buildAttributeStatement(AttributeQuery attributeQuery, Collection<BaseAttribute> collection) throws AttributeEncodingException {
        Collection<Attribute> encodeAttributes = encodeAttributes(attributeQuery, collection);
        filterAttributesByValue(attributeQuery, encodeAttributes);
        if (encodeAttributes.isEmpty()) {
            this.log.debug("No attributes remained after encoding and filtering by value, no attribute statement built");
            return null;
        }
        AttributeStatement buildObject = this.statementBuilder.buildObject();
        buildObject.getAttributes().addAll(encodeAttributes);
        return buildObject;
    }

    @Override // edu.internet2.middleware.shibboleth.common.attribute.provider.SAML2AttributeAuthority
    public String getAttributeIDBySAMLAttribute(Attribute attribute) {
        return null;
    }

    @Override // edu.internet2.middleware.shibboleth.common.attribute.provider.SAML2AttributeAuthority
    public Attribute getSAMLAttributeByAttributeID(String str) {
        return null;
    }

    @Override // edu.internet2.middleware.shibboleth.common.attribute.provider.SAML2AttributeAuthority
    public String getPrincipal(SAMLProfileRequestContext<? extends RequestAbstractType, ? extends StatusResponseType, NameID, ? extends AbstractSAML2ProfileConfiguration> sAMLProfileRequestContext) throws AttributeRequestException {
        if (sAMLProfileRequestContext.getInboundMessageIssuer() == null || sAMLProfileRequestContext.getSubjectNameIdentifier() == null) {
            throw new AttributeRequestException("Unable to resolve principal, attribute request ID and subject name identifier may not be null");
        }
        return this.attributeResolver.resolvePrincipalName(sAMLProfileRequestContext);
    }

    @Override // edu.internet2.middleware.shibboleth.common.attribute.AttributeAuthority
    public Map<String, BaseAttribute> getAttributes(SAMLProfileRequestContext<? extends RequestAbstractType, ? extends StatusResponseType, NameID, ? extends AbstractSAML2ProfileConfiguration> sAMLProfileRequestContext) throws AttributeRequestException {
        HashSet hashSet = new HashSet();
        hashSet.addAll(getAttributeIds((RequestAbstractType) sAMLProfileRequestContext.getInboundSAMLMessage()));
        hashSet.addAll(getAttribtueIds(sAMLProfileRequestContext.getPeerEntityMetadata()));
        sAMLProfileRequestContext.setRequestedAttributes(hashSet);
        Map<String, BaseAttribute> resolveAttributes = this.attributeResolver.resolveAttributes((SAMLProfileRequestContext) sAMLProfileRequestContext);
        if (this.filteringEngine != null) {
            resolveAttributes = this.filteringEngine.filterAttributes2(resolveAttributes, (SAMLProfileRequestContext) sAMLProfileRequestContext);
        }
        return resolveAttributes;
    }

    protected Collection<Attribute> encodeAttributes(AttributeQuery attributeQuery, Collection<BaseAttribute> collection) throws AttributeEncodingException {
        ArrayList arrayList = new ArrayList();
        List list = null;
        if (attributeQuery != null) {
            list = attributeQuery.getAttributes();
            if (list != null && list.isEmpty()) {
                list = null;
            }
        }
        for (BaseAttribute baseAttribute : collection) {
            if (baseAttribute.getValues() != null && baseAttribute.getValues().size() != 0) {
                boolean z = false;
                for (AttributeEncoder attributeEncoder : baseAttribute.getEncoders()) {
                    if (attributeEncoder instanceof SAML2AttributeEncoder) {
                        boolean z2 = true;
                        if (list != null) {
                            z2 = false;
                            Iterator it = list.iterator();
                            while (true) {
                                if (!it.hasNext()) {
                                    break;
                                }
                                Attribute attribute = (Attribute) it.next();
                                if (DatatypeHelper.safeEquals(attribute.getName(), attributeEncoder.getAttributeName())) {
                                    String nameFormat = attribute.getNameFormat();
                                    String nameFormat2 = ((SAML2AttributeEncoder) attributeEncoder).getNameFormat();
                                    if (nameFormat != null && nameFormat.equals("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")) {
                                        nameFormat = null;
                                    }
                                    if (nameFormat2 != null && nameFormat2.equals("urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")) {
                                        nameFormat2 = null;
                                    }
                                    if (DatatypeHelper.safeEquals(nameFormat, nameFormat2)) {
                                        z2 = true;
                                        break;
                                    }
                                }
                            }
                        }
                        if (z2) {
                            try {
                                Attribute attribute2 = (Attribute) attributeEncoder.encode(baseAttribute);
                                if (attribute2 != null) {
                                    arrayList.add(attribute2);
                                    z = true;
                                    this.log.debug("Encoded attribute {} with encoder of type {}", baseAttribute.getId(), attributeEncoder.getClass().getName());
                                }
                            } catch (AttributeEncodingException e) {
                                this.log.warn("unable to encode attribute: " + baseAttribute.getId(), e);
                            }
                        } else {
                            this.log.debug("Skipped encoding of attribute {} because the resulting name was excluded by the query", baseAttribute.getId());
                        }
                    }
                }
                if (!z) {
                    this.log.debug("Attribute {} was not encoded (filtered by query, or no SAML2AttributeEncoder attached).", baseAttribute.getId());
                }
            }
        }
        return arrayList;
    }

    protected void filterAttributesByValue(AttributeQuery attributeQuery, Collection<Attribute> collection) {
        if (attributeQuery == null) {
        }
    }

    protected Set<String> getAttributeIds(RequestAbstractType requestAbstractType) {
        Set<String> hashSet = new HashSet();
        if (!(requestAbstractType instanceof AttributeQuery)) {
            return hashSet;
        }
        AttributeQuery attributeQuery = (AttributeQuery) requestAbstractType;
        if (attributeQuery != null) {
            hashSet = getAttributeIds(attributeQuery.getAttributes());
            this.log.debug("query message contains the following attributes: {}", hashSet);
        }
        return hashSet;
    }

    protected Set<String> getAttribtueIds(EntityDescriptor entityDescriptor) {
        AttributeAuthorityDescriptor attributeAuthorityDescriptor;
        Set<String> hashSet = new HashSet();
        if (entityDescriptor != null && (attributeAuthorityDescriptor = entityDescriptor.getAttributeAuthorityDescriptor("urn:oasis:names:tc:SAML:2.0:protocol")) != null) {
            hashSet = getAttributeIds(attributeAuthorityDescriptor.getAttributes());
            this.log.debug("metadata contains the following attributes: {}", hashSet);
        }
        return hashSet;
    }

    protected Set<String> getAttributeIds(List<Attribute> list) {
        HashSet hashSet = new HashSet();
        Iterator<Attribute> it = list.iterator();
        while (it.hasNext()) {
            String attributeIDBySAMLAttribute = getAttributeIDBySAMLAttribute(it.next());
            if (attributeIDBySAMLAttribute != null) {
                hashSet.add(attributeIDBySAMLAttribute);
            }
        }
        return hashSet;
    }

    @Override // edu.internet2.middleware.shibboleth.common.config.BaseService
    protected void onNewContextCreated(ApplicationContext applicationContext) throws ServiceException {
    }
}
