package uk.gov.ida.saml.core.validation.subjectconfirmation;

import org.joda.time.DateTime;
import org.opensaml.saml.saml2.core.SubjectConfirmation;
import org.opensaml.saml.saml2.core.SubjectConfirmationData;
import uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory;
import uk.gov.ida.saml.core.validation.SamlTransformationErrorException;
import uk.gov.ida.saml.core.validation.SamlValidationSpecificationFailure;

/* loaded from: input_file:uk/gov/ida/saml/core/validation/subjectconfirmation/BasicAssertionSubjectConfirmationValidator.class */
public class BasicAssertionSubjectConfirmationValidator {
    public void validate(SubjectConfirmation subjectConfirmation) {
        SubjectConfirmationData subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData();
        if (subjectConfirmationData == null) {
            SamlValidationSpecificationFailure missingSubjectConfirmationData = SamlTransformationErrorFactory.missingSubjectConfirmationData();
            throw new SamlTransformationErrorException(missingSubjectConfirmationData.getErrorMessage(), missingSubjectConfirmationData.getLogLevel());
        }
        if (subjectConfirmationData.getInResponseTo() == null) {
            SamlValidationSpecificationFailure missingBearerInResponseTo = SamlTransformationErrorFactory.missingBearerInResponseTo();
            throw new SamlTransformationErrorException(missingBearerInResponseTo.getErrorMessage(), missingBearerInResponseTo.getLogLevel());
        }
        if (subjectConfirmationData.getRecipient() == null) {
            SamlValidationSpecificationFailure missingBearerRecipient = SamlTransformationErrorFactory.missingBearerRecipient();
            throw new SamlTransformationErrorException(missingBearerRecipient.getErrorMessage(), missingBearerRecipient.getLogLevel());
        }
        DateTime notOnOrAfter = subjectConfirmationData.getNotOnOrAfter();
        if (notOnOrAfter == null) {
            SamlValidationSpecificationFailure missingNotOnOrAfter = SamlTransformationErrorFactory.missingNotOnOrAfter();
            throw new SamlTransformationErrorException(missingNotOnOrAfter.getErrorMessage(), missingNotOnOrAfter.getLogLevel());
        }
        DateTime now = DateTime.now();
        if (notOnOrAfter.isEqual(now) || notOnOrAfter.isBefore(now)) {
            SamlValidationSpecificationFailure exceededNotOnOrAfter = SamlTransformationErrorFactory.exceededNotOnOrAfter(notOnOrAfter);
            throw new SamlTransformationErrorException(exceededNotOnOrAfter.getErrorMessage(), exceededNotOnOrAfter.getLogLevel());
        }
        if (subjectConfirmationData.getNotBefore() != null) {
            SamlValidationSpecificationFailure notBeforeExists = SamlTransformationErrorFactory.notBeforeExists();
            throw new SamlTransformationErrorException(notBeforeExists.getErrorMessage(), notBeforeExists.getLogLevel());
        }
    }
}
