package uk.gov.ida.saml.metadata.test.factories.metadata;

import com.google.common.base.Throwables;
import java.util.Arrays;
import java.util.List;
import org.joda.time.DateTime;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.KeyDescriptor;
import org.opensaml.security.credential.Credential;
import org.opensaml.xmlsec.signature.support.SignatureException;
import uk.gov.ida.saml.core.test.PrivateKeyStoreFactory;
import uk.gov.ida.saml.core.test.TestCertificateStrings;
import uk.gov.ida.saml.core.test.builders.metadata.AttributeAuthorityDescriptorBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.EntityDescriptorBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.IdpSsoDescriptorBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.KeyDescriptorBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.KeyInfoBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.SPSSODescriptorBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.SignatureBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.X509CertificateBuilder;
import uk.gov.ida.saml.core.test.builders.metadata.X509DataBuilder;

/* loaded from: input_file:uk/gov/ida/saml/metadata/test/factories/metadata/EntityDescriptorFactory.class */
public class EntityDescriptorFactory {
    public static final String SIGNING_ONE = "signing_one";
    public static final String SIGNING_TWO = "signing_two";
    public static final String ENCRYPTION = "encryption";
    public static final String SIGNING_BAD = "signing_bad";
    private static final String SIGNING_USAGE = "SIGNING";
    private static final String ENCRYPTION_USAGE = "ENCRYPTION";

    public EntityDescriptor hubEntityDescriptor() {
        KeyDescriptor createKeyDescriptor = createKeyDescriptor(TestCertificateStrings.HUB_TEST_PUBLIC_SIGNING_CERT, SIGNING_ONE, SIGNING_USAGE);
        KeyDescriptor createKeyDescriptor2 = createKeyDescriptor(TestCertificateStrings.HUB_TEST_SECONDARY_PUBLIC_SIGNING_CERT, SIGNING_TWO, SIGNING_USAGE);
        try {
            return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(PrivateKeyStoreFactory.TEST_ENTITY_ID).addSpServiceDescriptor(SPSSODescriptorBuilder.anSpServiceDescriptor().addKeyDescriptor(createKeyDescriptor).addKeyDescriptor(createKeyDescriptor2).addKeyDescriptor(createKeyDescriptor(TestCertificateStrings.HUB_TEST_PUBLIC_ENCRYPTION_CERT, ENCRYPTION, ENCRYPTION_USAGE)).withoutDefaultSigningKey().withoutDefaultEncryptionKey().build()).withIdpSsoDescriptor(null).withValidUntil(DateTime.now().plusWeeks(2)).withSignature(null).withoutSigning().build();
        } catch (MarshallingException | SignatureException e) {
            throw Throwables.propagate(e);
        }
    }

    public EntityDescriptor hubEntityDescriptorWithWrongUsageCertificates() {
        KeyDescriptor createKeyDescriptor = createKeyDescriptor(TestCertificateStrings.HUB_TEST_PUBLIC_SIGNING_CERT, SIGNING_ONE, ENCRYPTION_USAGE);
        KeyDescriptor createKeyDescriptor2 = createKeyDescriptor(TestCertificateStrings.HUB_TEST_SECONDARY_PUBLIC_SIGNING_CERT, SIGNING_TWO, ENCRYPTION_USAGE);
        try {
            return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(PrivateKeyStoreFactory.TEST_ENTITY_ID).addSpServiceDescriptor(SPSSODescriptorBuilder.anSpServiceDescriptor().addKeyDescriptor(createKeyDescriptor).addKeyDescriptor(createKeyDescriptor2).addKeyDescriptor(createKeyDescriptor(TestCertificateStrings.HUB_TEST_PUBLIC_ENCRYPTION_CERT, ENCRYPTION, ENCRYPTION_USAGE)).withoutDefaultSigningKey().withoutDefaultEncryptionKey().build()).withIdpSsoDescriptor(null).withValidUntil(DateTime.now().plusWeeks(2)).withSignature(null).withoutSigning().build();
        } catch (MarshallingException | SignatureException e) {
            throw Throwables.propagate(e);
        }
    }

    private KeyDescriptor createKeyDescriptor(String str, String str2, String str3) {
        return KeyDescriptorBuilder.aKeyDescriptor().withUse(str3).withKeyInfo(KeyInfoBuilder.aKeyInfo().withKeyName(str2).withX509Data(X509DataBuilder.aX509Data().withX509Certificate(X509CertificateBuilder.aX509Certificate().withCert(str).build()).build()).build()).build();
    }

    public EntityDescriptor badHubEntityDescriptor() {
        KeyDescriptor createKeyDescriptor = createKeyDescriptor(TestCertificateStrings.HUB_TEST_PUBLIC_SIGNING_CERT, SIGNING_ONE, SIGNING_USAGE);
        KeyDescriptor createKeyDescriptor2 = createKeyDescriptor(TestCertificateStrings.HUB_TEST_SECONDARY_PUBLIC_SIGNING_CERT, SIGNING_TWO, SIGNING_USAGE);
        KeyDescriptor createKeyDescriptor3 = createKeyDescriptor(TestCertificateStrings.HUB_TEST_PUBLIC_ENCRYPTION_CERT, ENCRYPTION, ENCRYPTION_USAGE);
        try {
            return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(PrivateKeyStoreFactory.TEST_ENTITY_ID).addSpServiceDescriptor(SPSSODescriptorBuilder.anSpServiceDescriptor().addKeyDescriptor(createKeyDescriptor).addKeyDescriptor(createKeyDescriptor2).addKeyDescriptor(createKeyDescriptor3).addKeyDescriptor(createKeyDescriptor(TestCertificateStrings.TEST_RP_PUBLIC_SIGNING_CERT, SIGNING_BAD, SIGNING_USAGE)).withoutDefaultSigningKey().withoutDefaultEncryptionKey().build()).withIdpSsoDescriptor(null).withValidUntil(DateTime.now().plusWeeks(2)).withSignature(null).withoutSigning().build();
        } catch (MarshallingException | SignatureException e) {
            throw Throwables.propagate(e);
        }
    }

    public EntityDescriptor idpEntityDescriptor(String str) {
        try {
            return getEntityDescriptorBuilder(str).withSignature(null).withoutSigning().withValidUntil(DateTime.now().plusWeeks(2)).build();
        } catch (MarshallingException | SignatureException e) {
            throw Throwables.propagate(e);
        }
    }

    public EntityDescriptor signedIdpEntityDescriptor(String str, Credential credential, DateTime dateTime) {
        try {
            return getEntityDescriptorBuilder(str).withSignature(SignatureBuilder.aSignature().withX509Data((String) TestCertificateStrings.PUBLIC_SIGNING_CERTS.get(str)).withSigningCredential(credential).build()).withValidUntil(dateTime).build();
        } catch (MarshallingException | SignatureException e) {
            throw Throwables.propagate(e);
        }
    }

    private EntityDescriptorBuilder getEntityDescriptorBuilder(String str) {
        return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(str).withIdpSsoDescriptor(IdpSsoDescriptorBuilder.anIdpSsoDescriptor().addKeyDescriptor(buildKeyDescriptor(str)).withoutDefaultSigningKey().build()).setAddDefaultSpServiceDescriptor(false);
    }

    public EntityDescriptor attributeAuthorityEntityDescriptor(String str) {
        try {
            return EntityDescriptorBuilder.anEntityDescriptor().withEntityId(str).withIdpSsoDescriptor(null).withValidUntil(DateTime.now().plusWeeks(2)).withSignature(null).withoutSigning().withAttributeAuthorityDescriptor(AttributeAuthorityDescriptorBuilder.anAttributeAuthorityDescriptor().addKeyDescriptor(buildKeyDescriptor(str)).build()).setAddDefaultSpServiceDescriptor(false).build();
        } catch (MarshallingException | SignatureException e) {
            throw Throwables.propagate(e);
        }
    }

    public List<EntityDescriptor> defaultEntityDescriptors() {
        return Arrays.asList(hubEntityDescriptor(), idpEntityDescriptor("http://stub_idp.acme.org/stub-idp-one/SSO/POST"), idpEntityDescriptor("http://stub_idp.acme.org/stub-idp-two/SSO/POST"), idpEntityDescriptor("http://stub_idp.acme.org/stub-idp-three/SSO/POST"), idpEntityDescriptor("http://stub_idp.acme.org/stub-idp-four/SSO/POST"));
    }

    private KeyDescriptor buildKeyDescriptor(String str) {
        return KeyDescriptorBuilder.aKeyDescriptor().withKeyInfo(KeyInfoBuilder.aKeyInfo().withKeyName(SIGNING_ONE).withX509Data(X509DataBuilder.aX509Data().withX509Certificate(X509CertificateBuilder.aX509Certificate().withCert((String) TestCertificateStrings.PUBLIC_SIGNING_CERTS.get(str)).build()).build()).build()).build();
    }
}
