package uk.gov.ida.saml.hub.validators.response.matchingservice;

import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.AuthnStatement;
import uk.gov.ida.saml.core.errors.SamlTransformationErrorFactory;
import uk.gov.ida.saml.core.validation.assertion.AssertionValidator;
import uk.gov.ida.saml.hub.exception.SamlValidationException;
import uk.gov.ida.saml.security.validators.ValidatedAssertions;
import uk.gov.ida.saml.security.validators.ValidatedResponse;

/* loaded from: input_file:uk/gov/ida/saml/hub/validators/response/matchingservice/ResponseAssertionsFromMatchingServiceValidator.class */
public class ResponseAssertionsFromMatchingServiceValidator {
    private AssertionValidator assertionValidator;
    private String hubEntityId;

    public ResponseAssertionsFromMatchingServiceValidator(AssertionValidator assertionValidator, String str) {
        this.assertionValidator = assertionValidator;
        this.hubEntityId = str;
    }

    public void validate(ValidatedResponse validatedResponse, ValidatedAssertions validatedAssertions) {
        if (validatedResponse.isSuccess()) {
            for (Assertion assertion : validatedAssertions.getAssertions()) {
                this.assertionValidator.validate(assertion, validatedResponse.getInResponseTo(), this.hubEntityId);
                if (assertion.getAuthnStatements().isEmpty()) {
                    throw new SamlValidationException(SamlTransformationErrorFactory.missingAuthnStatement());
                }
                if (((AuthnStatement) assertion.getAuthnStatements().get(0)).getAuthnContext() == null) {
                    throw new SamlValidationException(SamlTransformationErrorFactory.authnContextMissingError());
                }
            }
        }
    }
}
