package dk.gov.oio.saml.session;

import dk.gov.oio.saml.model.NSISLevel;
import dk.gov.oio.saml.oiobpp.OIOBPPUtil;
import dk.gov.oio.saml.oiobpp.PrivilegeList;
import dk.gov.oio.saml.util.Constants;
import dk.gov.oio.saml.util.InternalException;
import dk.gov.oio.saml.util.SamlHelper;
import dk.gov.oio.saml.util.StringUtil;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.joda.time.DateTime;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.opensaml.saml.saml2.core.Audience;
import org.opensaml.saml.saml2.core.AudienceRestriction;
import org.opensaml.saml.saml2.core.AuthnContext;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.Conditions;
import org.opensaml.saml.saml2.core.Issuer;
import org.opensaml.saml.saml2.core.Subject;
import org.opensaml.saml.saml2.core.SubjectConfirmation;
import org.opensaml.saml.saml2.core.SubjectConfirmationData;
import org.opensaml.saml.saml2.core.impl.AssertionMarshaller;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:dk/gov/oio/saml/session/AssertionWrapper.class */
public class AssertionWrapper implements Serializable {
    private static final Logger log = LoggerFactory.getLogger(AssertionWrapper.class);
    private static final long serialVersionUID = -4561395634523843337L;
    private String id;
    private String assertionString;
    private String assertionBase64;
    private String sessionIndex;
    private String issuer;
    private String subjectNameId;
    private String subjectNameIdFormat;
    private String signingCredentialEntityId;
    private List<String> audiences;
    private String authnContextClassRef;
    private PrivilegeList privilegeList;
    private Map<String, String> attributeValues;
    private boolean sessionExpired;
    private DateTime confirmationTime;
    private DateTime conditionTimeNotBefore;
    private DateTime conditionTimeNotOnOrAfter;

    public AssertionWrapper(Assertion assertion) throws InternalException {
        String str;
        AuthnContextClassRef authnContextClassRef;
        this.assertionBase64 = StringUtil.xmlObjectToBase64(assertion);
        try {
            this.assertionString = StringUtil.elementToString(new AssertionMarshaller().marshall(assertion));
            Issuer issuer = assertion.getIssuer();
            this.issuer = issuer != null ? issuer.getValue() : null;
            Subject subject = assertion.getSubject();
            if (subject != null && subject.getNameID() != null) {
                this.subjectNameId = subject.getNameID().getValue();
                this.subjectNameIdFormat = subject.getNameID().getFormat();
            }
            List attributeStatements = assertion.getAttributeStatements();
            if (attributeStatements != null && attributeStatements.size() == 1) {
                this.attributeValues = SamlHelper.extractAttributeValues((AttributeStatement) attributeStatements.get(0));
            }
            Conditions conditions = assertion.getConditions();
            if (conditions != null) {
                ArrayList arrayList = new ArrayList();
                Iterator it = conditions.getAudienceRestrictions().iterator();
                while (it.hasNext()) {
                    Iterator it2 = ((AudienceRestriction) it.next()).getAudiences().iterator();
                    while (it2.hasNext()) {
                        arrayList.add(((Audience) it2.next()).getAudienceURI());
                    }
                }
                this.audiences = arrayList;
                this.conditionTimeNotOnOrAfter = conditions.getNotOnOrAfter();
                this.conditionTimeNotBefore = conditions.getNotBefore();
            }
            if (assertion.getSubject() != null && assertion.getSubject().getSubjectConfirmations() != null && !assertion.getSubject().getSubjectConfirmations().isEmpty()) {
                Iterator it3 = assertion.getSubject().getSubjectConfirmations().iterator();
                while (it3.hasNext()) {
                    SubjectConfirmationData subjectConfirmationData = ((SubjectConfirmation) it3.next()).getSubjectConfirmationData();
                    if (subjectConfirmationData != null && subjectConfirmationData.getNotOnOrAfter() != null) {
                        this.confirmationTime = subjectConfirmationData.getNotOnOrAfter();
                    }
                }
            }
            if (assertion.getAuthnStatements() != null && assertion.getAuthnStatements().size() > 0) {
                for (AuthnStatement authnStatement : assertion.getAuthnStatements()) {
                    if (StringUtil.isNotEmpty(authnStatement.getSessionIndex())) {
                        this.sessionIndex = authnStatement.getSessionIndex();
                    }
                }
                AuthnStatement authnStatement2 = (AuthnStatement) assertion.getAuthnStatements().get(0);
                this.sessionExpired = authnStatement2.getSessionNotOnOrAfter() != null ? authnStatement2.getSessionNotOnOrAfter().isBeforeNow() : false;
                AuthnContext authnContext = authnStatement2.getAuthnContext();
                if (authnContext != null && (authnContextClassRef = authnContext.getAuthnContextClassRef()) != null) {
                    this.authnContextClassRef = authnContextClassRef.getAuthnContextClassRef();
                }
            }
            if (this.attributeValues != null && (str = this.attributeValues.get(Constants.PRIVILEGE_ATTRIBUTE)) != null) {
                this.privilegeList = OIOBPPUtil.parse(str);
            }
            if (null != assertion.getSignature() && null != assertion.getSignature().getSigningCredential()) {
                this.signingCredentialEntityId = assertion.getSignature().getSigningCredential().getEntityId();
            }
            this.id = assertion.getID();
        } catch (MarshallingException e) {
            throw new InternalException((Exception) e);
        }
    }

    public String getAssertionAsString() {
        return this.assertionString;
    }

    public String getAssertionAsBase64() {
        return this.assertionBase64;
    }

    public String getAssertionAsHtml() {
        return htmlEscape(this.assertionString);
    }

    private static String htmlEscape(String str) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\"':
                    sb.append("&quot;");
                    break;
                case '&':
                    sb.append("&amp;");
                    break;
                case '\'':
                    sb.append("&#39;");
                    break;
                case '<':
                    sb.append("&lt;");
                    break;
                case '>':
                    sb.append("&gt;");
                    break;
                default:
                    sb.append(charAt);
                    break;
            }
        }
        return sb.toString();
    }

    public NSISLevel getNsisLevel() {
        return this.attributeValues != null ? NSISLevel.getNSISLevelFromAttributeValue(this.attributeValues.get(Constants.LOA), NSISLevel.NONE) : NSISLevel.NONE;
    }

    public String getAssuranceLevel() {
        if (this.attributeValues != null) {
            return this.attributeValues.get(Constants.ASSURANCE_LEVEL);
        }
        return null;
    }

    public String getID() {
        return this.id;
    }

    public String getIssuer() {
        return this.issuer;
    }

    public String getSessionIndex() {
        return this.sessionIndex;
    }

    public String getSubjectNameId() {
        return this.subjectNameId;
    }

    public String getSubjectNameIdFormat() {
        return this.subjectNameIdFormat;
    }

    public List<String> getAudiences() {
        return this.audiences;
    }

    public String getAuthnContextClassRef() {
        return this.authnContextClassRef;
    }

    public PrivilegeList getPrivilegeList() {
        return this.privilegeList;
    }

    public Map<String, String> getAttributeValues() {
        return this.attributeValues;
    }

    public boolean isSessionExpired() {
        return this.sessionExpired;
    }

    public DateTime getConfirmationTime() {
        return this.confirmationTime;
    }

    public DateTime getConditionTimeNotBefore() {
        return this.conditionTimeNotBefore;
    }

    public DateTime getConditionTimeNotOnOrAfter() {
        return this.conditionTimeNotOnOrAfter;
    }

    public String getSigningCredentialEntityId() {
        return this.signingCredentialEntityId;
    }

    public boolean isReplayOf(AssertionWrapper assertionWrapper) {
        return (null == assertionWrapper || StringUtil.isEmpty(assertionWrapper.getID()) || StringUtil.isEmpty(assertionWrapper.getSessionIndex()) || !assertionWrapper.getSessionIndex().equals(getSessionIndex()) || !assertionWrapper.getID().equals(getID())) ? false : true;
    }

    public String toString() {
        return String.format("AssertionWrapper{assertion='%s'}", this.assertionString);
    }
}
