package es.develex.saml.util;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.namespace.NamespaceContext;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.SchemaFactory;
import javax.xml.validation.Validator;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:es/develex/saml/util/Utils.class */
public class Utils {
    private static final String NS_SAML = "urn:oasis:names:tc:SAML:2.0:assertion";
    private static final String NS_SAMLP = "urn:oasis:names:tc:SAML:2.0:protocol";
    private static final String NS_XENC = "http://www.w3.org/2001/04/xmlenc#";
    private static final String NS_DS = "http://www.w3.org/2000/09/xmldsig#";
    private static final Logger log = LoggerFactory.getLogger(Utils.class);

    public static NodeList query(Document document, String str, Node node) throws XPathExpressionException {
        XPath newXPath = XPathFactory.newInstance().newXPath();
        newXPath.setNamespaceContext(new NamespaceContext() { // from class: es.develex.saml.util.Utils.1
            @Override // javax.xml.namespace.NamespaceContext
            public String getNamespaceURI(String str2) {
                String str3 = null;
                if (str2.equals("samlp") || str2.equals("samlp2")) {
                    str3 = Utils.NS_SAMLP;
                } else if (str2.equals("saml") || str2.equals("saml2")) {
                    str3 = Utils.NS_SAML;
                } else if (str2.equals("ds")) {
                    str3 = Utils.NS_DS;
                } else if (str2.equals("xenc")) {
                    str3 = Utils.NS_XENC;
                }
                return str3;
            }

            @Override // javax.xml.namespace.NamespaceContext
            public String getPrefix(String str2) {
                return null;
            }

            @Override // javax.xml.namespace.NamespaceContext
            public Iterator getPrefixes(String str2) {
                return null;
            }
        });
        return node == null ? (NodeList) newXPath.evaluate(str, document, XPathConstants.NODESET) : (NodeList) newXPath.evaluate(str, node, XPathConstants.NODESET);
    }

    public static Map<String, String> getStatus(Document document) throws Error {
        NodeList query;
        HashMap hashMap = new HashMap();
        try {
            query = query(document, "/samlp:Response/samlp:Status", null);
        } catch (Error e) {
            log.error("Error executing getStatus: " + e.getMessage());
            throw e;
        } catch (Exception e2) {
            log.error("Error executing getStatus: " + e2.getMessage(), e2);
        }
        if (query.getLength() == 0) {
            throw new Error("Missing Status on response");
        }
        NodeList query2 = query(document, "/samlp:Response/samlp:Status/samlp:StatusCode", (Element) query.item(0));
        if (query2.getLength() == 0) {
            throw new Error("Missing Status Code on response");
        }
        hashMap.put("code", query2.item(0).getAttributes().getNamedItem("Value").getNodeValue());
        NodeList query3 = query(document, "/samlp:Response/samlp:Status/samlp:StatusMessage", (Element) query.item(0));
        if (query3.getLength() == 0) {
            hashMap.put("msg", "");
        } else {
            hashMap.put("msg", query3.item(0).getNodeValue());
        }
        return hashMap;
    }

    public static Document loadXML(String str) throws Exception {
        if (str.contains("<!ENTITY")) {
            throw new Exception("Detected use of ENTITY in XML, disabled to prevent XXE/XEE attacks");
        }
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        try {
            newInstance.setAttribute("http://xml.org/sax/features/external-general-entities", Boolean.FALSE);
        } catch (Throwable th) {
        }
        try {
            newInstance.setAttribute("http://xml.org/sax/features/external-parameter-entities", Boolean.FALSE);
        } catch (Throwable th2) {
        }
        try {
            newInstance.setAttribute("http://apache.org/xml/features/disallow-doctype-decl", Boolean.TRUE);
        } catch (Throwable th3) {
        }
        try {
            newInstance.setAttribute("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE);
        } catch (Throwable th4) {
        }
        try {
            newInstance.setAttribute("http://apache.org/xml/features/nonvalidating/load-external-dtd", Boolean.FALSE);
        } catch (Throwable th5) {
        }
        try {
            newInstance.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", true);
        } catch (Throwable th6) {
        }
        try {
            Document parse = newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
            NodeList nodeList = (NodeList) XPathFactory.newInstance().newXPath().compile("//*[@ID]").evaluate(parse, XPathConstants.NODESET);
            for (int i = 0; i < nodeList.getLength(); i++) {
                Element element = (Element) nodeList.item(i);
                element.setIdAttributeNode((Attr) element.getAttributes().getNamedItem("ID"), true);
            }
            return parse;
        } catch (Exception e) {
            log.error("Error executing loadXML: " + e.getMessage(), e);
            return null;
        }
    }

    public static Document validateXML(Document document, String str) throws Exception {
        return validateXML(getStringFromDocument(document), str, new Boolean[0]);
    }

    public static Document validateXML(String str, String str2, Boolean... boolArr) throws Exception {
        try {
            String str3 = "resources" + File.separatorChar + "schemas" + File.separatorChar + str2;
            log.debug("schemaFullPath: " + str3);
            Validator newValidator = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema").newSchema(Utils.class.getClassLoader().getResource(str3)).newValidator();
            XMLErrorHandler xMLErrorHandler = new XMLErrorHandler();
            newValidator.setErrorHandler(xMLErrorHandler);
            newValidator.validate(new StreamSource(new StringReader(str)));
            if (xMLErrorHandler.getErrorXML().size() > 0) {
                throw new Error("Invalid XML. See the log");
            }
            return convertStringToDocument(str);
        } catch (Error e) {
            throw e;
        } catch (Exception e2) {
            log.error("Error executing validateXML: " + e2.getMessage(), e2);
            throw e2;
        }
    }

    public static boolean validateSign(Node node, Certificate certificate, String... strArr) throws Exception {
        DOMValidateContext dOMValidateContext = new DOMValidateContext(certificate.getPublicKey(), node);
        try {
            return XMLSignatureFactory.getInstance("DOM").unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
        } catch (MarshalException e) {
            log.error("Cannot locate Signature Node " + e.getMessage(), e);
            throw e;
        } catch (NullPointerException e2) {
            log.error("Context can't be validated", e2);
            throw e2;
        }
    }

    private static Document convertStringToDocument(String str) {
        try {
            return DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader(str)));
        } catch (Exception e) {
            log.error("Error executing convertStringToDocument: " + e.getMessage(), e);
            return null;
        }
    }

    public static String getStringFromDocument(Document document) {
        try {
            DOMSource dOMSource = new DOMSource(document);
            StringWriter stringWriter = new StringWriter();
            TransformerFactory.newInstance().newTransformer().transform(dOMSource, new StreamResult(stringWriter));
            stringWriter.flush();
            return stringWriter.toString();
        } catch (TransformerException e) {
            log.error("Error executing getStringFromDocument: " + e.getMessage(), e);
            return null;
        }
    }

    public static String readCertificate(File file) throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
        Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
        bufferedInputStream.close();
        return generateCertificate.toString();
    }
}
