package org.apereo.cas.support.wsfederation.authentication.principal;

import java.time.ZonedDateTime;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.List;
import java.util.Map;
import lombok.Generated;
import org.apereo.cas.authentication.Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/wsfederation/authentication/principal/WsFederationCredential.class */
public class WsFederationCredential implements Credential {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(WsFederationCredential.class);
    private static final long serialVersionUID = -824605020472810939L;
    private String audience;
    private String authenticationMethod;
    private String id;
    private String issuer;
    private ZonedDateTime issuedOn;
    private ZonedDateTime notBefore;
    private ZonedDateTime notOnOrAfter;
    private ZonedDateTime retrievedOn;
    private Map<String, List<Object>> attributes;

    public boolean isValid(String str, String str2, long j) {
        if (!this.audience.equalsIgnoreCase(str)) {
            LOGGER.warn("Audience [{}] is invalid where the expected audience should be [{}]", this.audience, str);
            return false;
        }
        if (!this.issuer.equalsIgnoreCase(str2)) {
            LOGGER.warn("Issuer [{}] is invalid since the expected issuer should be [{}]", this.issuer, str2);
            return false;
        }
        ZonedDateTime minus = getRetrievedOn().minus(j, (TemporalUnit) ChronoUnit.MILLIS);
        if (getIssuedOn().isBefore(minus)) {
            LOGGER.warn("Ticket is issued before the allowed drift. Issued on [{}] while allowed drift is [{}]", this.issuedOn, minus);
            return false;
        }
        ZonedDateTime plus = getRetrievedOn().plus(j, (TemporalUnit) ChronoUnit.MILLIS);
        if (getIssuedOn().isAfter(plus)) {
            LOGGER.warn("Ticket is issued after the allowed drift. Issued on [{}] while allowed drift is [{}]", getIssuedOn(), plus);
            return false;
        }
        if (getRetrievedOn().isAfter(this.notOnOrAfter)) {
            LOGGER.warn("Ticket is too late because it's retrieved on [{}] which is after [{}].", getRetrievedOn(), this.notOnOrAfter);
            return false;
        }
        LOGGER.debug("WsFed Credential is validated for [{}] and [{}].", str, str2);
        return true;
    }

    @Generated
    public String toString() {
        return "WsFederationCredential(audience=" + this.audience + ", authenticationMethod=" + this.authenticationMethod + ", id=" + this.id + ", issuer=" + this.issuer + ", issuedOn=" + this.issuedOn + ", notBefore=" + this.notBefore + ", notOnOrAfter=" + this.notOnOrAfter + ", retrievedOn=" + this.retrievedOn + ", attributes=" + this.attributes + ")";
    }

    @Generated
    public void setAudience(String str) {
        this.audience = str;
    }

    @Generated
    public void setAuthenticationMethod(String str) {
        this.authenticationMethod = str;
    }

    @Generated
    public void setId(String str) {
        this.id = str;
    }

    @Generated
    public void setIssuer(String str) {
        this.issuer = str;
    }

    @Generated
    public void setIssuedOn(ZonedDateTime zonedDateTime) {
        this.issuedOn = zonedDateTime;
    }

    @Generated
    public void setNotBefore(ZonedDateTime zonedDateTime) {
        this.notBefore = zonedDateTime;
    }

    @Generated
    public void setNotOnOrAfter(ZonedDateTime zonedDateTime) {
        this.notOnOrAfter = zonedDateTime;
    }

    @Generated
    public void setRetrievedOn(ZonedDateTime zonedDateTime) {
        this.retrievedOn = zonedDateTime;
    }

    @Generated
    public void setAttributes(Map<String, List<Object>> map) {
        this.attributes = map;
    }

    @Generated
    public String getAudience() {
        return this.audience;
    }

    @Generated
    public String getAuthenticationMethod() {
        return this.authenticationMethod;
    }

    @Generated
    public String getId() {
        return this.id;
    }

    @Generated
    public String getIssuer() {
        return this.issuer;
    }

    @Generated
    public ZonedDateTime getIssuedOn() {
        return this.issuedOn;
    }

    @Generated
    public ZonedDateTime getNotBefore() {
        return this.notBefore;
    }

    @Generated
    public ZonedDateTime getNotOnOrAfter() {
        return this.notOnOrAfter;
    }

    @Generated
    public ZonedDateTime getRetrievedOn() {
        return this.retrievedOn;
    }

    @Generated
    public Map<String, List<Object>> getAttributes() {
        return this.attributes;
    }

    @Generated
    public WsFederationCredential() {
    }

    @Generated
    public WsFederationCredential(String str, String str2, String str3, String str4, ZonedDateTime zonedDateTime, ZonedDateTime zonedDateTime2, ZonedDateTime zonedDateTime3, ZonedDateTime zonedDateTime4, Map<String, List<Object>> map) {
        this.audience = str;
        this.authenticationMethod = str2;
        this.id = str3;
        this.issuer = str4;
        this.issuedOn = zonedDateTime;
        this.notBefore = zonedDateTime2;
        this.notOnOrAfter = zonedDateTime3;
        this.retrievedOn = zonedDateTime4;
        this.attributes = map;
    }
}
