package com.sun.identity.wss.security;

import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.xmlsig.AMSignatureProvider;
import com.sun.identity.shared.debug.Debug;
import java.util.ResourceBundle;
import javax.xml.transform.TransformerException;
import org.forgerock.openam.sdk.org.apache.xml.security.exceptions.XMLSecurityException;
import org.forgerock.openam.sdk.org.apache.xml.security.keys.content.X509Data;
import org.forgerock.openam.sdk.org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.1.jar:com/sun/identity/wss/security/SecurityTokenReference.class */
public class SecurityTokenReference {
    public static final String KEYIDENTIFIER_REFERENCE = "KeyIdentifierRef";
    public static final String DIRECT_REFERENCE = "DirectReference";
    public static final String X509DATA_REFERENCE = "X509IssuerSerialRef";
    private Reference reference;
    private KeyIdentifier keyIdentifier;
    private X509Data x509Data;
    private String referenceType;
    private String id;
    private static ResourceBundle bundle = WSSUtils.bundle;
    private static Debug debug = WSSUtils.debug;

    public SecurityTokenReference() {
        this.id = null;
        this.id = SAMLUtils.generateID();
    }

    public SecurityTokenReference(Element element) throws SecurityException {
        this.id = null;
        if (element == null) {
            throw new IllegalArgumentException(bundle.getString("nullInputParameter"));
        }
        if (!"SecurityTokenReference".equals(element.getLocalName()) || !"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd".equals(element.getNamespaceURI())) {
            throw new SecurityException(bundle.getString("invalidElement"));
        }
        NodeList childNodes = element.getChildNodes();
        if (childNodes == null || childNodes.getLength() == 0) {
            debug.error("SecurityTokenReference.No references found");
            throw new SecurityException(bundle.getString("invalidElement"));
        }
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1) {
                String localName = item.getLocalName();
                if ("Reference".equals(localName)) {
                    this.reference = new Reference((Element) item);
                    this.referenceType = "DirectReference";
                } else if ("KeyIdentifier".equals(localName)) {
                    this.keyIdentifier = new KeyIdentifier((Element) item);
                    this.referenceType = "KeyIdentifierRef";
                } else if ("X509Data".equals(localName)) {
                    try {
                        this.x509Data = new X509Data((Element) item, (String) null);
                        this.referenceType = "X509IssuerSerialRef";
                    } catch (XMLSecurityException e) {
                        debug.error("SecurityTokenReference. invalid x509 data", e);
                        throw new SecurityException(bundle.getString("invalidElement"));
                    }
                } else {
                    continue;
                }
            }
        }
    }

    public String getReferenceType() {
        return this.referenceType;
    }

    public void setReferenceType(String str) {
        this.referenceType = str;
    }

    public Reference getReference() {
        return this.reference;
    }

    public void setReference(Reference reference) {
        this.reference = reference;
        this.referenceType = "DirectReference";
    }

    public void setKeyIdentifier(KeyIdentifier keyIdentifier) {
        this.keyIdentifier = keyIdentifier;
        this.referenceType = "KeyIdentifierRef";
    }

    public KeyIdentifier getKeyIdentifier() {
        return this.keyIdentifier;
    }

    public String getId() {
        return this.id;
    }

    public void setId(String str) {
        this.id = str;
    }

    public X509Data getX509IssuerSerial() {
        return this.x509Data;
    }

    public void setX509IssuerSerial(X509Data x509Data) {
        this.x509Data = x509Data;
        this.referenceType = "X509IssuerSerialRef";
    }

    public Element getTokenElement(Document document) throws SecurityException {
        Element element;
        Reference reference = getReference();
        String uri = reference.getURI();
        if (uri.length() == 0 || uri.charAt(0) != '#') {
            return null;
        }
        String substring = uri.substring(1);
        String valueType = reference.getValueType();
        try {
            if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID".equals(valueType)) {
                element = (Element) XPathAPI.selectSingleNode(document, "//*[@AssertionID=\"" + substring + "\"]");
            } else if (WSSConstants.SAML2_ASSERTION_VALUE_TYPE.equals(valueType)) {
                element = (Element) XPathAPI.selectSingleNode(document, "//*[@ID=\"" + substring + "\"]");
            } else {
                AMSignatureProvider.createDSctx(document, "wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
                element = (Element) XPathAPI.selectSingleNode(document, "//*[@wsu:Id=\"" + substring + "\"]");
            }
            return element;
        } catch (TransformerException e) {
            debug.error("SecurityTokenReference.getTokenElement: XPath exception.", e);
            throw new SecurityException(e.getMessage());
        }
    }

    public void addToParent(Element element) throws SecurityException {
        try {
            if (element == null) {
                throw new IllegalArgumentException(bundle.getString("nullInputParameter"));
            }
            Element createElementNS = element.getOwnerDocument().createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "SecurityTokenReference");
            createElementNS.setPrefix("wsse");
            createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
            createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
            createElementNS.setAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "wsu:Id", this.id);
            if (this.reference != null) {
                this.reference.addToParent(createElementNS);
            }
            if (this.keyIdentifier != null) {
                this.keyIdentifier.addToParent(createElementNS);
            }
            element.appendChild(createElementNS);
        } catch (Exception e) {
            debug.error("SecurityTokenReference.addToParent::can not add to parent", e);
            throw new SecurityException(bundle.getString("cannotAddElement"));
        }
    }
}
