package com.sun.identity.saml2.assertion.impl;

import com.sun.identity.saml2.assertion.Advice;
import com.sun.identity.saml2.assertion.Assertion;
import com.sun.identity.saml2.assertion.AssertionFactory;
import com.sun.identity.saml2.assertion.AttributeStatement;
import com.sun.identity.saml2.assertion.AuthnStatement;
import com.sun.identity.saml2.assertion.AuthzDecisionStatement;
import com.sun.identity.saml2.assertion.Conditions;
import com.sun.identity.saml2.assertion.EncryptedAssertion;
import com.sun.identity.saml2.assertion.Issuer;
import com.sun.identity.saml2.assertion.Subject;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.common.SAML2SDKUtils;
import com.sun.identity.saml2.xmlenc.EncManager;
import com.sun.identity.saml2.xmlsig.SigManager;
import com.sun.identity.shared.DateUtils;
import com.sun.identity.shared.xml.XMLUtils;
import java.security.Key;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Set;
import org.apache.batik.constants.XMLConstants;
import org.forgerock.openam.utils.Time;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.2.jar:com/sun/identity/saml2/assertion/impl/AssertionImpl.class */
public class AssertionImpl implements Assertion {
    private String version;
    private Date issueInstant;
    private Subject subject;
    private Advice advice;
    private String signature;
    private Conditions conditions;
    private String id;
    private List<Object> statements;
    private List<AuthnStatement> authnStatements;
    private List<AuthzDecisionStatement> authzDecisionStatements;
    private List<AttributeStatement> attributeStatements;
    private Issuer issuer;
    private boolean isMutable;
    private String signedXMLString;
    private Boolean isSignatureValid;
    public static String ASSERTION_ELEMENT = "Assertion";
    public static String ASSERTION_VERSION_ATTR = "Version";
    public static String ASSERTION_ID_ATTR = "ID";
    public static String ASSERTION_ISSUEINSTANT_ATTR = "IssueInstant";
    public static String XSI_TYPE_ATTR = "xsi:type";
    public static String ASSERTION_ISSUER = "Issuer";
    public static String ASSERTION_SIGNATURE = "Signature";
    public static String ASSERTION_SUBJECT = "Subject";
    public static String ASSERTION_CONDITIONS = "Conditions";
    public static String ASSERTION_ADVICE = "Advice";
    public static String ASSERTION_STATEMENT = "Statement";
    public static String ASSERTION_AUTHNSTATEMENT = SAML2SDKUtils.AUTHN_STATEMENT;
    public static String ASSERTION_AUTHZDECISIONSTATEMENT = SAML2SDKUtils.AUTHZ_DECISION_STATEMENT;
    public static String ASSERTION_ATTRIBUTESTATEMENT = "AttributeStatement";

    public AssertionImpl() {
        this.statements = new ArrayList();
        this.authnStatements = new ArrayList();
        this.authzDecisionStatements = new ArrayList();
        this.attributeStatements = new ArrayList();
        this.isMutable = true;
        this.signedXMLString = null;
        this.isSignatureValid = null;
    }

    public AssertionImpl(String str) throws SAML2Exception {
        this.statements = new ArrayList();
        this.authnStatements = new ArrayList();
        this.authzDecisionStatements = new ArrayList();
        this.attributeStatements = new ArrayList();
        this.isMutable = true;
        this.signedXMLString = null;
        this.isSignatureValid = null;
        Document dOMDocument = XMLUtils.toDOMDocument(str, SAML2SDKUtils.debug);
        if (dOMDocument == null) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): invalid XML input");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorObtainingElement"));
        }
        processElement(dOMDocument.getDocumentElement());
        makeImmutable();
        if (this.signature != null) {
            this.signedXMLString = str;
        }
    }

    public AssertionImpl(Element element) throws SAML2Exception {
        this.statements = new ArrayList();
        this.authnStatements = new ArrayList();
        this.authzDecisionStatements = new ArrayList();
        this.attributeStatements = new ArrayList();
        this.isMutable = true;
        this.signedXMLString = null;
        this.isSignatureValid = null;
        processElement(element);
        makeImmutable();
        if (this.signature != null) {
            this.signedXMLString = XMLUtils.print(element, "UTF-8");
        }
    }

    private void processElement(Element element) throws SAML2Exception {
        String localName;
        if (element == null) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): invalid root element");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_element"));
        }
        String localName2 = element.getLocalName();
        if (localName2 == null) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): local name missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_local_name"));
        }
        if (!localName2.equals(ASSERTION_ELEMENT)) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): invalid local name " + localName2);
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_local_name"));
        }
        String attribute = element.getAttribute(ASSERTION_VERSION_ATTR);
        if (attribute == null || attribute.length() == 0) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): version missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_version"));
        }
        this.version = attribute;
        String attribute2 = element.getAttribute(ASSERTION_ID_ATTR);
        if (attribute2 == null || attribute2.length() == 0) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): assertion id missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_id"));
        }
        this.id = attribute2;
        String attribute3 = element.getAttribute(ASSERTION_ISSUEINSTANT_ATTR);
        if (attribute3 == null || attribute3.length() == 0) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): issue instant missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_issue_instant"));
        }
        try {
            this.issueInstant = DateUtils.stringToDate(attribute3);
            NodeList childNodes = element.getChildNodes();
            int length = childNodes.getLength();
            if (length < 1) {
                SAML2SDKUtils.debug.error("AssertionImpl.processElement(): assertion has no subelements");
                throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelements"));
            }
            AssertionFactory assertionFactory = AssertionFactory.getInstance();
            int i = 0;
            Node item = childNodes.item(0);
            while (true) {
                Node node = item;
                if (node.getNodeType() != 1) {
                    i++;
                    if (i >= length) {
                        SAML2SDKUtils.debug.error("AssertionImpl.processElement(): assertion has no subelements");
                        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelements"));
                    }
                    item = childNodes.item(i);
                } else {
                    String localName3 = node.getLocalName();
                    if (localName3 == null || !localName3.equals(ASSERTION_ISSUER)) {
                        SAML2SDKUtils.debug.error("AssertionImpl.processElement(): the first element is not <Issuer>");
                        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelement_issuer"));
                    }
                    this.issuer = AssertionFactory.getInstance().createIssuer((Element) node);
                    int i2 = i + 1;
                    if (i2 >= length) {
                        return;
                    }
                    Node item2 = childNodes.item(i2);
                    while (true) {
                        Node node2 = item2;
                        if (node2.getNodeType() == 1) {
                            String localName4 = node2.getLocalName();
                            if (localName4 != null && localName4.equals(ASSERTION_SIGNATURE)) {
                                this.signature = XMLUtils.print((Element) node2);
                                i2++;
                                if (i2 < length) {
                                    Node item3 = childNodes.item(i2);
                                    while (true) {
                                        node2 = item3;
                                        if (node2.getNodeType() == 1) {
                                            localName4 = node2.getLocalName();
                                            break;
                                        }
                                        i2++;
                                        if (i2 >= length) {
                                            return;
                                        } else {
                                            item3 = childNodes.item(i2);
                                        }
                                    }
                                } else {
                                    return;
                                }
                            } else {
                                this.signature = null;
                            }
                            if (localName4 != null && localName4.equals(ASSERTION_SUBJECT)) {
                                this.subject = assertionFactory.createSubject((Element) node2);
                                i2++;
                                if (i2 < length) {
                                    Node item4 = childNodes.item(i2);
                                    while (true) {
                                        node2 = item4;
                                        if (node2.getNodeType() == 1) {
                                            localName4 = node2.getLocalName();
                                            break;
                                        }
                                        i2++;
                                        if (i2 >= length) {
                                            return;
                                        } else {
                                            item4 = childNodes.item(i2);
                                        }
                                    }
                                } else {
                                    return;
                                }
                            } else {
                                this.subject = null;
                            }
                            if (localName4 != null && localName4.equals(ASSERTION_CONDITIONS)) {
                                this.conditions = assertionFactory.createConditions((Element) node2);
                                i2++;
                                if (i2 < length) {
                                    Node item5 = childNodes.item(i2);
                                    while (true) {
                                        node2 = item5;
                                        if (node2.getNodeType() == 1) {
                                            localName4 = node2.getLocalName();
                                            break;
                                        }
                                        i2++;
                                        if (i2 >= length) {
                                            return;
                                        } else {
                                            item5 = childNodes.item(i2);
                                        }
                                    }
                                } else {
                                    return;
                                }
                            } else {
                                this.conditions = null;
                            }
                            if (localName4 == null || !localName4.equals(ASSERTION_ADVICE)) {
                                this.advice = null;
                            } else {
                                this.advice = assertionFactory.createAdvice((Element) node2);
                                i2++;
                            }
                            while (i2 < length) {
                                Node item6 = childNodes.item(i2);
                                if (item6.getNodeType() == 1 && (localName = item6.getLocalName()) != null) {
                                    if (localName.equals(ASSERTION_AUTHNSTATEMENT)) {
                                        this.authnStatements.add(assertionFactory.createAuthnStatement((Element) item6));
                                    } else if (localName.equals(ASSERTION_AUTHZDECISIONSTATEMENT)) {
                                        this.authzDecisionStatements.add(assertionFactory.createAuthzDecisionStatement((Element) item6));
                                    } else if (localName.equals(ASSERTION_ATTRIBUTESTATEMENT)) {
                                        this.attributeStatements.add(assertionFactory.createAttributeStatement((Element) item6));
                                    } else if (localName == null || !localName.equals(ASSERTION_SIGNATURE)) {
                                        String attribute4 = ((Element) item6).getAttribute(XSI_TYPE_ATTR);
                                        if (!localName.equals(ASSERTION_STATEMENT) || attribute4 == null || attribute4.length() <= 0) {
                                            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): unexpected subelement " + localName);
                                            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("unexpected_subelement"));
                                        }
                                        this.statements.add(XMLUtils.print((Element) item6));
                                    } else {
                                        this.signature = XMLUtils.print((Element) item6);
                                    }
                                }
                                i2++;
                            }
                            return;
                        }
                        i2++;
                        if (i2 >= length) {
                            return;
                        } else {
                            item2 = childNodes.item(i2);
                        }
                    }
                }
            }
        } catch (ParseException e) {
            SAML2SDKUtils.debug.error("AssertionImpl.processElement(): invalid issue instant");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalid_date_format"));
        }
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public String getVersion() {
        return this.version;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setVersion(String str) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.version = str;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public Date getIssueInstant() {
        return this.issueInstant;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setIssueInstant(Date date) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.issueInstant = date;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public Subject getSubject() {
        return this.subject;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setSubject(Subject subject) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.subject = subject;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public Advice getAdvice() {
        return this.advice;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setAdvice(Advice advice) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.advice = advice;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public String getSignature() {
        return this.signature;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public Conditions getConditions() {
        return this.conditions;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setConditions(Conditions conditions) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.conditions = conditions;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public String getID() {
        return this.id;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setID(String str) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.id = str;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public List<Object> getStatements() {
        return this.statements;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public List<AuthnStatement> getAuthnStatements() {
        return this.authnStatements;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public List<AuthzDecisionStatement> getAuthzDecisionStatements() {
        return this.authzDecisionStatements;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public List<AttributeStatement> getAttributeStatements() {
        return this.attributeStatements;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setStatements(List<Object> list) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.statements = list;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setAuthnStatements(List<AuthnStatement> list) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.authnStatements = list;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setAuthzDecisionStatements(List<AuthzDecisionStatement> list) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.authzDecisionStatements = list;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setAttributeStatements(List<AttributeStatement> list) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.attributeStatements = list;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public Issuer getIssuer() {
        return this.issuer;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void setIssuer(Issuer issuer) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.issuer = issuer;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public boolean isSigned() {
        return this.signature != null;
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public boolean isSignatureValid(Set<X509Certificate> set) throws SAML2Exception {
        if (this.isSignatureValid == null) {
            if (this.signedXMLString == null) {
                this.signedXMLString = toXMLString(true, true);
            }
            this.isSignatureValid = Boolean.valueOf(SigManager.getSigInstance().verify(this.signedXMLString, getID(), set));
        }
        return this.isSignatureValid.booleanValue();
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void sign(PrivateKey privateKey, X509Certificate x509Certificate) throws SAML2Exception {
        Element sign = SigManager.getSigInstance().sign(toXMLString(true, true), getID(), privateKey, x509Certificate);
        this.signature = XMLUtils.print(sign);
        this.signedXMLString = XMLUtils.print(sign.getOwnerDocument().getDocumentElement(), "UTF-8");
        makeImmutable();
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public EncryptedAssertion encrypt(Key key, String str, int i, String str2) throws SAML2Exception {
        return AssertionFactory.getInstance().createEncryptedAssertion(EncManager.getEncInstance().encrypt(toXMLString(true, true), key, str, i, str2, SAML2SDKUtils.ENCRYPTED_ASSERTION));
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public boolean isTimeValid() {
        if (this.conditions == null) {
            return true;
        }
        return this.conditions.checkDateValidity(Time.currentTimeMillis());
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public String toXMLString(boolean z, boolean z2) throws SAML2Exception {
        if (this.signature != null && this.signedXMLString != null) {
            return this.signedXMLString;
        }
        StringBuffer stringBuffer = new StringBuffer(2000);
        String str = z2 ? SAML2Constants.ASSERTION_DECLARE_STR : "";
        String str2 = z ? "saml:" : "";
        stringBuffer.append("<").append(str2).append(ASSERTION_ELEMENT).append(str);
        if (this.version == null || this.version.length() == 0) {
            SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): version missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_version"));
        }
        stringBuffer.append(" ").append(ASSERTION_VERSION_ATTR).append(XMLConstants.XML_EQUAL_QUOT).append(this.version).append("\"");
        if (this.id == null || this.id.length() == 0) {
            SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): assertion id missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_assertion_id"));
        }
        stringBuffer.append(" ").append(ASSERTION_ID_ATTR).append(XMLConstants.XML_EQUAL_QUOT).append(this.id).append("\"");
        if (this.issueInstant == null) {
            SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issue instant missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_issue_instant"));
        }
        stringBuffer.append(" ").append(ASSERTION_ISSUEINSTANT_ATTR).append(XMLConstants.XML_EQUAL_QUOT).append(DateUtils.toUTCDateFormat(this.issueInstant)).append("\"").append(">\n");
        if (this.issuer == null) {
            SAML2SDKUtils.debug.error("AssertionImpl.toXMLString(): issuer missing");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("missing_subelement_issuer"));
        }
        stringBuffer.append(this.issuer.toXMLString(z, false));
        if (this.signature != null) {
            stringBuffer.append(this.signature);
        }
        if (this.subject != null) {
            stringBuffer.append(this.subject.toXMLString(z, false));
        }
        if (this.conditions != null) {
            stringBuffer.append(this.conditions.toXMLString(z, false));
        }
        if (this.advice != null) {
            stringBuffer.append(this.advice.toXMLString(z, false));
        }
        if (this.statements != null) {
            int size = this.statements.size();
            for (int i = 0; i < size; i++) {
                stringBuffer.append((String) this.statements.get(i));
            }
        }
        if (this.authnStatements != null) {
            int size2 = this.authnStatements.size();
            for (int i2 = 0; i2 < size2; i2++) {
                stringBuffer.append(this.authnStatements.get(i2).toXMLString(z, false));
            }
        }
        if (this.authzDecisionStatements != null) {
            int size3 = this.authzDecisionStatements.size();
            for (int i3 = 0; i3 < size3; i3++) {
                stringBuffer.append(this.authzDecisionStatements.get(i3).toXMLString(z, false));
            }
        }
        if (this.attributeStatements != null) {
            int size4 = this.attributeStatements.size();
            for (int i4 = 0; i4 < size4; i4++) {
                stringBuffer.append(this.attributeStatements.get(i4).toXMLString(z, false));
            }
        }
        stringBuffer.append("</").append(str2).append(ASSERTION_ELEMENT).append(">\n");
        return stringBuffer.toString();
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public String toXMLString() throws SAML2Exception {
        return toXMLString(true, false);
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public void makeImmutable() {
        if (this.isMutable) {
            if (this.authnStatements != null) {
                int size = this.authnStatements.size();
                for (int i = 0; i < size; i++) {
                    this.authnStatements.get(i).makeImmutable();
                }
                this.authnStatements = Collections.unmodifiableList(this.authnStatements);
            }
            if (this.authzDecisionStatements != null) {
                int size2 = this.authzDecisionStatements.size();
                for (int i2 = 0; i2 < size2; i2++) {
                    this.authzDecisionStatements.get(i2).makeImmutable();
                }
                this.authzDecisionStatements = Collections.unmodifiableList(this.authzDecisionStatements);
            }
            if (this.attributeStatements != null) {
                int size3 = this.attributeStatements.size();
                for (int i3 = 0; i3 < size3; i3++) {
                    this.attributeStatements.get(i3).makeImmutable();
                }
                this.attributeStatements = Collections.unmodifiableList(this.attributeStatements);
            }
            if (this.statements != null) {
                this.statements = Collections.unmodifiableList(this.statements);
            }
            if (this.conditions != null) {
                this.conditions.makeImmutable();
            }
            if (this.issuer != null) {
                this.issuer.makeImmutable();
            }
            if (this.subject != null) {
                this.subject.makeImmutable();
            }
            if (this.advice != null) {
                this.advice.makeImmutable();
            }
            this.isMutable = false;
        }
    }

    @Override // com.sun.identity.saml2.assertion.Assertion
    public boolean isMutable() {
        return this.isMutable;
    }
}
