package com.sun.identity.saml2.protocol.impl;

import com.sun.identity.saml2.assertion.AssertionFactory;
import com.sun.identity.saml2.assertion.Conditions;
import com.sun.identity.saml2.assertion.Subject;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.saml2.common.SAML2SDKUtils;
import com.sun.identity.saml2.protocol.AuthnRequest;
import com.sun.identity.saml2.protocol.NameIDPolicy;
import com.sun.identity.saml2.protocol.ProtocolFactory;
import com.sun.identity.saml2.protocol.RequestedAuthnContext;
import com.sun.identity.saml2.protocol.Scoping;
import com.sun.identity.shared.DateUtils;
import com.sun.identity.shared.xml.XMLUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.2.jar:com/sun/identity/saml2/protocol/impl/AuthnRequestImpl.class */
public class AuthnRequestImpl extends RequestAbstractImpl implements AuthnRequest {
    private Subject subject;
    private NameIDPolicy nameIDPolicy;
    private Conditions conditions;
    private RequestedAuthnContext reqAuthnContext;
    private Scoping scoping;
    private Integer assertionConsumerSvcIndex;
    private Integer attrConsumingSvcIndex;
    private String providerName;
    private Boolean forceAuthn;
    private Boolean isPassive;
    private String protocolBinding;
    private String assertionConsumerServiceURL;

    public AuthnRequestImpl() {
        this.isMutable = true;
    }

    public AuthnRequestImpl(Element element) throws SAML2Exception {
        parseDOMElement(element);
        if (this.isSigned) {
            this.signedXMLString = XMLUtils.print(element);
        }
    }

    public AuthnRequestImpl(String str) throws SAML2Exception {
        Document dOMDocument = XMLUtils.toDOMDocument(str, SAML2SDKUtils.debug);
        if (dOMDocument == null) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("errorObtainingElement"));
        }
        parseDOMElement(dOMDocument.getDocumentElement());
        if (this.isSigned) {
            this.signedXMLString = str;
        }
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Subject getSubject() {
        return this.subject;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setSubject(Subject subject) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.subject = subject;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public NameIDPolicy getNameIDPolicy() {
        return this.nameIDPolicy;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setNameIDPolicy(NameIDPolicy nameIDPolicy) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.nameIDPolicy = nameIDPolicy;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Conditions getConditions() {
        return this.conditions;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setConditions(Conditions conditions) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.conditions = conditions;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public RequestedAuthnContext getRequestedAuthnContext() {
        return this.reqAuthnContext;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setRequestedAuthnContext(RequestedAuthnContext requestedAuthnContext) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.reqAuthnContext = requestedAuthnContext;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setScoping(Scoping scoping) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.scoping = scoping;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Scoping getScoping() {
        return this.scoping;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Boolean isForceAuthn() {
        return this.forceAuthn;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setForceAuthn(Boolean bool) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.forceAuthn = bool;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Boolean isPassive() {
        return this.isPassive;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setIsPassive(Boolean bool) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.isPassive = bool;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setProtocolBinding(String str) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.protocolBinding = str;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public String getProtocolBinding() {
        return this.protocolBinding;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public String getAssertionConsumerServiceURL() {
        return this.assertionConsumerServiceURL;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setAssertionConsumerServiceURL(String str) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.assertionConsumerServiceURL = str;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Integer getAssertionConsumerServiceIndex() {
        return this.assertionConsumerSvcIndex;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setAssertionConsumerServiceIndex(Integer num) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.assertionConsumerSvcIndex = num;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public Integer getAttributeConsumingServiceIndex() {
        return this.attrConsumingSvcIndex;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setAttributeConsumingServiceIndex(Integer num) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.attrConsumingSvcIndex = num;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public void setProviderName(String str) throws SAML2Exception {
        if (!this.isMutable) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("objectImmutable"));
        }
        this.providerName = str;
    }

    @Override // com.sun.identity.saml2.protocol.AuthnRequest
    public String getProviderName() {
        return this.providerName;
    }

    @Override // com.sun.identity.saml2.protocol.impl.RequestAbstractImpl, com.sun.identity.saml2.protocol.RequestAbstract
    public String toXMLString() throws SAML2Exception {
        return toXMLString(true, false);
    }

    @Override // com.sun.identity.saml2.protocol.impl.RequestAbstractImpl, com.sun.identity.saml2.protocol.RequestAbstract
    public String toXMLString(boolean z, boolean z2) throws SAML2Exception {
        if (this.isSigned && this.signedXMLString != null) {
            return this.signedXMLString;
        }
        validateData();
        validateAssertionConsumerServiceIndex(this.assertionConsumerSvcIndex);
        validateAttributeConsumingServiceIndex(this.attrConsumingSvcIndex);
        StringBuffer stringBuffer = new StringBuffer(1000);
        stringBuffer.append("<");
        if (z) {
            stringBuffer.append("samlp:");
        }
        stringBuffer.append("AuthnRequest").append(" ");
        if (z2) {
            stringBuffer.append(SAML2Constants.PROTOCOL_DECLARE_STR).append("\n");
        }
        stringBuffer.append("ID").append("=").append("\"").append(this.requestId).append("\"").append(" ").append("Version").append("=").append("\"").append(this.version).append("\"").append(" ").append("IssueInstant").append("=").append("\"").append(DateUtils.toUTCDateFormat(this.issueInstant)).append("\"");
        if (this.destinationURI != null && this.destinationURI.length() > 0) {
            stringBuffer.append(" ").append("Destination").append("=").append("\"").append(this.destinationURI).append("\"");
        }
        if (this.consent != null && this.consent.length() > 0) {
            stringBuffer.append(" ").append("Consent").append("=").append("\"").append(this.consent).append("\"");
        }
        if (this.forceAuthn != null) {
            stringBuffer.append(" ").append("ForceAuthn").append("=").append("\"").append(this.forceAuthn.toString()).append("\"");
        }
        if (this.isPassive != null) {
            stringBuffer.append(" ").append("IsPassive").append("=").append("\"").append(this.isPassive.toString()).append("\"");
        }
        if (this.assertionConsumerSvcIndex != null) {
            stringBuffer.append(" ").append("AssertionConsumerServiceIndex").append("=").append("\"").append(this.assertionConsumerSvcIndex.toString()).append("\"");
        } else {
            if (this.protocolBinding != null && this.protocolBinding.length() > 0) {
                stringBuffer.append(" ").append(SAML2Constants.PROTOBINDING).append("=").append("\"").append(this.protocolBinding).append("\"");
            }
            if (this.assertionConsumerServiceURL != null && this.assertionConsumerServiceURL.length() > 0) {
                stringBuffer.append(" ").append("AssertionConsumerServiceURL").append("=").append("\"").append(XMLUtils.escapeSpecialCharacters(this.assertionConsumerServiceURL)).append("\"");
            }
        }
        if (this.attrConsumingSvcIndex != null) {
            stringBuffer.append(" ").append("AttributeConsumingServiceIndex").append("=").append("\"").append(this.attrConsumingSvcIndex.toString()).append("\"");
        }
        if (this.providerName != null && this.providerName.length() > 0) {
            stringBuffer.append(" ").append("ProviderName").append("=").append("\"").append(this.providerName).append("\"");
        }
        stringBuffer.append(">");
        if (this.nameID != null) {
            stringBuffer.append("\n").append(this.nameID.toXMLString(z, z2));
        }
        if (this.signatureString != null && this.signatureString.length() > 0) {
            stringBuffer.append("\n").append(this.signatureString);
        }
        if (this.extensions != null) {
            stringBuffer.append("\n").append(this.extensions.toXMLString(z, z2));
        }
        if (this.subject != null) {
            stringBuffer.append("\n").append(this.subject.toXMLString(z, z2));
        }
        if (this.nameIDPolicy != null) {
            stringBuffer.append("\n").append(this.nameIDPolicy.toXMLString(z, z2));
        }
        if (this.conditions != null) {
            stringBuffer.append("\n").append(this.conditions.toXMLString(z, z2));
        }
        if (this.reqAuthnContext != null) {
            stringBuffer.append("\n").append(this.reqAuthnContext.toXMLString(z, z2));
        }
        if (this.scoping != null) {
            stringBuffer.append("\n").append(this.scoping.toXMLString(z, z2));
        }
        stringBuffer.append("\n").append(SAML2Constants.SAML2_END_TAG).append("AuthnRequest").append(">");
        return stringBuffer.toString();
    }

    @Override // com.sun.identity.saml2.protocol.impl.RequestAbstractImpl, com.sun.identity.saml2.protocol.RequestAbstract
    public void makeImmutable() {
        if (this.isMutable) {
            super.makeImmutable();
            if (this.subject != null && this.subject.isMutable()) {
                this.subject.makeImmutable();
            }
            if (this.nameIDPolicy != null && this.nameIDPolicy.isMutable()) {
                this.nameIDPolicy.makeImmutable();
            }
            if (this.conditions != null && this.conditions.isMutable()) {
                this.conditions.makeImmutable();
            }
            if (this.reqAuthnContext != null && this.reqAuthnContext.isMutable()) {
                this.reqAuthnContext.makeImmutable();
            }
            if (this.scoping != null && this.scoping.isMutable()) {
                this.scoping.makeImmutable();
            }
            this.isMutable = false;
        }
    }

    @Override // com.sun.identity.saml2.protocol.impl.RequestAbstractImpl
    protected void parseDOMElement(Element element) throws SAML2Exception {
        AssertionFactory assertionFactory = AssertionFactory.getInstance();
        ProtocolFactory protocolFactory = ProtocolFactory.getInstance();
        this.requestId = element.getAttribute("ID");
        validateID(this.requestId);
        this.version = element.getAttribute("Version");
        validateVersion(this.version);
        validateIssueInstant(element.getAttribute("IssueInstant"));
        this.destinationURI = element.getAttribute("Destination");
        this.consent = element.getAttribute("Consent");
        NodeList childNodes = element.getChildNodes();
        if (childNodes != null && childNodes.getLength() > 0) {
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                String localName = item.getLocalName();
                if (localName != null) {
                    if (localName.equals("Issuer")) {
                        validateIssuer();
                        this.nameID = assertionFactory.createIssuer((Element) item);
                    } else if (localName.equals("Signature")) {
                        validateSignature();
                        this.signatureString = XMLUtils.print((Element) item);
                        this.isSigned = true;
                    } else if (localName.equals("Extensions")) {
                        validateExtensions();
                        this.extensions = protocolFactory.createExtensions((Element) item);
                    } else if (localName.equals("Subject")) {
                        validateSubject();
                        this.subject = assertionFactory.createSubject((Element) item);
                    } else if (localName.equals("NameIDPolicy")) {
                        validateNameIDPolicy();
                        this.nameIDPolicy = protocolFactory.createNameIDPolicy((Element) item);
                    } else if (localName.equals("Conditions")) {
                        validateConditions();
                        this.conditions = assertionFactory.createConditions((Element) item);
                    } else if (localName.equals("RequestedAuthnContext")) {
                        validateReqAuthnContext();
                        this.reqAuthnContext = protocolFactory.createRequestedAuthnContext((Element) item);
                    } else if (localName.equals("Scoping")) {
                        validateScoping();
                        this.scoping = protocolFactory.createScoping((Element) item);
                    }
                }
            }
        }
        String attribute = element.getAttribute("ForceAuthn");
        if (attribute != null && attribute.length() > 0) {
            this.forceAuthn = SAML2SDKUtils.booleanValueOf(attribute);
        }
        String attribute2 = element.getAttribute("IsPassive");
        if (attribute2 != null && attribute2.length() > 0) {
            this.isPassive = SAML2SDKUtils.booleanValueOf(attribute2);
        }
        this.protocolBinding = element.getAttribute(SAML2Constants.PROTOBINDING);
        String attribute3 = element.getAttribute("AssertionConsumerServiceIndex");
        if (attribute3 != null && attribute3.length() > 0) {
            this.assertionConsumerSvcIndex = new Integer(attribute3);
            validateAssertionConsumerServiceIndex(this.assertionConsumerSvcIndex);
        }
        this.assertionConsumerServiceURL = XMLUtils.unescapeSpecialCharacters(element.getAttribute("AssertionConsumerServiceURL"));
        String attribute4 = element.getAttribute("AttributeConsumingServiceIndex");
        if (attribute4 != null && attribute4.length() > 0) {
            this.attrConsumingSvcIndex = new Integer(attribute4);
            validateAttributeConsumingServiceIndex(this.attrConsumingSvcIndex);
        }
        this.providerName = element.getAttribute("ProviderName");
    }

    private void validateAssertionConsumerServiceIndex(Integer num) throws SAML2Exception {
        if (num != null && num.intValue() < 0 && num.intValue() > 65535) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidAssertionConsumerIndex"));
        }
    }

    private void validateAttributeConsumingServiceIndex(Integer num) throws SAML2Exception {
        if (num != null && num.intValue() < 0 && num.intValue() > 65535) {
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("invalidAttributeConsumingSvcIdx"));
        }
    }

    private void validateIssuer() throws SAML2Exception {
        if (this.nameID != null) {
            SAML2SDKUtils.debug.message("Request has too many Issuer Element");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.signatureString == null && this.extensions == null && this.subject == null && this.nameIDPolicy == null && this.conditions == null && this.reqAuthnContext == null && this.scoping == null) {
            return;
        }
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("Issuer Element should be the first element in the Request");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
    }

    private void validateSignature() throws SAML2Exception {
        if (this.signatureString != null) {
            SAML2SDKUtils.debug.message("Request has too many Signature Elements");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.extensions == null && this.subject == null && this.nameIDPolicy == null && this.conditions == null && this.reqAuthnContext == null && this.scoping == null) {
            return;
        }
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("Signature should be the second element in the Request");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
    }

    private void validateExtensions() throws SAML2Exception {
        if (this.extensions != null) {
            SAML2SDKUtils.debug.message("Request has too many Extension Elements");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.subject == null && this.nameIDPolicy == null && this.conditions == null && this.reqAuthnContext == null && this.scoping == null) {
            return;
        }
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("Extensions should be the third element in the Request");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
    }

    private void validateSubject() throws SAML2Exception {
        if (this.subject != null) {
            SAML2SDKUtils.debug.message("Request has too many Subject Elements");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.nameIDPolicy == null && this.conditions == null && this.reqAuthnContext == null && this.scoping == null) {
            return;
        }
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("Subject should be the fourth element in the Request");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
    }

    private void validateNameIDPolicy() throws SAML2Exception {
        if (this.nameIDPolicy != null) {
            if (SAML2SDKUtils.debug.messageEnabled()) {
                SAML2SDKUtils.debug.message("Request has too many NameIDPolicy Elements");
            }
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.conditions == null && this.reqAuthnContext == null && this.scoping == null) {
            return;
        }
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("Subject should be the fourth element in the Request");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
    }

    private void validateConditions() throws SAML2Exception {
        if (this.conditions != null) {
            if (SAML2SDKUtils.debug.messageEnabled()) {
                SAML2SDKUtils.debug.message("Request has too many Conditions Elements");
            }
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.reqAuthnContext == null && this.scoping == null) {
            return;
        }
        if (SAML2SDKUtils.debug.messageEnabled()) {
            SAML2SDKUtils.debug.message("Conditions should be the fifth element in the Request");
        }
        throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
    }

    private void validateReqAuthnContext() throws SAML2Exception {
        if (this.reqAuthnContext != null) {
            if (SAML2SDKUtils.debug.messageEnabled()) {
                SAML2SDKUtils.debug.message("Request has too many RequestedAuthnContext Elements");
            }
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
        if (this.scoping != null) {
            if (SAML2SDKUtils.debug.messageEnabled()) {
                SAML2SDKUtils.debug.message("RequestedAuthnContext should be the sixth element in the Request");
            }
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
    }

    private void validateScoping() throws SAML2Exception {
        if (this.scoping != null) {
            SAML2SDKUtils.debug.message("Request has too many Scoping Elements");
            throw new SAML2Exception(SAML2SDKUtils.bundle.getString("schemaViolation"));
        }
    }
}
