package org.webswing.server.services.security.modules.saml2.com.lastpass.saml;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Iterator;
import javax.xml.bind.DatatypeConverter;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import net.shibboleth.utilities.java.support.xml.XMLParserException;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.UnmarshallingException;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
import org.opensaml.saml.saml2.metadata.KeyDescriptor;
import org.opensaml.saml.saml2.metadata.SingleSignOnService;
import org.opensaml.security.credential.UsageType;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.X509Certificate;
import org.opensaml.xmlsec.signature.X509Data;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/webswing-server-security-2.5.11.jar:org/webswing/server/services/security/modules/saml2/com/lastpass/saml/IdPConfig.class */
public class IdPConfig {
    private String entityId;
    private String loginUrl;
    private Certificate cert;

    public IdPConfig() {
    }

    public IdPConfig(File file) throws SAMLException {
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                init(fileInputStream);
            } finally {
                try {
                    fileInputStream.close();
                } catch (IOException e) {
                }
            }
        } catch (IOException e2) {
            throw new SAMLException(e2);
        }
    }

    public IdPConfig(InputStream inputStream) throws SAMLException {
        init(inputStream);
    }

    private void init(InputStream inputStream) throws SAMLException {
        KeyInfo keyInfo;
        BasicParserPool basicParserPool = new BasicParserPool();
        basicParserPool.setNamespaceAware(true);
        try {
            basicParserPool.initialize();
            Element documentElement = basicParserPool.parse(inputStream).getDocumentElement();
            XMLObject unmarshall = XMLObjectProviderRegistrySupport.getUnmarshallerFactory().getUnmarshaller(documentElement).unmarshall(documentElement);
            EntityDescriptor entityDescriptor = unmarshall instanceof EntitiesDescriptor ? ((EntitiesDescriptor) unmarshall).getEntityDescriptors().get(0) : (EntityDescriptor) unmarshall;
            IDPSSODescriptor iDPSSODescriptor = entityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
            if (iDPSSODescriptor == null) {
                throw new SAMLException("No IDP SSO descriptor found");
            }
            String str = null;
            Iterator<SingleSignOnService> it = iDPSSODescriptor.getSingleSignOnServices().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SingleSignOnService next = it.next();
                if (next.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
                    str = next.getLocation();
                    break;
                }
            }
            if (str == null) {
                throw new SAMLException("No acceptable Single Sign-on Service found");
            }
            Certificate certificate = null;
            loop1: for (KeyDescriptor keyDescriptor : iDPSSODescriptor.getKeyDescriptors()) {
                if (keyDescriptor.getUse() == UsageType.SIGNING && (keyInfo = keyDescriptor.getKeyInfo()) != null) {
                    Iterator<X509Data> it2 = keyInfo.getX509Datas().iterator();
                    while (it2.hasNext()) {
                        Iterator<X509Certificate> it3 = it2.next().getX509Certificates().iterator();
                        while (it3.hasNext()) {
                            try {
                                certificate = certFromString(it3.next().getValue());
                                break loop1;
                            } catch (CertificateException e) {
                            }
                        }
                    }
                }
            }
            if (certificate == null) {
                throw new SAMLException("No valid signing cert found");
            }
            setEntityId(entityDescriptor.getEntityID());
            setLoginUrl(str);
            setCert(certificate);
        } catch (ComponentInitializationException | XMLParserException | UnmarshallingException e2) {
            throw new SAMLException(e2);
        }
    }

    private Certificate certFromString(String str) throws CertificateException {
        return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(DatatypeConverter.parseBase64Binary(str)));
    }

    public void setEntityId(String str) {
        this.entityId = str;
    }

    public String getEntityId() {
        return this.entityId;
    }

    public void setLoginUrl(String str) {
        this.loginUrl = str;
    }

    public String getLoginUrl() {
        return this.loginUrl;
    }

    public void setCert(Certificate certificate) {
        this.cert = certificate;
    }

    public Certificate getCert() {
        return this.cert;
    }
}
