package weblogic.wsee.security.saml;

import java.io.IOException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.xml.parsers.DocumentBuilder;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
import weblogic.security.utils.SAMLAssertionInfo;

/* loaded from: input_file:weblogic/wsee/security/saml/SAMLAssertionInfoImpl.class */
public class SAMLAssertionInfoImpl implements SAMLAssertionInfo {
    private static final String SAML_ASSERTION_TAG = "Assertion";
    private static final String SAML11_ID_ATTR = "AssertionID";
    private static final String SAML11_VERSION = "1.1";
    private static final String SAML20_ID_ATTR = "ID";
    private static final String SAML20_VERSION = "2.0";
    private static final String SAML_ISSUER_ATTR = "Issuer";
    private static final String SAML_CONDITIONS_TAG = "Conditions";
    private static final String SAML_NOTBEFORE_ATTR = "NotBefore";
    private static final String SAML_NOTONORAFTER_ATTR = "NotOnOrAfter";
    private static final String SAML_SUBJECT_TAG = "Subject";
    private static final String SAML_ATN_STATEMENT_TAG = "AuthenticationStatement";
    private static final String SAML_ATTRIBUTE_STATEMENT_TAG = "AttributeStatement";
    private static final String SAML11_NAMEID_TAG = "NameIdentifier";
    private static final String SAML20_NAMEID_TAG = "NameID";
    private static final String SAML_SUBJCONF_TAG = "SubjectConfirmation";
    private static final String SAML20_SUBJCONF_METHOD_ATTR = "Method";
    private static final String SAML11_SUBJCONF_METHOD_TAG = "ConfirmationMethod";
    private static final String SAML_KEYINFO_TAG = "KeyInfo";
    private static final String SAML_SUBJCONF_DATA_TAG = "SubjectConfirmationData";
    private static final String SAML_SIGNATURE_TAG = "Signature";
    Element _assertion = null;
    String _version = null;
    boolean _isVersion20Assertion = true;
    String _id = null;
    String _issuer = null;
    String _subject = null;
    String _confirmation = null;
    Date _notBefore = null;
    Date _notOnOrAfter = null;
    Element _keyInfo = null;
    Element _issuerKeyInfo = null;

    SAMLAssertionInfoImpl(Element element) {
        init(element);
    }

    SAMLAssertionInfoImpl(String str) {
        try {
            init(parseAssertion(str));
        } catch (Exception e) {
            throw new IllegalArgumentException("Invalid assertion xml: failed to parse", e);
        }
    }

    private Element parseAssertion(String str) throws SAXException, IOException {
        DocumentBuilder documentBuilder = null;
        try {
            documentBuilder = CSSUtils.getParser();
            Element documentElement = documentBuilder.parse(str).getDocumentElement();
            if (documentBuilder != null) {
                CSSUtils.returnParser(documentBuilder);
            }
            return documentElement;
        } catch (Throwable th) {
            if (documentBuilder != null) {
                CSSUtils.returnParser(documentBuilder);
            }
            throw th;
        }
    }

    private void init(Element element) {
        this._assertion = element;
        if (!SAML_ASSERTION_TAG.equals(this._assertion.getLocalName())) {
            throw new IllegalArgumentException("DOM Element is not an assertion");
        }
        this._version = this._assertion.getAttribute("Version");
        if (this._version == null || !this._version.equals("2.0")) {
            this._version = this._assertion.getAttribute("MajorVersion") + "." + this._assertion.getAttribute("MinorVersion");
            if (this._version == null || !this._version.equals("1.1")) {
                throw new IllegalArgumentException("DOM Element does not have a valid SAML version");
            }
            this._isVersion20Assertion = false;
        }
        if (this._isVersion20Assertion) {
            this._id = this._assertion.getAttribute(SAML20_ID_ATTR);
        } else {
            this._id = this._assertion.getAttribute(SAML11_ID_ATTR);
        }
        this._issuer = this._assertion.getAttribute("Issuer");
        initConditions();
        initSubject();
        this._issuerKeyInfo = getKeyInfoFromIssuer(this._assertion);
    }

    private void initConditions() {
        Element firstMatchingChildElement = getFirstMatchingChildElement(this._assertion, SAML_CONDITIONS_TAG);
        if (firstMatchingChildElement != null) {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS");
            try {
                this._notBefore = simpleDateFormat.parse(firstMatchingChildElement.getAttribute(SAML_NOTBEFORE_ATTR));
                this._notOnOrAfter = simpleDateFormat.parse(firstMatchingChildElement.getAttribute(SAML_NOTONORAFTER_ATTR));
            } catch (ParseException e) {
                throw new IllegalArgumentException("Unable to parse conditions", e);
            }
        }
    }

    private void initSubject() {
        Element subjectFromAssertion = getSubjectFromAssertion(this._assertion);
        if (subjectFromAssertion == null) {
            throw new IllegalArgumentException("No Subject in assertion");
        }
        this._subject = getNameFromSubject(subjectFromAssertion);
        this._confirmation = getConfirmationFromSubject(subjectFromAssertion);
        this._keyInfo = getKeyInfoFromSubject(subjectFromAssertion);
    }

    private Element getSubjectFromAssertion(Element element) {
        if (this._isVersion20Assertion) {
            return getFirstMatchingChildElement(element, "Subject");
        }
        Element firstMatchingChildElement = getFirstMatchingChildElement(element, "AuthenticationStatement");
        if (firstMatchingChildElement != null) {
            return getFirstMatchingChildElement(firstMatchingChildElement, "Subject");
        }
        Element firstMatchingChildElement2 = getFirstMatchingChildElement(element, "AttributeStatement");
        if (firstMatchingChildElement2 != null) {
            return getFirstMatchingChildElement(firstMatchingChildElement2, "Subject");
        }
        return null;
    }

    private String getNameFromSubject(Element element) {
        return getElementText(getFirstMatchingChildElement(element, this._isVersion20Assertion ? SAML20_NAMEID_TAG : SAML11_NAMEID_TAG));
    }

    private static Element getFirstMatchingChildElement(Element element, String str) {
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1 && item.getLocalName().equals(str)) {
                return (Element) item;
            }
        }
        return null;
    }

    private String getConfirmationFromSubject(Element element) {
        Element firstMatchingChildElement = getFirstMatchingChildElement(element, "SubjectConfirmation");
        if (firstMatchingChildElement != null) {
            return this._isVersion20Assertion ? firstMatchingChildElement.getAttribute(SAML20_SUBJCONF_METHOD_ATTR) : getElementText(getFirstMatchingChildElement(firstMatchingChildElement, "ConfirmationMethod"));
        }
        return null;
    }

    private Element getKeyInfoFromSubject(Element element) {
        Element firstMatchingChildElement = getFirstMatchingChildElement(element, "SubjectConfirmation");
        if (this._confirmation == null || firstMatchingChildElement == null) {
            return null;
        }
        if (this._isVersion20Assertion && this._confirmation.equals(SAML2Constants.SAML20_HOLDER_OF_KEY)) {
            Element firstMatchingChildElement2 = getFirstMatchingChildElement(firstMatchingChildElement, SAML_SUBJCONF_DATA_TAG);
            if (firstMatchingChildElement2 != null) {
                return getFirstMatchingChildElement(firstMatchingChildElement2, "KeyInfo");
            }
            return null;
        }
        if (this._isVersion20Assertion || !this._confirmation.equals(SAML2Constants.SAML10_HOLDER_OF_KEY)) {
            return null;
        }
        return getFirstMatchingChildElement(firstMatchingChildElement, "KeyInfo");
    }

    private static Element getKeyInfoFromIssuer(Element element) {
        Element firstMatchingChildElement = getFirstMatchingChildElement(element, "Signature");
        if (null == firstMatchingChildElement) {
            return null;
        }
        return getFirstMatchingChildElement(firstMatchingChildElement, "KeyInfo");
    }

    private String getElementText(Element element) {
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 3) {
                return item.getNodeValue();
            }
        }
        return null;
    }

    public String getId() {
        return this._id;
    }

    public String getSubjectName() {
        return this._subject;
    }

    public String getSubjectConfirmationMethod() {
        return this._confirmation;
    }

    public Element getSubjectKeyInfo() {
        return this._keyInfo;
    }

    public String getVersion() {
        return this._version;
    }

    public Date getNotBefore() {
        return this._notBefore;
    }

    public Date getNotOnOrAfter() {
        return this._notOnOrAfter;
    }

    public Element getSamlAssertionSignatureKeyInfoElement() {
        return this._issuerKeyInfo;
    }

    public static Element getSamlAssertionSignatureKeyInfoElement(Element element) {
        if (null == element) {
            return null;
        }
        return getKeyInfoFromIssuer(element);
    }
}
