package com.bea.common.security.saml.utils;

import com.bea.common.logger.spi.LoggerSpi;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.security.Principal;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Map;
import java.util.Set;
import javax.security.auth.Subject;
import org.eclipse.persistence.jpa.jpql.parser.Expression;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAttributeStatement;
import org.opensaml.SAMLAuthenticationStatement;
import org.opensaml.SAMLException;
import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLSignedObject;
import org.opensaml.SAMLSubject;
import org.w3c.dom.Element;
import weblogic.security.principal.IdentityDomainPrincipal;
import weblogic.security.service.ContextHandler;
import weblogic.utils.encoders.BASE64Decoder;
import weblogic.utils.encoders.BASE64Encoder;

/* loaded from: input_file:com/bea/common/security/saml/utils/SAMLUtil.class */
public class SAMLUtil {
    public static final String RESPONSE_PARAMETER_NAME = "SAMLResponse";
    public static final String ARTIFACT_PARAMETER_NAME = "SAMLart";
    public static final String TARGET_PARAMETER_NAME = "TARGET";
    public static final String APID_PARAMETER_NAME = "APID";
    public static final String RPID_PARAMETER_NAME = "RPID";
    public static final String ACS_URL_ATTR_NAME_V1 = "consumerURL";
    public static final String ITS_TARGET_ATTR_NAME_V1 = "targetURL";
    public static final String ACS_URL_ATTR_NAME = "SAML_AssertionConsumerURL";
    public static final String ACS_PARAMS_ATTR_NAME = "SAML_AssertionConsumerParams";
    public static final String ITS_REQUEST_PARAMS_ATTR_NAME = "SAML_ITSRequestParams";
    public static boolean ENABLE_URL_REWRITING = Boolean.getBoolean("weblogic.security.saml.enableURLRewriting");

    public static final String calculateSourceIdHex(String str) {
        try {
            return new SAMLSourceId(1, str).getSourceIdHex();
        } catch (IllegalArgumentException e) {
            return new String("Invalid Source Site URL");
        }
    }

    public static final String calculateSourceIdBase64(String str) {
        try {
            return new SAMLSourceId(1, str).getSourceIdBase64();
        } catch (IllegalArgumentException e) {
            return new String("Invalid Source Site URL");
        }
    }

    public static final String normalizeURL(String str) {
        String trimString = trimString(str);
        if (trimString == null) {
            return null;
        }
        try {
            String str2 = "";
            int indexOf = trimString.indexOf(63);
            if (indexOf != -1) {
                str2 = trimString.substring(indexOf);
                trimString = trimString.substring(0, indexOf);
            }
            URI uri = new URI(trimString);
            uri.normalize();
            return new URL(uri.toASCIIString() + str2).toString();
        } catch (Exception e) {
            return null;
        }
    }

    public static final String normalizeURI(String str) {
        String trimString = trimString(str);
        if (trimString == null) {
            return null;
        }
        try {
            URI uri = new URI(trimString);
            uri.normalize();
            return uri.toString();
        } catch (Exception e) {
            return null;
        }
    }

    public static final String normalizeContextPath(String str) {
        String normalizeURI = normalizeURI(str);
        if (normalizeURI == null || !normalizeURI.startsWith("/")) {
            return null;
        }
        return normalizeURI;
    }

    public static final String[] cleanupStringArray(String[] strArr) {
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        LinkedList linkedList = new LinkedList();
        for (String str : strArr) {
            String[] split = str.split("\\s");
            for (int i = 0; i < split.length; i++) {
                if (split[i] != null && split[i].length() > 0) {
                    linkedList.add(split[i]);
                }
            }
        }
        if (linkedList.isEmpty()) {
            return null;
        }
        return (String[]) linkedList.toArray(new String[linkedList.size()]);
    }

    public static final String base64Encode(byte[] bArr) {
        return new BASE64Encoder().encodeBuffer(bArr);
    }

    public static final byte[] base64Decode(String str) throws IOException {
        return new BASE64Decoder().decodeBuffer(str);
    }

    public static final String queryStringStripParam(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer(str);
        int indexOf = stringBuffer.indexOf(str2 + "=");
        if (indexOf > 0) {
            indexOf = stringBuffer.indexOf("&" + str2 + "=");
        }
        if (indexOf >= 0) {
            int indexOf2 = stringBuffer.indexOf("&", indexOf + 1);
            if (indexOf2 < 0) {
                indexOf2 = stringBuffer.length();
            }
            stringBuffer.delete(indexOf, indexOf2);
            if (stringBuffer.length() > 0 && stringBuffer.charAt(0) == '&') {
                return stringBuffer.substring(1);
            }
        }
        return stringBuffer.toString();
    }

    public static final String buildURLWithParams(String str, String[] strArr) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        String str2 = "";
        for (int i = 0; strArr != null && i < strArr.length; i++) {
            if (strArr[i] != null && strArr[i].length() > 0) {
                str2 = str2 + strArr[i] + "&";
            }
        }
        return str + "?" + str2;
    }

    public static final Map paramStringToMap(String str) {
        return str == null ? new HashMap() : paramArrayToMap(str.split("&"));
    }

    public static final Map paramArrayToMap(String[] strArr) {
        int indexOf;
        HashMap hashMap = new HashMap();
        for (int i = 0; strArr != null && i < strArr.length; i++) {
            if (strArr[i] != null && strArr[i].length() > 0 && (indexOf = strArr[i].indexOf(61)) != -1 && indexOf != 0 && indexOf != strArr[i].length() - 1) {
                String trim = strArr[i].substring(0, indexOf).trim();
                String trim2 = strArr[i].substring(indexOf + 1).trim();
                if (trim.length() > 0 && trim2.length() > 0) {
                    hashMap.put(trim, trim2);
                }
            }
        }
        return hashMap;
    }

    public static final String trimString(String str) {
        if (str == null) {
            return null;
        }
        String trim = str.trim();
        if (trim.length() > 0) {
            return trim;
        }
        return null;
    }

    public static final String[] mergeArrays(String[] strArr, String[] strArr2) {
        ArrayList arrayList = new ArrayList();
        for (int i = 0; strArr != null && i < strArr.length; i++) {
            if (strArr[i] != null && !arrayList.contains(strArr[i])) {
                arrayList.add(strArr[i]);
            }
        }
        for (int i2 = 0; strArr2 != null && i2 < strArr2.length; i2++) {
            if (strArr2[i2] != null && !arrayList.contains(strArr2[i2])) {
                arrayList.add(strArr2[i2]);
            }
        }
        return (String[]) arrayList.toArray(new String[0]);
    }

    public static final String getStringContextElement(String str, ContextHandler contextHandler) {
        Object value;
        if (str == null || contextHandler == null || (value = contextHandler.getValue(str)) == null || !(value instanceof String)) {
            return null;
        }
        return (String) value;
    }

    public static final Element getKeyInfoContextElement(ContextHandler contextHandler) {
        Object value;
        if (contextHandler == null || (value = contextHandler.getValue("com.bea.contextelement.saml.subject.dom.KeyInfo")) == null || !(value instanceof Element)) {
            return null;
        }
        return (Element) value;
    }

    public static final boolean getBooleanContextElement(String str, ContextHandler contextHandler) {
        Object value;
        if (str == null || contextHandler == null || (value = contextHandler.getValue(str)) == null || !(value instanceof Boolean)) {
            return false;
        }
        return ((Boolean) value).booleanValue();
    }

    public static final String displaySubject(Subject subject) {
        if (subject == null) {
            return "Subject == null";
        }
        StringBuffer stringBuffer = new StringBuffer("Subject: ");
        Set<Principal> principals = subject.getPrincipals();
        stringBuffer.append(principals.size());
        stringBuffer.append("\n");
        for (Object obj : principals.toArray()) {
            Principal principal = (Principal) obj;
            stringBuffer.append("\tPrincipal = ");
            stringBuffer.append(principal.getClass());
            stringBuffer.append("(\"");
            String principal2 = principal instanceof IdentityDomainPrincipal ? principal.toString() : principal.getName();
            if (principal2 != null) {
                stringBuffer.append(principal2);
            }
            stringBuffer.append("\")\n");
        }
        return stringBuffer.toString();
    }

    public static X509Certificate getEndCertFromSignedObject(LoggerSpi loggerSpi, SAMLSignedObject sAMLSignedObject) {
        boolean z = false;
        if (loggerSpi != null && loggerSpi.isDebugEnabled()) {
            z = true;
        }
        try {
            Iterator x509Certificates = sAMLSignedObject.getX509Certificates();
            if (x509Certificates == null || !x509Certificates.hasNext()) {
                return null;
            }
            Object next = x509Certificates.next();
            if (!(next instanceof X509Certificate)) {
                return null;
            }
            X509Certificate x509Certificate = (X509Certificate) next;
            if (x509Certificate != null) {
                try {
                    x509Certificate.checkValidity();
                } catch (CertificateExpiredException e) {
                    if (!z) {
                        return null;
                    }
                    loggerSpi.debug("Certificate has expired: " + e.toString());
                    return null;
                } catch (CertificateNotYetValidException e2) {
                    if (!z) {
                        return null;
                    }
                    loggerSpi.debug("Certificate is not yet valid: " + e2.toString());
                    return null;
                }
            }
            if (z) {
                loggerSpi.debug("Got signing certificate for signed object: " + x509Certificate.getSubjectDN().getName());
            }
            return x509Certificate;
        } catch (SAMLException e3) {
            if (!z) {
                return null;
            }
            loggerSpi.debug("Exception while calling SignedObject.getX509Certificates(): " + e3.toString());
            return null;
        }
    }

    public static String getConfirmationMethod(LoggerSpi loggerSpi, SAMLAssertion sAMLAssertion) {
        return getConfirmationMethod(loggerSpi, getSubject(sAMLAssertion));
    }

    private static boolean isSupportedConfirmationMethod(String str) {
        return str.equals("urn:oasis:names:tc:SAML:1.0:cm:artifact") || str.equals("urn:oasis:names:tc:SAML:1.0:cm:bearer") || str.equals("urn:oasis:names:tc:SAML:1.0:cm:holder-of-key") || str.equals("urn:oasis:names:tc:SAML:1.0:cm:sender-vouches");
    }

    public static Object instantiatePlugin(String str, String str2) throws Exception {
        Object newInstance = Class.forName(str).newInstance();
        if (Class.forName(str2).isInstance(newInstance)) {
            return newInstance;
        }
        throw new Exception("Class '" + str + "' is not an instance of '" + str2 + Expression.QUOTE);
    }

    public static SAMLSubject getSubject(SAMLAssertion sAMLAssertion) {
        boolean z = false;
        SAMLSubject sAMLSubject = null;
        SAMLSubject sAMLSubject2 = null;
        Iterator statements = sAMLAssertion.getStatements();
        while (true) {
            if (!statements.hasNext()) {
                break;
            }
            Object next = statements.next();
            if (next instanceof SAMLAuthenticationStatement) {
                sAMLSubject2 = ((SAMLAuthenticationStatement) next).getSubject();
                z = true;
                break;
            }
            if (next instanceof SAMLAttributeStatement) {
                SAMLSubject subject = ((SAMLAttributeStatement) next).getSubject();
                if (sAMLSubject == null) {
                    SAMLNameIdentifier name = subject == null ? null : subject.getName();
                    if (name != null && name.getName() != null) {
                        sAMLSubject = subject;
                    }
                }
            }
        }
        if (!z) {
            sAMLSubject2 = sAMLSubject;
        }
        return sAMLSubject2;
    }

    public static String getConfirmationMethod(LoggerSpi loggerSpi, SAMLSubject sAMLSubject) {
        if (sAMLSubject == null) {
            if (loggerSpi == null || !loggerSpi.isDebugEnabled()) {
                return null;
            }
            loggerSpi.debug("SAML subject is null.");
            return null;
        }
        String str = null;
        Iterator confirmationMethods = sAMLSubject.getConfirmationMethods();
        if (confirmationMethods.hasNext()) {
            str = (String) confirmationMethods.next();
            if (str != null) {
                str = str.trim();
            }
        }
        if ((str == null || !isSupportedConfirmationMethod(str)) && loggerSpi != null && loggerSpi.isDebugEnabled()) {
            loggerSpi.debug("Invalid subject confirmation method '" + (str == null ? "null" : str) + Expression.QUOTE);
        }
        return str;
    }
}
