package org.opensaml.saml.metadata.resolver.filter.impl;

import com.google.common.base.Function;
import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.metadata.resolver.filter.FilterException;
import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
import org.opensaml.saml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.RoleDescriptor;
import org.opensaml.xmlsec.signature.SignableXMLObject;
import org.opensaml.xmlsec.signature.Signature;
import org.opensaml.xmlsec.signature.support.SignaturePrevalidator;
import org.opensaml.xmlsec.signature.support.SignatureTrustEngine;
import org.slf4j.Logger;

/* loaded from: input_file:eap7/api-jars/opensaml-saml-impl-3.1.1.jar:org/opensaml/saml/metadata/resolver/filter/impl/SignatureValidationFilter.class */
public class SignatureValidationFilter implements MetadataFilter {

    @Nonnull
    private final Logger log;

    @Nonnull
    private SignatureTrustEngine signatureTrustEngine;
    private boolean requireSignature;

    @Nullable
    private CriteriaSet defaultCriteria;

    @Nullable
    private SignaturePrevalidator signaturePrevalidator;

    @Nullable
    private Function<XMLObject, Set<String>> dynamicTrustedNamesStrategy;

    public SignatureValidationFilter(@Nonnull SignatureTrustEngine signatureTrustEngine);

    @Nullable
    public Function<XMLObject, Set<String>> getDynamicTrustedNamesStrategy();

    public void setDynamicTrustedNamesStrategy(@Nullable Function<XMLObject, Set<String>> function);

    @Nonnull
    public SignatureTrustEngine getSignatureTrustEngine();

    @Nullable
    public SignaturePrevalidator getSignaturePrevalidator();

    public void setSignaturePrevalidator(@Nullable SignaturePrevalidator signaturePrevalidator);

    public boolean getRequireSignature();

    public void setRequireSignature(boolean z);

    @Nullable
    public CriteriaSet getDefaultCriteria();

    public void setDefaultCriteria(@Nullable CriteriaSet criteriaSet);

    @Override // org.opensaml.saml.metadata.resolver.filter.MetadataFilter
    @Nullable
    public XMLObject filter(@Nullable XMLObject xMLObject) throws FilterException;

    protected void processEntityDescriptor(@Nonnull EntityDescriptor entityDescriptor) throws FilterException;

    protected void processEntityGroup(@Nonnull EntitiesDescriptor entitiesDescriptor) throws FilterException;

    protected void verifySignature(@Nonnull SignableXMLObject signableXMLObject, @NotEmpty @Nonnull String str, boolean z) throws FilterException;

    protected void performPreValidation(@Nonnull Signature signature, @NotEmpty @Nonnull String str) throws FilterException;

    @Nonnull
    protected CriteriaSet buildCriteriaSet(@Nonnull SignableXMLObject signableXMLObject, @NotEmpty @Nonnull String str, boolean z);

    protected String getRoleIDToken(@NotEmpty @Nonnull String str, @Nonnull RoleDescriptor roleDescriptor);
}
