package org.picketlink.identity.federation.core.parsers.saml;

import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.Unmarshaller;
import javax.xml.bind.helpers.DefaultValidationEventHandler;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLEventReader;
import javax.xml.stream.events.EndElement;
import javax.xml.stream.events.StartElement;
import org.jboss.security.xacml.core.model.context.RequestType;
import org.jboss.security.xacml.core.model.context.ResponseType;
import org.picketlink.common.ErrorCodes;
import org.picketlink.common.constants.JBossSAMLConstants;
import org.picketlink.common.constants.JBossSAMLURIConstants;
import org.picketlink.common.exceptions.ConfigurationException;
import org.picketlink.common.exceptions.ParsingException;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.common.parsers.ParserNamespaceSupport;
import org.picketlink.common.util.DocumentUtil;
import org.picketlink.common.util.StaxParserUtil;
import org.picketlink.common.util.StringUtil;
import org.picketlink.identity.federation.core.parsers.util.SAMLParserUtil;
import org.picketlink.identity.federation.core.saml.v2.util.SAMLXACMLUtil;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.ConditionsType;
import org.picketlink.identity.federation.saml.v2.assertion.EncryptedAssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;
import org.picketlink.identity.federation.saml.v2.profiles.xacml.assertion.XACMLAuthzDecisionStatementType;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/picketlink-federation-2.7.0.CR1.jar:org/picketlink/identity/federation/core/parsers/saml/SAMLAssertionParser.class */
public class SAMLAssertionParser implements ParserNamespaceSupport {
    private final String ASSERTION = JBossSAMLConstants.ASSERTION.get();

    public AssertionType fromElement(Element element) throws ConfigurationException, ProcessingException, ParsingException {
        return (AssertionType) parse(StaxParserUtil.getXMLEventReader(DocumentUtil.getNodeAsStream(element)));
    }

    @Override // org.picketlink.common.parsers.ParserNamespaceSupport
    public Object parse(XMLEventReader xMLEventReader) throws ParsingException {
        StartElement peek;
        if (StaxParserUtil.getStartElementName(StaxParserUtil.peekNextStartElement(xMLEventReader)).equals(JBossSAMLConstants.ENCRYPTED_ASSERTION.get())) {
            Element dOMElement = StaxParserUtil.getDOMElement(xMLEventReader);
            EncryptedAssertionType encryptedAssertionType = new EncryptedAssertionType();
            encryptedAssertionType.setEncryptedElement(dOMElement);
            return encryptedAssertionType;
        }
        StartElement nextStartElement = StaxParserUtil.getNextStartElement(xMLEventReader);
        StaxParserUtil.validate(nextStartElement, this.ASSERTION);
        AssertionType parseBaseAttributes = parseBaseAttributes(nextStartElement);
        while (true) {
            if (!xMLEventReader.hasNext() || (peek = StaxParserUtil.peek(xMLEventReader)) == null) {
                break;
            }
            if (peek instanceof EndElement) {
                String endElementName = StaxParserUtil.getEndElementName(StaxParserUtil.getNextEvent(xMLEventReader));
                if (!endElementName.equals(JBossSAMLConstants.ASSERTION.get())) {
                    throw new RuntimeException(ErrorCodes.UNKNOWN_END_ELEMENT + endElementName);
                }
            } else {
                StartElement peekNextStartElement = peek instanceof StartElement ? peek : StaxParserUtil.peekNextStartElement(xMLEventReader);
                if (peekNextStartElement == null) {
                    break;
                }
                String startElementName = StaxParserUtil.getStartElementName(peekNextStartElement);
                if (startElementName.equals(JBossSAMLConstants.SIGNATURE.get())) {
                    parseBaseAttributes.setSignature(StaxParserUtil.getDOMElement(xMLEventReader));
                } else if (JBossSAMLConstants.ISSUER.get().equalsIgnoreCase(startElementName)) {
                    StaxParserUtil.getNextStartElement(xMLEventReader);
                    String elementText = StaxParserUtil.getElementText(xMLEventReader);
                    NameIDType nameIDType = new NameIDType();
                    nameIDType.setValue(elementText);
                    parseBaseAttributes.setIssuer(nameIDType);
                } else if (JBossSAMLConstants.SUBJECT.get().equalsIgnoreCase(startElementName)) {
                    parseBaseAttributes.setSubject((SubjectType) new SAMLSubjectParser().parse(xMLEventReader));
                } else if (JBossSAMLConstants.CONDITIONS.get().equalsIgnoreCase(startElementName)) {
                    parseBaseAttributes.setConditions((ConditionsType) new SAMLConditionsParser().parse(xMLEventReader));
                } else if (JBossSAMLConstants.AUTHN_STATEMENT.get().equalsIgnoreCase(startElementName)) {
                    parseBaseAttributes.addStatement(SAMLParserUtil.parseAuthnStatement(xMLEventReader));
                } else if (JBossSAMLConstants.ATTRIBUTE_STATEMENT.get().equalsIgnoreCase(startElementName)) {
                    parseBaseAttributes.addStatement(SAMLParserUtil.parseAttributeStatement(xMLEventReader));
                } else {
                    if (!JBossSAMLConstants.STATEMENT.get().equalsIgnoreCase(startElementName)) {
                        throw new RuntimeException(ErrorCodes.UNKNOWN_TAG + startElementName + "::location=" + peekNextStartElement.getLocation());
                    }
                    String xSITypeValue = StaxParserUtil.getXSITypeValue(StaxParserUtil.getNextStartElement(xMLEventReader));
                    if (!xSITypeValue.contains(JBossSAMLConstants.XACML_AUTHZ_DECISION_STATEMENT_TYPE.get())) {
                        throw new RuntimeException(ErrorCodes.UNKNOWN_XSI + xSITypeValue);
                    }
                    XACMLAuthzDecisionStatementType xACMLAuthzDecisionStatementType = new XACMLAuthzDecisionStatementType();
                    if (StaxParserUtil.getStartElementName(StaxParserUtil.peekNextStartElement(xMLEventReader)).contains(JBossSAMLConstants.RESPONSE.get())) {
                        xACMLAuthzDecisionStatementType.setResponse(getXACMLResponse(xMLEventReader));
                        if (StaxParserUtil.getStartElementName(StaxParserUtil.peekNextStartElement(xMLEventReader)).contains(JBossSAMLConstants.REQUEST.get())) {
                            xACMLAuthzDecisionStatementType.setRequest(getXACMLRequest(xMLEventReader));
                        }
                    }
                    StaxParserUtil.validate(StaxParserUtil.getNextEndElement(xMLEventReader), JBossSAMLConstants.STATEMENT.get());
                    parseBaseAttributes.addStatement(xACMLAuthzDecisionStatementType);
                }
            }
        }
        return parseBaseAttributes;
    }

    @Override // org.picketlink.common.parsers.ParserNamespaceSupport
    public boolean supports(QName qName) {
        return qName.getNamespaceURI().equals(JBossSAMLURIConstants.ASSERTION_NSURI.get()) && qName.getLocalPart().equals(JBossSAMLConstants.ASSERTION.get());
    }

    private AssertionType parseBaseAttributes(StartElement startElement) throws ParsingException {
        String attributeValue = StaxParserUtil.getAttributeValue(startElement.getAttributeByName(new QName(JBossSAMLConstants.ID.get())));
        StringUtil.match(JBossSAMLConstants.VERSION_2_0.get(), StaxParserUtil.getAttributeValue(startElement.getAttributeByName(new QName(JBossSAMLConstants.VERSION.get()))));
        return new AssertionType(attributeValue, XMLTimeUtil.parse(StaxParserUtil.getAttributeValue(startElement.getAttributeByName(new QName(JBossSAMLConstants.ISSUE_INSTANT.get())))));
    }

    private ResponseType getXACMLResponse(XMLEventReader xMLEventReader) throws ParsingException {
        Element dOMElement = StaxParserUtil.getDOMElement(xMLEventReader);
        try {
            Unmarshaller createUnmarshaller = JAXBContext.newInstance(SAMLXACMLUtil.XACML_PKG_PATH).createUnmarshaller();
            createUnmarshaller.setEventHandler(new DefaultValidationEventHandler());
            return (ResponseType) ((JAXBElement) createUnmarshaller.unmarshal(DocumentUtil.getNodeAsStream(dOMElement))).getValue();
        } catch (Exception e) {
            throw new ParsingException(e);
        }
    }

    private RequestType getXACMLRequest(XMLEventReader xMLEventReader) throws ParsingException {
        Element dOMElement = StaxParserUtil.getDOMElement(xMLEventReader);
        try {
            Unmarshaller createUnmarshaller = JAXBContext.newInstance(SAMLXACMLUtil.XACML_PKG_PATH).createUnmarshaller();
            createUnmarshaller.setEventHandler(new DefaultValidationEventHandler());
            return (RequestType) ((JAXBElement) createUnmarshaller.unmarshal(DocumentUtil.getNodeAsStream(dOMElement))).getValue();
        } catch (Exception e) {
            throw new ParsingException(e);
        }
    }
}
