package org.overlord.commons.auth.jboss7;

import java.security.Principal;
import java.util.Iterator;
import java.util.Set;
import java.util.UUID;
import org.jboss.security.SecurityContextAssociation;
import org.picketlink.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.assertion.SubjectType;

/* loaded from: input_file:org/overlord/commons/auth/jboss7/SAMLBearerTokenUtil.class */
public class SAMLBearerTokenUtil {
    public static String createSAMLAssertion(String str, String str2) {
        try {
            Principal principal = SecurityContextAssociation.getPrincipal();
            NameIDType createNameID = SAMLAssertionFactory.createNameID((String) null, (String) null, str);
            SubjectType createAssertionSubject = AssertionUtil.createAssertionSubject(principal.getName());
            AssertionType createAssertion = AssertionUtil.createAssertion(UUID.randomUUID().toString(), createNameID);
            createAssertion.setSubject(createAssertionSubject);
            AssertionUtil.createTimedConditions(createAssertion, 10000L);
            createAssertion.getConditions().addCondition(SAMLAssertionFactory.createAudienceRestriction(new String[]{str2}));
            addRoleStatements(createAssertion, principal);
            return AssertionUtil.asString(createAssertion);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static void addRoleStatements(AssertionType assertionType, Principal principal) {
        AttributeType attributeType = new AttributeType("Role");
        AttributeStatementType.ASTChoiceType aSTChoiceType = new AttributeStatementType.ASTChoiceType(attributeType);
        AttributeStatementType attributeStatementType = new AttributeStatementType();
        attributeStatementType.addAttribute(aSTChoiceType);
        Set userRoles = SecurityContextAssociation.getSecurityContext().getAuthorizationManager().getUserRoles(principal);
        if (userRoles != null) {
            Iterator it = userRoles.iterator();
            while (it.hasNext()) {
                attributeType.addAttributeValue(((Principal) it.next()).getName());
            }
        }
        assertionType.addStatement(attributeStatementType);
    }
}
