package org.apache.ws.security.saml;

import java.security.cert.X509Certificate;
import java.util.Iterator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLException;
import org.opensaml.SAMLObject;
import org.opensaml.SAMLSubject;
import org.opensaml.SAMLSubjectStatement;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/wss4j-1.5.0.jar:org/apache/ws/security/saml/SAMLUtil.class */
public class SAMLUtil {
    private static Log log;
    static Class class$org$apache$ws$security$saml$SAMLUtil;

    public static X509Certificate[] getCertificatesFromSAML(Element element) throws WSSecurityException {
        try {
            SAMLSubjectStatement sAMLSubjectStatement = null;
            Iterator statements = new SAMLAssertion(element).getStatements();
            while (true) {
                if (!statements.hasNext()) {
                    break;
                }
                SAMLObject sAMLObject = (SAMLObject) statements.next();
                if (sAMLObject instanceof SAMLSubjectStatement) {
                    sAMLSubjectStatement = (SAMLSubjectStatement) sAMLObject;
                    break;
                }
            }
            SAMLSubject sAMLSubject = null;
            if (sAMLSubjectStatement != null) {
                sAMLSubject = sAMLSubjectStatement.getSubject();
            }
            if (sAMLSubject == null) {
                throw new WSSecurityException(0, "invalidSAMLToken", new Object[]{"for Signature (no Subject)"});
            }
            X509Certificate[] x509CertificateArr = null;
            try {
                KeyInfo keyInfo = new KeyInfo(sAMLSubject.getKeyInfo(), null);
                if (keyInfo.containsX509Data()) {
                    X509Data itemX509Data = keyInfo.itemX509Data(0);
                    XMLX509Certificate xMLX509Certificate = null;
                    if (itemX509Data != null && itemX509Data.containsCertificate()) {
                        xMLX509Certificate = itemX509Data.itemCertificate(0);
                    }
                    if (xMLX509Certificate != null) {
                        x509CertificateArr = new X509Certificate[]{xMLX509Certificate.getX509Certificate()};
                    }
                }
                return x509CertificateArr;
            } catch (XMLSecurityException e) {
                throw new WSSecurityException(0, "invalidSAMLsecurity", new Object[]{"cannot get certificate (key holder)"});
            }
        } catch (SAMLException e2) {
            throw new WSSecurityException(0, "invalidSAMLToken", new Object[]{"for Signature (cannot parse)"});
        }
    }

    public static String getAssertionId(Element element, String str, String str2) throws WSSecurityException {
        try {
            return new SAMLAssertion((Element) WSSecurityUtil.findElement(element, str, str2)).getId();
        } catch (Exception e) {
            log.error(e);
            throw new WSSecurityException(9, "noXMLSig", null, e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$ws$security$saml$SAMLUtil == null) {
            cls = class$("org.apache.ws.security.saml.SAMLUtil");
            class$org$apache$ws$security$saml$SAMLUtil = cls;
        } else {
            cls = class$org$apache$ws$security$saml$SAMLUtil;
        }
        log = LogFactory.getLog(cls.getName());
    }
}
