package org.apache.cxf.sts.token.provider;

import java.util.ArrayList;
import java.util.Iterator;
import org.apache.cxf.sts.request.ReceivedToken;
import org.apache.cxf.sts.request.TokenRequirements;
import org.apache.cxf.ws.security.sts.provider.STSException;
import org.apache.cxf.ws.security.sts.provider.model.secext.UsernameTokenType;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.principal.SAMLTokenPrincipalImpl;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.common.saml.bean.AttributeBean;
import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.w3c.dom.Element;

/* loaded from: input_file:BOOT-INF/lib/cxf-services-sts-core-3.3.6.fuse-790049-redhat-00001.jar:org/apache/cxf/sts/token/provider/ActAsAttributeStatementProvider.class */
public class ActAsAttributeStatementProvider implements AttributeStatementProvider {
    @Override // org.apache.cxf.sts.token.provider.AttributeStatementProvider
    public AttributeStatementBean getStatement(TokenProviderParameters tokenProviderParameters) {
        AttributeStatementBean attributeStatementBean = new AttributeStatementBean();
        TokenRequirements tokenRequirements = tokenProviderParameters.getTokenRequirements();
        ReceivedToken actAs = tokenRequirements.getActAs();
        if (actAs != null) {
            try {
                ArrayList arrayList = new ArrayList();
                AttributeBean handleAdditionalParameters = handleAdditionalParameters(actAs.getToken(), tokenRequirements.getTokenType());
                if (!handleAdditionalParameters.getAttributeValues().isEmpty()) {
                    arrayList.add(handleAdditionalParameters);
                }
                attributeStatementBean.setSamlAttributes(arrayList);
            } catch (WSSecurityException e) {
                throw new STSException(e.getMessage(), e);
            }
        }
        return attributeStatementBean;
    }

    private AttributeBean handleAdditionalParameters(Object obj, String str) throws WSSecurityException {
        AttributeBean attributeBean = new AttributeBean();
        if ("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1".equals(str) || "urn:oasis:names:tc:SAML:1.0:assertion".equals(str)) {
            attributeBean.setSimpleName("ActAs");
            attributeBean.setQualifiedName("http://cxf.apache.org/sts");
        } else {
            attributeBean.setQualifiedName("ActAs");
            attributeBean.setNameFormat("http://cxf.apache.org/sts");
        }
        if (obj instanceof UsernameTokenType) {
            attributeBean.addAttributeValue(((UsernameTokenType) obj).getUsername().getValue());
        } else if (obj instanceof Element) {
            SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper((Element) obj);
            attributeBean.addAttributeValue(new SAMLTokenPrincipalImpl(samlAssertionWrapper).getName());
            if (samlAssertionWrapper.getSaml2() != null) {
                Iterator<AttributeStatement> it = samlAssertionWrapper.getSaml2().getAttributeStatements().iterator();
                while (it.hasNext()) {
                    for (Attribute attribute : it.next().getAttributes()) {
                        if ("ActAs".equals(attribute.getName())) {
                            Iterator<XMLObject> it2 = attribute.getAttributeValues().iterator();
                            while (it2.hasNext()) {
                                attributeBean.addAttributeValue(it2.next().getDOM().getTextContent());
                            }
                        }
                    }
                }
            } else if (samlAssertionWrapper.getSaml1() != null) {
                Iterator<org.opensaml.saml.saml1.core.AttributeStatement> it3 = samlAssertionWrapper.getSaml1().getAttributeStatements().iterator();
                while (it3.hasNext()) {
                    for (org.opensaml.saml.saml1.core.Attribute attribute2 : it3.next().getAttributes()) {
                        if ("ActAs".equals(attribute2.getAttributeName())) {
                            Iterator<XMLObject> it4 = attribute2.getAttributeValues().iterator();
                            while (it4.hasNext()) {
                                attributeBean.addAttributeValue(it4.next().getDOM().getTextContent());
                            }
                        }
                    }
                }
            }
        }
        return attributeBean;
    }
}
