package org.picketlink.identity.federation.bindings.jboss.auth;

import java.security.Principal;
import java.security.acl.Group;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.LoginException;
import org.jboss.security.auth.spi.AbstractServerLoginModule;
import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkGroup;
import org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal;
import org.picketlink.identity.federation.core.wstrust.SamlCredential;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;

/* loaded from: input_file:org/picketlink/identity/federation/bindings/jboss/auth/SAML2STSLoginModule.class */
public class SAML2STSLoginModule extends AbstractServerLoginModule {
    private String stsConfigurationFile;
    private Principal principal;
    private SamlCredential credential;
    private AssertionType assertion;

    public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> map, Map<String, ?> map2) {
        super.initialize(subject, callbackHandler, map, map2);
        this.stsConfigurationFile = (String) map2.get("configFile");
    }

    /* JADX WARN: Code restructure failed: missing block: B:48:0x01a4, code lost:
    
        r6.principal = new org.picketlink.identity.federation.bindings.jboss.subject.PicketLinkPrincipal(((org.picketlink.identity.federation.saml.v2.assertion.NameIDType) r0.getValue()).getValue());
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean login() throws javax.security.auth.login.LoginException {
        /*
            Method dump skipped, instructions count: 546
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule.login():boolean");
    }

    protected Principal getIdentity() {
        return this.principal;
    }

    protected Group[] getRoleSets() throws LoginException {
        if (this.assertion == null) {
            try {
                this.assertion = SAMLUtil.fromElement(this.credential.getAssertionAsElement());
            } catch (Exception e) {
                LoginException loginException = new LoginException("Failed to parse assertion element: " + e.getMessage());
                loginException.initCause(e);
                throw loginException;
            }
        }
        AttributeStatementType attributeStatement = getAttributeStatement(this.assertion);
        if (attributeStatement == null) {
            return new Group[0];
        }
        HashSet hashSet = new HashSet();
        for (Object obj : attributeStatement.getAttributeOrEncryptedAttribute()) {
            if (obj instanceof AttributeType) {
                AttributeType attributeType = (AttributeType) obj;
                if (attributeType.getName().equals(SAML20TokenRoleAttributeProvider.DEFAULT_TOKEN_ROLE_ATTRIBUTE_NAME)) {
                    Iterator it = attributeType.getAttributeValue().iterator();
                    while (it.hasNext()) {
                        hashSet.add(new PicketLinkPrincipal((String) it.next()));
                    }
                }
            }
        }
        PicketLinkGroup picketLinkGroup = new PicketLinkGroup(SAML20TokenRoleAttributeProvider.JBOSS_ROLE_PRINCIPAL_NAME);
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            picketLinkGroup.addMember((Principal) it2.next());
        }
        return new Group[]{picketLinkGroup};
    }

    private AttributeStatementType getAttributeStatement(AssertionType assertionType) {
        List<AttributeStatementType> statementOrAuthnStatementOrAuthzDecisionStatement = assertionType.getStatementOrAuthnStatementOrAuthzDecisionStatement();
        if (statementOrAuthnStatementOrAuthzDecisionStatement.size() == 0) {
            return null;
        }
        for (AttributeStatementType attributeStatementType : statementOrAuthnStatementOrAuthzDecisionStatement) {
            if (attributeStatementType instanceof AttributeStatementType) {
                return attributeStatementType;
            }
        }
        return null;
    }
}
