package org.picketlink.identity.federation.bindings.jboss.auth.mapping;

import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.log4j.Logger;
import org.jboss.security.identity.RoleGroup;
import org.jboss.security.identity.plugins.SimpleRole;
import org.jboss.security.identity.plugins.SimpleRoleGroup;
import org.jboss.security.mapping.MappingProvider;
import org.jboss.security.mapping.MappingResult;
import org.picketlink.identity.federation.core.wstrust.auth.AbstractSTSLoginModule;
import org.picketlink.identity.federation.core.wstrust.plugins.saml.SAMLUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.assertion.AttributeType;
import org.picketlink.identity.federation.saml.v2.assertion.StatementAbstractType;
import org.w3c.dom.Element;

/* loaded from: input_file:jboss-as-7.1.1.Final/modules/org/picketlink/main/picketlink-bindings-jboss-2.0.2.Final.jar:org/picketlink/identity/federation/bindings/jboss/auth/mapping/STSGroupMappingProvider.class */
public class STSGroupMappingProvider implements MappingProvider<RoleGroup> {
    private Logger log = Logger.getLogger(STSGroupMappingProvider.class);
    private MappingResult<RoleGroup> result;
    private String tokenRoleAttributeName;

    @Override // org.jboss.security.mapping.MappingProvider
    public void init(Map<String, Object> map) {
        Object obj = map.get("token-role-attribute-name");
        if (obj != null) {
            this.tokenRoleAttributeName = (String) obj;
        } else {
            this.tokenRoleAttributeName = "role";
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug("Initialized with " + map);
        }
    }

    /* renamed from: performMapping, reason: avoid collision after fix types in other method */
    public void performMapping2(Map<String, Object> map, RoleGroup roleGroup) {
        if (this.log.isDebugEnabled()) {
            this.log.debug("performMapping with map as " + map);
        }
        if (map == null) {
            this.log.warn("Empty context map. SAML Token must be provided in the context map to extract a Principal");
        }
        Object obj = map.get(AbstractSTSLoginModule.SHARED_TOKEN);
        if (!(obj instanceof Element)) {
            this.log.warn("Did not find a token " + Element.class.getName() + " under " + AbstractSTSLoginModule.SHARED_TOKEN + " in the map");
        }
        try {
            AttributeStatementType attributeStatement = getAttributeStatement(SAMLUtil.fromElement((Element) obj));
            if (attributeStatement != null) {
                SimpleRoleGroup simpleRoleGroup = new SimpleRoleGroup("Roles");
                Iterator<AttributeStatementType.ASTChoiceType> it = attributeStatement.getAttributes().iterator();
                while (it.hasNext()) {
                    AttributeType attribute = it.next().getAttribute();
                    if (attribute != null && this.tokenRoleAttributeName.equals(attribute.getName())) {
                        Iterator<Object> it2 = attribute.getAttributeValue().iterator();
                        while (it2.hasNext()) {
                            simpleRoleGroup.addRole(new SimpleRole((String) it2.next()));
                        }
                    }
                }
                this.result.setMappedObject(simpleRoleGroup);
                if (this.log.isDebugEnabled()) {
                    this.log.debug("Mapped roles to " + simpleRoleGroup);
                }
            }
        } catch (Exception e) {
            this.log.error("Failed to parse token", e);
        }
    }

    @Override // org.jboss.security.mapping.MappingProvider
    public void setMappingResult(MappingResult<RoleGroup> mappingResult) {
        this.result = mappingResult;
    }

    @Override // org.jboss.security.mapping.MappingProvider
    public boolean supports(Class<?> cls) {
        return RoleGroup.class.isAssignableFrom(cls);
    }

    private AttributeStatementType getAttributeStatement(AssertionType assertionType) {
        Set<StatementAbstractType> statements = assertionType.getStatements();
        if (statements.size() == 0) {
            return null;
        }
        for (StatementAbstractType statementAbstractType : statements) {
            if (statementAbstractType instanceof AttributeStatementType) {
                return (AttributeStatementType) statementAbstractType;
            }
        }
        return null;
    }

    @Override // org.jboss.security.mapping.MappingProvider
    public /* bridge */ /* synthetic */ void performMapping(Map map, RoleGroup roleGroup) {
        performMapping2((Map<String, Object>) map, roleGroup);
    }
}
