package pl.edu.icm.unicore.security.etd;

import java.io.IOException;
import java.security.cert.X509Certificate;
import org.apache.xml.security.utils.RFC2253Parser;
import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
import org.apache.xmlbeans.XmlString;
import pl.edu.icm.unicore.saml.SAMLAssertion;
import pl.edu.icm.unicore.saml.SAMLParseException;
import xmlbeans.org.oasis.saml2.assertion.AssertionDocument;
import xmlbeans.org.oasis.saml2.assertion.AttributeStatementType;
import xmlbeans.org.oasis.saml2.assertion.AttributeType;

/* loaded from: input_file:pl/edu/icm/unicore/security/etd/TrustDelegation.class */
public class TrustDelegation extends SAMLAssertion {
    private static final long serialVersionUID = 1;
    public static final String CUSTODIAN_NAME = "TrustDelegationOfUser";
    public static final String CUSTODIAN_NAME_FORMAT_DN = "urn:unicore:trust-delegation:dn";
    public static final String CUSTODIAN_NAME_FORMAT_FP = "urn:unicore:trust-delegation:hashcode";
    private String custodianDN;
    private Integer hash;

    public TrustDelegation(String str) {
        super("_trustDelegation_");
        String rfc2253toXMLdsig = RFC2253Parser.rfc2253toXMLdsig(str);
        this.custodianDN = rfc2253toXMLdsig;
        this.hash = null;
        XmlString newInstance = XmlString.Factory.newInstance();
        newInstance.setStringValue(rfc2253toXMLdsig);
        addAttribute(CUSTODIAN_NAME, CUSTODIAN_NAME_FORMAT_DN, new XmlObject[]{newInstance});
    }

    public TrustDelegation(X509Certificate x509Certificate) {
        super("_trustDelegation_");
        String rfc2253toXMLdsig = RFC2253Parser.rfc2253toXMLdsig(x509Certificate.getSubjectX500Principal().getName());
        this.custodianDN = rfc2253toXMLdsig;
        XmlString newInstance = XmlString.Factory.newInstance();
        newInstance.setStringValue(rfc2253toXMLdsig);
        addAttribute(CUSTODIAN_NAME, CUSTODIAN_NAME_FORMAT_DN, new XmlObject[]{newInstance});
        this.hash = Integer.valueOf(x509Certificate.hashCode());
        XmlString newInstance2 = XmlString.Factory.newInstance();
        newInstance2.setStringValue(this.hash + "");
        addAttribute(CUSTODIAN_NAME, CUSTODIAN_NAME_FORMAT_FP, new XmlObject[]{newInstance2});
    }

    public TrustDelegation(AssertionDocument assertionDocument) throws SAMLParseException, XmlException, IOException {
        super(assertionDocument);
        if (getSubject() == null) {
            throw new SAMLParseException("No subject (user) in assertion.");
        }
        AttributeStatementType[] attributes = getAttributes();
        this.custodianDN = null;
        if (attributes == null) {
            throw new SAMLParseException("No attribute statement in SAML assertion");
        }
        for (AttributeStatementType attributeStatementType : attributes) {
            AttributeType[] attributeArray = attributeStatementType.getAttributeArray();
            for (int i = 0; i < attributeArray.length; i++) {
                if (attributeArray[i].getName().equals(CUSTODIAN_NAME)) {
                    if (attributeArray[i].getNameFormat().equals(CUSTODIAN_NAME_FORMAT_DN)) {
                        XmlCursor newCursor = attributeArray[i].getAttributeValueArray(0).newCursor();
                        newCursor.toFirstContentToken();
                        this.custodianDN = newCursor.getTextValue();
                    } else if (attributeArray[i].getNameFormat().equals(CUSTODIAN_NAME_FORMAT_FP)) {
                        XmlCursor newCursor2 = attributeArray[i].getAttributeValueArray(0).newCursor();
                        newCursor2.toFirstContentToken();
                        try {
                            this.hash = Integer.valueOf(Integer.parseInt(newCursor2.getTextValue()));
                        } catch (NumberFormatException e) {
                            throw new SAMLParseException("Custodian certificate hash value is not an integer");
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        if (this.custodianDN == null) {
            throw new SAMLParseException("SAML assertion doesn't contain trust delegation attribute");
        }
    }

    public String getCustodianDN() {
        return this.custodianDN;
    }

    public Integer getCustodianCertHash() {
        return this.hash;
    }
}
