package pl.edu.icm.unicore.security.consignor;

import java.io.IOException;
import java.security.cert.X509Certificate;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
import pl.edu.icm.unicore.saml.SAMLAssertion;
import pl.edu.icm.unicore.saml.SAMLParseException;
import xmlbeans.org.oasis.saml2.assertion.AssertionDocument;
import xmlbeans.org.oasis.saml2.assertion.AttributeStatementType;
import xmlbeans.org.oasis.saml2.assertion.AttributeType;

/* loaded from: input_file:pl/edu/icm/unicore/security/consignor/ConsignorAssertion.class */
public class ConsignorAssertion extends SAMLAssertion {
    public static final String CONSIGNOR_ROLE = "CONSIGNOR";
    public static final String ROLE_NAME_FORMAT = "urn:unicore:subject-role";

    public ConsignorAssertion() {
        super("_consignorRole_");
        addAttribute(CONSIGNOR_ROLE, "urn:unicore:subject-role", new XmlObject[0]);
    }

    public ConsignorAssertion(AssertionDocument assertionDocument) throws SAMLParseException, XmlException, IOException {
        super(assertionDocument);
        if (getSubject() == null) {
            throw new SAMLParseException("No subject (consignor) in assertion.");
        }
        boolean z = false;
        AttributeStatementType[] attributes = getAttributes();
        if (attributes == null) {
            throw new SAMLParseException("No attribute statement in SAML assertion");
        }
        for (AttributeStatementType attributeStatementType : attributes) {
            AttributeType[] attributeArray = attributeStatementType.getAttributeArray();
            int i = 0;
            while (true) {
                if (i >= attributeArray.length) {
                    break;
                }
                if (attributeArray[i].getName().equals(CONSIGNOR_ROLE) && attributeArray[i].getNameFormat().equals("urn:unicore:subject-role")) {
                    z = true;
                    break;
                }
                i++;
            }
            if (z) {
                break;
            }
        }
        if (!z) {
            throw new SAMLParseException("SAML assertion doesn't contain consignor role attirbute");
        }
    }

    public X509Certificate[] getConsignor() {
        return getSubjectFromConfirmation();
    }
}
