package com.ibm.ws.wssecurity.saml.saml11.assertion.impl;

import com.ibm.ws.wssecurity.common.Messages;
import com.ibm.ws.wssecurity.common.TraceLog;
import com.ibm.ws.wssecurity.saml.common.SAMLObjectElement;
import com.ibm.ws.wssecurity.saml.common.impl.SAMLAssertionImpl;
import com.ibm.ws.wssecurity.saml.common.util.OMUtil;
import com.ibm.ws.wssecurity.saml.common.util.UTC;
import com.ibm.ws.wssecurity.saml.common.util.UUIDGenerator;
import com.ibm.ws.wssecurity.saml.saml11.assertion.Advice;
import com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion;
import com.ibm.ws.wssecurity.saml.saml11.assertion.AttributeStatement;
import com.ibm.ws.wssecurity.saml.saml11.assertion.AuthenticationStatement;
import com.ibm.ws.wssecurity.saml.saml11.assertion.Conditions;
import com.ibm.ws.wssecurity.saml.saml11.assertion.StatementAbstract;
import com.ibm.ws.wssecurity.saml.saml11.assertion.Subject;
import com.ibm.ws.wssecurity.saml.saml11.assertion.SubjectConfirmation;
import com.ibm.ws.wssecurity.saml.saml11.assertion.SubjectStatementAbstract;
import com.ibm.ws.wssecurity.saml.security.HoKAssertion;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.saml.config.ConsumerConfig;
import com.ibm.wsspi.wssecurity.saml.config.CredentialConfig;
import com.ibm.wsspi.wssecurity.saml.config.ProviderConfig;
import com.ibm.wsspi.wssecurity.saml.config.RequesterConfig;
import java.security.Key;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/saml/saml11/assertion/impl/AssertionImpl.class */
public class AssertionImpl extends SAMLAssertionImpl implements Assertion {
    private Conditions conditions;
    private Advice advice;
    private List<StatementAbstract> statementOrSubjectStatementOrAuthenticationStatement;
    private Date issueInstant;
    private String issueInstantUTC;
    private String issuer;
    private String majorVersion;
    private String minorVersion;
    private OMElement xml;
    private String confirmMethod;
    private ConsumerConfig assertionConsumingCfg;
    private Key holderOfKey;
    private ProviderConfig issue;
    private RequesterConfig request;
    private CredentialConfig cred;
    private boolean isSigned;
    public static final String CREATE_INSTANCE = "create_instance";
    private static final TraceLog log = new TraceLog(AssertionImpl.class);
    private static final OMFactory omFactory = OMAbstractFactory.getOMFactory();

    public AssertionImpl(OMElement oMElement, ConsumerConfig consumerConfig) {
        this.conditions = null;
        this.advice = null;
        this.statementOrSubjectStatementOrAuthenticationStatement = null;
        this.issueInstant = null;
        this.issueInstantUTC = null;
        this.issuer = null;
        this.majorVersion = null;
        this.minorVersion = null;
        this.xml = null;
        this.assertionConsumingCfg = null;
        this.holderOfKey = null;
        this.issue = null;
        this.request = null;
        this.cred = null;
        this.isSigned = false;
        initVersion();
        this.xml = oMElement;
        this.assertionConsumingCfg = consumerConfig;
    }

    public AssertionImpl(ProviderConfig providerConfig, RequesterConfig requesterConfig, CredentialConfig credentialConfig) {
        this.conditions = null;
        this.advice = null;
        this.statementOrSubjectStatementOrAuthenticationStatement = null;
        this.issueInstant = null;
        this.issueInstantUTC = null;
        this.issuer = null;
        this.majorVersion = null;
        this.minorVersion = null;
        this.xml = null;
        this.assertionConsumingCfg = null;
        this.holderOfKey = null;
        this.issue = null;
        this.request = null;
        this.cred = null;
        this.isSigned = false;
        this.issue = providerConfig;
        this.request = requesterConfig;
        this.cred = credentialConfig;
    }

    private void initialize(String str) {
        initialize();
        this.issuer = str;
    }

    private void initialize() {
        log.entry("initialize()");
        this.id = UUIDGenerator.generateUUID();
        this.issueInstant = new Date();
        this.issueInstantUTC = UTC.format(this.issueInstant);
        this.minorVersion = "1";
        this.majorVersion = "1";
        log.exit("initialize()");
    }

    private void initVersion() {
        this.assertionVersion = SAMLObjectElement._saml_ns_qname;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public Conditions getConditions() {
        return this.conditions;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setConditions(Conditions conditions) {
        this.conditions = conditions;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public Advice getAdvice() {
        return this.advice;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setAdvice(Advice advice) {
        this.advice = advice;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public List<StatementAbstract> getStatementOrSubjectStatementOrAuthenticationStatement() {
        return this.statementOrSubjectStatementOrAuthenticationStatement;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setStatementOrSubjectStatementOrAuthenticationStatement(List<StatementAbstract> list) {
        this.statementOrSubjectStatementOrAuthenticationStatement = list;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void addStatementOrSubjectStatementOrAuthenticationStatement(StatementAbstract statementAbstract) {
        log.entry("addStatementOrSubjectStatementOrAuthenticationStatement(StatementAbstract)");
        if (this.statementOrSubjectStatementOrAuthenticationStatement == null) {
            this.statementOrSubjectStatementOrAuthenticationStatement = new ArrayList();
        }
        this.statementOrSubjectStatementOrAuthenticationStatement.add(statementAbstract);
        log.exit("addStatementOrSubjectStatementOrAuthenticationStatement(StatementAbstract)");
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public String getAssertionID() {
        return this.id;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setAssertionID(String str) {
        this.id = str;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public Date getIssueInstant() {
        return this.issueInstant;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setIssueInstant(Date date) {
        this.issueInstant = date;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public String getIssuer() {
        return this.issuer;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setIssuer(String str) {
        this.issuer = str;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public String getMajorVersion() {
        return this.majorVersion;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setMajorVersion(String str) {
        this.majorVersion = str;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public String getMinorVersion() {
        return this.minorVersion;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public void setMinorVersion(String str) {
        this.minorVersion = str;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml11.assertion.Assertion
    public StatementAbstract[] getAllStatements() {
        log.entry("getAllStatements()");
        StatementAbstract[] statementAbstractArr = null;
        if (this.statementOrSubjectStatementOrAuthenticationStatement != null) {
            statementAbstractArr = new StatementAbstract[this.statementOrSubjectStatementOrAuthenticationStatement.size()];
            this.statementOrSubjectStatementOrAuthenticationStatement.toArray(statementAbstractArr);
        }
        log.exit("getAllStatements()");
        return statementAbstractArr;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLAssertion
    public Date getSamlExpirationTime() {
        return this.conditions.getNotOnOrAfter();
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLAssertion
    public String getConfirmationMethod() {
        StatementAbstract[] allStatements;
        Subject subject;
        SubjectConfirmation subjectConfirmation;
        Subject subject2;
        SubjectConfirmation subjectConfirmation2;
        log.entry("getConfirmationMethod()");
        if (this.confirmMethod == null && (allStatements = getAllStatements()) != null) {
            for (int i = 0; i < allStatements.length; i++) {
                if ((allStatements[i] instanceof AttributeStatement) && (subject2 = ((AttributeStatement) allStatements[i]).getSubject()) != null && (subjectConfirmation2 = subject2.getSubjectConfirmation()) != null) {
                    this.confirmMethod = subjectConfirmation2.getConfirmationMethod().get(0);
                }
                if ((allStatements[i] instanceof AuthenticationStatement) && (subject = ((AuthenticationStatement) allStatements[i]).getSubject()) != null && (subjectConfirmation = subject.getSubjectConfirmation()) != null) {
                    this.confirmMethod = subjectConfirmation.getConfirmationMethod().get(0);
                }
                if (this.confirmMethod != null) {
                    break;
                }
            }
        }
        log.exit("getConfirmationMethod()");
        return this.confirmMethod;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLAssertion
    public Key getHolderOfKey() {
        Subject subject;
        SubjectConfirmation subjectConfirmation;
        HoKAssertion keyInfoAssertion;
        log.entry("getHolderOfKey()");
        if (this.holderOfKey != null) {
            return this.holderOfKey;
        }
        Iterator<StatementAbstract> it = this.statementOrSubjectStatementOrAuthenticationStatement.iterator();
        if (it != null) {
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                StatementAbstract next = it.next();
                if ((next instanceof SubjectStatementAbstract) && (subject = ((SubjectStatementAbstract) next).getSubject()) != null && (subjectConfirmation = subject.getSubjectConfirmation()) != null && (keyInfoAssertion = subjectConfirmation.getKeyInfoAssertion()) != null) {
                    this.holderOfKey = keyInfoAssertion.getKey();
                    break;
                }
            }
        }
        log.exit("getHolderOfKey()");
        return this.holderOfKey;
    }

    public void setHolderOfKey(Key key) {
        this.holderOfKey = key;
    }

    public boolean isSigned() {
        return this.isSigned;
    }

    public void setSigned() {
        this.isSigned = true;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public void create() throws SoapSecurityException {
        String issuerURI;
        log.entry("create()");
        boolean z = false;
        if (this.issue != null && (issuerURI = this.issue.getIssuerURI()) != null && !issuerURI.isEmpty()) {
            initVersion();
            initialize(issuerURI);
            z = true;
        }
        if (!z) {
            throw new SoapSecurityException(Messages.getString("CWSML2012E"));
        }
        log.exit("create()");
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public boolean validate() throws SoapSecurityException {
        log.entry("validate()");
        if (!"1".equals(this.majorVersion) || !"1".equals(this.minorVersion)) {
            return false;
        }
        if (this.issueInstant.before(new Date())) {
            if ((this.assertionConsumingCfg != null ? this.assertionConsumingCfg.getClockSkew() : 180000L) + new Date().getTime() < this.issueInstant.getTime()) {
                return false;
            }
        }
        if (this.id == null || this.id.isEmpty() || this.issuer == null || this.issuer.isEmpty()) {
            return false;
        }
        if (this.conditions != null && !this.conditions.validate()) {
            return false;
        }
        if (this.advice != null && this.advice.validate()) {
            return false;
        }
        StatementAbstract[] allStatements = getAllStatements();
        if (allStatements != null) {
            for (StatementAbstract statementAbstract : allStatements) {
                if (!statementAbstract.validate()) {
                    return false;
                }
            }
        }
        log.exit("validate()");
        return true;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public OMElement getXML() throws SoapSecurityException {
        log.entry("getXML()");
        if (this.isSigned || this.xml != null) {
            return this.xml;
        }
        log.exit("getXML()");
        return marshal(null);
    }

    public void setXML(OMElement oMElement) throws SoapSecurityException {
        log.entry("setXML(OMElement)");
        if (this.isSigned) {
            throw new SoapSecurityException(Messages.getString("CWSML2013E"));
        }
        this.xml = oMElement;
        log.exit("setXML(OMElement)");
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public OMElement marshal(OMElement oMElement) throws SoapSecurityException {
        OMElement createOMElement;
        log.entry("marshal(OMElement)");
        if (this.isSigned) {
            return this.xml;
        }
        try {
            if (oMElement == null) {
                createOMElement = omFactory.createOMElement("Assertion", _saml_ns, _saml_prefix);
                createOMElement.declareNamespace(_saml_ns, _saml_prefix);
            } else {
                createOMElement = oMElement.getOMFactory().createOMElement("Assertion", _saml_ns, _saml_prefix);
            }
            createOMElement.addAttribute("MajorVersion", "1", (OMNamespace) null);
            createOMElement.addAttribute("MinorVersion", "1", (OMNamespace) null);
            createOMElement.addAttribute("AssertionID", this.id, (OMNamespace) null);
            createOMElement.addAttribute("Issuer", this.issuer, (OMNamespace) null);
            createOMElement.addAttribute("IssueInstant", UTC.format(this.issueInstant), (OMNamespace) null);
            if (this.conditions != null) {
                createOMElement.addChild(this.conditions.marshal(createOMElement));
            }
            if (this.advice != null) {
                createOMElement.addChild(this.advice.marshal(createOMElement));
            }
            StatementAbstract[] allStatements = getAllStatements();
            if (allStatements != null) {
                for (StatementAbstract statementAbstract : allStatements) {
                    createOMElement.addChild(statementAbstract.marshal(createOMElement));
                }
            }
            this.xml = createOMElement;
            log.exit("marshal(OMElement)");
            return createOMElement;
        } catch (Exception e) {
            throw new SoapSecurityException(e.getMessage(), e.getCause());
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public void unMarshal(OMElement oMElement) throws SoapSecurityException {
        log.entry("unMarshal(OMElement)");
        this.xml = oMElement;
        this.majorVersion = oMElement.getAttributeValue(new QName(null, "MajorVersion"));
        this.minorVersion = oMElement.getAttributeValue(new QName(null, "MinorVersion"));
        this.issuer = oMElement.getAttributeValue(new QName(null, "Issuer"));
        this.id = oMElement.getAttributeValue(new QName(null, "AssertionID"));
        this.issueInstantUTC = oMElement.getAttributeValue(new QName(null, "IssueInstant"));
        try {
            this.issueInstant = UTC.parse(this.issueInstantUTC);
        } catch (Exception e) {
        }
        try {
            for (OMElement firstElement = OMUtil.getFirstElement(oMElement); firstElement != null; firstElement = OMUtil.getNextElement(firstElement)) {
                String localName = firstElement.getLocalName();
                String namespaceURI = firstElement.getNamespace() == null ? null : firstElement.getNamespace().getNamespaceURI();
                if ("Conditions".equals(localName)) {
                    this.conditions = new ConditionsImpl();
                    this.conditions.unMarshal(firstElement);
                } else if ("Advice".equals(localName)) {
                    this.advice = new AdviceImpl();
                    this.advice.unMarshal(firstElement);
                } else if ("AttributeStatement".equals(localName)) {
                    AttributeStatementImpl attributeStatementImpl = new AttributeStatementImpl(this.assertionConsumingCfg);
                    attributeStatementImpl.unMarshal(firstElement);
                    addStatementOrSubjectStatementOrAuthenticationStatement(attributeStatementImpl);
                } else if ("AuthenticationStatement".equals(localName)) {
                    AuthenticationStatementImpl authenticationStatementImpl = new AuthenticationStatementImpl(this.assertionConsumingCfg);
                    authenticationStatementImpl.unMarshal(firstElement);
                    addStatementOrSubjectStatementOrAuthenticationStatement(authenticationStatementImpl);
                }
            }
            log.exit("unMarshal(OMElement)");
        } catch (Exception e2) {
            throw new SoapSecurityException(e2.getMessage(), e2.getCause());
        }
    }
}
