package no.nav.sbl.dialogarena.common.cxf.saml;

import java.io.IOException;
import java.io.StringReader;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import no.nav.common.auth.SsoToken;
import no.nav.common.auth.Subject;
import no.nav.common.auth.SubjectHandler;
import org.apache.cxf.ws.security.trust.claims.ClaimsCallback;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:no/nav/sbl/dialogarena/common/cxf/saml/ClaimsCallbackHandler.class */
public class ClaimsCallbackHandler implements CallbackHandler {
    private static final Logger logger = LoggerFactory.getLogger(ClaimsCallbackHandler.class);

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        for (Callback callback : callbackArr) {
            if (!(callback instanceof ClaimsCallback)) {
                throw new UnsupportedCallbackException(callback);
            }
            ((ClaimsCallback) callback).setClaims(getElement());
        }
    }

    private Element getElement() throws IOException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        try {
            return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(getClaimsString()))).getDocumentElement();
        } catch (ParserConfigurationException e) {
            logger.error("Exception while getting builder, aborting", e);
            throw new RuntimeException(e);
        } catch (SAXException e2) {
            logger.error("Exception while getting claims element, aborting", e2);
            throw new RuntimeException(e2);
        }
    }

    private String getClaimsString() {
        Subject subject = (Subject) SubjectHandler.getSubject().orElseThrow(() -> {
            return new IllegalStateException("no subject available");
        });
        return "<wst:Claims Dialect=\"http://docs.oasis-open.org/wsfed/authorization/200706/authclaims\" xmlns:wst=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\" xmlns:auth=\"http://docs.oasis-open.org/wsfed/authorization/200706/authclaims\">\n    <auth:ClaimType Uri=\"nav:names:claims:openam:tokenid\">\n        <auth:Value>" + ((String) subject.getSsoToken(SsoToken.Type.EKSTERN_OPENAM).orElseThrow(() -> {
            return new IllegalStateException("no open am token in subject " + subject);
        })) + "</auth:Value>\n    </auth:ClaimType>\n</wst:Claims>";
    }
}
