package no.nav.common.cxf.saml;

import java.io.ByteArrayInputStream;
import java.io.StringWriter;
import java.util.HashMap;
import java.util.List;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import no.nav.common.auth.subject.IdentType;
import no.nav.common.auth.subject.SsoToken;
import no.nav.common.auth.subject.Subject;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:no/nav/common/cxf/saml/SamlUtils.class */
public class SamlUtils {
    public static final String IDENT_TYPE = "identType";
    public static final String AUTHENTICATION_LEVEL = "authenticationLevel";
    public static final String CONSUMER_ID = "consumerId";
    private static final Logger logger = LoggerFactory.getLogger(SamlUtils.class);

    public static Subject samlAssertionToSubject(Assertion assertion) {
        String filterDNtoCNvalue = filterDNtoCNvalue(assertion.getSubject().getNameID().getValue());
        String str = null;
        List<Attribute> attributes = ((AttributeStatement) assertion.getAttributeStatements().get(0)).getAttributes();
        HashMap hashMap = new HashMap();
        for (Attribute attribute : attributes) {
            String name = attribute.getName();
            String textContent = ((XMLObject) attribute.getAttributeValues().get(0)).getDOM().getFirstChild().getTextContent();
            hashMap.put(name, textContent);
            if (IDENT_TYPE.equalsIgnoreCase(name)) {
                str = textContent;
            } else {
                logger.debug("Skipping SAML Attribute name: " + attribute.getName() + " value: " + textContent);
            }
        }
        if (filterDNtoCNvalue == null) {
            throw new RuntimeException("SAML assertion is missing mandatory element NameId");
        }
        return new Subject(filterDNtoCNvalue, IdentType.valueOf(str), SsoToken.saml(getSamlAssertionAsString(assertion), hashMap));
    }

    static String getSamlAssertionAsString(Assertion assertion) {
        StringWriter stringWriter = new StringWriter();
        TransformerFactory.newInstance().newTransformer().transform(new DOMSource(assertion.getDOM()), new StreamResult(stringWriter));
        return stringWriter.toString();
    }

    public static Assertion toSamlAssertion(String str) {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        return new SamlAssertionWrapper(newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(str.getBytes("utf-8"))).getDocumentElement()).getSaml2();
    }

    /* JADX WARN: Code restructure failed: missing block: B:9:0x0036, code lost:
    
        r7 = r0.getValue().toString();
        no.nav.common.cxf.saml.SamlUtils.logger.debug("uid on DN form. Filtered from {} to {}", r5, r7);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String filterDNtoCNvalue(java.lang.String r5) {
        /*
            javax.naming.ldap.LdapName r0 = new javax.naming.ldap.LdapName     // Catch: javax.naming.InvalidNameException -> L53
            r1 = r0
            r2 = r5
            r1.<init>(r2)     // Catch: javax.naming.InvalidNameException -> L53
            r6 = r0
            r0 = 0
            r7 = r0
            r0 = r6
            java.util.List r0 = r0.getRdns()     // Catch: javax.naming.InvalidNameException -> L53
            java.util.Iterator r0 = r0.iterator()     // Catch: javax.naming.InvalidNameException -> L53
            r8 = r0
        L15:
            r0 = r8
            boolean r0 = r0.hasNext()     // Catch: javax.naming.InvalidNameException -> L53
            if (r0 == 0) goto L51
            r0 = r8
            java.lang.Object r0 = r0.next()     // Catch: javax.naming.InvalidNameException -> L53
            javax.naming.ldap.Rdn r0 = (javax.naming.ldap.Rdn) r0     // Catch: javax.naming.InvalidNameException -> L53
            r9 = r0
            r0 = r9
            java.lang.String r0 = r0.getType()     // Catch: javax.naming.InvalidNameException -> L53
            java.lang.String r1 = "CN"
            boolean r0 = r0.equalsIgnoreCase(r1)     // Catch: javax.naming.InvalidNameException -> L53
            if (r0 == 0) goto L4e
            r0 = r9
            java.lang.Object r0 = r0.getValue()     // Catch: javax.naming.InvalidNameException -> L53
            java.lang.String r0 = r0.toString()     // Catch: javax.naming.InvalidNameException -> L53
            r7 = r0
            org.slf4j.Logger r0 = no.nav.common.cxf.saml.SamlUtils.logger     // Catch: javax.naming.InvalidNameException -> L53
            java.lang.String r1 = "uid on DN form. Filtered from {} to {}"
            r2 = r5
            r3 = r7
            r0.debug(r1, r2, r3)     // Catch: javax.naming.InvalidNameException -> L53
            goto L51
        L4e:
            goto L15
        L51:
            r0 = r7
            return r0
        L53:
            r6 = move-exception
            org.slf4j.Logger r0 = no.nav.common.cxf.saml.SamlUtils.logger
            java.lang.String r1 = "uid not on DN form. Skipping filter. {}"
            r2 = r6
            java.lang.String r2 = r2.toString()
            r0.debug(r1, r2)
            r0 = r5
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: no.nav.common.cxf.saml.SamlUtils.filterDNtoCNvalue(java.lang.String):java.lang.String");
    }
}
