package pl.edu.icm.yadda.aas.client.authn.session;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import org.opensaml.lite.saml2.core.Assertion;
import org.opensaml.lite.saml2.core.Attribute;
import org.opensaml.lite.saml2.core.AttributeStatement;
import pl.edu.icm.yadda.aas.client.ISecuritySession;
import pl.edu.icm.yadda.aas.client.session.GroupIdentity;
import pl.edu.icm.yadda.aas.client.session.RoleAuthority;
import pl.edu.icm.yadda.service2.user.token.SecurityToken;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-0.5.2.jar:pl/edu/icm/yadda/aas/client/authn/session/GroupRoleDirectlyFromAssertionSessionEnricher.class */
public class GroupRoleDirectlyFromAssertionSessionEnricher implements ISessionEnricher {
    public static final String DEFAULT_ROLES_ATTR_NAME = "yadda:user-profile:roles";
    public static final String DEFAULT_GROUPS_ATTR_NAME = "yadda:user-profile:groups";
    protected String rolesAttributeName = DEFAULT_ROLES_ATTR_NAME;
    protected String groupsAttributeName = DEFAULT_GROUPS_ATTR_NAME;

    @Override // pl.edu.icm.yadda.aas.client.authn.session.ISessionEnricher
    public void enrich(ISecuritySession iSecuritySession, SecurityToken securityToken, Assertion assertion) throws SessionEnricherException {
        if (assertion != null) {
            RoleAuthority roleAuthority = (RoleAuthority) iSecuritySession.getAuthorities(RoleAuthority.NAME);
            if (roleAuthority == null) {
                roleAuthority = new RoleAuthority();
                iSecuritySession.setAuthorities(roleAuthority);
            }
            roleAuthority.clear();
            roleAuthority.addAll(getValues(this.rolesAttributeName, assertion));
            GroupIdentity groupIdentity = (GroupIdentity) iSecuritySession.getAuthorities(GroupIdentity.NAME);
            if (groupIdentity == null) {
                groupIdentity = new GroupIdentity();
                iSecuritySession.setAuthorities(groupIdentity);
            }
            groupIdentity.clear();
            groupIdentity.addAll(getValues(this.groupsAttributeName, assertion));
        }
    }

    protected Collection<String> getValues(String str, Assertion assertion) {
        Attribute attribute = getAttribute(str, assertion);
        if (attribute == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        Iterator<Serializable> it = attribute.getAttributeValues().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().toString());
        }
        return arrayList;
    }

    protected Attribute getAttribute(String str, Assertion assertion) {
        if (assertion == null || assertion.getAttributeStatement() == null) {
            return null;
        }
        for (AttributeStatement attributeStatement : assertion.getAttributeStatement()) {
            if (attributeStatement.getAttributes() != null) {
                for (Attribute attribute : attributeStatement.getAttributes()) {
                    if (str.equals(attribute.getName())) {
                        return attribute;
                    }
                }
            }
        }
        return null;
    }

    public void setRolesAttributeName(String str) {
        this.rolesAttributeName = str;
    }

    public void setGroupsAttributeName(String str) {
        this.groupsAttributeName = str;
    }
}
