package pl.edu.icm.yadda.aas.oblig.analyzer.module.impl;

import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.xml.datatype.DatatypeConstants;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import org.joda.time.DateTime;
import org.joda.time.Period;
import org.opensaml.lite.saml2.core.Assertion;
import org.opensaml.lite.saml2.core.impl.AudienceImpl;
import org.opensaml.lite.saml2.core.impl.AudienceRestrictionImpl;
import org.opensaml.lite.saml2.core.impl.ConditionsImpl;
import org.opensaml.lite.saml2.core.impl.OneTimeUseImpl;
import org.opensaml.lite.saml2.core.impl.ProxyRestrictionImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
import pl.edu.icm.yadda.aas.oblig.analyzer.AnalyzerResultObject;
import pl.edu.icm.yadda.aas.oblig.analyzer.InternalObligationAnalyzerException;
import pl.edu.icm.yadda.aas.oblig.analyzer.module.IInternalObligationAnalyzerModule;
import pl.edu.icm.yadda.aas.oblig.analyzer.module.ObligationAnalyzerModuleRequest;
import pl.edu.icm.yadda.aas.timesync.IDateTimeProvider;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-1.12.5.jar:pl/edu/icm/yadda/aas/oblig/analyzer/module/impl/SAMLConditionsObligationAnalyzerModule.class */
public class SAMLConditionsObligationAnalyzerModule implements IInternalObligationAnalyzerModule {
    public static final String SUPPORTED_KEY_AUDIENCE_RESTRICTION = "AudienceRestriction";
    public static final String SUPPORTED_KEY_NOT_BEFORE = "NotBefore";
    public static final String SUPPORTED_KEY_NOT_ON_OR_AFTER = "NotOnOrAfter";
    public static final String SUPPORTED_KEY_ONE_TIME_USE = "OneTimeUse";
    public static final String SUPPORTED_KEY_PROXY_RESTRICTION = "ProxyRestriction";
    public static final char DATE_TIME_PERIOD_PREFIX = 'P';
    private IDateTimeProvider dateTimeProvider;
    private IInternalObligationAnalyzerModule assertionCreatorModule;
    protected final Logger log = LoggerFactory.getLogger(getClass());
    private GenericSAMLRestrictionHandler handler = new GenericSAMLRestrictionHandler();
    private SAXParser saxParser = SAXParserFactory.newInstance().newSAXParser();

    /* loaded from: input_file:WEB-INF/lib/yadda-aas2-1.12.5.jar:pl/edu/icm/yadda/aas/oblig/analyzer/module/impl/SAMLConditionsObligationAnalyzerModule$GenericSAMLRestrictionHandler.class */
    public class GenericSAMLRestrictionHandler extends DefaultHandler {
        protected final Logger log = LoggerFactory.getLogger(getClass());
        public static final String AUDIENCE_ELEMENT_NAME = "Audience";
        public static final String AUDIENCES_ELEMENT_NAME = "Audiences";
        public static final String PROXY_COUNT_ATTR_NAME = "ProxyCount";
        public static final int UNDEFINED_PROXY_COUNT = -1;
        private List<String> audiences;
        boolean retriveContentFlag;
        String currentAudience;
        int proxyCount;

        public GenericSAMLRestrictionHandler() {
        }

        @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
        public void startDocument() {
            this.audiences = new ArrayList();
            this.retriveContentFlag = false;
            this.currentAudience = null;
            this.proxyCount = -1;
        }

        @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
        public void startElement(String str, String str2, String str3, Attributes attributes) throws SAXException {
            String value;
            if (str3.equalsIgnoreCase(AUDIENCE_ELEMENT_NAME)) {
                this.retriveContentFlag = true;
                return;
            }
            this.retriveContentFlag = false;
            if (!str3.equalsIgnoreCase(AUDIENCES_ELEMENT_NAME) || attributes == null || attributes.getLength() <= 0 || (value = attributes.getValue(PROXY_COUNT_ATTR_NAME)) == null) {
                return;
            }
            try {
                this.proxyCount = Integer.parseInt(value);
            } catch (Exception e) {
                this.proxyCount = -1;
                this.log.error("Got invalid proxy count attr value: " + value);
            }
        }

        @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
        public void characters(char[] cArr, int i, int i2) throws SAXException {
            if (this.retriveContentFlag) {
                if (this.currentAudience == null) {
                    this.currentAudience = new String(cArr, i, i2);
                } else {
                    this.currentAudience += new String(cArr, i, i2);
                }
            }
        }

        @Override // org.xml.sax.helpers.DefaultHandler, org.xml.sax.ContentHandler
        public void endElement(String str, String str2, String str3) throws SAXException {
            if (str3.equalsIgnoreCase(AUDIENCE_ELEMENT_NAME)) {
                if (this.currentAudience != null && this.currentAudience.trim().length() > 0) {
                    this.audiences.add(this.currentAudience.trim());
                }
                this.currentAudience = null;
                this.retriveContentFlag = false;
            }
        }

        public List<String> getAudiences() {
            return this.audiences;
        }

        public int getProxyCount() {
            return this.proxyCount;
        }
    }

    @Override // pl.edu.icm.yadda.aas.oblig.analyzer.module.IInternalObligationAnalyzerModule
    public boolean performAtPostprocessing() {
        return false;
    }

    @Override // pl.edu.icm.yadda.aas.oblig.analyzer.module.IInternalObligationAnalyzerModule
    public AnalyzerResultObject maintain(ObligationAnalyzerModuleRequest obligationAnalyzerModuleRequest) throws InternalObligationAnalyzerException {
        if (obligationAnalyzerModuleRequest.getCurrentSAMLObject() == null) {
            if (this.assertionCreatorModule == null) {
                throw new InternalObligationAnalyzerException("Cannot create new assertion, assertion creator module was not injected!");
            }
            this.log.warn("No assertion provided in analyzer request, using assertion creator module for creating new assertion");
            AnalyzerResultObject maintain = this.assertionCreatorModule.maintain(obligationAnalyzerModuleRequest);
            if (maintain.getCurrentSAMLObject() == null) {
                throw new InternalObligationAnalyzerException("Assertion creator module did not create new assertion successfully!");
            }
            obligationAnalyzerModuleRequest.setCurrentSAMLObject(maintain.getCurrentSAMLObject());
            this.log.info("assertion successfully created");
        }
        if (obligationAnalyzerModuleRequest.getCurrentSAMLObject() instanceof Assertion) {
            return new AnalyzerResultObject(processOneTimeUse(processNotOnOrAfter(processNotBefore(processProxyRestriction(processAudienceRestriction((Assertion) obligationAnalyzerModuleRequest.getCurrentSAMLObject(), obligationAnalyzerModuleRequest.getObligProperties().get(SUPPORTED_KEY_AUDIENCE_RESTRICTION)), obligationAnalyzerModuleRequest.getObligProperties().get(SUPPORTED_KEY_PROXY_RESTRICTION)), obligationAnalyzerModuleRequest.getObligProperties().get(SUPPORTED_KEY_NOT_BEFORE)), obligationAnalyzerModuleRequest.getObligProperties().get(SUPPORTED_KEY_NOT_ON_OR_AFTER)), obligationAnalyzerModuleRequest.getObligProperties().get(SUPPORTED_KEY_ONE_TIME_USE)));
        }
        throw new InternalObligationAnalyzerException("Cannot set conditions! Processed SAMLObject is not Assertion instance!");
    }

    private Assertion processAudienceRestriction(Assertion assertion, Object obj) throws InternalObligationAnalyzerException {
        if (obj == null) {
            return assertion;
        }
        if (!(obj instanceof String)) {
            throw new InternalObligationAnalyzerException("Only String obligation values are allowed for AudienceRestriction!");
        }
        try {
            this.saxParser.parse(new InputSource(new StringReader((String) obj)), this.handler);
            List<String> audiences = this.handler.getAudiences();
            if (audiences != null && !audiences.isEmpty()) {
                if (assertion.getConditions() == null) {
                    assertion.setConditions(new ConditionsImpl());
                    assertion.getConditions().setConditions(new ArrayList());
                } else if (assertion.getConditions().getConditions() == null) {
                    assertion.getConditions().setConditions(new ArrayList());
                }
                Iterator<String> it = audiences.iterator();
                ArrayList arrayList = new ArrayList(audiences.size());
                while (it.hasNext()) {
                    AudienceImpl audienceImpl = new AudienceImpl();
                    audienceImpl.setAudienceURI(it.next());
                    arrayList.add(audienceImpl);
                }
                AudienceRestrictionImpl audienceRestrictionImpl = new AudienceRestrictionImpl();
                audienceRestrictionImpl.setAudiences(arrayList);
                assertion.getConditions().getConditions().add(audienceRestrictionImpl);
            }
            return assertion;
        } catch (IOException e) {
            throw new InternalObligationAnalyzerException("Exception occured when processing audience restrictions", e);
        } catch (SAXException e2) {
            throw new InternalObligationAnalyzerException("Exception occured when processing audience restrictions", e2);
        }
    }

    private Assertion processProxyRestriction(Assertion assertion, Object obj) throws InternalObligationAnalyzerException {
        if (obj == null) {
            return assertion;
        }
        if (!(obj instanceof String)) {
            throw new InternalObligationAnalyzerException("Only String obligation values are allowed for ProxyRestriction!");
        }
        try {
            this.saxParser.parse(new InputSource(new StringReader((String) obj)), this.handler);
            List<String> audiences = this.handler.getAudiences();
            int proxyCount = this.handler.getProxyCount();
            if (proxyCount > -1) {
                if (assertion.getConditions() == null) {
                    assertion.setConditions(new ConditionsImpl());
                    assertion.getConditions().setConditions(new ArrayList());
                } else if (assertion.getConditions().getConditions() == null) {
                    assertion.getConditions().setConditions(new ArrayList());
                }
                ProxyRestrictionImpl proxyRestrictionImpl = new ProxyRestrictionImpl();
                proxyRestrictionImpl.setProxyCount(Integer.valueOf(proxyCount));
                if (audiences != null && !audiences.isEmpty()) {
                    Iterator<String> it = audiences.iterator();
                    ArrayList arrayList = new ArrayList(audiences.size());
                    while (it.hasNext()) {
                        AudienceImpl audienceImpl = new AudienceImpl();
                        audienceImpl.setAudienceURI(it.next());
                        arrayList.add(audienceImpl);
                    }
                    proxyRestrictionImpl.setAudiences(arrayList);
                }
                assertion.getConditions().getConditions().add(proxyRestrictionImpl);
            }
            return assertion;
        } catch (IOException e) {
            throw new InternalObligationAnalyzerException("Exception occured when processing audience restrictions", e);
        } catch (SAXException e2) {
            throw new InternalObligationAnalyzerException("Exception occured when processing audience restrictions", e2);
        }
    }

    private Assertion processNotBefore(Assertion assertion, Object obj) throws InternalObligationAnalyzerException {
        DateTime dateTime;
        if (obj == null) {
            return assertion;
        }
        if (!(obj instanceof String)) {
            throw new InternalObligationAnalyzerException("Only String obligation values are allowed for NotBefore condition!");
        }
        String trim = ((String) obj).trim();
        if (trim.length() == 0) {
            dateTime = this.dateTimeProvider.getCurrentDateTime();
        } else {
            try {
                dateTime = new DateTime(trim);
            } catch (IllegalArgumentException e) {
                throw new InternalObligationAnalyzerException("Invalid NotBefore date format: " + trim, e);
            }
        }
        if (assertion.getConditions() == null) {
            assertion.setConditions(new ConditionsImpl());
        }
        assertion.getConditions().setNotBefore(dateTime);
        return assertion;
    }

    private Assertion processNotOnOrAfter(Assertion assertion, Object obj) throws InternalObligationAnalyzerException {
        DateTime dateTime;
        if (obj == null) {
            return assertion;
        }
        if (!(obj instanceof String)) {
            throw new InternalObligationAnalyzerException("Only String obligation values are allowed for NotOnOrAfter condition!");
        }
        String trim = ((String) obj).trim();
        if (trim.length() <= 0) {
            throw new InternalObligationAnalyzerException("Empty obligation values are not allowed for NotOnOrAfter condition!");
        }
        try {
            if (trim.charAt(0) == 'P') {
                dateTime = this.dateTimeProvider.getCurrentDateTime().plus(new Period(trim));
            } else {
                dateTime = new DateTime(trim);
            }
            if (assertion.getConditions() == null) {
                assertion.setConditions(new ConditionsImpl());
            }
            assertion.getConditions().setNotOnOrAfter(dateTime);
            return assertion;
        } catch (IllegalArgumentException e) {
            throw new InternalObligationAnalyzerException("Invalid NotOnOrAfter DateTime/Period format: " + trim, e);
        }
    }

    private Assertion processOneTimeUse(Assertion assertion, Object obj) throws InternalObligationAnalyzerException {
        if (obj == null) {
            return assertion;
        }
        if (assertion.getConditions() == null) {
            assertion.setConditions(new ConditionsImpl());
            assertion.getConditions().setConditions(new ArrayList());
        } else if (assertion.getConditions().getConditions() == null) {
            assertion.getConditions().setConditions(new ArrayList());
        }
        assertion.getConditions().getConditions().add(new OneTimeUseImpl());
        return assertion;
    }

    public IDateTimeProvider getDateTimeProvider() {
        return this.dateTimeProvider;
    }

    public void setDateTimeProvider(IDateTimeProvider iDateTimeProvider) {
        this.dateTimeProvider = iDateTimeProvider;
    }

    public void setAssertionCreatorModule(IInternalObligationAnalyzerModule iInternalObligationAnalyzerModule) {
        if (!(iInternalObligationAnalyzerModule instanceof AssertionCreatorObligationAnalyzerModule)) {
            throw new RuntimeException("assertion creator module is not an instance of AssertionCreatorObligationAnalyzerModule!");
        }
        this.assertionCreatorModule = iInternalObligationAnalyzerModule;
    }

    public static void main(String[] strArr) {
        DateTime dateTime = new DateTime();
        Period period = new Period(1, 2, 3, 4, 5, 6, 7, 8);
        DateTime plus = dateTime.plus(period);
        System.out.println(plus.toString());
        System.out.println(period.toString());
        System.out.println(plus.toString());
        System.out.println(new DateTime(plus.toString()).toString());
        Period period2 = new Period(period.toString());
        System.out.println(period2.toString());
        System.out.println(period2.getMinutes());
        System.out.println(new Period(1, 2, 3, 4).toString());
        System.out.println(new Period("PT3S").toString());
        try {
            new Period("T3S");
        } catch (IllegalArgumentException e) {
            System.out.println("bad arg!");
        }
        try {
            new DateTime("T3S");
        } catch (IllegalArgumentException e2) {
            System.out.println("bad arg!");
        }
        System.out.println(DatatypeConstants.DATETIME);
    }
}
