package pl.edu.icm.yadda.aas.audit;

import com.thoughtworks.xstream.XStream;
import com.thoughtworks.xstream.io.xml.DomDriver;
import java.util.Iterator;
import java.util.List;
import org.opensaml.lite.xacml.XACMLConstants;
import org.opensaml.lite.xacml.ctx.AttributeType;
import org.opensaml.lite.xacml.ctx.AttributeValueType;
import org.opensaml.lite.xacml.ctx.SubjectType;
import org.opensaml.lite.xacml.profile.saml.XACMLAuthzDecisionQueryType;
import pl.edu.icm.yadda.service2.audit.IAuditFormatter;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.4.9-SNAPSHOT.jar:pl/edu/icm/yadda/aas/audit/GenericXACMLRequestFormatter.class */
public class GenericXACMLRequestFormatter implements IAuditFormatter<XACMLAuthzDecisionQueryType> {
    protected boolean eraseSensitiveData = true;
    protected XStream xStream;

    public GenericXACMLRequestFormatter() {
        this.xStream = null;
        this.xStream = new XStream(new DomDriver());
    }

    @Override // pl.edu.icm.yadda.service2.audit.IAuditFormatter
    public String[] format(XACMLAuthzDecisionQueryType xACMLAuthzDecisionQueryType) {
        String[] strArr = new String[1];
        strArr[0] = this.eraseSensitiveData ? withUserPasswordErased(xACMLAuthzDecisionQueryType) : this.xStream.toXML(xACMLAuthzDecisionQueryType);
        return strArr;
    }

    protected String withUserPasswordErased(XACMLAuthzDecisionQueryType xACMLAuthzDecisionQueryType) {
        List<SubjectType> subjects;
        if (xACMLAuthzDecisionQueryType.getRequest() != null && (subjects = xACMLAuthzDecisionQueryType.getRequest().getSubjects()) != null) {
            for (SubjectType subjectType : subjects) {
                if (XACMLConstants.PASS_SUBJECT_CATEGORY.equals(subjectType.getSubjectCategory())) {
                    for (AttributeType attributeType : subjectType.getAttributes()) {
                        if (XACMLConstants.PASS_ATTR_ID.equals(attributeType.getAttributeID())) {
                            Iterator<AttributeValueType> it = attributeType.getAttributeValues().iterator();
                            if (it.hasNext()) {
                                AttributeValueType next = it.next();
                                String value = next.getValue();
                                next.setValue("#erased#");
                                String xml = this.xStream.toXML(xACMLAuthzDecisionQueryType);
                                next.setValue(value);
                                return xml;
                            }
                        }
                    }
                }
            }
        }
        return this.xStream.toXML(xACMLAuthzDecisionQueryType);
    }

    public void setEraseSensitiveData(boolean z) {
        this.eraseSensitiveData = z;
    }
}
