package be.fgov.ehealth.technicalconnector.services;

import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.utils.ConnectorXmlUtils;
import be.fgov.ehealth.technicalconnector.signature.AdvancedElectronicSignatureEnumeration;
import be.fgov.ehealth.technicalconnector.signature.SignatureBuilderFactory;
import be.fgov.ehealth.technicalconnector.signature.domain.SignatureVerificationError;
import be.fgov.ehealth.technicalconnector.signature.domain.SignatureVerificationResult;
import java.util.HashMap;
import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:be/fgov/ehealth/technicalconnector/services/SAMLUtils.class */
public final class SAMLUtils {
    private static final Logger LOG = LoggerFactory.getLogger(SAMLUtils.class);
    private static final String ASSERTION_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:assertion";
    private static final String PROTOCOL_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:protocol";

    public static String getStatusCode(Element element) {
        Element firstElementByTagNameNS = ConnectorXmlUtils.getFirstElementByTagNameNS(element, PROTOCOL_NAMESPACE, "StatusCode");
        if (firstElementByTagNameNS != null) {
            return firstElementByTagNameNS.getAttribute("Value");
        }
        throw new IllegalArgumentException();
    }

    public static String getStatusMessage(Element element) {
        Element firstElementByTagNameNS = ConnectorXmlUtils.getFirstElementByTagNameNS(ConnectorXmlUtils.getFirstElementByTagNameNS(element, PROTOCOL_NAMESPACE, "Status"), PROTOCOL_NAMESPACE, "StatusMessage");
        if (firstElementByTagNameNS != null) {
            return firstElementByTagNameNS.getTextContent();
        }
        throw new IllegalArgumentException();
    }

    public static NodeList getAssertions(Element element) {
        return element.getElementsByTagNameNS(ASSERTION_NAMESPACE, "Assertion");
    }

    public static void validateAssertions(Element element) throws TechnicalConnectorException {
        NodeList assertions = getAssertions(element);
        for (int i = 0; i < assertions.getLength(); i++) {
            validateAssertion((Element) assertions.item(i));
        }
    }

    public static void validateAssertion(Element element) throws TechnicalConnectorException {
        byte[] byteArray = ConnectorXmlUtils.toByteArray(element);
        String textContent = element.getAttributes().getNamedItem("ID").getTextContent();
        HashMap hashMap = new HashMap();
        hashMap.put("baseURI", textContent);
        SignatureVerificationResult verify = SignatureBuilderFactory.getSignatureBuilder(AdvancedElectronicSignatureEnumeration.XML).verify(byteArray, hashMap);
        if (verify.isValid()) {
            LOG.debug("SAML assertion correctly signed!");
        } else {
            if (verify.getErrors().contains(SignatureVerificationError.SIGNATURE_NOT_PRESENT)) {
                return;
            }
            Iterator it = verify.getErrors().iterator();
            while (it.hasNext()) {
                LOG.error(((SignatureVerificationError) it.next()).getMessage());
            }
            throw new IllegalArgumentException();
        }
    }
}
