package com.sun.identity.saml.assertion;

import com.iplanet.am.util.SystemProperties;
import com.iplanet.am.util.XMLUtils;
import com.sun.identity.common.DateUtils;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLRequesterException;
import com.sun.identity.saml.common.SAMLResponderException;
import com.sun.identity.saml.common.SAMLServiceManager;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.common.SAMLVersionMismatchException;
import com.sun.identity.saml.xmlsig.XMLSignatureManager;
import java.text.ParseException;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* JADX WARN: Classes with same name are omitted:
  input_file:119465-06/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/saml/assertion/Assertion.class
 */
/* loaded from: input_file:119465-06/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/saml/assertion/Assertion.class */
public class Assertion {
    protected static SAMLConstants sc;
    protected Set _statements;
    protected int _majorVersion;
    protected int _minorVersion;
    protected AssertionIDReference _assertionID;
    protected String _issuer;
    protected Date _issueInstant;
    protected Conditions _conditions;
    protected Advice _advice;
    protected String xmlString;
    protected String signatureString;
    protected Element signature;
    protected boolean signed;
    protected boolean valid;
    protected boolean validationDone;
    protected static final String ASSERTION_ID_ATTRIBUTE = "AssertionID";

    public boolean isSigned() {
        return this.signed;
    }

    public boolean isSignatureValid() {
        SAMLServiceManager.SOAPEntry sOAPEntry;
        if (this.signed & (!this.validationDone)) {
            Map map = (Map) SAMLServiceManager.getAttribute("iplanet-am-saml-partner-urls");
            String str = null;
            if (map != null && (sOAPEntry = (SAMLServiceManager.SOAPEntry) map.get(this._issuer)) != null) {
                str = sOAPEntry.getCertAlias();
            }
            try {
                this.valid = XMLSignatureManager.getInstance().verifyXMLSignature(this.xmlString, "AssertionID", str);
            } catch (Exception e) {
                SAMLUtils.debug.warning("signature validation exceptoion", e);
                this.valid = false;
            }
            if (!this.valid && SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion(Element): couldn't verify Assertion's signature.");
            }
            this.validationDone = true;
        }
        return this.valid;
    }

    public void signXML() throws SAMLException {
        signXML(SystemProperties.get("com.sun.identity.saml.xmlsig.certalias"));
    }

    public void signXML(String str) throws SAMLException {
        if (this.signed) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion.signXML: the assertion is already signed.");
            }
            throw new SAMLException(SAMLUtils.bundle.getString("alreadySigned"));
        }
        if (str == null) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assetion.signXML: couldn't obtain this site's cert alias.");
            }
            throw new SAMLResponderException(SAMLUtils.bundle.getString("cannotFindCertAlias"));
        }
        XMLSignatureManager xMLSignatureManager = XMLSignatureManager.getInstance();
        if (this._majorVersion == 1 && this._minorVersion == 0) {
            SAMLUtils.debug.message("Assetion.signXML: sign with version 1.0");
            this.signatureString = xMLSignatureManager.signXML(toString(true, true), str);
            this.signature = XMLUtils.toDOMDocument(this.signatureString, SAMLUtils.debug).getDocumentElement();
        } else {
            SAMLUtils.debug.message("Assetion.signXML: sign with version 1.1");
            this.signature = xMLSignatureManager.signXML(XMLUtils.toDOMDocument(toString(true, true), SAMLUtils.debug), str, null, "AssertionID", getAssertionID(), true, null);
            this.signatureString = XMLUtils.print(this.signature);
        }
        this.signed = true;
        this.xmlString = toString(true, true);
    }

    public Element getSignature() {
        return this.signature;
    }

    public boolean setSignature(Element element) {
        if (this.signed || element == null) {
            return false;
        }
        this.signature = element;
        this.signed = true;
        this.signatureString = XMLUtils.print(element);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Assertion() {
        this._statements = Collections.synchronizedSet(new HashSet());
        this._majorVersion = 1;
        this._minorVersion = SAMLConstants.ASSERTION_MINOR_VERSION;
        this._assertionID = null;
        this._issuer = null;
        this.xmlString = null;
        this.signatureString = null;
        this.signature = null;
        this.signed = false;
        this.valid = true;
        this.validationDone = true;
    }

    public Assertion(Element element) throws SAMLException {
        this._statements = Collections.synchronizedSet(new HashSet());
        this._majorVersion = 1;
        this._minorVersion = SAMLConstants.ASSERTION_MINOR_VERSION;
        this._assertionID = null;
        this._issuer = null;
        this.xmlString = null;
        this.signatureString = null;
        this.signature = null;
        this.signed = false;
        this.valid = true;
        this.validationDone = true;
        String localName = element.getLocalName();
        if (localName == null) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion: local name missing");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("nullInput"));
        }
        if (!localName.equals(SAMLConstants.TAG_ASSERTION)) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion: invalid root element");
            }
            throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("invalidElement")).append(":").append(localName).toString());
        }
        String attribute = element.getAttribute("Issuer");
        if (attribute == null || attribute.equals("")) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion: Issuer missing");
            }
            throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("missingAttribute")).append(":").append("Issuer").toString());
        }
        this._issuer = attribute;
        int size = XMLUtils.getElementsByTagNameNS1(element, SAMLConstants.XMLSIG_NAMESPACE_URI, "Signature").size();
        if (size == 1) {
            this.xmlString = XMLUtils.print(element);
            this.signed = true;
            this.validationDone = false;
        } else if (size != 0) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion(Element): included more than one Signature element.");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("moreElement"));
        }
        String attribute2 = element.getAttribute("MajorVersion");
        if (attribute2 == null || attribute2.equals("")) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion: MajorVersion missing");
            }
            throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("missingAttribute")).append(":").append("MajorVersion").toString());
        }
        try {
            int parseInt = Integer.parseInt(attribute2);
            if (parseInt != 1) {
                if (parseInt < 1) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: MajorVersion too low");
                    }
                    throw new SAMLVersionMismatchException(new StringBuffer().append(SAMLUtils.bundle.getString("assertionVersionTooLow")).append(":").append("MajorVersion").toString());
                }
                if (parseInt > 1) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: MajorVersion too high");
                    }
                    throw new SAMLVersionMismatchException(new StringBuffer().append(SAMLUtils.bundle.getString("assertionVersionTooHigh")).append(":").append("MajorVersion").toString());
                }
                this._minorVersion = Integer.parseInt(attribute2);
            }
            String attribute3 = element.getAttribute("MinorVersion");
            if (attribute3 == null || attribute3.equals("")) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Assertion: MinorVersion missing");
                }
                throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("missingAttribute")).append(":").append("MinorVersion").toString());
            }
            try {
                int parseInt2 = Integer.parseInt(attribute3);
                if (parseInt2 < 0) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: MinorVersion too low");
                    }
                    throw new SAMLVersionMismatchException(SAMLUtils.bundle.getString("assertionVersionTooLow"));
                }
                if (parseInt2 > 1) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: MinorVersion too high");
                    }
                    throw new SAMLVersionMismatchException(new StringBuffer().append(SAMLUtils.bundle.getString("assertionVersionTooHigh")).append(":").append("MinorVersion").toString());
                }
                this._minorVersion = parseInt2;
                String attribute4 = element.getAttribute("AssertionID");
                if (attribute4 == null || attribute4.equals("")) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: AssertionID missing");
                    }
                    throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("missingAttribute")).append(":").append("AssertionID").toString());
                }
                this._assertionID = new AssertionIDReference(attribute4);
                String attribute5 = element.getAttribute("IssueInstant");
                if (attribute5 == null || attribute5.equals("")) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: IssueInstant missing");
                    }
                    throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("missingAttribute")).append(":").append("IssueInstant").toString());
                }
                try {
                    this._issueInstant = DateUtils.stringToDate(attribute5);
                    boolean z = false;
                    NodeList childNodes = element.getChildNodes();
                    int length = childNodes.getLength();
                    for (int i = 0; i < length; i++) {
                        Node item = childNodes.item(i);
                        if (item.getNodeType() == 1) {
                            String localName2 = item.getLocalName();
                            if (localName2.equals("Conditions")) {
                                this._conditions = new Conditions((Element) item);
                            } else if (localName2.equals("Advice")) {
                                this._advice = new Advice((Element) item);
                            } else if (localName2.equals("AuthenticationStatement")) {
                                this._statements.add(new AuthenticationStatement((Element) item));
                                z = true;
                            } else if (localName2.equals("AuthorizationDecisionStatement")) {
                                this._statements.add(new AuthorizationDecisionStatement((Element) item));
                                z = true;
                            } else if (localName2.equals("AttributeStatement")) {
                                this._statements.add(new AttributeStatement((Element) item));
                                z = true;
                            } else {
                                if (!localName2.equals("Signature")) {
                                    if (SAMLUtils.debug.messageEnabled()) {
                                        SAMLUtils.debug.message("Assertion: invalid element in Assertion");
                                    }
                                    throw new SAMLRequesterException("invalidElement");
                                }
                                this.signature = (Element) item;
                            }
                        }
                    }
                    if (z) {
                        return;
                    }
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: mandatory statement missing");
                    }
                    throw new SAMLRequesterException("missingStatement");
                } catch (ParseException e) {
                    if (SAMLUtils.debug.messageEnabled()) {
                        SAMLUtils.debug.message("Assertion: could not parse IssueInstant", e);
                    }
                    throw new SAMLRequesterException(SAMLUtils.bundle.getString(new StringBuffer().append("wrongInput").append(e.getMessage()).toString()));
                }
            } catch (NumberFormatException e2) {
                SAMLUtils.debug.error("Assertion: invalid integer in MinorVersion", e2);
                throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("invalidNumber")).append(":").append("MinorVersion").toString());
            }
        } catch (NumberFormatException e3) {
            SAMLUtils.debug.error("Assertion: invalid integer in MajorVersion", e3);
            throw new SAMLRequesterException(new StringBuffer().append(SAMLUtils.bundle.getString("invalidNumber")).append(":").append("MajorVersion").toString());
        }
    }

    public boolean isTimeValid() {
        if (this._conditions == null) {
            return true;
        }
        return this._conditions.checkDateValidity(System.currentTimeMillis());
    }

    public Assertion(String str, String str2, Date date, Set set) throws SAMLException {
        this._statements = Collections.synchronizedSet(new HashSet());
        this._majorVersion = 1;
        this._minorVersion = SAMLConstants.ASSERTION_MINOR_VERSION;
        this._assertionID = null;
        this._issuer = null;
        this.xmlString = null;
        this.signatureString = null;
        this.signature = null;
        this.signed = false;
        this.valid = true;
        this.validationDone = true;
        if (str2 == null || str2.equals("")) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion:  null input specified");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("nullInput"));
        }
        if (set.size() == 0) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion:mandatory statement missing");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("missingStatement"));
        }
        this._statements.addAll(set);
        this._assertionID = new AssertionIDReference(str);
        if (str2 != null) {
            this._issuer = str2;
        }
        if (date != null) {
            this._issueInstant = date;
        } else {
            this._issueInstant = new Date();
        }
    }

    public Assertion(String str, String str2, Date date, Conditions conditions, Set set) throws SAMLException {
        this._statements = Collections.synchronizedSet(new HashSet());
        this._majorVersion = 1;
        this._minorVersion = SAMLConstants.ASSERTION_MINOR_VERSION;
        this._assertionID = null;
        this._issuer = null;
        this.xmlString = null;
        this.signatureString = null;
        this.signature = null;
        this.signed = false;
        this.valid = true;
        this.validationDone = true;
        if (str2 == null || str2.equals("") || conditions == null) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion:  null input specified");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("nullInput"));
        }
        if (set.size() == 0) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion:mandatory statement missing");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("missingStatement"));
        }
        this._statements.addAll(set);
        this._assertionID = new AssertionIDReference(str);
        if (str2 != null) {
            this._issuer = str2;
        }
        if (date != null) {
            this._issueInstant = date;
        } else {
            this._issueInstant = new Date();
        }
        if (conditions != null) {
            this._conditions = conditions;
        }
    }

    public Assertion(String str, String str2, Date date, Conditions conditions, Advice advice, Set set) throws SAMLException {
        this._statements = Collections.synchronizedSet(new HashSet());
        this._majorVersion = 1;
        this._minorVersion = SAMLConstants.ASSERTION_MINOR_VERSION;
        this._assertionID = null;
        this._issuer = null;
        this.xmlString = null;
        this.signatureString = null;
        this.signature = null;
        this.signed = false;
        this.valid = true;
        this.validationDone = true;
        if (str2 == null || str2.equals("") || conditions == null) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion:  null input specified");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("nullInput"));
        }
        if (set.size() == 0) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("Assertion:mandatory statement missing");
            }
            throw new SAMLRequesterException(SAMLUtils.bundle.getString("missingStatement"));
        }
        this._statements.addAll(set);
        this._assertionID = new AssertionIDReference(str);
        if (str2 != null) {
            this._issuer = str2;
        }
        if (date != null) {
            this._issueInstant = date;
        } else {
            this._issueInstant = new Date();
        }
        if (conditions != null) {
            this._conditions = conditions;
        }
        if (advice != null) {
            this._advice = advice;
        }
    }

    public boolean addStatement(Statement statement) {
        if (this.signed || statement == null) {
            return false;
        }
        this._statements.add(statement);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean setIssueInstant(Date date) {
        if (this.signed || date == null) {
            return false;
        }
        this._issueInstant = date;
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean setAssertionID(String str) {
        if (this.signed || str == null) {
            return false;
        }
        try {
            this._assertionID = new AssertionIDReference(str);
            return true;
        } catch (Exception e) {
            if (!SAMLUtils.debug.messageEnabled()) {
                return false;
            }
            SAMLUtils.debug.message(new StringBuffer().append("Assertion: Exception in setting assertion id: ").append(e.getMessage()).toString());
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean setIssuer(String str) {
        if (this.signed || str == null || str.equals("")) {
            return false;
        }
        this._issuer = str;
        return true;
    }

    public boolean setAdvice(Advice advice) {
        if (this.signed || advice == null) {
            return false;
        }
        this._advice = advice;
        return true;
    }

    public boolean setConditions(Conditions conditions) {
        if (this.signed || conditions == null) {
            return false;
        }
        this._conditions = conditions;
        return true;
    }

    public int getMinorVersion() {
        return this._minorVersion;
    }

    public void setMinorVersion(int i) {
        this._minorVersion = i;
    }

    public int getMajorVersion() {
        return this._majorVersion;
    }

    public void setMajorVersion(int i) {
        this._majorVersion = i;
    }

    public Date getIssueInstant() {
        return this._issueInstant;
    }

    public String getIssuer() {
        return this._issuer;
    }

    public String getAssertionID() {
        return this._assertionID.getAssertionIDReference();
    }

    public Conditions getConditions() {
        return this._conditions;
    }

    public Advice getAdvice() {
        return this._advice;
    }

    public Set getStatement() {
        return this._statements;
    }

    public String toString() {
        return toString(true, false);
    }

    public String toString(boolean z, boolean z2) {
        if (this.signed && this.xmlString != null) {
            return this.xmlString;
        }
        StringBuffer stringBuffer = new StringBuffer(3000);
        String str = z2 ? " xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"" : "";
        String str2 = z ? "saml:" : "";
        String str3 = null;
        if (this._issueInstant != null) {
            str3 = DateUtils.toUTCDateFormat(this._issueInstant);
        }
        stringBuffer.append("<").append(str2).append(SAMLConstants.TAG_ASSERTION).append(" ").append(str).append(" ").append("MajorVersion").append("=\"").append(this._majorVersion).append("\"").append(" ").append("MinorVersion").append("=\"").append(this._minorVersion).append("\"").append(" ").append("AssertionID=\"").append(this._assertionID.getAssertionIDReference()).append("\"").append(" ").append("Issuer").append("=\"").append(this._issuer).append("\"").append(" ").append("IssueInstant").append("=\"").append(str3).append("\"").append(" ").append(">").append("\n");
        if (this._conditions != null) {
            stringBuffer.append(this._conditions.toString(z, false));
        }
        if (this._advice != null) {
            stringBuffer.append(this._advice.toString(z, false));
        }
        Iterator it = getStatement().iterator();
        while (it.hasNext()) {
            stringBuffer.append(((Statement) it.next()).toString(z, false));
        }
        if (this.signed && this.signatureString != null) {
            stringBuffer.append(this.signatureString);
        }
        stringBuffer.append(SAMLUtils.makeEndElementTagXML(SAMLConstants.TAG_ASSERTION, z));
        return stringBuffer.toString();
    }
}
