package org.miniorange.saml;

import java.io.StringReader;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xerces.parsers.DOMParser;
import org.opensaml.Configuration;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.IDPSSODescriptor;
import org.opensaml.saml2.metadata.KeyDescriptor;
import org.opensaml.saml2.metadata.NameIDFormat;
import org.opensaml.saml2.metadata.SingleLogoutService;
import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.xml.security.credential.UsageType;
import org.opensaml.xml.signature.X509Certificate;
import org.opensaml.xml.signature.X509Data;
import org.w3c.dom.Element;
import org.xml.sax.InputSource;

/* loaded from: input_file:org/miniorange/saml/MoIDPMetadata.class */
public class MoIDPMetadata {
    private static Log LOGGER = LogFactory.getLog(MoIDPMetadata.class);
    private String metadata;
    private EntityDescriptor entityDescriptor;
    public String entityId;
    private Map<String, String> singleSignOnServices;
    private Map<String, String> singleLogoutServices;
    public List<String> signingCertificates;
    public static String certificate;
    public static String nameIdFormat;

    public MoIDPMetadata(String str) {
        try {
            if (StringUtils.isNotBlank(str) && str.trim().startsWith("<") && str.trim().endsWith(">")) {
                this.metadata = StringUtils.trimToEmpty(str);
                MoSAMLUtils.doBootstrap();
                DOMParser dOMParser = new DOMParser();
                dOMParser.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
                dOMParser.setFeature("http://xml.org/sax/features/external-general-entities", false);
                dOMParser.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
                dOMParser.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
                dOMParser.parse(new InputSource(new StringReader(this.metadata)));
                Element documentElement = dOMParser.getDocument().getDocumentElement();
                this.entityDescriptor = Configuration.getUnmarshallerFactory().getUnmarshaller(documentElement).unmarshall(documentElement);
                IDPSSODescriptor iDPSSODescriptor = this.entityDescriptor.getIDPSSODescriptor("urn:oasis:names:tc:SAML:2.0:protocol");
                if (iDPSSODescriptor != null) {
                    this.entityId = this.entityDescriptor.getEntityID();
                    LOGGER.debug("EntityID: " + this.entityId);
                    this.singleSignOnServices = new HashMap();
                    for (SingleSignOnService singleSignOnService : iDPSSODescriptor.getSingleSignOnServices()) {
                        String binding = singleSignOnService.getBinding();
                        String location = singleSignOnService.getLocation();
                        if (StringUtils.equals(binding, "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect") || StringUtils.equals(binding, "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")) {
                            LOGGER.debug("SingleSignOnService Binding: " + binding + ", Location: " + location);
                            this.singleSignOnServices.put(binding, location);
                        }
                    }
                    this.singleLogoutServices = new HashMap();
                    for (SingleLogoutService singleLogoutService : iDPSSODescriptor.getSingleLogoutServices()) {
                        String binding2 = singleLogoutService.getBinding();
                        String location2 = singleLogoutService.getLocation();
                        if (StringUtils.equals(binding2, "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect") || StringUtils.equals(binding2, "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")) {
                            LOGGER.debug("SingleLogoutService Binding: " + binding2 + ", Location: " + location2);
                            this.singleLogoutServices.put(binding2, location2);
                        }
                    }
                    if (iDPSSODescriptor.getNameIDFormats().isEmpty()) {
                        nameIdFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified";
                    } else {
                        nameIdFormat = (String) StringUtils.defaultIfBlank(((NameIDFormat) iDPSSODescriptor.getNameIDFormats().get(0)).getFormat(), "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
                    }
                    this.signingCertificates = new ArrayList();
                    for (KeyDescriptor keyDescriptor : iDPSSODescriptor.getKeyDescriptors()) {
                        certificate = null;
                        if (keyDescriptor.getKeyInfo().getX509Datas().size() > 0 && ((X509Data) keyDescriptor.getKeyInfo().getX509Datas().get(0)).getX509Certificates().size() > 0) {
                            certificate = ((X509Certificate) ((X509Data) keyDescriptor.getKeyInfo().getX509Datas().get(0)).getX509Certificates().get(0)).getValue();
                        }
                        if (StringUtils.isBlank(certificate)) {
                            break;
                        }
                        if (UsageType.UNSPECIFIED.equals(keyDescriptor.getUse()) && MoSAMLUtils.isValidPublicCertificate(certificate).booleanValue()) {
                            this.signingCertificates.add(certificate);
                        }
                        if (UsageType.SIGNING.equals(keyDescriptor.getUse()) && MoSAMLUtils.isValidPublicCertificate(certificate).booleanValue()) {
                            this.signingCertificates.add(certificate);
                        }
                    }
                }
            }
        } catch (Throwable th) {
            LOGGER.debug("Exception occurs while parsing metadata xml " + th);
        }
    }

    public String getEntityId() {
        return this.entityId;
    }

    public Map<String, String> getSingleSignOnServices() {
        return this.singleSignOnServices;
    }

    public Map<String, String> getSingleLogoutServices() {
        return this.singleLogoutServices;
    }

    public List<String> getSigningCertificates() {
        return this.signingCertificates;
    }
}
