package net.shibboleth.idp.attribute.filter.policyrule.saml.impl;

import com.google.common.base.Objects;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.attribute.filter.PolicyRequirementRule;
import net.shibboleth.idp.attribute.filter.context.AttributeFilterContext;
import net.shibboleth.idp.attribute.filter.policyrule.impl.AbstractPolicyRule;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.opensaml.core.xml.schema.XSAny;
import org.opensaml.core.xml.schema.XSString;
import org.opensaml.saml.ext.saml2mdattr.EntityAttributes;
import org.opensaml.saml.saml2.core.Attribute;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/idp/attribute/filter/policyrule/saml/impl/AbstractEntityAttributePolicyRule.class */
public abstract class AbstractEntityAttributePolicyRule extends AbstractPolicyRule {
    private final Logger log = LoggerFactory.getLogger(AbstractEntityAttributePolicyRule.class);
    private String attrName;
    private String nameFormat;

    @NonnullAfterInit
    public String getAttributeName() {
        return this.attrName;
    }

    public void setAttributeName(@Nullable String str) {
        this.attrName = StringSupport.trimOrNull(str);
    }

    @Nullable
    public String getNameFormat() {
        return this.nameFormat;
    }

    public void setNameFormat(@Nullable String str) {
        this.nameFormat = StringSupport.trimOrNull(str);
    }

    public PolicyRequirementRule.Tristate matches(@Nonnull AttributeFilterContext attributeFilterContext) {
        String textContent;
        Constraint.isNotNull(attributeFilterContext, "Context must be supplied");
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        EntityDescriptor entityMetadata = getEntityMetadata(attributeFilterContext);
        if (entityMetadata == null) {
            this.log.warn("{} No metadata available for the entity, returning FAIL", getLogPrefix());
            return PolicyRequirementRule.Tristate.FAIL;
        }
        Attribute entityAttribute = getEntityAttribute(entityMetadata);
        if (entityAttribute == null) {
            this.log.debug("{} No entityAttribute for the entity, returning FALSE", getLogPrefix());
            return PolicyRequirementRule.Tristate.FALSE;
        }
        List<XSString> attributeValues = entityAttribute.getAttributeValues();
        if (attributeValues == null || attributeValues.isEmpty()) {
            this.log.debug("{} Entity attribute {} for entity {} does not contain any values, returning FALSE", new Object[]{getLogPrefix(), getAttributeName(), entityMetadata.getEntityID()});
            return PolicyRequirementRule.Tristate.FALSE;
        }
        this.log.debug("{} Checking if entity attribute {} contains the required value.", getLogPrefix(), getAttributeName());
        for (XSString xSString : attributeValues) {
            if (xSString instanceof XSAny) {
                textContent = ((XSAny) xSString).getTextContent();
            } else if (xSString instanceof XSString) {
                textContent = xSString.getValue();
            } else {
                this.log.debug("{} Entity attribute {} contains the unsupported value type {}, skipping it", new Object[]{getLogPrefix(), getAttributeName(), xSString.getClass().getName()});
            }
            if (textContent == null) {
                continue;
            } else {
                if (entityAttributeValueMatches(textContent)) {
                    this.log.debug("{} Entity attribute {} value {} meets matching requirements", new Object[]{getLogPrefix(), getAttributeName(), textContent});
                    return PolicyRequirementRule.Tristate.TRUE;
                }
                this.log.debug("{} Entity attribute {} value {} does not meet matching requirements", new Object[]{getLogPrefix(), getAttributeName(), textContent});
            }
        }
        return PolicyRequirementRule.Tristate.FALSE;
    }

    @Nullable
    protected Attribute getEntityAttribute(EntityDescriptor entityDescriptor) {
        List list = null;
        if (entityDescriptor.getExtensions() != null) {
            list = entityDescriptor.getExtensions().getUnknownXMLObjects(EntityAttributes.DEFAULT_ELEMENT_NAME);
        }
        if (list == null || list.isEmpty()) {
            this.log.debug("{} Descriptor for {} does not contain any EntityAttributes", getLogPrefix(), entityDescriptor.getEntityID());
            return null;
        }
        if (list.size() > 1) {
            this.log.debug("{} Descriptor for {} contains more than EntityAttributes extension, only using the first one", getLogPrefix(), entityDescriptor.getEntityID());
        }
        List<Attribute> attributes = ((EntityAttributes) list.get(0)).getAttributes();
        if (attributes != null && !attributes.isEmpty()) {
            return compareAttributes(attributes, entityDescriptor);
        }
        this.log.debug("{} EntityAttributes extension for {} does not contain any Attributes", getLogPrefix(), entityDescriptor.getEntityID());
        return null;
    }

    @Nullable
    private Attribute compareAttributes(List<Attribute> list, EntityDescriptor entityDescriptor) {
        for (Attribute attribute : list) {
            if (Objects.equal(getAttributeName(), attribute.getName()) && (getNameFormat() == null || Objects.equal(getNameFormat(), attribute.getNameFormat()))) {
                this.log.debug("{} Descriptor for {} contains an entity attribute with the name {} and the format {}", new Object[]{getLogPrefix(), entityDescriptor.getEntityID(), getAttributeName(), getNameFormat()});
                return attribute;
            }
        }
        this.log.debug("{} Descriptor for {} does not contain an entity attribute with the name {} and the format {}", new Object[]{getLogPrefix(), entityDescriptor.getEntityID(), getAttributeName(), getNameFormat()});
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.idp.attribute.filter.policyrule.impl.AbstractPolicyRule
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.attrName == null) {
            throw new ComponentInitializationException(getLogPrefix() + " Attribute name is null");
        }
    }

    @Nullable
    protected abstract EntityDescriptor getEntityMetadata(AttributeFilterContext attributeFilterContext);

    protected abstract boolean entityAttributeValueMatches(String str);
}
