package dk.itst.oiosaml.sp;

import dk.itst.oiosaml.configuration.SAMLConfigurationFactory;
import dk.itst.oiosaml.error.InvalidCertificateException;
import dk.itst.oiosaml.error.WrappedException;
import dk.itst.oiosaml.security.CredentialRepository;
import dk.itst.oiosaml.sp.metadata.IdpMetadata;
import dk.itst.oiosaml.sp.metadata.SPMetadata;
import dk.itst.oiosaml.sp.model.OIOAssertion;
import dk.itst.oiosaml.sp.model.OIOAttributeQuery;
import dk.itst.oiosaml.sp.service.util.Constants;
import dk.itst.oiosaml.sp.service.util.HttpSOAPClient;
import dk.itst.oiosaml.sp.service.util.SOAPClient;
import dk.itst.oiosaml.sp.util.AttributeUtil;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.xml.security.credential.Credential;

/* loaded from: input_file:dk/itst/oiosaml/sp/UserAttributeQuery.class */
public class UserAttributeQuery {
    private static final CredentialRepository credentialRepository = new CredentialRepository();
    private final String username;
    private final String password;
    private final SOAPClient client;
    private final Credential credential;
    private final boolean ignoreCertPath;
    private final boolean requireEncryption;
    private final IdpMetadata.Metadata idpMetadata;
    private final String spEntityId;

    public UserAttributeQuery() throws WrappedException, NoSuchAlgorithmException, CertificateException, IllegalStateException, KeyStoreException, IOException {
        this(SAMLConfigurationFactory.getConfiguration().getSystemConfiguration().getString(Constants.PROP_RESOLVE_USERNAME, (String) null), SAMLConfigurationFactory.getConfiguration().getSystemConfiguration().getString(Constants.PROP_RESOLVE_PASSWORD, (String) null));
    }

    public UserAttributeQuery(String str, String str2) throws WrappedException, NoSuchAlgorithmException, CertificateException, IllegalStateException, KeyStoreException, IOException {
        this(UserAssertionHolder.get() != null ? UserAssertionHolder.get().getIssuer() : null, str, str2);
    }

    public UserAttributeQuery(String str, String str2, String str3) throws WrappedException, NoSuchAlgorithmException, CertificateException, IllegalStateException, KeyStoreException, IOException {
        this(IdpMetadata.getInstance().getMetadata(str), str2, str3, new HttpSOAPClient(), credentialRepository.getCredential(SAMLConfigurationFactory.getConfiguration().getKeystore(), SAMLConfigurationFactory.getConfiguration().getSystemConfiguration().getString(Constants.PROP_CERTIFICATE_PASSWORD)), SAMLConfigurationFactory.getConfiguration().getSystemConfiguration().getBoolean(Constants.PROP_IGNORE_CERTPATH, false), SAMLConfigurationFactory.getConfiguration().getSystemConfiguration().getBoolean(Constants.PROP_REQUIRE_ENCRYPTION, true), SPMetadata.getInstance().getEntityID());
    }

    public UserAttributeQuery(IdpMetadata.Metadata metadata, String str, String str2, SOAPClient sOAPClient, Credential credential, boolean z, boolean z2, String str3) {
        this.spEntityId = str3;
        if (metadata == null) {
            throw new IllegalArgumentException("IdP Metadata cannot be null");
        }
        this.idpMetadata = metadata;
        this.username = str;
        this.password = str2;
        this.client = sOAPClient;
        this.credential = credential;
        this.ignoreCertPath = z;
        this.requireEncryption = z2;
    }

    public Collection<UserAttribute> query(String str, NameIDFormat nameIDFormat, String... strArr) throws InvalidCertificateException, IOException {
        UserAttribute[] userAttributeArr = new UserAttribute[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            userAttributeArr[i] = UserAttribute.create(strArr[i], null);
        }
        return query(str, nameIDFormat, userAttributeArr);
    }

    public Collection<UserAttribute> query(String str, NameIDFormat nameIDFormat, UserAttribute... userAttributeArr) throws InvalidCertificateException, IOException {
        OIOAttributeQuery newQuery = OIOAttributeQuery.newQuery(this.idpMetadata.getAttributeQueryServiceLocation("urn:oasis:names:tc:SAML:2.0:bindings:SOAP"), str, nameIDFormat, this.spEntityId);
        for (UserAttribute userAttribute : userAttributeArr) {
            newQuery.addAttribute(userAttribute.getName(), userAttribute.getFormat());
        }
        OIOAssertion executeQuery = newQuery.executeQuery(this.client, this.credential, this.username, this.password, this.ignoreCertPath, this.idpMetadata.getValidCertificates(), !this.requireEncryption);
        ArrayList arrayList = new ArrayList();
        Iterator it = executeQuery.getAssertion().getAttributeStatements().iterator();
        while (it.hasNext()) {
            for (Attribute attribute : ((AttributeStatement) it.next()).getAttributes()) {
                arrayList.add(new UserAttribute(attribute.getName(), attribute.getFriendlyName(), AttributeUtil.extractAttributeValueValues(attribute), attribute.getNameFormat()));
            }
        }
        return arrayList;
    }
}
