package dk.itst.oiosaml.sp;

import dk.itst.oiosaml.common.OIOSAMLConstants;
import dk.itst.oiosaml.oiobpp.PrivilegeList;
import dk.itst.oiosaml.security.SecurityHelper;
import dk.itst.oiosaml.sp.model.OIOAssertion;
import dk.itst.oiosaml.sp.util.AttributeUtil;
import java.io.Serializable;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.joda.time.DateTime;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.saml2.core.AuthnStatement;

/* loaded from: input_file:dk/itst/oiosaml/sp/UserAssertionImpl.class */
public class UserAssertionImpl implements UserAssertion, Serializable {
    private static final long serialVersionUID = -1756335950388129831L;
    private Map<String, UserAttribute> attributes = new HashMap();
    private Date issueTime;
    private String issuer;
    private Date sessionExpireTime;
    private NameIDFormat nameIDFormat;
    private String nameID;
    private boolean signed;
    private String xml;
    private String id;
    private PrivilegeList privilegeList;

    public UserAssertionImpl(OIOAssertion oIOAssertion) {
        DateTime sessionNotOnOrAfter;
        Iterator it = oIOAssertion.getAssertion().getAttributeStatements().iterator();
        while (it.hasNext()) {
            for (Attribute attribute : ((AttributeStatement) it.next()).getAttributes()) {
                if (this.attributes.containsKey(attribute.getName())) {
                    UserAttribute userAttribute = this.attributes.get(attribute.getName());
                    Iterator<String> it2 = AttributeUtil.extractAttributeValueValues(attribute).iterator();
                    while (it2.hasNext()) {
                        userAttribute.getValues().add(it2.next());
                    }
                } else {
                    this.attributes.put(attribute.getName(), new UserAttribute(attribute.getName(), attribute.getFriendlyName(), AttributeUtil.extractAttributeValueValues(attribute), attribute.getNameFormat()));
                }
            }
        }
        this.id = oIOAssertion.getID();
        this.privilegeList = oIOAssertion.getPrivilegeList();
        if (oIOAssertion.getAssertion().getIssueInstant() != null) {
            this.issueTime = oIOAssertion.getAssertion().getIssueInstant().toDate();
        }
        if (oIOAssertion.getAssertion().getIssuer() != null) {
            this.issuer = oIOAssertion.getAssertion().getIssuer().getValue();
        }
        if (!oIOAssertion.getAssertion().getAuthnStatements().isEmpty() && (sessionNotOnOrAfter = ((AuthnStatement) oIOAssertion.getAssertion().getAuthnStatements().get(0)).getSessionNotOnOrAfter()) != null) {
            this.sessionExpireTime = sessionNotOnOrAfter.toDate();
        }
        if (oIOAssertion.getAssertion().getSubject() != null) {
            this.nameIDFormat = NameIDFormat.getNameID(oIOAssertion.getAssertion().getSubject().getNameID().getFormat());
            this.nameID = oIOAssertion.getAssertion().getSubject().getNameID().getValue();
        }
        this.signed = oIOAssertion.getAssertion().getSignature() != null;
        try {
            this.xml = oIOAssertion.toXML();
        } catch (Exception e) {
        }
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public Collection<UserAttribute> getAllAttributes() {
        return Collections.unmodifiableCollection(this.attributes.values());
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public int getAssuranceLevel() {
        String attributeValue = getAttributeValue(OIOSAMLConstants.ATTRIBUTE_ASSURANCE_LEVEL_NAME);
        if (attributeValue == null) {
            return 0;
        }
        if ("test".equals(attributeValue)) {
            return -1;
        }
        return Integer.valueOf(attributeValue).intValue();
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public PrivilegeList getPrivilegeList() {
        return this.privilegeList;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getNSISLevel() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_NSIS_LEVEL_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public UserAttribute getAttribute(String str) {
        return this.attributes.get(str);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getCVRNumberIdentifier() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_CVR_NUMBER_IDENTIFIER_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getCertificateSerialNumber() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_SERIAL_NUMBER_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getCommonName() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_COMMON_NAME_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public Date getIssueTime() {
        return this.issueTime;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getIssuer() {
        return this.issuer;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getMail() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_MAIL_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public NameIDFormat getNameIDFormat() {
        return this.nameIDFormat;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getOrganizationName() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_ORGANISATION_NAME_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getOrganizationUnit() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_ORGANISATION_UNIT_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getPostalAddress() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_POSTAL_ADDRESS_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public Date getSessionExpireTime() {
        return this.sessionExpireTime;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getSpecificationVersion() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_SPECVER_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getSubject() {
        return this.nameID;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getSurname() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_SURNAME_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getTitle() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_TITLE_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getUniqueAccountKey() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_UNIQUE_ACCOUNT_KEY_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getUserId() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_UID_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getXML() {
        return this.xml;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public boolean isSigned() {
        return this.signed;
    }

    private String getAttributeValue(String str) {
        UserAttribute userAttribute = this.attributes.get(str);
        if (userAttribute == null) {
            return null;
        }
        List<String> values = userAttribute.getValues();
        if (values.size() > 0) {
            return values.get(0);
        }
        return null;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getCPRNumber() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_CPR_NUMBER_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getRIDNumber() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_RID_NUMBER_IDENTIFIER_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getPIDNumber() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_PID_NUMBER_IDENTIFIER_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getPseudonym() {
        return getAttributeValue(OIOSAMLConstants.ATTRIBUTE_PSEUDONYM_NAME);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public X509Certificate getUserCertificate() {
        String attributeValue = getAttributeValue(OIOSAMLConstants.ATTRIBUTE_USER_CERTIFICATE_NAME);
        if (attributeValue == null) {
            return null;
        }
        try {
            return SecurityHelper.buildJavaX509Cert(attributeValue);
        } catch (CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public boolean isOCESProfileCompliant() {
        try {
            boolean isOIOSAMLCompliant = isOIOSAMLCompliant() & NameIDFormat.X509SUBJECT.equals(getNameIDFormat()) & (getCertificateSerialNumber() != null) & (isYouthCertificate() != null) & ((getPIDNumber() != null) ^ (getRIDNumber() != null));
            if (getPIDNumber() != null) {
                isOIOSAMLCompliant &= ("PID:" + getPIDNumber()).equals(getUserId());
            } else if (getRIDNumber() != null) {
                isOIOSAMLCompliant = isOIOSAMLCompliant & (getCVRNumberIdentifier() != null) & ("CVR:" + getCVRNumberIdentifier() + "-RID:" + getRIDNumber()).equals(getUserId());
            }
            return isOIOSAMLCompliant;
        } catch (RuntimeException e) {
            return false;
        }
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public boolean isOIOSAMLCompliant() {
        return true & "DK-SAML-2.0".equals(getSpecificationVersion()) & (getAssuranceLevel() > 0) & (getSurname() != null) & (getCommonName() != null) & (getUserId() != null) & (getMail() != null);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public boolean isPersistentPseudonymProfileCompliant() {
        return true & "DK-SAML-2.0".equals(getSpecificationVersion()) & (getAssuranceLevel() > 0) & (getUserId() == null) & NameIDFormat.PERSISTENT.equals(getNameIDFormat()) & (getPIDNumber() == null) & (getRIDNumber() == null) & (getCertificateSerialNumber() == null) & (getMail() == null) & (getSurname() == null) & (getCommonName() == null);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public Boolean isYouthCertificate() {
        String attributeValue = getAttributeValue(OIOSAMLConstants.ATTRIBUTE_YOUTH_CERTIFICATE_NAME);
        if (attributeValue == null) {
            return null;
        }
        return Boolean.valueOf(attributeValue);
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public String getAssertionId() {
        return this.id;
    }

    @Override // dk.itst.oiosaml.sp.UserAssertion
    public boolean isAuthenticated() {
        return true;
    }
}
