package org.apache.cxf.systest.ws.saml;

import java.util.Iterator;
import java.util.List;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.apache.wss4j.stax.validate.SamlTokenValidatorImpl;
import org.opensaml.saml2.core.Audience;
import org.opensaml.saml2.core.AudienceRestriction;
import org.opensaml.saml2.core.Conditions;

/* loaded from: input_file:org/apache/cxf/systest/ws/saml/StaxSaml2AudienceRestrictionValidator.class */
public class StaxSaml2AudienceRestrictionValidator extends SamlTokenValidatorImpl {
    private List<String> endpointAddresses;

    public void checkConditions(SamlAssertionWrapper samlAssertionWrapper) throws WSSecurityException {
        Conditions conditions;
        super.checkConditions(samlAssertionWrapper);
        if (samlAssertionWrapper.getSaml2() == null) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity", new Object[0]);
        }
        if (this.endpointAddresses == null || this.endpointAddresses.isEmpty() || (conditions = samlAssertionWrapper.getSaml2().getConditions()) == null || conditions.getAudienceRestrictions() == null) {
            return;
        }
        boolean z = false;
        Iterator it = conditions.getAudienceRestrictions().iterator();
        while (it.hasNext()) {
            List audiences = ((AudienceRestriction) it.next()).getAudiences();
            if (audiences != null) {
                Iterator it2 = audiences.iterator();
                while (true) {
                    if (it2.hasNext()) {
                        if (this.endpointAddresses.contains(((Audience) it2.next()).getAudienceURI())) {
                            z = true;
                            break;
                        }
                    }
                }
            }
        }
        if (!z) {
            throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity", new Object[0]);
        }
    }

    public List<String> getEndpointAddresses() {
        return this.endpointAddresses;
    }

    public void setEndpointAddresses(List<String> list) {
        this.endpointAddresses = list;
    }
}
