package dk.itst.oiosaml.sp.model;

import dk.itst.oiosaml.common.SAMLUtil;
import dk.itst.oiosaml.error.Layer;
import dk.itst.oiosaml.error.WrappedException;
import dk.itst.oiosaml.logging.Logger;
import dk.itst.oiosaml.logging.LoggerFactory;
import java.security.PublicKey;
import org.opensaml.Configuration;
import org.opensaml.common.SignableSAMLObject;
import org.opensaml.security.SAMLSignatureProfileValidator;
import org.opensaml.ws.soap.soap11.Body;
import org.opensaml.ws.soap.soap11.Envelope;
import org.opensaml.xml.ElementExtensibleXMLObject;
import org.opensaml.xml.Namespace;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.SecurityConfiguration;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.x509.BasicX509Credential;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.SignatureValidator;
import org.opensaml.xml.signature.Signer;
import org.opensaml.xml.util.Base64;
import org.opensaml.xml.util.XMLHelper;
import org.opensaml.xml.validation.ValidationException;

/* loaded from: input_file:dk/itst/oiosaml/sp/model/OIOSamlObject.class */
public class OIOSamlObject {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OIOSamlObject.class);
    private final XMLObject obj;

    public OIOSamlObject(XMLObject xMLObject) {
        if (xMLObject == null) {
            throw new IllegalArgumentException("Object cannot be null");
        }
        this.obj = xMLObject;
    }

    public String toString() {
        return "Object: " + this.obj;
    }

    public String toXML() {
        return XMLHelper.nodeToString(SAMLUtil.marshallObject(this.obj));
    }

    public void sign(Credential credential) {
        Signature buildXMLObject = SAMLUtil.buildXMLObject(Signature.class);
        if (!(this.obj instanceof SignableSAMLObject)) {
            throw new IllegalStateException("Object of type " + this.obj.getClass() + " is not signable");
        }
        this.obj.addNamespace(new Namespace("http://www.w3.org/2000/09/xmldsig#", "ds"));
        buildXMLObject.setSigningCredential(credential);
        try {
            SecurityHelper.prepareSignatureParams(buildXMLObject, credential, (SecurityConfiguration) null, (String) null);
            this.obj.setSignature(buildXMLObject);
            try {
                Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(this.obj);
                if (marshaller == null) {
                    throw new RuntimeException("No marshaller registered for " + this.obj.getElementQName() + ", unable to marshall in preperation for signing");
                }
                marshaller.marshall(this.obj);
                Signer.signObject(buildXMLObject);
            } catch (SignatureException e) {
                log.error("Unable to sign protocol message", e);
                throw new WrappedException(Layer.BUSINESS, e);
            } catch (MarshallingException e2) {
                log.error("Unable to marshall protocol message in preparation for signing", e2);
                throw new WrappedException(Layer.BUSINESS, e2);
            }
        } catch (SecurityException e3) {
            throw new WrappedException(Layer.BUSINESS, e3);
        }
    }

    public String toBase64() {
        return Base64.encodeBytes(XMLHelper.nodeToString(SAMLUtil.marshallObject(this.obj)).getBytes(), 8);
    }

    public boolean hasSignature() {
        return (this.obj instanceof SignableSAMLObject) && this.obj.getSignature() != null;
    }

    public boolean verifySignature(PublicKey publicKey) {
        if (publicKey == null) {
            throw new IllegalArgumentException("Certificate cannot be null");
        }
        Signature signature = null;
        if (this.obj instanceof SignableSAMLObject) {
            signature = this.obj.getSignature();
        } else if (this.obj instanceof ElementExtensibleXMLObject) {
            signature = SAMLUtil.getFirstElement(this.obj, Signature.class);
        }
        if (signature == null) {
            log.warn("No signature present in object " + this.obj);
            return false;
        }
        try {
            new SAMLSignatureProfileValidator().validate(signature);
            BasicX509Credential basicX509Credential = new BasicX509Credential();
            basicX509Credential.setPublicKey(publicKey);
            try {
                new SignatureValidator(basicX509Credential).validate(signature);
                return true;
            } catch (ValidationException e) {
                log.warn("The signature does not match the signature of the login site", e);
                return false;
            }
        } catch (Exception e2) {
            log.warn("The signature does not meet the requirements indicated by the SAML profile of the XML signature", e2);
            return false;
        }
    }

    public String toSoapEnvelope() {
        Body buildXMLObject = SAMLUtil.buildXMLObject(Body.class);
        buildXMLObject.getUnknownXMLObjects().add(this.obj);
        Envelope buildXMLObject2 = SAMLUtil.buildXMLObject(Envelope.class);
        buildXMLObject2.setBody(buildXMLObject);
        try {
            return XMLHelper.nodeToString(Configuration.getMarshallerFactory().getMarshaller(buildXMLObject2).marshall(buildXMLObject2));
        } catch (MarshallingException e) {
            throw new WrappedException(Layer.CLIENT, e);
        }
    }
}
