package com.mulesoft.modules.saml.internal.validation.validator;

import com.mulesoft.modules.saml.api.constants.ConfirmationMethod;
import com.mulesoft.modules.saml.internal.SamlUtils;
import com.mulesoft.modules.saml.internal.error.SamlError;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.mule.runtime.extension.api.exception.ModuleException;
import org.opensaml.saml.common.SAMLVersion;

/* loaded from: input_file:com/mulesoft/modules/saml/internal/validation/validator/SamlConfirmationMethodValidator.class */
public class SamlConfirmationMethodValidator implements SamlValidator {
    private List<ConfirmationMethod> requiredConfirmationMethods;

    public SamlConfirmationMethodValidator(List<ConfirmationMethod> list) {
        this.requiredConfirmationMethods = list;
    }

    @Override // com.mulesoft.modules.saml.internal.validation.validator.SamlValidator
    public void validate(SamlAssertionWrapper samlAssertionWrapper) {
        List<String> confirmationMethods = samlAssertionWrapper.getConfirmationMethods();
        if (confirmationMethods.isEmpty()) {
            throw new ModuleException("The given assertion has no confirmation method", SamlError.INVALID_METHOD);
        }
        Set<String> requiredConfirmationMethodsForVersion = requiredConfirmationMethodsForVersion(samlAssertionWrapper.getSamlVersion());
        for (String str : confirmationMethods) {
            if (!requiredConfirmationMethodsForVersion.contains(str)) {
                throw new ModuleException(String.format("A confirmation method %s was found that is not within the allowed ones (%s).", str, requiredConfirmationMethodsForVersion), SamlError.INVALID_METHOD);
            }
        }
    }

    private Set<String> requiredConfirmationMethodsForVersion(SAMLVersion sAMLVersion) {
        HashSet hashSet = new HashSet();
        Iterator<ConfirmationMethod> it = this.requiredConfirmationMethods.iterator();
        while (it.hasNext()) {
            hashSet.add(SamlUtils.getConfirmationMethodStringForSAML(it.next(), sAMLVersion));
        }
        return hashSet;
    }
}
