package com.mulesoft.mule.compatibility.module.saml;

import java.security.cert.X509Certificate;
import java.util.Collections;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.WSSecEncryptedKey;
import org.apache.ws.security.saml.ext.SAMLCallback;
import org.apache.ws.security.saml.ext.bean.ActionBean;
import org.apache.ws.security.saml.ext.bean.AttributeBean;
import org.apache.ws.security.saml.ext.bean.AttributeStatementBean;
import org.apache.ws.security.saml.ext.bean.AuthDecisionStatementBean;
import org.apache.ws.security.saml.ext.bean.AuthenticationStatementBean;
import org.apache.ws.security.saml.ext.bean.ConditionsBean;
import org.apache.ws.security.saml.ext.bean.KeyInfoBean;
import org.apache.ws.security.saml.ext.bean.SubjectBean;
import org.mule.runtime.core.api.util.xmlsecurity.XMLSecureFactories;
import org.opensaml.saml2.core.Action;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:repository/com/mulesoft/mule/modules/modules/mule-module-saml-ee/1.3.2/mule-module-saml-ee-1.3.2.jar:com/mulesoft/mule/compatibility/module/saml/AbstractSAMLCallbackHandler.class */
public abstract class AbstractSAMLCallbackHandler implements CallbackHandler {
    protected String subjectName;
    protected String subjectQualifier;
    protected String confirmationMethod;
    protected X509Certificate[] certs;
    protected Statement statement = Statement.AUTHN;
    protected KeyInfoBean.CERT_IDENTIFIER certIdentifier = KeyInfoBean.CERT_IDENTIFIER.X509_CERT;
    protected byte[] ephemeralKey;
    protected ConditionsBean conditions;

    /* loaded from: input_file:repository/com/mulesoft/mule/modules/modules/mule-module-saml-ee/1.3.2/mule-module-saml-ee-1.3.2.jar:com/mulesoft/mule/compatibility/module/saml/AbstractSAMLCallbackHandler$Statement.class */
    public enum Statement {
        AUTHN,
        ATTR,
        AUTHZ
    }

    public void setConfirmationMethod(String str) {
        this.confirmationMethod = str;
    }

    public void setStatement(Statement statement) {
        this.statement = statement;
    }

    public void setCertIdentifier(KeyInfoBean.CERT_IDENTIFIER cert_identifier) {
        this.certIdentifier = cert_identifier;
    }

    public void setCerts(X509Certificate[] x509CertificateArr) {
        this.certs = x509CertificateArr;
    }

    public byte[] getEphemeralKey() {
        return this.ephemeralKey;
    }

    public ConditionsBean getConditions() {
        return this.conditions;
    }

    public void setConditions(ConditionsBean conditionsBean) {
        this.conditions = conditionsBean;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createAndSetStatement(SubjectBean subjectBean, SAMLCallback sAMLCallback) {
        if (this.statement == Statement.AUTHN) {
            AuthenticationStatementBean authenticationStatementBean = new AuthenticationStatementBean();
            if (subjectBean != null) {
                authenticationStatementBean.setSubject(subjectBean);
            }
            authenticationStatementBean.setAuthenticationMethod("Password");
            sAMLCallback.setAuthenticationStatementData(Collections.singletonList(authenticationStatementBean));
            return;
        }
        if (this.statement == Statement.ATTR) {
            AttributeStatementBean attributeStatementBean = new AttributeStatementBean();
            if (subjectBean != null) {
                attributeStatementBean.setSubject(subjectBean);
            }
            AttributeBean attributeBean = new AttributeBean();
            attributeBean.setSimpleName("role");
            attributeBean.setAttributeValues(Collections.singletonList(WSHandlerConstants.USER));
            attributeStatementBean.setSamlAttributes(Collections.singletonList(attributeBean));
            sAMLCallback.setAttributeStatementData(Collections.singletonList(attributeStatementBean));
            return;
        }
        AuthDecisionStatementBean authDecisionStatementBean = new AuthDecisionStatementBean();
        if (subjectBean != null) {
            authDecisionStatementBean.setSubject(subjectBean);
        }
        ActionBean actionBean = new ActionBean();
        actionBean.setContents(Action.READ_ACTION);
        authDecisionStatementBean.setActions(Collections.singletonList(actionBean));
        authDecisionStatementBean.setResource("endpoint");
        authDecisionStatementBean.setDecision(AuthDecisionStatementBean.Decision.PERMIT);
        sAMLCallback.setAuthDecisionStatementData(Collections.singletonList(authDecisionStatementBean));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyInfoBean createKeyInfo() throws Exception {
        KeyInfoBean keyInfoBean = new KeyInfoBean();
        if (this.statement == Statement.AUTHN) {
            keyInfoBean.setCertificate(this.certs[0]);
            keyInfoBean.setCertIdentifer(this.certIdentifier);
        } else if (this.statement == Statement.ATTR) {
            DocumentBuilderFactory documentBuilderFactory = XMLSecureFactories.createDefault().getDocumentBuilderFactory();
            documentBuilderFactory.setNamespaceAware(true);
            Document newDocument = documentBuilderFactory.newDocumentBuilder().newDocument();
            WSSecEncryptedKey wSSecEncryptedKey = new WSSecEncryptedKey();
            wSSecEncryptedKey.setKeyIdentifierType(3);
            wSSecEncryptedKey.setUseThisCert(this.certs[0]);
            wSSecEncryptedKey.prepare(newDocument, null);
            this.ephemeralKey = wSSecEncryptedKey.getEphemeralKey();
            Element encryptedKeyElement = wSSecEncryptedKey.getEncryptedKeyElement();
            Element createElementNS = newDocument.createElementNS("http://www.w3.org/2000/09/xmldsig#", "ds:KeyInfo");
            createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:ds", "http://www.w3.org/2000/09/xmldsig#");
            createElementNS.appendChild(encryptedKeyElement);
            keyInfoBean.setElement(createElementNS);
        }
        return keyInfoBean;
    }
}
