package com.ibm.ws.wssecurity.saml.saml20.assertion.impl;

import com.ibm.websphere.wssecurity.callbackhandler.NameIDCallback;
import com.ibm.ws.wssecurity.saml.common.SAMLCommonConstants;
import com.ibm.ws.wssecurity.saml.common.util.OMUtil;
import com.ibm.ws.wssecurity.saml.saml20.assertion.NameID;
import com.ibm.ws.wssecurity.saml.saml20.assertion.Subject;
import com.ibm.ws.wssecurity.saml.saml20.assertion.SubjectConfirmation;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.saml.config.ConsumerConfig;
import com.ibm.wsspi.wssecurity.saml.config.CredentialConfig;
import com.ibm.wsspi.wssecurity.saml.config.ProviderConfig;
import com.ibm.wsspi.wssecurity.saml.config.RequesterConfig;
import com.ibm.wsspi.wssecurity.saml.data.SAMLNameID;
import java.util.ArrayList;
import java.util.List;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;

/* loaded from: input_file:com/ibm/ws/wssecurity/saml/saml20/assertion/impl/SubjectImpl.class */
public class SubjectImpl implements Subject {
    private static final String comp = "security.wssecurity";
    private ProviderConfig issueCfg;
    private RequesterConfig requesterData;
    private CredentialConfig cred;
    private NameID nameId;
    private SubjectConfirmation subConfirm;
    private ConsumerConfig assertionConsumingCfg;
    protected List content;
    private static final TraceComponent tc = Tr.register(SubjectImpl.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.samlmessages");
    private static final String clsName = SubjectImpl.class.getName();
    private static final OMFactory omFactory = OMAbstractFactory.getOMFactory();

    public SubjectImpl() {
        this.issueCfg = null;
        this.requesterData = null;
        this.cred = null;
        this.nameId = null;
        this.subConfirm = null;
        this.assertionConsumingCfg = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SubjectImpl()");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "SubjectImpl()");
        }
    }

    public SubjectImpl(ConsumerConfig consumerConfig) {
        this.issueCfg = null;
        this.requesterData = null;
        this.cred = null;
        this.nameId = null;
        this.subConfirm = null;
        this.assertionConsumingCfg = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SubjectImpl(ConsumerConfig)");
        }
        this.assertionConsumingCfg = consumerConfig;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "SubjectImpl(ConsumerConfig)");
        }
    }

    public SubjectImpl(ProviderConfig providerConfig, RequesterConfig requesterConfig, CredentialConfig credentialConfig) {
        this.issueCfg = null;
        this.requesterData = null;
        this.cred = null;
        this.nameId = null;
        this.subConfirm = null;
        this.assertionConsumingCfg = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "SubjectImpl(ProviderConfig, RequesterConfig, CredentialConfig)");
        }
        this.issueCfg = providerConfig;
        this.requesterData = requesterConfig;
        this.cred = credentialConfig;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "SubjectImpl(ProviderConfig, RequesterConfig, CredentialConfig)");
        }
    }

    private NameID createSimpleSubjectNameID(ProviderConfig providerConfig, RequesterConfig requesterConfig, CredentialConfig credentialConfig) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createSimpleSubjectNameID(ProviderConfig, RequesterConfig, CredentialConfig)");
        }
        NameIDImpl nameIDImpl = new NameIDImpl();
        if (this.issueCfg.getNameIDProvider() != null && !this.issueCfg.getNameIDProvider().isEmpty()) {
            NameIDCallback nameIDCallback = new NameIDCallback(this.issueCfg, this.requesterData, this.cred);
            try {
                ((CallbackHandler) ConfigUtil.instantiateNew(this.issueCfg.getNameIDProvider(), null, null)).handle(new Callback[]{nameIDCallback});
                SAMLNameID sAMLNameID = nameIDCallback.getSAMLNameID();
                if (sAMLNameID != null) {
                    nameIDImpl.setFormat(sAMLNameID.getFormat());
                    nameIDImpl.setNameQualifier(sAMLNameID.getNameQualifier());
                    nameIDImpl.setValue(sAMLNameID.getValue());
                    nameIDImpl.setSPNameQualifier(sAMLNameID.getSPNameQualifier());
                    nameIDImpl.setSPProvidedID(sAMLNameID.getSPProvidedID());
                }
            } catch (Exception e) {
                Tr.processException(e, clsName + ".createSimpleSubjectNameID", "151", this);
                throw SoapSecurityException.format("Unable to process NameIDCallback", e);
            }
        } else if (credentialConfig.getSAMLNameID() != null && credentialConfig.getSAMLNameID().getValue() != null) {
            nameIDImpl.setFormat(credentialConfig.getSAMLNameID().getFormat());
            nameIDImpl.setNameQualifier(credentialConfig.getSAMLNameID().getNameQualifier());
            nameIDImpl.setValue(credentialConfig.getSAMLNameID().getValue());
            nameIDImpl.setSPNameQualifier(credentialConfig.getSAMLNameID().getSPNameQualifier());
            nameIDImpl.setSPProvidedID(credentialConfig.getSAMLNameID().getSPProvidedID());
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createSimpleSubjectNameID(ProviderConfig, RequesterConfig, CredentialConfig): " + nameIDImpl);
        }
        return nameIDImpl;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Subject
    public NameID getNameID() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getNameID()");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getNameID(): " + this.nameId);
        }
        return this.nameId;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Subject
    public void setNameID(NameID nameID) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setNameID(" + nameID + ")");
        }
        this.nameId = nameID;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setNameID(" + nameID + ")");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Subject
    public SubjectConfirmation getSubjectConfirmation() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSubjectConfirmation()");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getSubjectConfirmation()");
        }
        return this.subConfirm;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Subject
    public List getContent() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getContent()");
        }
        if (this.content == null) {
            this.content = new ArrayList();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getContent()");
        }
        return this.content;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public OMElement getXML() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getXML()");
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "getXML()");
        return null;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public OMElement marshal(OMElement oMElement) throws SoapSecurityException {
        OMElement createOMElement;
        OMElement marshal;
        OMElement marshal2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "marshal(OMElement parent): " + (oMElement == null ? null : oMElement.toString()));
        }
        if (oMElement == null) {
            createOMElement = omFactory.createOMElement("Subject", SAMLCommonConstants._saml2_ns, SAMLCommonConstants._saml2_prefix);
            createOMElement.declareNamespace(SAMLCommonConstants._saml2_ns, SAMLCommonConstants._saml2_prefix);
        } else {
            createOMElement = oMElement.getOMFactory().createOMElement("Subject", SAMLCommonConstants._saml2_ns, SAMLCommonConstants._saml2_prefix);
        }
        if (this.nameId != null && (marshal2 = this.nameId.marshal(createOMElement)) != null) {
            createOMElement.addChild(marshal2);
        }
        if (this.subConfirm != null && (marshal = this.subConfirm.marshal(createOMElement)) != null) {
            createOMElement.addChild(marshal);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "marshal(OMElement parent): " + (createOMElement == null ? null : createOMElement.toString()));
        }
        return createOMElement;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public void unMarshal(OMElement oMElement) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unMarshal (OMElement om): " + (oMElement == null ? null : oMElement.toString()));
        }
        OMElement firstElement = OMUtil.getFirstElement(oMElement);
        while (true) {
            OMElement oMElement2 = firstElement;
            if (oMElement2 == null) {
                break;
            }
            String localName = oMElement2.getLocalName();
            String namespaceURI = oMElement2.getNamespace() == null ? null : oMElement2.getNamespace().getNamespaceURI();
            if ("NameID".equals(localName)) {
                this.nameId = new NameIDImpl();
                this.nameId.unMarshal(oMElement2);
            } else if ("SubjectConfirmation".equals(oMElement2.getLocalName())) {
                this.subConfirm = new SubjectConfirmationImpl(this.assertionConsumingCfg);
                this.subConfirm.unMarshal(oMElement2);
            }
            firstElement = OMUtil.getNextElement(oMElement2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "unMarshal (OMElement om)");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public void create() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "create()");
        }
        this.subConfirm = new SubjectConfirmationImpl(this.issueCfg, this.requesterData, this.cred);
        this.subConfirm.create();
        this.nameId = createSimpleSubjectNameID(this.issueCfg, this.requesterData, this.cred);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "create()");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public boolean validate() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate()");
        }
        if (this.nameId != null && !this.nameId.validate()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "nameId validate failed");
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "validate() returns: false");
            return false;
        }
        if (this.subConfirm == null || this.subConfirm.validate()) {
            if (!tc.isEntryEnabled()) {
                return true;
            }
            Tr.exit(tc, "validate()");
            return true;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "subConfirm validate failed");
        }
        if (!tc.isEntryEnabled()) {
            return false;
        }
        Tr.exit(tc, "validate() returns: false");
        return false;
    }
}
