package de.governikus.gov.autent.common.idprovider.saml;

import de.bos_bremen.gov.autent.common.AbstractMessageGenerator;
import de.bos_bremen.gov.autent.common.ErrorCode;
import de.bos_bremen.gov.autent.common.Utils;
import de.bos_bremen.gov.autent.common.XMLSignatureHandler;
import de.bos_bremen.gov.autent.common.XmlHelper;
import java.io.ByteArrayOutputStream;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.joda.time.DateTime;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.Issuer;
import org.opensaml.saml.saml2.core.Response;
import org.opensaml.saml.saml2.core.Status;
import org.opensaml.saml.saml2.core.StatusCode;
import org.opensaml.saml.saml2.core.StatusMessage;
import org.opensaml.saml.saml2.core.impl.IssuerBuilder;
import org.opensaml.saml.saml2.core.impl.ResponseBuilder;
import org.opensaml.saml.saml2.core.impl.StatusBuilder;
import org.opensaml.saml.saml2.core.impl.StatusCodeBuilder;
import org.opensaml.saml.saml2.core.impl.StatusMessageBuilder;
import org.opensaml.xmlsec.encryption.support.EncryptionException;
import org.opensaml.xmlsec.signature.Signature;
import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.Signer;
import org.w3c.dom.Element;

/* loaded from: input_file:de/governikus/gov/autent/common/idprovider/saml/ResponseGenerator.class */
public class ResponseGenerator extends AbstractMessageGenerator {
    private final String requestID;
    private final String destination;
    private Assertion[] assertions = new Assertion[0];
    private String statusCode;
    private String minorCode;
    private String statusMessage;
    private final String idpName;

    public ResponseGenerator(String str, String str2, String str3, boolean z) {
        this.requestID = str;
        this.idpName = str2;
        this.destination = str3;
        this.useCBC = z;
    }

    public byte[] createSamlResponse() throws MarshallingException, GeneralSecurityException {
        try {
            Response buildObject = new ResponseBuilder().buildObject();
            buildObject.setID("_" + Utils.getInstance().generateUniqueID());
            buildObject.setInResponseTo(this.requestID);
            buildObject.setIssueInstant(new DateTime(System.currentTimeMillis()));
            buildObject.setDestination(this.destination);
            Issuer buildObject2 = new IssuerBuilder().buildObject();
            buildObject2.setValue(this.idpName);
            buildObject.setIssuer(buildObject2);
            buildObject.setStatus(createStatus());
            XMLSignatureHandler.addSignature(buildObject, this.sigKey, this.sigCert, this.sigType, this.sigDigestAlg, this.usePSS);
            ArrayList arrayList = new ArrayList();
            for (Assertion assertion : this.assertions) {
                assertion.setParent((XMLObject) null);
                Signature signature = assertion.getSignature();
                if (signature != null) {
                    arrayList.add(signature);
                }
                if (this.encrypter == null) {
                    buildObject.getAssertions().add(assertion);
                } else {
                    buildObject.getEncryptedAssertions().add(this.encrypter.encrypt(assertion));
                }
            }
            if (buildObject.getSignature() != null) {
                arrayList.add(buildObject.getSignature());
            }
            Element marshall = XMLObjectProviderRegistrySupport.getMarshallerFactory().getMarshaller(buildObject.getElementQName()).marshall(buildObject);
            if (buildObject.getSignature() != null) {
                arrayList.add(buildObject.getSignature());
            }
            Signer.signObjects(arrayList);
            Transformer transfomer = XmlHelper.getTransfomer();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            transfomer.transform(new DOMSource(marshall), new StreamResult(byteArrayOutputStream));
            return byteArrayOutputStream.toByteArray();
        } catch (TransformerException e) {
            throw new MarshallingException(e);
        } catch (SignatureException | EncryptionException e2) {
            throw new GeneralSecurityException((Throwable) e2);
        }
    }

    private Status createStatus() {
        Status buildObject = new StatusBuilder().buildObject();
        StatusCode buildObject2 = new StatusCodeBuilder().buildObject();
        buildObject2.setValue(this.statusCode);
        buildObject.setStatusCode(buildObject2);
        if (this.statusMessage != null) {
            StatusMessage buildObject3 = new StatusMessageBuilder().buildObject();
            buildObject3.setMessage(this.statusMessage);
            buildObject.setStatusMessage(buildObject3);
        }
        if (this.minorCode != null) {
            StatusCode buildObject4 = new StatusCodeBuilder().buildObject();
            buildObject4.setValue(this.minorCode);
            buildObject2.setStatusCode(buildObject4);
        }
        return buildObject;
    }

    public void setAssertions(Assertion... assertionArr) {
        this.assertions = assertionArr;
        this.statusCode = "urn:oasis:names:tc:SAML:2.0:status:Success";
        this.statusMessage = null;
    }

    public void setError(ErrorCode errorCode, String... strArr) {
        this.statusCode = errorCode.getSamlStatus();
        this.minorCode = "urn:bos-bremen.de:SAML:minorCode:" + errorCode.toString();
        this.statusMessage = errorCode.toDescription(strArr);
    }

    public void setError(String str, String str2, String str3) {
        this.statusCode = str;
        this.minorCode = str2;
        this.statusMessage = str3;
    }
}
