package de.governikus.panstar.sdk.saml.request;

import de.bund.bsi.eid240.AgeVerificationRequestType;
import de.bund.bsi.eid240.AttributeRequestType;
import de.bund.bsi.eid240.AuthnRequestExtension;
import de.bund.bsi.eid240.EIDTypeRequestType;
import de.bund.bsi.eid240.OperationsRequestorType;
import de.bund.bsi.eid240.PlaceVerificationRequestType;
import de.bund.bsi.eid240.RequestedAttributesType;
import de.bund.bsi.eid240.TransactionAttestationRequestType;
import de.governikus.panstar.sdk.saml.configuration.SamlKeyMaterial;
import de.governikus.panstar.sdk.saml.exception.SamlRequestException;
import de.governikus.panstar.sdk.utils.RequestData;
import de.governikus.panstar.sdk.utils.constant.EIDAttributeName;
import de.governikus.panstar.sdk.utils.saml.SamlEncrypterUtils;
import de.governikus.panstar.sdk.utils.xml.XmlUtils;
import java.math.BigInteger;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.Marshaller;
import javax.xml.namespace.QName;
import oasis.names.tc.saml._2_0.assertion.Attribute;
import org.opensaml.core.xml.schema.XSAny;
import org.opensaml.core.xml.schema.impl.XSAnyBuilder;
import org.opensaml.xmlsec.encryption.EncryptedData;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;

/* loaded from: input_file:de/governikus/panstar/sdk/saml/request/AuthnRequestExtensionGenerator.class */
final class AuthnRequestExtensionGenerator {
    private static final Logger LOG = LoggerFactory.getLogger(AuthnRequestExtensionGenerator.class);
    private static final QName BSI_EXTENSION_QNAME = new QName("http://bsi.bund.de/eID/", "AuthnRequestExtension", "eid");

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: de.governikus.panstar.sdk.saml.request.AuthnRequestExtensionGenerator$1, reason: invalid class name */
    /* loaded from: input_file:de/governikus/panstar/sdk/saml/request/AuthnRequestExtensionGenerator$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$de$bund$bsi$eid240$AttributeRequestType = new int[AttributeRequestType.values().length];

        static {
            try {
                $SwitchMap$de$bund$bsi$eid240$AttributeRequestType[AttributeRequestType.ALLOWED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$de$bund$bsi$eid240$AttributeRequestType[AttributeRequestType.REQUIRED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    private AuthnRequestExtensionGenerator() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static XSAny encryptAuthnRequestExtension(AuthnRequestExtension authnRequestExtension, SamlKeyMaterial samlKeyMaterial) throws SamlRequestException {
        try {
            Marshaller createMarshaller = JAXBContext.newInstance(new Class[]{AuthnRequestExtension.class, AgeVerificationRequestType.class, PlaceVerificationRequestType.class, TransactionAttestationRequestType.class, EIDTypeRequestType.class}).createMarshaller();
            Document newDocument = XmlUtils.getDocumentBuilder().newDocument();
            createMarshaller.marshal(authnRequestExtension, newDocument);
            try {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Unencrypted AuthnRequestExtension: {}", XmlUtils.transformElement(newDocument.getDocumentElement()));
                }
                EncryptedData encryptedData = SamlEncrypterUtils.getEncryptedData(newDocument, samlKeyMaterial.getSamlRequestEncryptionCertificate());
                XSAny buildObject = new XSAnyBuilder().buildObject(BSI_EXTENSION_QNAME.getNamespaceURI(), "Encrypted" + BSI_EXTENSION_QNAME.getLocalPart(), BSI_EXTENSION_QNAME.getPrefix());
                buildObject.getUnknownXMLObjects().add(encryptedData);
                return buildObject;
            } catch (Exception e) {
                throw new SamlRequestException("Could not encrypt saml request.", e);
            }
        } catch (Exception e2) {
            throw new SamlRequestException("AuthnRequestExtension could not be marshalled", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AuthnRequestExtension createAuthnRequestExtension(RequestData requestData) {
        AuthnRequestExtension authnRequestExtension = new AuthnRequestExtension();
        authnRequestExtension.setVersion(BigInteger.valueOf(2L));
        OperationsRequestorType useOperations = requestData.getUseOperations();
        RequestedAttributesType requestedAttributesType = new RequestedAttributesType();
        setAttribute(requestedAttributesType, EIDAttributeName.AcademicTitle, attributeRequired(useOperations.getAcademicTitle()));
        setAttribute(requestedAttributesType, EIDAttributeName.ArtisticName, attributeRequired(useOperations.getArtisticName()));
        setAttribute(requestedAttributesType, EIDAttributeName.BirthName, attributeRequired(useOperations.getBirthName()));
        setAttribute(requestedAttributesType, EIDAttributeName.CommunityID, attributeRequired(useOperations.getCommunityID()));
        setAttribute(requestedAttributesType, EIDAttributeName.DateOfBirth, attributeRequired(useOperations.getDateOfBirth()));
        setAttribute(requestedAttributesType, EIDAttributeName.DateOfExpiry, attributeRequired(useOperations.getDateOfExpiry()));
        setAttribute(requestedAttributesType, EIDAttributeName.DocumentType, attributeRequired(useOperations.getDocumentType()));
        setAttribute(requestedAttributesType, EIDAttributeName.FamilyNames, attributeRequired(useOperations.getFamilyNames()));
        setAttribute(requestedAttributesType, EIDAttributeName.GivenNames, attributeRequired(useOperations.getGivenNames()));
        setAttribute(requestedAttributesType, EIDAttributeName.IssuingState, attributeRequired(useOperations.getIssuingState()));
        setAttribute(requestedAttributesType, EIDAttributeName.Nationality, attributeRequired(useOperations.getNationality()));
        setAttribute(requestedAttributesType, EIDAttributeName.PlaceOfBirth, attributeRequired(useOperations.getPlaceOfBirth()));
        setAttribute(requestedAttributesType, EIDAttributeName.PlaceOfResidence, attributeRequired(useOperations.getPlaceOfResidence()));
        setAttribute(requestedAttributesType, EIDAttributeName.ResidencePermitI, attributeRequired(useOperations.getResidencePermitI()));
        setAttribute(requestedAttributesType, EIDAttributeName.RestrictedID, attributeRequired(useOperations.getRestrictedID()));
        setAttributeWithAttributeValue(requestedAttributesType, EIDAttributeName.AgeVerification, attributeRequired(useOperations.getAgeVerification()), requestData.getAgeVerificationRequest());
        setAttributeWithAttributeValue(requestedAttributesType, EIDAttributeName.PlaceVerification, attributeRequired(useOperations.getPlaceVerification()), requestData.getPlaceVerificationRequest());
        setAttributeWithAttributeValue(requestedAttributesType, EIDAttributeName.TransactionInfo, requestData.getTransactionInfo() == null ? null : Boolean.TRUE, requestData.getTransactionInfo());
        setAttributeWithAttributeValue(requestedAttributesType, EIDAttributeName.TransactionAttestation, requestData.getTransactionAttestationRequest() == null ? null : Boolean.TRUE, requestData.getTransactionAttestationRequest());
        setAttributeWithAttributeValue(requestedAttributesType, EIDAttributeName.LevelOfAssurance, requestData.getLevelOfAssuranceRequest() == null ? null : Boolean.TRUE, requestData.getLevelOfAssuranceRequest());
        setAttributeWithAttributeValue(requestedAttributesType, EIDAttributeName.EIDType, requestData.getEidTypeRequest() == null ? null : Boolean.TRUE, requestData.getEidTypeRequest());
        authnRequestExtension.setRequestedAttributes(requestedAttributesType);
        return authnRequestExtension;
    }

    private static void setAttribute(RequestedAttributesType requestedAttributesType, EIDAttributeName eIDAttributeName, Boolean bool) {
        setAttributeWithAttributeValue(requestedAttributesType, eIDAttributeName, bool, null);
    }

    private static void setAttributeWithAttributeValue(RequestedAttributesType requestedAttributesType, EIDAttributeName eIDAttributeName, Boolean bool, Object obj) {
        if (bool != null) {
            Attribute attribute = new Attribute();
            attribute.setName(eIDAttributeName.name());
            if (eIDAttributeName != EIDAttributeName.TransactionInfo && eIDAttributeName != EIDAttributeName.TransactionAttestation && eIDAttributeName != EIDAttributeName.LevelOfAssurance && eIDAttributeName != EIDAttributeName.EIDType) {
                attribute.getOtherAttributes().put(new QName(BSI_EXTENSION_QNAME.getNamespaceURI(), "RequiredAttribute", BSI_EXTENSION_QNAME.getPrefix()), bool.toString());
            }
            if (obj != null) {
                attribute.getAttributeValues().add(obj);
            }
            requestedAttributesType.getAttributes().add(attribute);
        }
    }

    private static Boolean attributeRequired(AttributeRequestType attributeRequestType) {
        switch (AnonymousClass1.$SwitchMap$de$bund$bsi$eid240$AttributeRequestType[attributeRequestType.ordinal()]) {
            case 1:
                return Boolean.FALSE;
            case 2:
                return Boolean.TRUE;
            default:
                return null;
        }
    }
}
