package org.wso2.solutions.identity.sts;

import java.io.ByteArrayInputStream;
import java.util.Date;
import java.util.Iterator;
import javax.xml.namespace.QName;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasData;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.ws.security.message.WSSecEncryptedKey;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.joda.time.DateTime;
import org.openid4java.message.Message;
import org.openid4java.message.MessageException;
import org.openid4java.message.Parameter;
import org.openid4java.message.ParameterList;
import org.opensaml.SAMLException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.openid.OpenIDProvider;
import org.wso2.solutions.identity.openid.infocard.OpenIDInfoCardHeader;
import org.wso2.solutions.identity.openid.infocard.OpenIDInfoCardProviderData;
import org.wso2.solutions.identity.openid.infocard.OpenIDInfoCardToken;
import org.wso2.solutions.identity.sts.IdentityProviderData;

/* loaded from: input_file:org/wso2/solutions/identity/sts/OpenIDTokenIssuer.class */
public class OpenIDTokenIssuer extends IdentityTokenIssuer {
    private String appliesTo;
    private static Log log = LogFactory.getLog(OpenIDTokenIssuer.class);

    @Override // org.wso2.solutions.identity.sts.IdentityTokenIssuer
    public SOAPEnvelope issue(RahasData rahasData) throws TrustException {
        this.appliesTo = rahasData.getAppliesToAddress();
        return super.issue(rahasData);
    }

    @Override // org.wso2.solutions.identity.sts.IdentityTokenIssuer
    protected Element createSAMLAssertionAsDOM(IdentityProviderData identityProviderData, RahasData rahasData, DateTime dateTime, DateTime dateTime2, String str) throws IdentityProviderException {
        return null;
    }

    @Override // org.wso2.solutions.identity.sts.IdentityTokenIssuer
    protected OMElement createRSTR(RahasData rahasData, Date date, Date date2, SOAPEnvelope sOAPEnvelope, Document document, Node node, String str, WSSecEncryptedKey wSSecEncryptedKey) throws TrustException, SAMLException, IdentityProviderException {
        int version = rahasData.getVersion();
        OMElement createRequestSecurityTokenResponseElement = TrustUtil.createRequestSecurityTokenResponseElement(version, sOAPEnvelope.getBody());
        TrustUtil.createTokenTypeElement(version, createRequestSecurityTokenResponseElement).setText(rahasData.getTokenType());
        createDisplayToken(createRequestSecurityTokenResponseElement, this.ipData);
        if (log.isDebugEnabled()) {
            log.debug("Display token for OpenID Information card, created successfully");
        }
        if (wSSecEncryptedKey != null) {
            int keysize = rahasData.getKeysize();
            if (keysize == -1) {
                keysize = wSSecEncryptedKey.getEphemeralKey().length * 8;
            }
            TrustUtil.createKeySizeElement(version, createRequestSecurityTokenResponseElement, keysize);
            try {
                createRequestSecurityTokenResponseElement.getOMFactory().createOMElement(new QName("http://schemas.xmlsoap.org/ws/2004/09/policy", "AppliesTo", "wsp"), createRequestSecurityTokenResponseElement).addChild(document.importNode(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new ByteArrayInputStream(rahasData.getAppliesToEpr().toString().getBytes())).getDocumentElement(), true));
            } catch (Exception e) {
                throw new TrustException("RequestFailed", e);
            }
        }
        XmlSchemaDateFormat xmlSchemaDateFormat = new XmlSchemaDateFormat();
        TrustUtil.createLifetimeElement(version, createRequestSecurityTokenResponseElement, xmlSchemaDateFormat.format(date), xmlSchemaDateFormat.format(date2));
        createOpenIdToken(TrustUtil.createRequestedSecurityTokenElement(version, createRequestSecurityTokenResponseElement));
        createAttachedRef(createRequestSecurityTokenResponseElement, str);
        createUnattachedRef(createRequestSecurityTokenResponseElement, str);
        if (log.isDebugEnabled()) {
            log.debug("RSTR for OpenID Information card, created successfully");
        }
        return createRequestSecurityTokenResponseElement;
    }

    protected OMElement createOpenIdToken(OMElement oMElement) throws IdentityProviderException {
        OMElement createOpenIdToken = IdentityProviderUtil.createOpenIdToken(oMElement, this.ipData);
        ParameterList buildHeader = new OpenIDInfoCardHeader(OpenIDProvider.getManager()).buildHeader(((IdentityProviderData.RequestedClaimData) this.ipData.requestedClaims.get("http://schema.openid.net/2007/05/claims/identifier")).value, OpenIDProvider.getOpAddress(), this.appliesTo);
        setAttributeExchangeParams(buildHeader);
        try {
            createOpenIdToken.setText(new OpenIDInfoCardToken(Message.createMessage(buildHeader)).getToken());
            if (log.isDebugEnabled()) {
                log.debug("OpenID token created successfully");
            }
            return createOpenIdToken;
        } catch (MessageException e) {
            log.error(e.getMessage());
            throw new IdentityProviderException("openIDTokenCreationFailed");
        }
    }

    protected void setAttributeExchangeParams(ParameterList parameterList) {
        parameterList.set(new Parameter("openid.ns.ext1", "http://openid.net/srv/ax/1.0-draft4"));
        parameterList.set(new Parameter("openid.ext1.mode", "fetch_response"));
        Iterator it = this.ipData.requestedClaims.keySet().iterator();
        while (it.hasNext()) {
            OpenIDInfoCardProviderData.OpenIDRequestedClaimData openIDRequestedClaimData = (OpenIDInfoCardProviderData.OpenIDRequestedClaimData) this.ipData.requestedClaims.get((String) it.next());
            if (openIDRequestedClaimData.openIDTag != null) {
                parameterList.set(new Parameter("openid.ext1.type." + openIDRequestedClaimData.openIDTag, openIDRequestedClaimData.uri));
                parameterList.set(new Parameter("openid.ext1.value." + openIDRequestedClaimData.openIDTag, openIDRequestedClaimData.value));
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("OpenID Ax parameters set successfully");
        }
    }

    @Override // org.wso2.solutions.identity.sts.IdentityTokenIssuer
    protected IdentityProviderData getIdentityProviderData(RahasData rahasData) throws Exception {
        return new OpenIDInfoCardProviderData(rahasData);
    }
}
