package se.litsec.opensaml.saml2.metadata;

import java.io.ByteArrayInputStream;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.opensaml.saml.ext.saml2alg.DigestMethod;
import org.opensaml.saml.ext.saml2alg.SigningMethod;
import org.opensaml.saml.ext.saml2mdattr.EntityAttributes;
import org.opensaml.saml.ext.saml2mdui.Description;
import org.opensaml.saml.ext.saml2mdui.DisplayName;
import org.opensaml.saml.ext.saml2mdui.UIInfo;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.Extensions;
import org.opensaml.saml.saml2.metadata.KeyDescriptor;
import org.opensaml.saml.saml2.metadata.SSODescriptor;
import org.opensaml.security.credential.UsageType;
import org.opensaml.security.x509.BasicX509Credential;
import org.opensaml.security.x509.X509Credential;
import org.opensaml.xmlsec.signature.X509Certificate;
import org.opensaml.xmlsec.signature.X509Data;
import se.litsec.opensaml.utils.X509CertificateUtils;

/* loaded from: input_file:se/litsec/opensaml/saml2/metadata/MetadataUtils.class */
public class MetadataUtils {
    public static <T> Optional<T> getMetadataExtension(Extensions extensions, Class<T> cls) {
        if (extensions == null) {
            return Optional.empty();
        }
        Stream<T> filter = extensions.getUnknownXMLObjects().stream().filter(xMLObject -> {
            return cls.isAssignableFrom(xMLObject.getClass());
        });
        cls.getClass();
        return filter.map((v1) -> {
            return r1.cast(v1);
        }).findFirst();
    }

    public static <T> List<T> getMetadataExtensions(Extensions extensions, Class<T> cls) {
        if (extensions == null) {
            return Collections.emptyList();
        }
        Stream<T> filter = extensions.getUnknownXMLObjects().stream().filter(xMLObject -> {
            return cls.isAssignableFrom(xMLObject.getClass());
        });
        cls.getClass();
        return (List) filter.map((v1) -> {
            return r1.cast(v1);
        }).collect(Collectors.toList());
    }

    public static Optional<EntityAttributes> getEntityAttributes(EntityDescriptor entityDescriptor) {
        return getMetadataExtension(entityDescriptor.getExtensions(), EntityAttributes.class);
    }

    public static List<DisplayName> getUiDisplayNames(EntityDescriptor entityDescriptor) {
        SSODescriptor sSODescriptor = getSSODescriptor(entityDescriptor);
        return sSODescriptor == null ? Collections.emptyList() : (List) getMetadataExtension(sSODescriptor.getExtensions(), UIInfo.class).map((v0) -> {
            return v0.getDisplayNames();
        }).orElseGet(Collections::emptyList);
    }

    public static Optional<String> getUiDisplayName(EntityDescriptor entityDescriptor, String str) {
        return getUiDisplayNames(entityDescriptor).stream().filter(displayName -> {
            return str.equals(displayName.getXMLLang());
        }).map((v0) -> {
            return v0.getValue();
        }).findFirst();
    }

    public static List<Description> getUiDescriptions(EntityDescriptor entityDescriptor) {
        SSODescriptor sSODescriptor = getSSODescriptor(entityDescriptor);
        return sSODescriptor == null ? Collections.emptyList() : (List) getMetadataExtension(sSODescriptor.getExtensions(), UIInfo.class).map((v0) -> {
            return v0.getDescriptions();
        }).orElseGet(Collections::emptyList);
    }

    public static Optional<String> getUiDescription(EntityDescriptor entityDescriptor, String str) {
        return getUiDescriptions(entityDescriptor).stream().filter(description -> {
            return str.equals(description.getXMLLang());
        }).map((v0) -> {
            return v0.getValue();
        }).findFirst();
    }

    public static List<X509Credential> getMetadataCertificates(EntityDescriptor entityDescriptor, UsageType usageType) {
        SSODescriptor sSODescriptor = getSSODescriptor(entityDescriptor);
        if (sSODescriptor == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        for (KeyDescriptor keyDescriptor : sSODescriptor.getKeyDescriptors()) {
            if (usageType.equals(keyDescriptor.getUse()) || keyDescriptor.getUse() == null || UsageType.UNSPECIFIED.equals(keyDescriptor.getUse())) {
                if (keyDescriptor.getKeyInfo() != null) {
                    Iterator it = keyDescriptor.getKeyInfo().getX509Datas().iterator();
                    while (it.hasNext()) {
                        Iterator it2 = ((X509Data) it.next()).getX509Certificates().iterator();
                        while (it2.hasNext()) {
                            try {
                                arrayList.add(new BasicX509Credential(X509CertificateUtils.decodeCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(((X509Certificate) it2.next()).getValue())))));
                            } catch (Exception e) {
                            }
                        }
                    }
                }
            }
        }
        return arrayList;
    }

    public static List<DigestMethod> getDigestMethods(EntityDescriptor entityDescriptor) {
        SSODescriptor sSODescriptor = getSSODescriptor(entityDescriptor);
        if (sSODescriptor != null) {
            List<DigestMethod> metadataExtensions = getMetadataExtensions(sSODescriptor.getExtensions(), DigestMethod.class);
            if (!metadataExtensions.isEmpty()) {
                return metadataExtensions;
            }
        }
        return getMetadataExtensions(entityDescriptor.getExtensions(), DigestMethod.class);
    }

    public static List<SigningMethod> getSigningMethods(EntityDescriptor entityDescriptor) {
        SSODescriptor sSODescriptor = getSSODescriptor(entityDescriptor);
        if (sSODescriptor != null) {
            List<SigningMethod> metadataExtensions = getMetadataExtensions(sSODescriptor.getExtensions(), SigningMethod.class);
            if (!metadataExtensions.isEmpty()) {
                return metadataExtensions;
            }
        }
        return getMetadataExtensions(entityDescriptor.getExtensions(), SigningMethod.class);
    }

    public static SSODescriptor getSSODescriptor(EntityDescriptor entityDescriptor) {
        return entityDescriptor.getIDPSSODescriptor("urn:oasis:names:tc:SAML:2.0:protocol") != null ? entityDescriptor.getIDPSSODescriptor("urn:oasis:names:tc:SAML:2.0:protocol") : entityDescriptor.getSPSSODescriptor("urn:oasis:names:tc:SAML:2.0:protocol");
    }

    private MetadataUtils() {
    }
}
