package com.atlassian.crowd.sso.saml.impl.opensaml.action;

import com.atlassian.crowd.sso.saml.impl.opensaml.util.XMLObjectBuilders;
import javax.annotation.Nonnull;
import net.shibboleth.utilities.java.support.security.SecureRandomIdentifierGenerationStrategy;
import org.joda.time.DateTime;
import org.opensaml.profile.action.AbstractProfileAction;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.AuthnContext;
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.Response;
import org.opensaml.saml.saml2.profile.SAML2ActionSupport;

/* loaded from: input_file:com/atlassian/crowd/sso/saml/impl/opensaml/action/AddAssertionAction.class */
public class AddAssertionAction extends AbstractProfileAction<AuthnRequest, Response> {
    private final String issuer;

    public AddAssertionAction(String str) {
        this.issuer = str;
    }

    public void doExecute(@Nonnull ProfileRequestContext<AuthnRequest, Response> profileRequestContext) {
        Assertion addAssertionToResponse = SAML2ActionSupport.addAssertionToResponse(this, (Response) profileRequestContext.getOutboundMessageContext().getMessage(), new SecureRandomIdentifierGenerationStrategy(), this.issuer);
        addAssertionToResponse.getAuthnStatements().add(buildAuthnStatement());
    }

    private AuthnStatement buildAuthnStatement() {
        AuthnContext buildSAMLObjectOrThrow = XMLObjectBuilders.buildSAMLObjectOrThrow(AuthnContext.TYPE_NAME);
        AuthnStatement buildSAMLObjectOrThrow2 = XMLObjectBuilders.buildSAMLObjectOrThrow(AuthnStatement.TYPE_NAME);
        AuthnContextClassRef buildSAMLObjectOrThrow3 = XMLObjectBuilders.buildSAMLObjectOrThrow(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
        buildSAMLObjectOrThrow3.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:Password");
        buildSAMLObjectOrThrow.setAuthnContextClassRef(buildSAMLObjectOrThrow3);
        buildSAMLObjectOrThrow2.setAuthnContext(buildSAMLObjectOrThrow);
        buildSAMLObjectOrThrow2.setAuthnInstant(DateTime.now());
        return buildSAMLObjectOrThrow2;
    }
}
