package net.shibboleth.idp.authn.principal.impl;

import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.Principal;
import java.util.Collection;
import java.util.Objects;
import java.util.Set;
import java.util.regex.Pattern;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.ThreadSafe;
import javax.json.Json;
import javax.json.JsonArray;
import javax.json.JsonArrayBuilder;
import javax.json.JsonBuilderFactory;
import javax.json.JsonException;
import javax.json.JsonNumber;
import javax.json.JsonObject;
import javax.json.JsonObjectBuilder;
import javax.json.JsonReader;
import javax.json.JsonString;
import javax.json.JsonStructure;
import javax.json.JsonValue;
import javax.json.stream.JsonGenerator;
import net.shibboleth.idp.authn.principal.AbstractPrincipalSerializer;
import net.shibboleth.idp.authn.principal.ProxyAuthenticationPrincipal;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/idp-authn-impl-4.1.2.jar:net/shibboleth/idp/authn/principal/impl/ProxyAuthenticationPrincipalSerializer.class */
public class ProxyAuthenticationPrincipalSerializer extends AbstractPrincipalSerializer<String> {

    @NotEmpty
    @Nonnull
    private static final String PROXY_AUTH_FIELD = "AA";

    @NotEmpty
    @Nonnull
    private static final String PROXY_COUNT_FIELD = "PXC";

    @NotEmpty
    @Nonnull
    private static final String PROXY_AUD_FIELD = "AUD";
    private static final Pattern JSON_PATTERN = Pattern.compile("^\\{\"AA\":.*\\}$");

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) ProxyAuthenticationPrincipalSerializer.class);

    @Nonnull
    private final JsonBuilderFactory objectBuilderFactory = Json.createBuilderFactory(null);

    @Override // net.shibboleth.idp.authn.principal.PrincipalSerializer
    public boolean supports(@Nonnull Principal principal) {
        return principal instanceof ProxyAuthenticationPrincipal;
    }

    @Override // net.shibboleth.idp.authn.principal.PrincipalSerializer
    @NotEmpty
    @Nonnull
    public String serialize(@Nonnull Principal principal) throws IOException {
        ProxyAuthenticationPrincipal proxyAuthenticationPrincipal = (ProxyAuthenticationPrincipal) principal;
        JsonArrayBuilder jsonArrayBuilder = getJsonArrayBuilder();
        Collection<String> authorities = proxyAuthenticationPrincipal.getAuthorities();
        Objects.requireNonNull(jsonArrayBuilder);
        authorities.forEach(jsonArrayBuilder::add);
        StringWriter stringWriter = new StringWriter(32);
        JsonGenerator jsonGenerator = getJsonGenerator(stringWriter);
        try {
            jsonGenerator.writeStartObject().write(PROXY_AUTH_FIELD, jsonArrayBuilder.build());
            if (proxyAuthenticationPrincipal.getProxyCount() != null) {
                jsonGenerator.write(PROXY_COUNT_FIELD, proxyAuthenticationPrincipal.getProxyCount().intValue());
            }
            if (!proxyAuthenticationPrincipal.getAudiences().isEmpty()) {
                JsonArrayBuilder jsonArrayBuilder2 = getJsonArrayBuilder();
                Set<String> audiences = proxyAuthenticationPrincipal.getAudiences();
                Objects.requireNonNull(jsonArrayBuilder2);
                audiences.forEach(jsonArrayBuilder2::add);
                jsonGenerator.write(PROXY_AUD_FIELD, jsonArrayBuilder2.build());
            }
            jsonGenerator.writeEnd();
            if (jsonGenerator != null) {
                jsonGenerator.close();
            }
            return stringWriter.toString();
        } catch (Throwable th) {
            if (jsonGenerator != null) {
                try {
                    jsonGenerator.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // net.shibboleth.idp.authn.principal.PrincipalSerializer
    public boolean supports(@NotEmpty @Nonnull String str) {
        return JSON_PATTERN.matcher(str).matches();
    }

    @Override // net.shibboleth.idp.authn.principal.PrincipalSerializer
    @Nullable
    public ProxyAuthenticationPrincipal deserialize(@NotEmpty @Nonnull String str) throws IOException {
        try {
            JsonReader jsonReader = getJsonReader(new StringReader(str));
            try {
                JsonStructure read = jsonReader.read();
                if (!(read instanceof JsonObject)) {
                    throw new IOException("Found invalid data structure while parsing ProxyAuthenticationPrincipal");
                }
                JsonValue jsonValue = ((JsonObject) read).get(PROXY_AUTH_FIELD);
                if (jsonValue == null || !JsonValue.ValueType.ARRAY.equals(jsonValue.getValueType())) {
                    throw new IOException("Serialized ProxyAuthenticationPrincipal missing primary array field");
                }
                ProxyAuthenticationPrincipal proxyAuthenticationPrincipal = new ProxyAuthenticationPrincipal();
                for (JsonValue jsonValue2 : (JsonArray) jsonValue) {
                    if (JsonValue.ValueType.STRING.equals(jsonValue2.getValueType())) {
                        proxyAuthenticationPrincipal.getAuthorities().add(((JsonString) jsonValue2).getString());
                    }
                }
                JsonValue jsonValue3 = ((JsonObject) read).get(PROXY_COUNT_FIELD);
                if (jsonValue3 != null) {
                    if (!JsonValue.ValueType.NUMBER.equals(jsonValue3.getValueType())) {
                        throw new IOException("Found invalid data structure while parsing ProxyAuthenticationPrincipal");
                    }
                    proxyAuthenticationPrincipal.setProxyCount(Integer.valueOf(((JsonNumber) jsonValue3).intValueExact()));
                }
                JsonValue jsonValue4 = ((JsonObject) read).get(PROXY_AUD_FIELD);
                if (jsonValue4 != null) {
                    if (!JsonValue.ValueType.ARRAY.equals(jsonValue4.getValueType())) {
                        throw new IOException("Found invalid data structure while parsing ProxyAuthenticationPrincipal");
                    }
                    for (JsonValue jsonValue5 : (JsonArray) jsonValue4) {
                        if (JsonValue.ValueType.STRING.equals(jsonValue5.getValueType())) {
                            proxyAuthenticationPrincipal.getAudiences().add(((JsonString) jsonValue5).getString());
                        }
                    }
                }
                if (jsonReader != null) {
                    jsonReader.close();
                }
                return proxyAuthenticationPrincipal;
            } catch (Throwable th) {
                if (jsonReader != null) {
                    try {
                        jsonReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (JsonException e) {
            throw new IOException("Found invalid data structure while parsing ProxyAuthenticationPrincipal", e);
        }
    }

    @Nonnull
    private synchronized JsonObjectBuilder getJsonObjectBuilder() {
        return this.objectBuilderFactory.createObjectBuilder();
    }

    @Nonnull
    private synchronized JsonArrayBuilder getJsonArrayBuilder() {
        return this.objectBuilderFactory.createArrayBuilder();
    }
}
