package org.pac4j.saml.metadata;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.util.Objects;
import java.util.Optional;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.io.Unmarshaller;
import org.opensaml.xmlsec.SignatureSigningParameters;
import org.opensaml.xmlsec.signature.SignableXMLObject;
import org.opensaml.xmlsec.signature.support.SignatureSupport;
import org.pac4j.saml.config.SAML2Configuration;
import org.pac4j.saml.crypto.CredentialProvider;
import org.pac4j.saml.exceptions.SAMLException;
import org.pac4j.saml.util.Configuration;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/pac4j-saml-6.0.0-RC10-SNAPSHOT.jar:org/pac4j/saml/metadata/DefaultSAML2MetadataSigner.class */
public class DefaultSAML2MetadataSigner implements SAML2MetadataSigner {
    protected final CredentialProvider credentialProvider;
    protected final String signatureAlgorithm;
    protected final String signatureReferenceDigestMethod;
    protected final SAML2Configuration configuration;

    public DefaultSAML2MetadataSigner(SAML2Configuration sAML2Configuration) {
        this.configuration = sAML2Configuration;
        this.credentialProvider = null;
        this.signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
        this.signatureReferenceDigestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
    }

    public DefaultSAML2MetadataSigner(CredentialProvider credentialProvider, String str, String str2) {
        this.configuration = null;
        this.credentialProvider = credentialProvider;
        this.signatureAlgorithm = str;
        this.signatureReferenceDigestMethod = str2;
    }

    private byte[] sign(byte[] bArr) throws Exception {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            Element documentElement = Configuration.getParserPool().parse(byteArrayInputStream).getDocumentElement();
            XMLObject unmarshall = ((Unmarshaller) Objects.requireNonNull(Configuration.getUnmarshallerFactory().getUnmarshaller(documentElement))).unmarshall(documentElement);
            if (unmarshall instanceof SignableXMLObject) {
                SignableXMLObject signableXMLObject = (SignableXMLObject) unmarshall;
                if (!signableXMLObject.isSigned()) {
                    sign(signableXMLObject);
                    StringWriter serializeSamlObject = Configuration.serializeSamlObject(signableXMLObject);
                    try {
                        byte[] bytes = serializeSamlObject.toString().getBytes(StandardCharsets.UTF_8);
                        if (serializeSamlObject != null) {
                            serializeSamlObject.close();
                        }
                        byteArrayInputStream.close();
                        return bytes;
                    } finally {
                    }
                }
            }
            byteArrayInputStream.close();
            return bArr;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataSigner
    public String sign(String str) {
        try {
            return new String(sign(str.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw new SAMLException(e.getMessage(), e);
        }
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataSigner
    public void sign(File file) {
        try {
            Files.writeString(file.toPath(), new String(sign(Files.readAllBytes(file.toPath())), StandardCharsets.UTF_8), new OpenOption[0]);
        } catch (Exception e) {
            throw new SAMLException(e.getMessage(), e);
        }
    }

    @Override // org.pac4j.saml.metadata.SAML2MetadataSigner
    public void sign(SignableXMLObject signableXMLObject) {
        try {
            SignatureSigningParameters signatureSigningParameters = new SignatureSigningParameters();
            CredentialProvider credentialProvider = (CredentialProvider) Objects.requireNonNull((CredentialProvider) Optional.ofNullable(this.configuration).map((v0) -> {
                return v0.getCredentialProvider();
            }).orElse(this.credentialProvider));
            signatureSigningParameters.setKeyInfoGenerator(credentialProvider.getKeyInfoGenerator());
            signatureSigningParameters.setSigningCredential(credentialProvider.getCredential());
            signatureSigningParameters.setSignatureAlgorithm((String) Optional.ofNullable(this.configuration).map((v0) -> {
                return v0.getSignatureAlgorithms();
            }).filter(list -> {
                return !list.isEmpty();
            }).map(list2 -> {
                return (String) list2.get(0);
            }).orElse(this.signatureAlgorithm));
            signatureSigningParameters.setSignatureReferenceDigestMethod((String) Optional.ofNullable(this.configuration).map((v0) -> {
                return v0.getSignatureReferenceDigestMethods();
            }).filter(list3 -> {
                return !list3.isEmpty();
            }).map(list4 -> {
                return (String) list4.get(0);
            }).orElse(this.signatureReferenceDigestMethod));
            signatureSigningParameters.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
            SignatureSupport.signObject(signableXMLObject, signatureSigningParameters);
        } catch (Exception e) {
            throw new SAMLException(e.getMessage(), e);
        }
    }
}
