package com.xforceplus.ultraman.maintenance.common.message.utils;

import com.xforceplus.ultraman.maintenance.common.message.entity.SamlResponse;
import java.io.IOException;
import java.io.StringReader;
import java.util.Base64;
import java.util.List;
import java.util.stream.Collectors;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.parsers.DocumentBuilderFactory;
import org.dom4j.DocumentException;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:com/xforceplus/ultraman/maintenance/common/message/utils/SamlUtils.class */
public class SamlUtils {
    public static final String SAML_SIGN_KEY = "Signature";
    public static final String SAML_SIGN_KEY2 = "ds:Signature";
    public static final String SAML_DOM_KEY = "DOM";

    public static byte[] decodeBase64(String str) throws IOException {
        return Base64.getDecoder().decode(str);
    }

    public static byte[] decodeBase64(byte[] bArr) throws IOException {
        return Base64.getDecoder().decode(bArr);
    }

    public static SamlResponse parseSamlResponse(String str) throws DocumentException {
        Element element = DocumentHelper.parseText(str).getRootElement().element("Assertion");
        SamlResponse samlResponse = new SamlResponse();
        samlResponse.setNameId(getNameId(element));
        samlResponse.setAttributeList(getAttributes(element));
        return samlResponse;
    }

    private static String getNameId(Element element) {
        return element.element("Subject").element("NameID").getTextTrim();
    }

    private static List<SamlResponse.Value> getAttributes(Element element) {
        return (List) element.element("AttributeStatement").elements().stream().map(element2 -> {
            return new SamlResponse.Value(element2.attributeValue("Name"), element2.elementTextTrim("AttributeValue"));
        }).collect(Collectors.toList());
    }

    public static boolean validate(String str, String str2) throws Exception {
        Document parseXml = parseXml(str);
        return validateSignature(parseXml, getSignatureNode(parseXml), str2);
    }

    private static Document parseXml(String str) throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
    }

    private static Node getSignatureNode(Document document) throws Exception {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", SAML_SIGN_KEY);
        if (elementsByTagNameNS.getLength() == 0) {
            elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", SAML_SIGN_KEY2);
            if (elementsByTagNameNS.getLength() == 0) {
                throw new Exception("Cannot find Signature element");
            }
        }
        return elementsByTagNameNS.item(0);
    }

    private static boolean validateSignature(Document document, Node node, String str) throws Exception {
        XMLSignature unmarshalXMLSignature = XMLSignatureFactory.getInstance(SAML_DOM_KEY).unmarshalXMLSignature(new DOMStructure(node));
        DOMValidateContext dOMValidateContext = new DOMValidateContext(SignUtils.getPublicKey(str), node);
        dOMValidateContext.setIdAttributeNS(document.getDocumentElement(), (String) null, "ID");
        return unmarshalXMLSignature.validate(dOMValidateContext);
    }
}
