package oracle.security.xmlsec.wss.saml2;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Vector;
import oracle.security.xmlsec.dsig.XSKeyInfo;
import oracle.security.xmlsec.keys.X509Data;
import oracle.security.xmlsec.keys.retrieval.KeyRetrievalException;
import oracle.security.xmlsec.keys.retrieval.KeyRetriever;
import oracle.security.xmlsec.saml2.core.Assertion;
import oracle.security.xmlsec.saml2.util.SAML2Initializer;
import oracle.security.xmlsec.util.QName;
import oracle.security.xmlsec.util.XMLElement;
import oracle.security.xmlsec.wss.WSSXMLSecurityToken;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:oracle/security/xmlsec/wss/saml2/SAML2AssertionToken.class */
public class SAML2AssertionToken extends Assertion implements WSSXMLSecurityToken {
    boolean alreadyValidatedCerts;

    public SAML2AssertionToken(Element element) {
        super(element);
        this.alreadyValidatedCerts = false;
    }

    public SAML2AssertionToken(Element element, String str) {
        super(element, str);
        this.alreadyValidatedCerts = false;
    }

    public SAML2AssertionToken(Assertion assertion) {
        super((Element) assertion.getNode());
        this.alreadyValidatedCerts = false;
    }

    @Override // oracle.security.xmlsec.wss.WSSecurityToken
    public QName getTokenName() {
        return new QName("Assertion", "urn:oasis:names:tc:SAML:2.0:assertion", (String) null);
    }

    @Override // oracle.security.xmlsec.wss.WSSecurityToken
    public Object getToken() {
        return this;
    }

    public void validateCerts() throws KeyRetrievalException {
        Vector retrieveX509List;
        if (this.alreadyValidatedCerts || (retrieveX509List = retrieveX509List()) == null || retrieveX509List.size() <= 0) {
            return;
        }
        KeyRetriever.validateCertificate(retrieveX509List);
    }

    public X509Certificate retrieveX509() {
        Vector retrieveX509List = retrieveX509List();
        if (retrieveX509List == null || retrieveX509List.size() <= 0) {
            return null;
        }
        return (X509Certificate) retrieveX509List.get(0);
    }

    public Vector retrieveX509List() {
        Vector x509Data;
        NodeList elementsByTagNameNS = ((Assertion) getToken()).getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:assertion", "SubjectConfirmation");
        int length = elementsByTagNameNS.getLength();
        for (int i = 0; i < length && length > 0; i++) {
            NodeList childElementsByTagNameNS = XMLElement.getChildElementsByTagNameNS((Element) elementsByTagNameNS.item(i), "http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
            int length2 = elementsByTagNameNS.getLength();
            if (length2 == 0 || length2 > 1) {
                return null;
            }
            XSKeyInfo xSKeyInfo = new XSKeyInfo((Element) childElementsByTagNameNS.item(0));
            if (xSKeyInfo.getType().equals("http://www.w3.org/2000/09/xmldsig#X509Data") && (x509Data = xSKeyInfo.getX509Data()) != null && x509Data.size() > 0) {
                for (int i2 = 0; i2 < x509Data.size(); i2++) {
                    try {
                        Vector certificates = ((X509Data) x509Data.elementAt(i2)).getCertificates();
                        if (certificates != null && certificates.size() > 0) {
                            return certificates;
                        }
                    } catch (IOException e) {
                    }
                }
            }
        }
        return null;
    }

    static {
        SAML2Initializer.initialize();
    }
}
