package at.gv.egovernment.moa.id.auth.builder;

import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType;
import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2Exception;
import at.gv.egiz.eaaf.modules.pvp2.idp.api.builder.ISubjectNameIdGenerator;
import at.gv.egiz.eaaf.modules.pvp2.idp.exception.ResponderErrorException;
import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException;
import at.gv.egovernment.moa.id.util.MandateBuilder;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.sig.tsl.utils.MiscUtil;
import org.springframework.stereotype.Service;
import org.w3c.dom.Element;

@Service("MOASAML2SubjectNameIDGenerator")
/* loaded from: input_file:at/gv/egovernment/moa/id/auth/builder/MOAIDSubjectNameIdGenerator.class */
public class MOAIDSubjectNameIdGenerator implements ISubjectNameIdGenerator {
    public Pair<String, String> generateSubjectNameId(IAuthData iAuthData, ISPConfiguration iSPConfiguration) throws PVP2Exception {
        String str;
        String str2;
        IdentificationType identificationType;
        if (!(iAuthData instanceof IMOAAuthData) || !((IMOAAuthData) iAuthData).isUseMandate()) {
            return Pair.newInstance(iAuthData.getBPK(), iAuthData.getBPKType());
        }
        Element mandate = ((IMOAAuthData) iAuthData).getMandate();
        if (mandate != null) {
            Logger.debug("Read mandator bPK|baseID from full-mandate ... ");
            Mandate buildMandate = MandateBuilder.buildMandate(mandate);
            if (buildMandate == null) {
                throw new NoMandateDataAvailableException();
            }
            CorporateBodyType corporateBody = buildMandate.getMandator().getCorporateBody();
            PhysicalPersonType physicalPerson = buildMandate.getMandator().getPhysicalPerson();
            if (corporateBody != null && corporateBody.getIdentification().size() > 0) {
                identificationType = (IdentificationType) corporateBody.getIdentification().get(0);
            } else {
                if (physicalPerson == null || physicalPerson.getIdentification().size() <= 0) {
                    Logger.error("Failed to generate IdentificationType");
                    throw new NoMandateDataAvailableException();
                }
                identificationType = (IdentificationType) physicalPerson.getIdentification().get(0);
            }
            str = identificationType.getValue().getValue();
            str2 = identificationType.getType();
        } else {
            Logger.debug("Read mandator bPK|baseID from PVP attributes ... ");
            String str3 = (String) iAuthData.getGenericData("urn:oid:1.2.40.0.10.2.1.1.261.70", String.class);
            String str4 = (String) iAuthData.getGenericData("urn:oid:1.2.40.0.10.2.1.1.261.102", String.class);
            String str5 = (String) iAuthData.getGenericData("urn:oid:1.2.40.0.10.2.1.1.261.98", String.class);
            String str6 = (String) iAuthData.getGenericData("urn:oid:1.2.40.0.10.2.1.1.261.100", String.class);
            String str7 = (String) iAuthData.getGenericData("urn:oid:1.2.40.0.10.2.1.1.261.76", String.class);
            if ((MiscUtil.isNotEmpty(str6) || MiscUtil.isNotEmpty(str7)) && (MiscUtil.isNotEmpty(str3) || MiscUtil.isNotEmpty(str5))) {
                Logger.warn("Found mandate attributes for legal- AND natural-person. Both not allowed during on authentication. Process stops now!");
                throw new MandateAttributesNotHandleAbleException();
            }
            if (MiscUtil.isNotEmpty(str6) && MiscUtil.isNotEmpty(str7)) {
                Logger.debug("Find jur. person sourcepin. Build SubjectNameId from this ... ");
                return Pair.newInstance(str6, str7);
            }
            if (!MiscUtil.isNotEmpty(str3)) {
                if (!MiscUtil.isNotEmpty(str5)) {
                    throw new NoMandateDataAvailableException();
                }
                Logger.debug("Find nat. person bPK. Build SubjectNameId from this ... ");
                try {
                    if (str5.contains(":")) {
                        str5 = str5.split(":")[1];
                    }
                } catch (Exception e) {
                    Logger.warn("Can not split bPK from mandator attribute!", e);
                    Logger.info("Use nat. person bPK as it is");
                }
                return Pair.newInstance(str5, iSPConfiguration.getAreaSpecificTargetIdentifier());
            }
            Logger.debug("Find nat. person sourcepin. Build SubjectNameId from this ... ");
            str = str3;
            str2 = MiscUtil.isNotEmpty(str4) ? str4 : "urn:publicid:gv.at:baseid";
        }
        if (!str2.equals("urn:publicid:gv.at:baseid")) {
            return Pair.newInstance(str, str2);
        }
        try {
            return BPKBuilder.generateAreaSpecificPersonIdentifier(str, iSPConfiguration.getAreaSpecificTargetIdentifier());
        } catch (EAAFBuilderException e2) {
            Logger.warn("Can NOT generate SubjectNameId.", e2);
            throw new ResponderErrorException("pvp2.01", (Object[]) null);
        }
    }
}
