package at.gv.egovernment.moa.id.auth.modules.eidas.tasks;

import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAttributeException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
import at.gv.egovernment.moa.logging.Logger;
import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
import java.text.SimpleDateFormat;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.joda.time.DateTime;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

@Component("CreateIdentityLinkTask")
/* loaded from: input_file:at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.class */
public class CreateIdentityLinkTask extends AbstractAuthServletTask {

    @Autowired
    private AuthConfiguration moaAuthConfig;

    public void execute(ExecutionContext executionContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws TaskExecutionException {
        try {
            AuthenticationSessionWrapper authenticationSessionWrapper = (AuthenticationSessionWrapper) this.pendingReq.getSessionData(AuthenticationSessionWrapper.class);
            ImmutableAttributeMap immutableAttributeMap = (ImmutableAttributeMap) authenticationSessionWrapper.getGenericDataFromSession("eIDAS_attributeList", ImmutableAttributeMap.class);
            Element samlAssertion = new IdentityLinkAssertionParser(DOMUtils.parseXmlValidating(CreateIdentityLinkTask.class.getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml"))).parseIdentityLink().getSamlAssertion();
            Node selectSingleNode = XPathUtils.selectSingleNode(samlAssertion, "saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Identification/pr:Value");
            Object firstValue = immutableAttributeMap.getFirstValue(SAMLEngineUtils.getMapOfAllAvailableAttributes().get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER));
            if (firstValue == null || !(firstValue instanceof String)) {
                throw new eIDASAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
            }
            selectSingleNode.getFirstChild().setNodeValue((String) firstValue);
            Node selectSingleNode2 = XPathUtils.selectSingleNode(samlAssertion, "saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Name/pr:FamilyName");
            Object firstValue2 = immutableAttributeMap.getFirstValue(SAMLEngineUtils.getMapOfAllAvailableAttributes().get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME));
            if (firstValue2 == null || !(firstValue2 instanceof String)) {
                throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
            }
            selectSingleNode2.getFirstChild().setNodeValue((String) firstValue2);
            Node selectSingleNode3 = XPathUtils.selectSingleNode(samlAssertion, "saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Name/pr:GivenName");
            Object firstValue3 = immutableAttributeMap.getFirstValue(SAMLEngineUtils.getMapOfAllAvailableAttributes().get(Constants.eIDAS_ATTR_CURRENTGIVENNAME));
            if (firstValue3 == null || !(firstValue3 instanceof String)) {
                throw new eIDASAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
            }
            selectSingleNode3.getFirstChild().setNodeValue((String) firstValue3);
            Node selectSingleNode4 = XPathUtils.selectSingleNode(samlAssertion, "saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:DateOfBirth");
            Object firstValue4 = immutableAttributeMap.getFirstValue(SAMLEngineUtils.getMapOfAllAvailableAttributes().get(Constants.eIDAS_ATTR_DATEOFBIRTH));
            if (firstValue4 == null || !(firstValue4 instanceof DateTime)) {
                throw new eIDASAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
            }
            selectSingleNode4.getFirstChild().setNodeValue(new SimpleDateFormat("yyyy-MM-dd").format(((DateTime) firstValue4).toDate()));
            IIdentityLink parseIdentityLink = new IdentityLinkAssertionParser(IdentityLinkReSigner.getInstance().resignIdentityLink(new IdentityLinkAssertionParser(samlAssertion).parseIdentityLink().getSamlAssertion(), this.moaAuthConfig.getStorkFakeIdLResigningKey())).parseIdentityLink();
            Logger.debug("SZR communication was successfull");
            if (parseIdentityLink == null) {
                Logger.error("SZR Gateway did not return an identity link.");
                throw new MOAIDException("stork.10", (Object[]) null);
            }
            this.revisionsLogger.logEvent(this.pendingReq, 6104);
            authenticationSessionWrapper.setForeigner(true);
            authenticationSessionWrapper.setIdentityLink(parseIdentityLink);
            authenticationSessionWrapper.setBkuURL("Not applicable (eIDASAuthentication)");
            this.requestStoreage.storePendingRequest(this.pendingReq);
        } catch (eIDASAttributeException e) {
            throw new TaskExecutionException(this.pendingReq, "Minimum required eIDAS attributeset not found.", e);
        } catch (Exception e2) {
            Logger.error("IdentityLink generation for foreign person FAILED.", e2);
            throw new TaskExecutionException(this.pendingReq, "IdentityLink generation for foreign person FAILED.", e2);
        } catch (MOAIDException | MOADatabaseException e3) {
            throw new TaskExecutionException(this.pendingReq, "IdentityLink generation for foreign person FAILED.", e3);
        }
    }
}
