package at.gv.egiz.eaaf.core.impl.idp.auth.builder;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
import at.gv.egiz.eaaf.core.exceptions.XPathException;
import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
import at.gv.egiz.eaaf.core.impl.data.Pair;
import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.NonNull;
import org.springframework.util.Assert;
import org.springframework.util.Base64Utils;
import org.w3c.dom.DOMException;
import org.w3c.dom.Element;

/* loaded from: input_file:at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.class */
public abstract class AbstractAuthenticationDataBuilder implements IAuthenticationDataBuilder {
    private static final Logger log = LoggerFactory.getLogger(AbstractAuthenticationDataBuilder.class);
    public static final String GENERIC_AUTHDATA_IDENTIFIER = "authData_";
    public static final String CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING = "configuration.bugfix.enable.idl.escaping";
    private static final String GENERIC_ATTR_CONTAINER = "processAuthParam;";

    @Autowired
    protected IConfigurationWithSP basicConfig;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder$AttributeListHolder.class */
    public static class AttributeListHolder implements Serializable {
        private static final long serialVersionUID = -7767295315249087217L;
        private Set<String> processedAttributes;

        @Generated
        public Set<String> getProcessedAttributes() {
            return this.processedAttributes;
        }

        @Generated
        public void setProcessedAttributes(Set<String> set) {
            this.processedAttributes = set;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof AttributeListHolder)) {
                return false;
            }
            AttributeListHolder attributeListHolder = (AttributeListHolder) obj;
            if (!attributeListHolder.canEqual(this)) {
                return false;
            }
            Set<String> processedAttributes = getProcessedAttributes();
            Set<String> processedAttributes2 = attributeListHolder.getProcessedAttributes();
            return processedAttributes == null ? processedAttributes2 == null : processedAttributes.equals(processedAttributes2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof AttributeListHolder;
        }

        @Generated
        public int hashCode() {
            Set<String> processedAttributes = getProcessedAttributes();
            return (1 * 59) + (processedAttributes == null ? 43 : processedAttributes.hashCode());
        }

        @Generated
        public String toString() {
            return "AbstractAuthenticationDataBuilder.AttributeListHolder(processedAttributes=" + getProcessedAttributes() + ")";
        }

        @Generated
        public AttributeListHolder() {
        }

        @Generated
        public AttributeListHolder(Set<String> set) {
            this.processedAttributes = set;
        }
    }

    public IAuthData buildAuthenticationData(IRequest iRequest) throws EaafAuthenticationException {
        IAuthData buildDeprecatedAuthData;
        IAuthProcessDataContainer iAuthProcessDataContainer = (IAuthProcessDataContainer) iRequest.getSessionData(AuthProcessDataWrapper.class);
        try {
            if (iAuthProcessDataContainer.isEidProcess()) {
                log.debug("Building AuthData from new E-ID information ... ");
                buildDeprecatedAuthData = getAuthDataInstance(iRequest);
                Assert.notNull(buildDeprecatedAuthData, "AuthData is null");
                log.trace("Adding generic AuthData information ... ");
                buildInternalAuthDataGeneric(buildDeprecatedAuthData, iAuthProcessDataContainer, iRequest);
                log.trace("Build service-specific AuthData information ... ");
                buildServiceSpecificAuthenticationData(buildDeprecatedAuthData, iRequest);
            } else {
                log.info("User authentication uses the deprecated. Building AuthData from deprecated information ... ");
                buildDeprecatedAuthData = buildDeprecatedAuthData(iRequest);
                Assert.notNull(buildDeprecatedAuthData, "AuthData is null");
            }
            log.trace("AuthData generation finished");
            return buildDeprecatedAuthData;
        } catch (EaafAuthenticationException e) {
            throw e;
        } catch (XPathException | DOMException | EaafException e2) {
            log.warn("Can not build authentication data from auth. process information");
            throw new EaafAuthenticationException("builder.11", new Object[]{e2.getMessage()}, e2);
        }
    }

    @NonNull
    protected abstract IAuthData getAuthDataInstance(IRequest iRequest) throws EaafException;

    protected abstract void buildServiceSpecificAuthenticationData(IAuthData iAuthData, IRequest iRequest) throws EaafException;

    private void buildInternalAuthDataGeneric(@NonNull IAuthData iAuthData, @NonNull IAuthProcessDataContainer iAuthProcessDataContainer, @NonNull IRequest iRequest) throws EaafAuthenticationException {
        Assert.notNull(iRequest, "PendingRequest is null");
        Assert.notNull(iAuthData, "AuthData is null");
        Assert.notNull(iAuthProcessDataContainer, "AuthProcessData is null");
        if (!(iAuthData instanceof AuthenticationData)) {
            log.error("AuthData has no suitable type! Requires: {}", AuthenticationData.class.getName());
            throw new RuntimeException("AuthData has no suitable type! Requires: " + AuthenticationData.class.getName());
        }
        AuthenticationData authenticationData = (AuthenticationData) iAuthData;
        initializeThreadLocalVariable(iAuthProcessDataContainer, new HashSet());
        authenticationData.setAuthenticationIssuer(iRequest.getAuthUrl());
        authenticationData.setSsoSession(iRequest.needSingleSignOnFunctionality());
        authenticationData.setBaseIdTransferRestrication(iRequest.getServiceProviderConfiguration().hasBaseIdTransferRestriction());
        authenticationData.setFamilyName((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.20", String.class));
        authenticationData.setGivenName((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:2.5.4.42", String.class));
        authenticationData.setDateOfBirth((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.55", String.class));
        authenticationData.setEncSourceId((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:eidgvat:attributes.vsz.value", String.class));
        authenticationData.setEncSourceIdType((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:eidgvat:attributes.vsz.type", String.class));
        setQaaLevel(authenticationData, iAuthProcessDataContainer);
        setFlagForeigner(authenticationData, iAuthProcessDataContainer);
        setCitizenCountryCode(authenticationData, iAuthProcessDataContainer);
        iAuthProcessDataContainer.getGenericSessionDataStream().filter(entry -> {
            return ((String) entry.getKey()).startsWith(GENERIC_AUTHDATA_IDENTIFIER);
        }).forEach(entry2 -> {
            log.trace("Find generic authProcessData {}. Map it directly to authData", entry2.getKey());
            try {
                authenticationData.setGenericData((String) entry2.getKey(), entry2.getValue());
            } catch (EaafStorageException e) {
                log.warn("Can NOT set authData with key: {}", new Object[]{entry2.getKey(), null, e});
            }
        });
    }

    protected void initializeThreadLocalVariable(@NonNull IAuthProcessDataContainer iAuthProcessDataContainer, Set<String> set) throws EaafAuthenticationException {
        try {
            iAuthProcessDataContainer.setGenericDataToSession(GENERIC_ATTR_CONTAINER, new AttributeListHolder(set));
        } catch (EaafStorageException e) {
            throw new EaafAuthenticationException("builder.11", new Object[]{e.getMessage()}, e);
        }
    }

    protected Set<String> getThreadLocalVariable(@NonNull IAuthProcessDataContainer iAuthProcessDataContainer) {
        AttributeListHolder attributeListHolder = (AttributeListHolder) iAuthProcessDataContainer.getGenericDataFromSession(GENERIC_ATTR_CONTAINER, AttributeListHolder.class);
        return attributeListHolder != null ? attributeListHolder.getProcessedAttributes() : Collections.emptySet();
    }

    private void setCitizenCountryCode(AuthenticationData authenticationData, IAuthProcessDataContainer iAuthProcessDataContainer) throws EaafAuthenticationException {
        getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.32");
        String str = (String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.32", String.class);
        if (StringUtils.isNotEmpty(str)) {
            authenticationData.setCiticenCountryCode(str);
            log.debug("Find PVP-Attr: EID-ISSUING-NATION");
        } else {
            if (authenticationData.isForeigner()) {
                log.warn("EID_Issuing_Nation NOT SET for foreign citizen.");
                throw new EaafAuthenticationException("builder.11", new Object[]{"EID_Issuing_Nation NOT SET for foreign citizen."});
            }
            authenticationData.setCiticenCountryCode(this.basicConfig.getBasicConfiguration("configuration.auth.default.countrycode", "AT"));
        }
    }

    private void setQaaLevel(@NonNull AuthenticationData authenticationData, @NonNull IAuthProcessDataContainer iAuthProcessDataContainer) {
        String str;
        getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.108");
        if (StringUtils.isNotEmpty(iAuthProcessDataContainer.getQaaLevel())) {
            str = iAuthProcessDataContainer.getQaaLevel();
        } else {
            str = (String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.108", String.class);
            if (StringUtils.isNotEmpty(str)) {
                log.debug("Find PVP-Attr 'EID-CITIZEN-QAA-EIDAS-LEVEL':" + str + " --> Parse QAA-Level from that attribute.");
            }
        }
        if (!StringUtils.isNotEmpty(str)) {
            log.info("No QAA level found. Set to default level: {}", "http://eidas.europa.eu/LoA/low");
            authenticationData.setEidasLoa("http://eidas.europa.eu/LoA/low");
        } else if (str.startsWith("http://eidas.europa.eu/LoA/")) {
            authenticationData.setEidasLoa(str);
        } else if (!str.startsWith("http://eidas.europa.eu/NotNotified/LoA/")) {
            log.info("Only eIDAS LoAs are supported by this implementation");
        } else {
            log.info("Find not-notified eIDAS LoA: {}. Use it as it is", str);
            authenticationData.setEidasLoa(str);
        }
    }

    private void setFlagForeigner(AuthenticationData authenticationData, IAuthProcessDataContainer iAuthProcessDataContainer) {
        if (iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.96") == null) {
            authenticationData.setForeigner(iAuthProcessDataContainer.isForeigner());
        } else {
            log.debug("Find PVP-Attr: EID-STORK-TOKEN --> Set 'isForeigner' flag to TRUE");
            authenticationData.setForeigner(true);
        }
    }

    @Deprecated
    @NonNull
    protected abstract IAuthData buildDeprecatedAuthData(IRequest iRequest) throws EaafException;

    @Deprecated
    protected void generateDeprecatedBasicAuthData(AuthenticationData authenticationData, IRequest iRequest, IAuthProcessDataContainer iAuthProcessDataContainer) throws EaafBuilderException, EaafConfigurationException, XPathException, DOMException, EaafParserException, EaafAuthenticationException {
        if (iAuthProcessDataContainer.getGenericSessionDataStorage() == null || iAuthProcessDataContainer.getGenericSessionDataStorage().isEmpty()) {
            initializeThreadLocalVariable(iAuthProcessDataContainer, new HashSet());
        } else {
            initializeThreadLocalVariable(iAuthProcessDataContainer, iAuthProcessDataContainer.getGenericSessionDataStorage().keySet());
        }
        authenticationData.setAuthenticationIssuer(iRequest.getAuthUrl());
        authenticationData.setSsoSession(iRequest.needSingleSignOnFunctionality());
        authenticationData.setBaseIdTransferRestrication(iRequest.getServiceProviderConfiguration().hasBaseIdTransferRestriction());
        IIdentityLink identityLink = iAuthProcessDataContainer.getIdentityLink();
        if (identityLink != null) {
            parseBasicUserInfosFromIdl(authenticationData, identityLink, getThreadLocalVariable(iAuthProcessDataContainer));
        } else {
            String str = (String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.38", String.class);
            if (StringUtils.isNotEmpty(str)) {
                log.debug("Find PVP-Attr: EID-IDENTITY-LINK --> Parse basic user info's from that attribute.");
                ByteArrayInputStream byteArrayInputStream = null;
                try {
                    try {
                        byteArrayInputStream = new ByteArrayInputStream(Base64Utils.decodeFromString(str));
                        IIdentityLink parseIdentityLink = new SimpleIdentityLinkAssertionParser(byteArrayInputStream).parseIdentityLink();
                        parseBasicUserInfosFromIdl(authenticationData, parseIdentityLink, getThreadLocalVariable(iAuthProcessDataContainer));
                        iAuthProcessDataContainer.setIdentityLink(parseIdentityLink);
                        try {
                            getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.38");
                            if (byteArrayInputStream != null) {
                                byteArrayInputStream.close();
                            }
                        } catch (IOException e) {
                            log.warn("Close InputStream FAILED.", e);
                        }
                    } catch (Throwable th) {
                        try {
                            getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.38");
                            if (byteArrayInputStream != null) {
                                byteArrayInputStream.close();
                            }
                        } catch (IOException e2) {
                            log.warn("Close InputStream FAILED.", e2);
                        }
                        throw th;
                    }
                } catch (Exception e3) {
                    log.warn("Received IdentityLink is not valid", e3);
                    try {
                        getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.38");
                        if (byteArrayInputStream != null) {
                            byteArrayInputStream.close();
                        }
                    } catch (IOException e4) {
                        log.warn("Close InputStream FAILED.", e4);
                    }
                } catch (EaafParserException e5) {
                    log.warn("Received IdentityLink is not valid", e5);
                    try {
                        getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.38");
                        if (byteArrayInputStream != null) {
                            byteArrayInputStream.close();
                        }
                    } catch (IOException e6) {
                        log.warn("Close InputStream FAILED.", e6);
                    }
                }
            }
            if (StringUtils.isEmpty(authenticationData.getFamilyName())) {
                log.debug("No IdentityLink found or not parseable --> Parse basic user info's from single PVP-Attributes.");
                authenticationData.setFamilyName((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.20", String.class));
                authenticationData.setGivenName((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:2.5.4.42", String.class));
                authenticationData.setDateOfBirth((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.55", String.class));
                authenticationData.setIdentificationValue((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.36", String.class));
                authenticationData.setIdentificationType((String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.104", String.class));
                getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.20");
                getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:2.5.4.42");
                getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.55");
                getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.36");
                getThreadLocalVariable(iAuthProcessDataContainer).remove("urn:oid:1.2.40.0.10.2.1.1.261.104");
            }
        }
        if (authenticationData.getIdentificationType() != null && !authenticationData.getIdentificationType().equals("urn:publicid:gv.at:baseid")) {
            log.trace("IdentificationType is not a baseID --> clear it. ");
            authenticationData.setBpk(authenticationData.getIdentificationValue());
            authenticationData.setBpkType(authenticationData.getIdentificationType());
            authenticationData.setIdentificationValue(null);
            authenticationData.setIdentificationType(null);
        }
        setQaaLevel(authenticationData, iAuthProcessDataContainer);
        setFlagForeigner(authenticationData, iAuthProcessDataContainer);
        setCitizenCountryCode(authenticationData, iAuthProcessDataContainer);
        String bpkValueFromPvpAttribute = getBpkValueFromPvpAttribute(iAuthProcessDataContainer);
        String bpkTypeFromPvpAttribute = getBpkTypeFromPvpAttribute(iAuthProcessDataContainer);
        Pair<String, String> encryptedBpkFromPvpAttribute = getEncryptedBpkFromPvpAttribute(iAuthProcessDataContainer, authenticationData, iRequest.getServiceProviderConfiguration());
        if (StringUtils.isEmpty(authenticationData.getIdentificationValue()) && StringUtils.isEmpty(bpkValueFromPvpAttribute) && StringUtils.isEmpty(authenticationData.getBpk()) && encryptedBpkFromPvpAttribute == null) {
            log.info("Can not build authData, because session include no bPK, encrypted bPK or baseID");
            throw new EaafBuilderException("builder.08", new Object[]{"No BPK or EID-SOURCE-PIN or ENC-BPK-LIST"}, "No BPK or EID-SOURCE-PIN or ENC-BPK-LIST");
        }
        if (StringUtils.isNotEmpty(authenticationData.getBpk()) && matchsReceivedBpkToOnlineApplication(iRequest.getServiceProviderConfiguration(), authenticationData.getBpkType())) {
            log.debug("Correct bPK is already included in AuthData.");
        } else if (StringUtils.isNotEmpty(bpkValueFromPvpAttribute) && matchsReceivedBpkToOnlineApplication(iRequest.getServiceProviderConfiguration(), bpkTypeFromPvpAttribute)) {
            log.debug("Receive correct bPK from PVP-Attribute");
            authenticationData.setBpk(bpkValueFromPvpAttribute);
            authenticationData.setBpkType(bpkTypeFromPvpAttribute);
        } else if (StringUtils.isNotEmpty(authenticationData.getIdentificationValue())) {
            log.debug("Citizen baseID is in AuthSession --> calculate bPK from this.");
            Pair<String, String> buildOAspecificbPK = buildOAspecificbPK(iRequest, authenticationData);
            authenticationData.setBpk((String) buildOAspecificbPK.getFirst());
            authenticationData.setBpkType((String) buildOAspecificbPK.getSecond());
        } else if (encryptedBpkFromPvpAttribute != null) {
            log.debug("Receive bPK as encrypted bPK and decryption was possible.");
            authenticationData.setBpk((String) encryptedBpkFromPvpAttribute.getFirst());
            authenticationData.setBpkType((String) encryptedBpkFromPvpAttribute.getSecond());
        } else {
            String bpk = authenticationData.getBpk();
            String bpkType = authenticationData.getBpkType();
            if (StringUtils.isEmpty(bpk) && StringUtils.isEmpty(bpkType)) {
                bpk = bpkValueFromPvpAttribute;
                bpkType = bpkTypeFromPvpAttribute;
                if (StringUtils.isEmpty(bpk) && StringUtils.isEmpty(bpkType)) {
                    log.error("No bPK in AuthSession. THIS error should not occur any more.");
                    throw new NullPointerException("No bPK in AuthSession. THIS error should not occur any more.");
                }
            }
            Pair<String, String> pair = getbaseIdFromSzr(authenticationData, bpk, bpkType);
            if (pair == null) {
                log.warn("Can not build authData, because moaSession include no valid bPK, encrypted bPK or sourceID");
                throw new EaafBuilderException("builder.13", new Object[]{iRequest.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()}, "No valid BPK or EID-SOURCE-PIN or ENC-BPK-LIST");
            }
            log.info("Receive citizen baseID from SRZ. Authentication can be completed");
            authenticationData.setIdentificationValue((String) pair.getFirst());
            authenticationData.setIdentificationType((String) pair.getSecond());
            Pair<String, String> buildOAspecificbPK2 = buildOAspecificbPK(iRequest, authenticationData);
            authenticationData.setBpk((String) buildOAspecificbPK2.getFirst());
            authenticationData.setBpkType((String) buildOAspecificbPK2.getSecond());
        }
        if (iAuthProcessDataContainer.getIdentityLink() != null) {
            authenticationData.setIdentityLink(buildOAspecificIdentityLink(iRequest.getServiceProviderConfiguration(), iAuthProcessDataContainer.getIdentityLink(), authenticationData.getBpk(), authenticationData.getBpkType()));
        } else {
            log.info("Can NOT set IdentityLink. Msg: No IdentityLink found");
        }
    }

    @Deprecated
    protected abstract Pair<String, String> getEncryptedBpkFromPvpAttribute(IAuthProcessDataContainer iAuthProcessDataContainer, AuthenticationData authenticationData, ISpConfiguration iSpConfiguration) throws EaafBuilderException;

    @Deprecated
    protected abstract Pair<String, String> getbaseIdFromSzr(AuthenticationData authenticationData, String str, String str2);

    @Deprecated
    protected Pair<String, String> buildOAspecificbPK(IRequest iRequest, AuthenticationData authenticationData) throws EaafBuilderException {
        Pair<String, String> newInstance;
        ISpConfiguration serviceProviderConfiguration = iRequest.getServiceProviderConfiguration();
        String identificationValue = authenticationData.getIdentificationValue();
        String identificationType = authenticationData.getIdentificationType();
        if ("urn:publicid:gv.at:baseid".equals(identificationType)) {
            String areaSpecificTargetIdentifier = serviceProviderConfiguration.getAreaSpecificTargetIdentifier();
            log.debug("Use OA target identifier '" + areaSpecificTargetIdentifier + "' from configuration");
            new BpkBuilder();
            newInstance = BpkBuilder.generateAreaSpecificPersonIdentifier(identificationValue, areaSpecificTargetIdentifier);
        } else {
            log.error("!!!baseID-element does not include a baseID. This should not be happen any more!!!");
            newInstance = Pair.newInstance(identificationValue, identificationType);
        }
        log.trace("Authenticate user with bPK:" + ((String) newInstance.getFirst()) + " Type:" + ((String) newInstance.getSecond()));
        return newInstance;
    }

    @Deprecated
    protected IIdentityLink buildOAspecificIdentityLink(ISpConfiguration iSpConfiguration, IIdentityLink iIdentityLink, String str, String str2) throws EaafConfigurationException, XPathException, DOMException, EaafParserException {
        if (!iSpConfiguration.hasBaseIdTransferRestriction()) {
            return iIdentityLink;
        }
        log.debug("SP: " + iSpConfiguration.getUniqueIdentifier() + " has baseId transfer restriction. Remove baseId from IDL ...");
        Element samlAssertion = iIdentityLink.getSamlAssertion();
        XPathUtils.selectSingleNode(samlAssertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH).getFirstChild().setNodeValue(str);
        XPathUtils.selectSingleNode(samlAssertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH).getFirstChild().setNodeValue(str2);
        return new SimpleIdentityLinkAssertionParser(samlAssertion).parseIdentityLink();
    }

    @Deprecated
    protected boolean matchsReceivedBpkToOnlineApplication(ISpConfiguration iSpConfiguration, String str) {
        return iSpConfiguration.getAreaSpecificTargetIdentifier().equals(str);
    }

    @Deprecated
    private void parseBasicUserInfosFromIdl(AuthenticationData authenticationData, IIdentityLink iIdentityLink, Set<String> set) {
        authenticationData.setIdentificationValue(iIdentityLink.getIdentificationValue());
        authenticationData.setIdentificationType(iIdentityLink.getIdentificationType());
        if (this.basicConfig.getBasicConfigurationBoolean(CONFIG_PROP_ENABLE_IDL_ATTRIBUTE_ESCAPEING, false)) {
            authenticationData.setGivenName(iIdentityLink.getGivenName().replaceAll("'", "&#39;"));
            authenticationData.setFamilyName(iIdentityLink.getFamilyName().replaceAll("'", "&#39;"));
        } else {
            authenticationData.setGivenName(iIdentityLink.getGivenName());
            authenticationData.setFamilyName(iIdentityLink.getFamilyName());
        }
        authenticationData.setDateOfBirth(iIdentityLink.getDateOfBirth());
        set.remove("urn:oid:1.2.40.0.10.2.1.1.261.20");
        set.remove("urn:oid:2.5.4.42");
        set.remove("urn:oid:1.2.40.0.10.2.1.1.55");
        set.remove("urn:oid:1.2.40.0.10.2.1.1.261.36");
        set.remove("urn:oid:1.2.40.0.10.2.1.1.261.104");
    }

    @Deprecated
    private String getBpkValueFromPvpAttribute(IAuthProcessDataContainer iAuthProcessDataContainer) {
        String str = (String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.149", String.class);
        if (!StringUtils.isNotEmpty(str)) {
            return null;
        }
        if (str.startsWith("bPK:")) {
            log.warn("Attribute urn:oid:1.2.40.0.10.2.1.1.149 contains a not standardize prefix! Staring attribute value correction process ...");
            str = str.substring("bPK:".length());
        }
        String[] split = str.split(":");
        if (split.length == 2) {
            log.debug("Find PVP-Attr: BPK");
            return split[1];
        }
        if (split.length > 2) {
            log.warn("Attribute urn:oid:1.2.40.0.10.2.1.1.149 has a wrong encoding and can NOT be USED! Value:" + str);
            return null;
        }
        log.debug("Find PVP-Attr: BPK without prefix. Use it as it is");
        return split[0];
    }

    @Deprecated
    private String getBpkTypeFromPvpAttribute(IAuthProcessDataContainer iAuthProcessDataContainer) {
        String str = (String) iAuthProcessDataContainer.getGenericDataFromSession("urn:oid:1.2.40.0.10.2.1.1.261.34", String.class);
        if (!StringUtils.isNotEmpty(str)) {
            return null;
        }
        log.debug("Find PVP-Attr: {}", "EID-SECTOR-FOR-IDENTIFIER");
        return BpkBuilder.normalizeBpkTargetIdentifierToCommonFormat(str);
    }
}
