package org.springframework.security.saml.trust;

import java.util.ArrayList;
import java.util.Collection;
import javax.xml.namespace.QName;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.credential.UsageType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.saml.key.KeyManager;
import org.springframework.security.saml.metadata.ExtendedMetadata;
import org.springframework.security.saml.metadata.MetadataManager;

/* loaded from: input_file:org/springframework/security/saml/trust/MetadataCredentialResolver.class */
public class MetadataCredentialResolver extends org.opensaml.security.MetadataCredentialResolver {
    private final Logger log;
    protected MetadataManager manager;
    protected KeyManager keyManager;
    private boolean useXmlMetadata;
    private boolean useExtendedMetadata;

    public MetadataCredentialResolver(MetadataManager metadataManager, KeyManager keyManager) {
        super(metadataManager);
        this.log = LoggerFactory.getLogger(MetadataCredentialResolver.class);
        this.useXmlMetadata = true;
        this.useExtendedMetadata = true;
        this.manager = metadataManager;
        this.keyManager = keyManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.security.MetadataCredentialResolver
    public Collection<Credential> retrieveFromMetadata(String str, QName qName, String str2, UsageType usageType) throws SecurityException {
        try {
            ArrayList arrayList = new ArrayList();
            if (this.useExtendedMetadata) {
                ExtendedMetadata extendedMetadata = this.manager.getExtendedMetadata(str);
                if (usageType.equals(UsageType.UNSPECIFIED)) {
                    if (extendedMetadata.getSigningKey() != null) {
                        this.log.debug("Using customized signing key {} from extended metadata for entityID {}", extendedMetadata.getSigningKey(), str);
                        arrayList.add(this.keyManager.getCredential(extendedMetadata.getSigningKey()));
                    }
                    if (extendedMetadata.getEncryptionKey() != null) {
                        this.log.debug("Using customized encryption key {} from extended metadata for entityID {}", extendedMetadata.getEncryptionKey(), str);
                        arrayList.add(this.keyManager.getCredential(extendedMetadata.getEncryptionKey()));
                    }
                    if (extendedMetadata.getTlsKey() != null) {
                        this.log.debug("Using customized TLS key {} from extended metadata for entityID {}", extendedMetadata.getEncryptionKey(), str);
                        arrayList.add(this.keyManager.getCredential(extendedMetadata.getTlsKey()));
                    }
                } else if (usageType.equals(UsageType.SIGNING)) {
                    if (extendedMetadata.getSigningKey() != null) {
                        this.log.debug("Using customized signing key {} from extended metadata for entityID {}", extendedMetadata.getSigningKey(), str);
                        arrayList.add(this.keyManager.getCredential(extendedMetadata.getSigningKey()));
                    }
                } else if (usageType.equals(UsageType.ENCRYPTION) && extendedMetadata.getEncryptionKey() != null) {
                    this.log.debug("Using customized encryption key {} from extended metadata for entityID {}", extendedMetadata.getEncryptionKey(), str);
                    arrayList.add(this.keyManager.getCredential(extendedMetadata.getEncryptionKey()));
                }
            }
            if (this.useXmlMetadata) {
                Collection<Credential> retrieveFromMetadata = super.retrieveFromMetadata(str, qName, str2, usageType);
                arrayList.addAll(retrieveFromMetadata);
                this.log.debug("Added {} credentials resolved from metadata of entity {}", Integer.valueOf(retrieveFromMetadata.size()), str);
            }
            return arrayList;
        } catch (MetadataProviderException e) {
            throw new SecurityException("Error loading metadata information", e);
        }
    }

    public void setUseXmlMetadata(boolean z) {
        this.useXmlMetadata = z;
    }

    public void setUseExtendedMetadata(boolean z) {
        this.useExtendedMetadata = z;
    }
}
