package org.opensaml.saml.common.messaging;

import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.opensaml.core.xml.io.MarshallingException;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.config.SAMLConfigurationSupport;
import org.opensaml.security.SecurityException;
import org.opensaml.xmlsec.SignatureSigningParameters;
import org.opensaml.xmlsec.context.SecurityParametersContext;
import org.opensaml.xmlsec.signature.SignableXMLObject;
import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.SignatureSupport;

/* loaded from: input_file:lib/ehealth_connector-fatjar-ch-1.7-20180920s.jar:org/opensaml/saml/common/messaging/SAMLMessageSecuritySupport.class */
public final class SAMLMessageSecuritySupport {
    private SAMLMessageSecuritySupport() {
    }

    public static void signMessage(@Nonnull MessageContext<SAMLObject> messageContext) throws SecurityException, MarshallingException, SignatureException {
        Constraint.isNotNull(messageContext, "Message context cannot be null");
        SAMLObject message = messageContext.getMessage();
        SignatureSigningParameters contextSigningParameters = getContextSigningParameters(messageContext);
        if (!(message instanceof SignableXMLObject) || contextSigningParameters == null) {
            return;
        }
        SignatureSupport.signObject((SignableXMLObject) message, contextSigningParameters);
    }

    @Nullable
    public static SignatureSigningParameters getContextSigningParameters(@Nonnull MessageContext<SAMLObject> messageContext) {
        Constraint.isNotNull(messageContext, "Message context cannot be null");
        SecurityParametersContext securityParametersContext = (SecurityParametersContext) messageContext.getSubcontext(SecurityParametersContext.class);
        if (securityParametersContext != null) {
            return securityParametersContext.getSignatureSigningParameters();
        }
        return null;
    }

    public static boolean checkURLScheme(@NotEmpty @Nonnull String str) {
        String trimOrNull = StringSupport.trimOrNull(str);
        if (trimOrNull == null) {
            return false;
        }
        return SAMLConfigurationSupport.getAllowedBindingURLSchemes().contains(trimOrNull.toLowerCase());
    }
}
