package com.ibm.ws.wssecurity.saml.saml20.assertion.impl;

import com.ibm.ws.wssecurity.saml.common.impl.SAMLAssertionImpl;
import com.ibm.ws.wssecurity.saml.common.util.MessageHelper;
import com.ibm.ws.wssecurity.saml.common.util.OMUtil;
import com.ibm.ws.wssecurity.saml.common.util.UTC;
import com.ibm.ws.wssecurity.saml.common.util.UUIDGenerator;
import com.ibm.ws.wssecurity.saml.saml20.assertion.Advice;
import com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion;
import com.ibm.ws.wssecurity.saml.saml20.assertion.AuthnStatement;
import com.ibm.ws.wssecurity.saml.saml20.assertion.Conditions;
import com.ibm.ws.wssecurity.saml.saml20.assertion.NameID;
import com.ibm.ws.wssecurity.saml.saml20.assertion.StatementAbstract;
import com.ibm.ws.wssecurity.saml.saml20.assertion.Subject;
import com.ibm.ws.wssecurity.saml.saml20.assertion.SubjectConfirmation;
import com.ibm.ws.wssecurity.saml.saml20.assertion.SubjectConfirmationData;
import com.ibm.ws.wssecurity.saml.security.EnvelopedSignatureAssertion;
import com.ibm.ws.wssecurity.saml.security.HoKAssertion;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.saml.config.ConsumerConfig;
import com.ibm.wsspi.wssecurity.saml.config.CredentialConfig;
import com.ibm.wsspi.wssecurity.saml.config.ProviderConfig;
import com.ibm.wsspi.wssecurity.saml.config.RequesterConfig;
import java.security.Key;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.ListIterator;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/saml/saml20/assertion/impl/AssertionImpl.class */
public class AssertionImpl extends SAMLAssertionImpl implements Assertion {
    private static final String comp = "security.wssecurity";
    protected NameID issuer;
    protected EnvelopedSignatureAssertion signature;
    protected Subject subject;
    protected Conditions conditions;
    protected Advice advice;
    protected List<StatementAbstract> statementOrAuthnStatementOrAuthzDecisionStatement;
    protected String version;
    protected Date issueInstant;
    protected String issueInstantUTC;
    private ConsumerConfig assertionConsumingCfg;
    private OMElement xml;
    private String confirmMethod;
    private Key holderOfKey;
    private boolean isSigned;
    private ProviderConfig issue;
    private RequesterConfig request;
    private CredentialConfig cred;
    private static final TraceComponent tc = Tr.register(AssertionImpl.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.samlmessages");
    private static final OMFactory omFactory = OMAbstractFactory.getOMFactory();

    public AssertionImpl(ProviderConfig providerConfig, RequesterConfig requesterConfig, CredentialConfig credentialConfig) {
        this.issueInstantUTC = null;
        this.assertionConsumingCfg = null;
        this.xml = null;
        this.holderOfKey = null;
        this.isSigned = false;
        this.issue = null;
        this.request = null;
        this.cred = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "AssertionImpl( issueCfg, requesterData, cred)");
        }
        this.issue = providerConfig;
        this.request = requesterConfig;
        this.cred = credentialConfig;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "AssertionImpl( issueCfg, requesterData, cred)");
        }
    }

    public AssertionImpl(OMElement oMElement, ConsumerConfig consumerConfig) {
        this.issueInstantUTC = null;
        this.assertionConsumingCfg = null;
        this.xml = null;
        this.holderOfKey = null;
        this.isSigned = false;
        this.issue = null;
        this.request = null;
        this.cred = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "AssertionImpl(OMElement om, ConsumerConfig keyStoreCfg)");
        }
        initVersion();
        this.xml = oMElement;
        this.assertionConsumingCfg = consumerConfig;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "AssertionImpl(OMElement om, ConsumerConfig keyStoreCfg)");
        }
    }

    private void initialize() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initialize()");
        }
        this.id = UUIDGenerator.generateUUID();
        this.issueInstant = new Date();
        this.issueInstantUTC = UTC.format(this.issueInstant);
        this.version = "2.0";
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initialize()");
        }
    }

    private void initVersion() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "initVersion()");
        }
        this.assertionVersion = Assertion._saml2_ns_qname;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "initVersion()");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public NameID getIssuer() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getIssuer() to return: " + this.issuer);
        }
        return this.issuer;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setIssuer(NameID nameID) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setIssuer(" + nameID.toString() + ")");
        }
        if (nameID == null || nameID.getValue() == null || nameID.getValue().isEmpty()) {
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.WSSML6001E"));
        }
        this.issuer = nameID;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setIssuer(NameID value): " + nameID.getValue());
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public EnvelopedSignatureAssertion getSignature() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSignature() to return the signature object");
        }
        return this.signature;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setSignature(EnvelopedSignatureAssertion envelopedSignatureAssertion) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setSignature(EnvelopedSignatureAssertion value)");
        }
        this.signature = envelopedSignatureAssertion;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public Subject getSubject() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSubject() to return the subject");
        }
        return this.subject;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setSubject(Subject subject) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setSubject(Subject value)");
        }
        this.subject = subject;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public Conditions getConditions() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConditions() to return the conditions");
        }
        return this.conditions;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setConditions(Conditions conditions) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setConditions(Conditions value)");
        }
        this.conditions = conditions;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public Advice getAdvice() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getAdvice() to return advice");
        }
        return this.advice;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setAdvice(Advice advice) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setAdvice()");
        }
        this.advice = advice;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public List<StatementAbstract> getStatementOrAuthnStatementOrAuthzDecisionStatement() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getStatementOrAuthnStatementOrAuthzDecisionStatement()");
        }
        if (this.statementOrAuthnStatementOrAuthzDecisionStatement == null) {
            this.statementOrAuthnStatementOrAuthzDecisionStatement = new ArrayList();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getStatementOrAuthnStatementOrAuthzDecisionStatement() to return");
        }
        return this.statementOrAuthnStatementOrAuthzDecisionStatement;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void addStatement(StatementAbstract statementAbstract) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "addStatement(StatementAbstract statement)");
        }
        if (!statementAbstract.isSupported()) {
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.WSSML6002E"));
        }
        getStatementOrAuthnStatementOrAuthzDecisionStatement().add(statementAbstract);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "addStatement(StatementAbstract statement)");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public String getVersion() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getVersion() to return: " + this.version);
        }
        return this.version;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setVersion(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setVersion(" + str + ")");
        }
        this.version = str;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public String getID() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getID() to return: " + this.id);
        }
        return this.id;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setID(String str) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setID(" + str + ")");
        }
        if (str == null || str.isEmpty()) {
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.WSSML6003E"));
        }
        this.id = str;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setID(" + str + ")");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public Date getIssueInstant() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getIssueInstant() about to return: " + this.issueInstant.toString());
        }
        return this.issueInstant;
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public void setIssueInstant(Date date) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setIssueInstant(Date value): " + (date == null ? null : date.toString()));
        }
        if (date == null) {
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.WSSML6004E"));
        }
        this.issueInstant = date;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setIssueInstant(Date value): " + date.toString());
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.saml20.assertion.Assertion
    public List<StatementAbstract> getStatements(QName qName) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getStatements(QName qName): " + qName.toString());
        }
        if (qName == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        ListIterator<StatementAbstract> listIterator = getStatementOrAuthnStatementOrAuthzDecisionStatement().listIterator();
        while (listIterator.hasNext()) {
            StatementAbstract next = listIterator.next();
            if (qName.equals(next.getQName())) {
                arrayList.add(next);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getStatements(QName qName): " + qName.toString());
        }
        return arrayList;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLAssertion
    public String getConfirmationMethod() {
        Subject subject;
        SubjectConfirmation subjectConfirmation;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getConfirmationMethod()");
        }
        if (this.confirmMethod == null && (subject = this.subject) != null && (subjectConfirmation = subject.getSubjectConfirmation()) != null) {
            this.confirmMethod = subjectConfirmation.getMethod();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getConfirmationMethod(): " + this.confirmMethod);
        }
        return this.confirmMethod;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLAssertion
    public Date getSamlExpirationTime() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getSamlExpirationTime() to return the expiration time");
        }
        return this.conditions.getNotOnOrAfter();
    }

    public boolean isSigned() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "isSigned() to return: " + new Boolean(this.isSigned).toString());
        }
        return this.isSigned;
    }

    public void setSigned() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setSigned() to set isSigned to true");
        }
        this.isSigned = true;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public void create() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "create()");
        }
        initVersion();
        initialize();
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "create()");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public boolean validate() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "validate()");
        }
        if (this.issueInstant.after(new Date())) {
            long clockSkew = this.assertionConsumingCfg != null ? this.assertionConsumingCfg.getClockSkew() : 180000L;
            Date date = new Date();
            long time = clockSkew + date.getTime();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "issueInstant: [" + UTC.format(this.issueInstant) + "], [" + this.issueInstant.getTime() + "]");
                Tr.debug(tc, "current time: [" + UTC.format(date) + "], [" + date.getTime() + "]");
                Tr.debug(tc, "clockskew: [" + ((clockSkew / 60) / 1000) + " minutes], [" + clockSkew + " millis]");
                Tr.debug(tc, "time adjusted forward for clockskew=" + time);
            }
            if (time < this.issueInstant.getTime()) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "token issued after current date/time.  Possible clockskew issue.");
                }
                throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.CWSML7002E", new String[]{UTC.format(this.issueInstant), UTC.format(date), String.valueOf((clockSkew / 60) / 1000)}));
            }
        }
        if (this.id == null || this.id.isEmpty()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "ID is missing or empty");
            }
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.CWSML7003E", new String[]{Assertion.ID}));
        }
        if (!ConfigUtil.hasValue(this.version)) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Version is missing or empty");
            }
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.CWSML7003E", new String[]{Assertion.VersionIdentifier}));
        }
        if (!this.version.trim().equals("2.0")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Version is not 2.0.  Version in the assertion is [" + this.version + "]");
            }
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.CWSML7019E", new String[]{this.version, "2.0"}));
        }
        if (this.issuer != null && !this.issuer.validate()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "issuer validation failed");
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "validate() to return: " + new Boolean(false).toString());
            return false;
        }
        if (this.conditions != null && !this.conditions.validate()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "conditions validation failed");
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "validate() to return: " + new Boolean(false).toString());
            return false;
        }
        if (this.subject != null && !this.subject.validate()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "subject validation failed");
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "validate() to return: " + new Boolean(false).toString());
            return false;
        }
        if (this.advice != null && !this.advice.validate()) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "advice validation failed");
            }
            if (!tc.isEntryEnabled()) {
                return false;
            }
            Tr.exit(tc, "validate() to return: " + new Boolean(false).toString());
            return false;
        }
        if (getStatementOrAuthnStatementOrAuthzDecisionStatement() != null) {
            StatementAbstract[] statementAbstractArr = new StatementAbstract[getStatementOrAuthnStatementOrAuthzDecisionStatement().size()];
            getStatementOrAuthnStatementOrAuthzDecisionStatement().toArray(statementAbstractArr);
            if (statementAbstractArr != null) {
                int length = statementAbstractArr.length;
                for (int i = 0; i < length; i++) {
                    if (!statementAbstractArr[i].validate()) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "validation failed for: [" + statementAbstractArr[i].getClass().getName() + "]");
                        }
                        if (!tc.isEntryEnabled()) {
                            return false;
                        }
                        Tr.exit(tc, "validate() to return: " + new Boolean(false).toString());
                        return false;
                    }
                }
            }
        }
        if (!tc.isEntryEnabled()) {
            return true;
        }
        Tr.exit(tc, "validate() to return: " + new Boolean(true).toString());
        return true;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLAssertion
    public Key getHolderOfKey() {
        SubjectConfirmation subjectConfirmation;
        SubjectConfirmationData subjectConfirmationData;
        HoKAssertion keyInfoAssertion;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getHolderOfKey())");
        }
        if (this.holderOfKey != null) {
            return this.holderOfKey;
        }
        Subject subject = getSubject();
        if (subject != null && (subjectConfirmation = subject.getSubjectConfirmation()) != null && (subjectConfirmationData = subjectConfirmation.getSubjectConfirmationData()) != null && (keyInfoAssertion = subjectConfirmationData.getKeyInfoAssertion()) != null) {
            this.holderOfKey = keyInfoAssertion.getKey();
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getHolderOfKey() about to return)");
        }
        return this.holderOfKey;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public OMElement getXML() throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getXML()");
        }
        if (this.xml != null || this.isSigned) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "getXML() about to return: " + this.xml);
            }
            return this.xml;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getXML() about to return marshal(null)");
        }
        return marshal(null);
    }

    public void setXML(OMElement oMElement) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setXML(): " + oMElement);
        }
        if (this.isSigned) {
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.WSSML6005E"));
        }
        this.xml = oMElement;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setXML()");
        }
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public OMElement marshal(OMElement oMElement) throws SoapSecurityException {
        OMElement createOMElement;
        OMElement marshal;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "marshal(OMElement parent): " + oMElement);
        }
        if (this.isSigned) {
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "marshal(OMElement parent): case of signed assertion: about to return this.xml");
            }
            return this.xml;
        }
        if (oMElement == null) {
            createOMElement = omFactory.createOMElement("Assertion", _saml2_ns, _saml2_prefix);
            createOMElement.declareNamespace(_saml2_ns, _saml2_prefix);
        } else {
            createOMElement = oMElement.getOMFactory().createOMElement("Assertion", _saml2_ns, _saml2_prefix);
        }
        createOMElement.addAttribute(Assertion.VersionIdentifier, this.version, (OMNamespace) null);
        createOMElement.addAttribute(Assertion.ID, this.id, (OMNamespace) null);
        createOMElement.addAttribute("IssueInstant", UTC.format(this.issueInstant), (OMNamespace) null);
        if (this.issuer != null) {
            createOMElement.addChild(this.issuer.marshal(createOMElement));
        }
        if (this.subject != null && (marshal = this.subject.marshal(createOMElement)) != null) {
            createOMElement.addChild(marshal);
        }
        if (this.conditions != null) {
            createOMElement.addChild(this.conditions.marshal(createOMElement));
        }
        if (this.advice != null) {
            createOMElement.addChild(this.advice.marshal(createOMElement));
        }
        if (getStatementOrAuthnStatementOrAuthzDecisionStatement() != null) {
            StatementAbstract[] statementAbstractArr = new StatementAbstract[getStatementOrAuthnStatementOrAuthzDecisionStatement().size()];
            getStatementOrAuthnStatementOrAuthzDecisionStatement().toArray(statementAbstractArr);
            if (statementAbstractArr != null) {
                for (StatementAbstract statementAbstract : statementAbstractArr) {
                    OMElement marshal2 = statementAbstract.marshal(createOMElement);
                    if (marshal2 != null) {
                        createOMElement.addChild(marshal2);
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "marshal(OMElement parent) about to return: " + createOMElement);
        }
        this.xml = createOMElement;
        return createOMElement;
    }

    @Override // com.ibm.ws.wssecurity.saml.common.SAMLObjectElement
    public void unMarshal(OMElement oMElement) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "unMarshal (OMElement aOM): " + oMElement);
        }
        this.xml = oMElement;
        this.id = oMElement.getAttributeValue(new QName(null, Assertion.ID));
        this.issueInstantUTC = oMElement.getAttributeValue(new QName(null, "IssueInstant"));
        try {
            this.issueInstant = UTC.parse(this.issueInstantUTC);
        } catch (Exception e) {
        }
        this.version = oMElement.getAttributeValue(new QName(null, Assertion.VersionIdentifier));
        try {
            for (OMElement firstElement = OMUtil.getFirstElement(oMElement); firstElement != null; firstElement = OMUtil.getNextElement(firstElement)) {
                String localName = firstElement.getLocalName();
                if ("Issuer".equals(localName)) {
                    this.issuer = new IssuerImpl();
                    this.issuer.unMarshal(firstElement);
                } else if ("Conditions".equals(localName)) {
                    this.conditions = new ConditionsImpl(this.assertionConsumingCfg);
                    this.conditions.unMarshal(firstElement);
                } else if ("Advice".equals(localName)) {
                    this.advice = new AdviceImpl();
                    this.advice.unMarshal(firstElement);
                } else if ("AttributeStatement".equals(localName)) {
                    AttributeStatementImpl attributeStatementImpl = new AttributeStatementImpl();
                    attributeStatementImpl.unMarshal(firstElement);
                    getStatementOrAuthnStatementOrAuthzDecisionStatement().add(attributeStatementImpl);
                } else if (AuthnStatement.localName.equals(localName)) {
                    AuthnStatementImpl authnStatementImpl = new AuthnStatementImpl(this.assertionConsumingCfg);
                    authnStatementImpl.unMarshal(firstElement);
                    getStatementOrAuthnStatementOrAuthzDecisionStatement().add(authnStatementImpl);
                } else if ("Subject".equals(localName)) {
                    this.subject = new SubjectImpl(this.assertionConsumingCfg);
                    this.subject.unMarshal(firstElement);
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "unMarshal (OMElement aOM)");
            }
        } catch (Exception e2) {
            throw new SoapSecurityException(MessageHelper.getMessage("security.wssecurity.CWSML7007E"), e2);
        }
    }
}
