package net.unicon.cas.support.wsfederation.authentication.principal;

import java.util.Map;
import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/unicon/cas/support/wsfederation/authentication/principal/WsFederationCredential.class */
public final class WsFederationCredential {
    private final Logger logger = LoggerFactory.getLogger(WsFederationCredential.class);
    private String audience;
    private String authenticationMethod;
    private String id;
    private String issuer;
    private DateTime issuedOn;
    private DateTime notBefore;
    private DateTime notOnOrAfter;
    private DateTime retrievedOn;
    private Map<String, Object> attributes;

    public String getAuthenticationMethod() {
        return this.authenticationMethod;
    }

    public void setAuthenticationMethod(String str) {
        this.authenticationMethod = str;
    }

    public String getAudience() {
        return this.audience;
    }

    public void setAudience(String str) {
        this.audience = str;
    }

    public Map<String, Object> getAttributes() {
        return this.attributes;
    }

    public void setAttributes(Map<String, Object> map) {
        this.attributes = map;
    }

    public String getId() {
        return this.id;
    }

    public void setId(String str) {
        this.id = str;
    }

    public DateTime getIssuedOn() {
        return this.issuedOn;
    }

    public void setIssuedOn(DateTime dateTime) {
        this.issuedOn = dateTime;
    }

    public String getIssuer() {
        return this.issuer;
    }

    public void setIssuer(String str) {
        this.issuer = str;
    }

    public DateTime getNotBefore() {
        return this.notBefore;
    }

    public void setNotBefore(DateTime dateTime) {
        this.notBefore = dateTime;
    }

    public DateTime getNotOnOrAfter() {
        return this.notOnOrAfter;
    }

    public void setNotOnOrAfter(DateTime dateTime) {
        this.notOnOrAfter = dateTime;
    }

    public DateTime getRetrievedOn() {
        return this.retrievedOn;
    }

    public void setRetrievedOn(DateTime dateTime) {
        this.retrievedOn = dateTime;
    }

    public String toString() {
        String str = "";
        for (String str2 : this.attributes.keySet()) {
            str = str + "  " + str2 + ": " + this.attributes.get(str2).toString() + "\n";
        }
        return String.format("ID: %s\nIssuer: %s\nAudience: %s\nAudience Method: %s\nIssued On: %s\nValid After: %s\nValid Before: %s\nAttributes:\n%s", this.id, this.issuer, this.audience, this.authenticationMethod, this.issuedOn.toString(), this.notBefore.toString(), this.notOnOrAfter.toString(), str);
    }

    public boolean isValid(String str, String str2, int i) {
        if (!getAudience().equalsIgnoreCase(str)) {
            this.logger.warn(".isValid: audience is invalid: {}", getAudience());
            return false;
        }
        if (!getIssuer().equalsIgnoreCase(str2)) {
            this.logger.warn(".isValid: issuer is invalid: {}", getIssuer());
            return false;
        }
        if (getIssuedOn().isBefore(getRetrievedOn().minusMillis(i)) || getIssuedOn().isAfter(getRetrievedOn().plusMillis(i))) {
            this.logger.warn(".isValid: Ticket outside of drift.");
            return false;
        }
        if (getRetrievedOn().isAfter(getNotOnOrAfter())) {
            this.logger.warn(".isValid: ticket is too late.");
            return false;
        }
        this.logger.debug(".isValid: credential is valid.");
        return true;
    }
}
