package org.elasticsearch.xpack.idp.saml.sp;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.charset.StandardCharsets;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Duration;
import java.time.Instant;
import java.util.Base64;
import java.util.Collection;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.SortedSet;
import java.util.TreeSet;
import java.util.function.BiConsumer;
import java.util.function.Supplier;
import java.util.stream.Stream;
import org.elasticsearch.ElasticsearchException;
import org.elasticsearch.common.Strings;
import org.elasticsearch.common.ValidationException;
import org.elasticsearch.common.io.stream.StreamInput;
import org.elasticsearch.common.io.stream.StreamOutput;
import org.elasticsearch.common.io.stream.Writeable;
import org.elasticsearch.common.util.set.Sets;
import org.elasticsearch.core.Nullable;
import org.elasticsearch.xcontent.ObjectParser;
import org.elasticsearch.xcontent.ParseField;
import org.elasticsearch.xcontent.ToXContent;
import org.elasticsearch.xcontent.ToXContentObject;
import org.elasticsearch.xcontent.XContentBuilder;
import org.elasticsearch.xcontent.XContentParser;
import org.elasticsearch.xpack.core.ssl.CertParsingUtils;

/* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument.class */
public class SamlServiceProviderDocument implements ToXContentObject, Writeable {

    @Nullable
    public String docId;
    public String name;
    public String entityId;
    public String acs;

    @Nullable
    public String nameIdFormat;
    public boolean enabled;
    public Instant created;
    public Instant lastModified;
    public Set<String> signMessages;

    @Nullable
    public Long authenticationExpiryMillis;
    public final Privileges privileges;
    public final AttributeNames attributeNames;
    public final Certificates certificates;
    public static final String SIGN_AUTHN = "authn";
    public static final String SIGN_LOGOUT = "logout";
    private static final Set<String> ALLOWED_SIGN_MESSAGES = Set.of(SIGN_AUTHN, SIGN_LOGOUT);
    private static final ObjectParser<SamlServiceProviderDocument, SamlServiceProviderDocument> DOC_PARSER = new ObjectParser<>("service_provider_doc", true, SamlServiceProviderDocument::new);
    private static final ObjectParser<Privileges, Void> PRIVILEGES_PARSER = new ObjectParser<>("service_provider_priv", true, (Supplier) null);
    private static final ObjectParser<AttributeNames, Void> ATTRIBUTES_PARSER = new ObjectParser<>("service_provider_attr", true, (Supplier) null);
    private static final ObjectParser<Certificates, Void> CERTIFICATES_PARSER = new ObjectParser<>("service_provider_cert", true, (Supplier) null);
    private static final BiConsumer<SamlServiceProviderDocument, Object> NULL_CONSUMER = (samlServiceProviderDocument, obj) -> {
    };

    /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$AttributeNames.class */
    public static class AttributeNames {
        public String principal;

        @Nullable
        public String email;

        @Nullable
        public String name;

        @Nullable
        public String roles;

        public void setPrincipal(String str) {
            this.principal = str;
        }

        public void setEmail(String str) {
            this.email = str;
        }

        public void setName(String str) {
            this.name = str;
        }

        public void setRoles(String str) {
            this.roles = str;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            AttributeNames attributeNames = (AttributeNames) obj;
            return Objects.equals(this.principal, attributeNames.principal) && Objects.equals(this.email, attributeNames.email) && Objects.equals(this.name, attributeNames.name) && Objects.equals(this.roles, attributeNames.roles);
        }

        public int hashCode() {
            return Objects.hash(this.principal, this.email, this.name, this.roles);
        }
    }

    /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$Certificates.class */
    public static class Certificates {
        public List<String> serviceProviderSigning = List.of();
        public List<String> identityProviderSigning = List.of();
        public List<String> identityProviderMetadataSigning = List.of();

        public void setServiceProviderSigning(Collection<String> collection) {
            this.serviceProviderSigning = collection == null ? List.of() : List.copyOf(collection);
        }

        public void setIdentityProviderSigning(Collection<String> collection) {
            this.identityProviderSigning = collection == null ? List.of() : List.copyOf(collection);
        }

        public void setIdentityProviderMetadataSigning(Collection<String> collection) {
            this.identityProviderMetadataSigning = collection == null ? List.of() : List.copyOf(collection);
        }

        public void setServiceProviderX509SigningCertificates(Collection<X509Certificate> collection) {
            this.serviceProviderSigning = encodeCertificates(collection);
        }

        public List<X509Certificate> getServiceProviderX509SigningCertificates() {
            return decodeCertificates(this.serviceProviderSigning);
        }

        public void setIdentityProviderX509SigningCertificates(Collection<X509Certificate> collection) {
            this.identityProviderSigning = encodeCertificates(collection);
        }

        public List<X509Certificate> getIdentityProviderX509SigningCertificates() {
            return decodeCertificates(this.identityProviderSigning);
        }

        public void setIdentityProviderX509MetadataSigningCertificates(Collection<X509Certificate> collection) {
            this.identityProviderMetadataSigning = encodeCertificates(collection);
        }

        public List<X509Certificate> getIdentityProviderX509MetadataSigningCertificates() {
            return decodeCertificates(this.identityProviderMetadataSigning);
        }

        private List<String> encodeCertificates(Collection<X509Certificate> collection) {
            if (collection == null) {
                return List.of();
            }
            Stream<R> map = collection.stream().map(x509Certificate -> {
                try {
                    return x509Certificate.getEncoded();
                } catch (CertificateEncodingException e) {
                    throw new ElasticsearchException("Cannot read certificate", e, new Object[0]);
                }
            });
            Base64.Encoder encoder = Base64.getEncoder();
            Objects.requireNonNull(encoder);
            return map.map(encoder::encodeToString).toList();
        }

        private List<X509Certificate> decodeCertificates(List<String> list) {
            return (list == null || list.isEmpty()) ? List.of() : list.stream().map(this::decodeCertificate).toList();
        }

        private X509Certificate decodeCertificate(String str) {
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8));
                try {
                    List readCertificates = CertParsingUtils.readCertificates(Base64.getDecoder().wrap(byteArrayInputStream));
                    if (readCertificates.size() != 1) {
                        throw new ElasticsearchException("Expected a single certificate, but found {}", new Object[]{Integer.valueOf(readCertificates.size())});
                    }
                    Certificate certificate = (Certificate) readCertificates.get(0);
                    if (!(certificate instanceof X509Certificate)) {
                        throw new ElasticsearchException("Certificate ({}) is not a X.509 certificate", new Object[]{certificate.getClass()});
                    }
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    byteArrayInputStream.close();
                    return x509Certificate;
                } catch (Throwable th) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            } catch (CertificateException e2) {
                throw new ElasticsearchException("Cannot parse certificate(s)", e2, new Object[0]);
            }
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Certificates certificates = (Certificates) obj;
            return Objects.equals(this.serviceProviderSigning, certificates.serviceProviderSigning) && Objects.equals(this.identityProviderSigning, certificates.identityProviderSigning) && Objects.equals(this.identityProviderMetadataSigning, certificates.identityProviderMetadataSigning);
        }

        public int hashCode() {
            return Objects.hash(this.serviceProviderSigning, this.identityProviderSigning, this.identityProviderMetadataSigning);
        }
    }

    /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$Fields.class */
    public interface Fields {
        public static final ParseField NAME = new ParseField("name", new String[0]);
        public static final ParseField ENTITY_ID = new ParseField("entity_id", new String[0]);
        public static final ParseField ACS = new ParseField("acs", new String[0]);
        public static final ParseField ENABLED = new ParseField("enabled", new String[0]);
        public static final ParseField NAME_ID = new ParseField("name_id_format", new String[0]);
        public static final ParseField SIGN_MSGS = new ParseField("sign_messages", new String[0]);
        public static final ParseField AUTHN_EXPIRY = new ParseField("authn_expiry_ms", new String[0]);
        public static final ParseField CREATED_DATE = new ParseField("created", new String[0]);
        public static final ParseField LAST_MODIFIED = new ParseField("last_modified", new String[0]);
        public static final ParseField PRIVILEGES = new ParseField("privileges", new String[0]);
        public static final ParseField ATTRIBUTES = new ParseField("attributes", new String[0]);
        public static final ParseField CERTIFICATES = new ParseField("certificates", new String[0]);

        /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$Fields$Attributes.class */
        public interface Attributes {
            public static final ParseField PRINCIPAL = new ParseField("principal", new String[0]);
            public static final ParseField EMAIL = new ParseField("email", new String[0]);
            public static final ParseField NAME = new ParseField("name", new String[0]);
            public static final ParseField ROLES = new ParseField("roles", new String[0]);
        }

        /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$Fields$Certificates.class */
        public interface Certificates {
            public static final ParseField SP_SIGNING = new ParseField("sp_signing", new String[0]);
            public static final ParseField IDP_SIGNING = new ParseField("idp_signing", new String[0]);
            public static final ParseField IDP_METADATA = new ParseField("idp_metadata", new String[0]);
        }

        /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$Fields$Privileges.class */
        public interface Privileges {
            public static final ParseField RESOURCE = new ParseField("resource", new String[0]);
            public static final ParseField ROLES = new ParseField("roles", new String[0]);
        }
    }

    /* loaded from: input_file:org/elasticsearch/xpack/idp/saml/sp/SamlServiceProviderDocument$Privileges.class */
    public static class Privileges {
        public String resource;
        public SortedSet<String> rolePatterns = new TreeSet();

        public void setResource(String str) {
            this.resource = str;
        }

        public void setRolePatterns(Collection<String> collection) {
            this.rolePatterns = new TreeSet(collection);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            Privileges privileges = (Privileges) obj;
            return Objects.equals(this.resource, privileges.resource) && Objects.equals(this.rolePatterns, privileges.rolePatterns);
        }

        public int hashCode() {
            return Objects.hash(this.resource, this.rolePatterns);
        }
    }

    public SamlServiceProviderDocument() {
        this.enabled = true;
        this.signMessages = Set.of();
        this.privileges = new Privileges();
        this.attributeNames = new AttributeNames();
        this.certificates = new Certificates();
    }

    public SamlServiceProviderDocument(StreamInput streamInput) throws IOException {
        this.enabled = true;
        this.signMessages = Set.of();
        this.privileges = new Privileges();
        this.attributeNames = new AttributeNames();
        this.certificates = new Certificates();
        this.docId = streamInput.readOptionalString();
        this.name = streamInput.readString();
        this.entityId = streamInput.readString();
        this.acs = streamInput.readString();
        this.enabled = streamInput.readBoolean();
        this.created = streamInput.readInstant();
        this.lastModified = streamInput.readInstant();
        this.nameIdFormat = streamInput.readOptionalString();
        this.authenticationExpiryMillis = streamInput.readOptionalVLong();
        this.privileges.resource = streamInput.readString();
        this.privileges.rolePatterns = new TreeSet(streamInput.readSet((v0) -> {
            return v0.readString();
        }));
        this.attributeNames.principal = streamInput.readString();
        this.attributeNames.email = streamInput.readOptionalString();
        this.attributeNames.name = streamInput.readOptionalString();
        this.attributeNames.roles = streamInput.readOptionalString();
        this.certificates.serviceProviderSigning = streamInput.readStringList();
        this.certificates.identityProviderSigning = streamInput.readStringList();
        this.certificates.identityProviderMetadataSigning = streamInput.readStringList();
    }

    public void writeTo(StreamOutput streamOutput) throws IOException {
        streamOutput.writeOptionalString(this.docId);
        streamOutput.writeString(this.name);
        streamOutput.writeString(this.entityId);
        streamOutput.writeString(this.acs);
        streamOutput.writeBoolean(this.enabled);
        streamOutput.writeInstant(this.created);
        streamOutput.writeInstant(this.lastModified);
        streamOutput.writeOptionalString(this.nameIdFormat);
        streamOutput.writeOptionalVLong(this.authenticationExpiryMillis);
        streamOutput.writeString(this.privileges.resource);
        streamOutput.writeStringCollection(this.privileges.rolePatterns == null ? Set.of() : this.privileges.rolePatterns);
        streamOutput.writeString(this.attributeNames.principal);
        streamOutput.writeOptionalString(this.attributeNames.email);
        streamOutput.writeOptionalString(this.attributeNames.name);
        streamOutput.writeOptionalString(this.attributeNames.roles);
        streamOutput.writeStringCollection(this.certificates.serviceProviderSigning);
        streamOutput.writeStringCollection(this.certificates.identityProviderSigning);
        streamOutput.writeStringCollection(this.certificates.identityProviderMetadataSigning);
    }

    public String getDocId() {
        return this.docId;
    }

    public void setDocId(String str) {
        this.docId = str;
    }

    public void setName(String str) {
        this.name = str;
    }

    public void setEntityId(String str) {
        this.entityId = str;
    }

    public void setAcs(String str) {
        this.acs = str;
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public void setCreated(Instant instant) {
        this.created = instant;
    }

    public void setLastModified(Instant instant) {
        this.lastModified = instant;
    }

    public void setCreatedMillis(Long l) {
        this.created = Instant.ofEpochMilli(l.longValue());
    }

    public void setLastModifiedMillis(Long l) {
        this.lastModified = Instant.ofEpochMilli(l.longValue());
    }

    public void setNameIdFormat(String str) {
        this.nameIdFormat = str;
    }

    public void setSignMessages(Collection<String> collection) {
        this.signMessages = collection == null ? Set.of() : Set.copyOf(collection);
    }

    public void setAuthenticationExpiryMillis(Long l) {
        this.authenticationExpiryMillis = l;
    }

    public void setAuthenticationExpiry(Duration duration) {
        this.authenticationExpiryMillis = duration == null ? null : Long.valueOf(duration.toMillis());
    }

    public Duration getAuthenticationExpiry() {
        if (this.authenticationExpiryMillis == null) {
            return null;
        }
        return Duration.ofMillis(this.authenticationExpiryMillis.longValue());
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        SamlServiceProviderDocument samlServiceProviderDocument = (SamlServiceProviderDocument) obj;
        return Objects.equals(this.docId, samlServiceProviderDocument.docId) && Objects.equals(this.name, samlServiceProviderDocument.name) && Objects.equals(this.entityId, samlServiceProviderDocument.entityId) && Objects.equals(this.acs, samlServiceProviderDocument.acs) && Objects.equals(Boolean.valueOf(this.enabled), Boolean.valueOf(samlServiceProviderDocument.enabled)) && Objects.equals(this.created, samlServiceProviderDocument.created) && Objects.equals(this.lastModified, samlServiceProviderDocument.lastModified) && Objects.equals(this.nameIdFormat, samlServiceProviderDocument.nameIdFormat) && Objects.equals(this.authenticationExpiryMillis, samlServiceProviderDocument.authenticationExpiryMillis) && Objects.equals(this.certificates, samlServiceProviderDocument.certificates) && Objects.equals(this.privileges, samlServiceProviderDocument.privileges) && Objects.equals(this.attributeNames, samlServiceProviderDocument.attributeNames);
    }

    public int hashCode() {
        return Objects.hash(this.docId, this.name, this.entityId, this.acs, Boolean.valueOf(this.enabled), this.created, this.lastModified, this.nameIdFormat, this.authenticationExpiryMillis, this.certificates, this.privileges, this.attributeNames);
    }

    public static SamlServiceProviderDocument fromXContent(String str, XContentParser xContentParser) throws IOException {
        SamlServiceProviderDocument samlServiceProviderDocument = new SamlServiceProviderDocument();
        samlServiceProviderDocument.setDocId(str);
        return (SamlServiceProviderDocument) DOC_PARSER.parse(xContentParser, samlServiceProviderDocument, samlServiceProviderDocument);
    }

    public ValidationException validate() {
        ValidationException validationException = new ValidationException();
        if (Strings.isNullOrEmpty(this.name)) {
            validationException.addValidationError("field [" + Fields.NAME + "] is required, but was [" + this.name + "]");
        }
        if (Strings.isNullOrEmpty(this.entityId)) {
            validationException.addValidationError("field [" + Fields.ENTITY_ID + "] is required, but was [" + this.entityId + "]");
        }
        if (Strings.isNullOrEmpty(this.acs)) {
            validationException.addValidationError("field [" + Fields.ACS + "] is required, but was [" + this.acs + "]");
        }
        if (this.created == null) {
            validationException.addValidationError("field [" + Fields.CREATED_DATE + "] is required, but was [" + this.created + "]");
        }
        if (this.lastModified == null) {
            validationException.addValidationError("field [" + Fields.LAST_MODIFIED + "] is required, but was [" + this.lastModified + "]");
        }
        Set difference = Sets.difference(this.signMessages, ALLOWED_SIGN_MESSAGES);
        if (!difference.isEmpty()) {
            validationException.addValidationError("the values [" + difference + "] are not permitted for [" + Fields.SIGN_MSGS + "] - permitted values are [" + ALLOWED_SIGN_MESSAGES + "]");
        }
        if (Strings.isNullOrEmpty(this.privileges.resource)) {
            validationException.addValidationError("field [" + Fields.PRIVILEGES + "." + Fields.Privileges.RESOURCE + "] is required, but was [" + this.privileges.resource + "]");
        }
        if (Strings.isNullOrEmpty(this.attributeNames.principal)) {
            validationException.addValidationError("field [" + Fields.ATTRIBUTES + "." + Fields.Attributes.PRINCIPAL + "] is required, but was [" + this.attributeNames.principal + "]");
        }
        if (validationException.validationErrors().isEmpty()) {
            return null;
        }
        return validationException;
    }

    public XContentBuilder toXContent(XContentBuilder xContentBuilder, ToXContent.Params params) throws IOException {
        xContentBuilder.startObject();
        xContentBuilder.field(Fields.NAME.getPreferredName(), this.name);
        xContentBuilder.field(Fields.ENTITY_ID.getPreferredName(), this.entityId);
        xContentBuilder.field(Fields.ACS.getPreferredName(), this.acs);
        xContentBuilder.field(Fields.ENABLED.getPreferredName(), this.enabled);
        xContentBuilder.field(Fields.CREATED_DATE.getPreferredName(), this.created == null ? null : Long.valueOf(this.created.toEpochMilli()));
        xContentBuilder.field(Fields.LAST_MODIFIED.getPreferredName(), this.lastModified == null ? null : Long.valueOf(this.lastModified.toEpochMilli()));
        xContentBuilder.field(Fields.NAME_ID.getPreferredName(), this.nameIdFormat);
        xContentBuilder.field(Fields.SIGN_MSGS.getPreferredName(), this.signMessages == null ? List.of() : this.signMessages);
        xContentBuilder.field(Fields.AUTHN_EXPIRY.getPreferredName(), this.authenticationExpiryMillis);
        xContentBuilder.startObject(Fields.PRIVILEGES.getPreferredName());
        xContentBuilder.field(Fields.Privileges.RESOURCE.getPreferredName(), this.privileges.resource);
        xContentBuilder.field(Fields.Privileges.ROLES.getPreferredName(), this.privileges.rolePatterns);
        xContentBuilder.endObject();
        xContentBuilder.startObject(Fields.ATTRIBUTES.getPreferredName());
        xContentBuilder.field(Fields.Attributes.PRINCIPAL.getPreferredName(), this.attributeNames.principal);
        xContentBuilder.field(Fields.Attributes.EMAIL.getPreferredName(), this.attributeNames.email);
        xContentBuilder.field(Fields.Attributes.NAME.getPreferredName(), this.attributeNames.name);
        xContentBuilder.field(Fields.Attributes.ROLES.getPreferredName(), this.attributeNames.roles);
        xContentBuilder.endObject();
        xContentBuilder.startObject(Fields.CERTIFICATES.getPreferredName());
        xContentBuilder.field(Fields.Certificates.SP_SIGNING.getPreferredName(), this.certificates.serviceProviderSigning);
        xContentBuilder.field(Fields.Certificates.IDP_SIGNING.getPreferredName(), this.certificates.identityProviderSigning);
        xContentBuilder.field(Fields.Certificates.IDP_METADATA.getPreferredName(), this.certificates.identityProviderMetadataSigning);
        xContentBuilder.endObject();
        return xContentBuilder.endObject();
    }

    public String toString() {
        return getClass().getSimpleName() + "{docId=" + this.docId + ", name=" + this.name + ", entityId=" + this.entityId + "}@" + hashCode();
    }

    static {
        DOC_PARSER.declareString((v0, v1) -> {
            v0.setName(v1);
        }, Fields.NAME);
        DOC_PARSER.declareString((v0, v1) -> {
            v0.setEntityId(v1);
        }, Fields.ENTITY_ID);
        DOC_PARSER.declareString((v0, v1) -> {
            v0.setAcs(v1);
        }, Fields.ACS);
        DOC_PARSER.declareBoolean((v0, v1) -> {
            v0.setEnabled(v1);
        }, Fields.ENABLED);
        DOC_PARSER.declareLong((v0, v1) -> {
            v0.setCreatedMillis(v1);
        }, Fields.CREATED_DATE);
        DOC_PARSER.declareLong((v0, v1) -> {
            v0.setLastModifiedMillis(v1);
        }, Fields.LAST_MODIFIED);
        DOC_PARSER.declareStringOrNull((v0, v1) -> {
            v0.setNameIdFormat(v1);
        }, Fields.NAME_ID);
        DOC_PARSER.declareStringArray((v0, v1) -> {
            v0.setSignMessages(v1);
        }, Fields.SIGN_MSGS);
        DOC_PARSER.declareField((v0, v1) -> {
            v0.setAuthenticationExpiryMillis(v1);
        }, xContentParser -> {
            if (xContentParser.currentToken() == XContentParser.Token.VALUE_NULL) {
                return null;
            }
            return Long.valueOf(xContentParser.longValue());
        }, Fields.AUTHN_EXPIRY, ObjectParser.ValueType.LONG_OR_NULL);
        DOC_PARSER.declareObject(NULL_CONSUMER, (xContentParser2, samlServiceProviderDocument) -> {
            return PRIVILEGES_PARSER.parse(xContentParser2, samlServiceProviderDocument.privileges, (Object) null);
        }, Fields.PRIVILEGES);
        PRIVILEGES_PARSER.declareString((v0, v1) -> {
            v0.setResource(v1);
        }, Fields.Privileges.RESOURCE);
        PRIVILEGES_PARSER.declareStringArray((v0, v1) -> {
            v0.setRolePatterns(v1);
        }, Fields.Privileges.ROLES);
        DOC_PARSER.declareObject(NULL_CONSUMER, (xContentParser3, samlServiceProviderDocument2) -> {
            return ATTRIBUTES_PARSER.parse(xContentParser3, samlServiceProviderDocument2.attributeNames, (Object) null);
        }, Fields.ATTRIBUTES);
        ATTRIBUTES_PARSER.declareString((v0, v1) -> {
            v0.setPrincipal(v1);
        }, Fields.Attributes.PRINCIPAL);
        ATTRIBUTES_PARSER.declareStringOrNull((v0, v1) -> {
            v0.setEmail(v1);
        }, Fields.Attributes.EMAIL);
        ATTRIBUTES_PARSER.declareStringOrNull((v0, v1) -> {
            v0.setName(v1);
        }, Fields.Attributes.NAME);
        ATTRIBUTES_PARSER.declareStringOrNull((v0, v1) -> {
            v0.setRoles(v1);
        }, Fields.Attributes.ROLES);
        DOC_PARSER.declareObject(NULL_CONSUMER, (xContentParser4, samlServiceProviderDocument3) -> {
            return CERTIFICATES_PARSER.parse(xContentParser4, samlServiceProviderDocument3.certificates, (Object) null);
        }, Fields.CERTIFICATES);
        CERTIFICATES_PARSER.declareStringArray((v0, v1) -> {
            v0.setServiceProviderSigning(v1);
        }, Fields.Certificates.SP_SIGNING);
        CERTIFICATES_PARSER.declareStringArray((v0, v1) -> {
            v0.setIdentityProviderSigning(v1);
        }, Fields.Certificates.IDP_SIGNING);
        CERTIFICATES_PARSER.declareStringArray((v0, v1) -> {
            v0.setIdentityProviderMetadataSigning(v1);
        }, Fields.Certificates.IDP_METADATA);
    }
}
