package com.resolution.samlprocessor;

import com.resolution.atlasplugins.samlsso.configuration.IdpConfiguration;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.security.cert.CertificateException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.xml.security.c14n.Canonicalizer;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.NameIDFormat;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.XMLObjectBuilderFactory;
import org.opensaml.xml.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/resolution/samlprocessor/SAMLProcessor.class */
public class SAMLProcessor {
    private static final Logger logger = LoggerFactory.getLogger(SAMLProcessor.class);
    protected final Map<Integer, SingleIdpSAMLProcessor> samlProcessorsById = new HashMap();
    protected final Map<String, SingleIdpSAMLProcessor> samlProcessorsByIssuer = new HashMap();
    protected final SingleIdpSAMLProcessor singleSamlProcessor;

    public SAMLProcessor(String str, List<IdpConfiguration> list) throws SAMLProcessorException {
        try {
            if (list.size() == 1 && (list.get(0).getIssuer() == null || list.get(0).getIssuer().trim().isEmpty())) {
                IdpConfiguration idpConfiguration = list.get(0);
                this.singleSamlProcessor = new SingleIdpSAMLProcessor(idpConfiguration.getUrl(), idpConfiguration.getIssuer(), idpConfiguration.getUseridAttribute(), str, idpConfiguration.getRelayStateParameterName(), idpConfiguration.getCertificate(), idpConfiguration.isOmitRequestedAuthnContext(), idpConfiguration.getUseridTransformationRegex(), idpConfiguration.getUseridTransformationReplacement());
            } else {
                this.singleSamlProcessor = null;
                for (IdpConfiguration idpConfiguration2 : list) {
                    SingleIdpSAMLProcessor singleIdpSAMLProcessor = new SingleIdpSAMLProcessor(idpConfiguration2.getUrl(), idpConfiguration2.getIssuer(), idpConfiguration2.getUseridAttribute(), str, idpConfiguration2.getRelayStateParameterName(), idpConfiguration2.getCertificate(), idpConfiguration2.isOmitRequestedAuthnContext(), idpConfiguration2.getUseridTransformationRegex(), idpConfiguration2.getUseridTransformationReplacement());
                    this.samlProcessorsById.put(idpConfiguration2.getId(), singleIdpSAMLProcessor);
                    this.samlProcessorsByIssuer.put(idpConfiguration2.getIssuer(), singleIdpSAMLProcessor);
                }
            }
        } catch (CertificateException e) {
            throw new SAMLProcessorException(e);
        }
    }

    public String buildRedirectToIdPurl(HttpServletRequest httpServletRequest, String str, int i) throws SAMLProcessorException {
        if (this.singleSamlProcessor != null) {
            return this.singleSamlProcessor.buildRedirectToIdPurl(httpServletRequest, str);
        }
        SingleIdpSAMLProcessor singleIdpSAMLProcessor = this.samlProcessorsById.get(Integer.valueOf(i));
        if (singleIdpSAMLProcessor == null) {
            throw new SAMLProcessorException("No Identity provider found with id " + i);
        }
        return singleIdpSAMLProcessor.buildRedirectToIdPurl(httpServletRequest, str);
    }

    public String buildPOSTtoIdPFormHtml(String str, int i) throws SAMLProcessorException {
        if (this.singleSamlProcessor != null) {
            return this.singleSamlProcessor.buildPOSTtoIdPFormHtml(str);
        }
        SingleIdpSAMLProcessor singleIdpSAMLProcessor = this.samlProcessorsById.get(Integer.valueOf(i));
        if (singleIdpSAMLProcessor == null) {
            throw new SAMLProcessorException("No Identity provider found with id " + i);
        }
        return singleIdpSAMLProcessor.buildPOSTtoIdPFormHtml(str);
    }

    public Element readElementFromBase64samlResponseString(String str) throws SAXException, IOException, ParserConfigurationException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
        String str2 = new String(Base64.decode(str));
        logger.debug("Unformatted SAML Response:");
        logger.debug(str2);
        return newDocumentBuilder.parse(new ByteArrayInputStream(str2.getBytes())).getDocumentElement();
    }

    public SAMLResponseContent processSAMLResponseMessage(String str) throws SAMLProcessorException {
        try {
            return processSAMLResponseMessage(readElementFromBase64samlResponseString(str));
        } catch (Exception e) {
            throw new SAMLProcessorException(e);
        }
    }

    public SAMLResponseContent processSAMLResponseMessage(Element element) throws SAMLProcessorException {
        try {
            XMLObject unmarshall = Configuration.getUnmarshallerFactory().getUnmarshaller(element).unmarshall(element);
            if (unmarshall == null) {
                throw new SAMLProcessorException("SAML Response is null");
            }
            if (logger.isDebugEnabled()) {
                logger.debug("SAMLResponse:\n" + elementToString(unmarshall.getDOM()));
            }
            Response response = (Response) unmarshall;
            String value = response.getIssuer().getValue();
            logger.debug("Issuer is {}", value);
            if (this.singleSamlProcessor != null) {
                return this.singleSamlProcessor.processSAMLResponse(response);
            }
            SingleIdpSAMLProcessor singleIdpSAMLProcessor = this.samlProcessorsByIssuer.get(value);
            if (singleIdpSAMLProcessor == null) {
                throw new SAMLProcessorException("No SAMLProcessor configured for IdP " + value);
            }
            return singleIdpSAMLProcessor.processSAMLResponse(response);
        } catch (Exception e) {
            throw new SAMLProcessorException(e);
        }
    }

    public String generateMetadata(String str) throws SAMLProcessorException {
        XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
        EntityDescriptor entityDescriptor = (EntityDescriptor) builderFactory.getBuilder(EntityDescriptor.DEFAULT_ELEMENT_NAME).buildObject(EntityDescriptor.DEFAULT_ELEMENT_NAME);
        entityDescriptor.setEntityID(str);
        SPSSODescriptor sPSSODescriptor = (SPSSODescriptor) builderFactory.getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME).buildObject(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
        sPSSODescriptor.setWantAssertionsSigned((Boolean) true);
        AssertionConsumerService assertionConsumerService = (AssertionConsumerService) builderFactory.getBuilder(AssertionConsumerService.DEFAULT_ELEMENT_NAME).buildObject(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
        assertionConsumerService.setIndex(0);
        assertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
        assertionConsumerService.setLocation(str);
        sPSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService);
        NameIDFormat nameIDFormat = (NameIDFormat) builderFactory.getBuilder(NameIDFormat.DEFAULT_ELEMENT_NAME).buildObject(NameIDFormat.DEFAULT_ELEMENT_NAME);
        nameIDFormat.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
        sPSSODescriptor.getNameIDFormats().add(nameIDFormat);
        sPSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
        entityDescriptor.getRoleDescriptors().add(sPSSODescriptor);
        try {
            Document newDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
            Configuration.getMarshallerFactory().getMarshaller(entityDescriptor).marshall(entityDescriptor, newDocument);
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("indent", "yes");
            newTransformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2");
            StringWriter stringWriter = new StringWriter();
            newTransformer.transform(new DOMSource(newDocument), new StreamResult(stringWriter));
            stringWriter.close();
            String stringWriter2 = stringWriter.toString();
            logger.debug(stringWriter2);
            return stringWriter2;
        } catch (Exception e) {
            throw new SAMLProcessorException("Error generating Metadata", e);
        }
    }

    public static String elementToString(Element element) {
        try {
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("omit-xml-declaration", "yes");
            newTransformer.setOutputProperty("indent", "yes");
            newTransformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            newTransformer.transform(new DOMSource(element), new StreamResult(new OutputStreamWriter(byteArrayOutputStream, "utf-8")));
            return new String(byteArrayOutputStream.toString(Canonicalizer.ENCODING));
        } catch (UnsupportedEncodingException e) {
            logger.warn("Exception during logging XML", e);
            return "Creating String from Element failed: UnsupportedEncodingException: " + e.getMessage();
        } catch (TransformerException e2) {
            logger.warn("Exception during logging XML", e2);
            return "Creating String from Element failed: TransformerException: " + e2.getMessage();
        }
    }

    static {
        logger.debug("Bootstrapping OpenSAML");
        try {
            DefaultBootstrap.bootstrap();
        } catch (ConfigurationException e) {
            throw new RuntimeException("Bootstrapping OpenSAML failed", e);
        }
    }
}
