package net.shibboleth.idp.authn.proxy.impl;

import com.google.common.escape.Escaper;
import com.google.common.net.UrlEscapers;
import java.util.function.Function;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.ThreadSafe;
import javax.servlet.http.HttpServletRequest;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.profile.context.RelyingPartyContext;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.collection.Pair;
import net.shibboleth.utilities.java.support.component.AbstractInitializableComponent;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.opensaml.messaging.context.navigate.ChildContextLookup;
import org.opensaml.profile.context.ProfileRequestContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.execution.RequestContext;

@ThreadSafe
/* loaded from: input_file:WEB-INF/lib/idp-authn-impl-4.0.0.jar:net/shibboleth/idp/authn/proxy/impl/DiscoveryProfileRequestFunction.class */
public class DiscoveryProfileRequestFunction extends AbstractInitializableComponent implements Function<Pair<RequestContext, ProfileRequestContext>, String> {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) DiscoveryProfileRequestFunction.class);

    @Nonnull
    private Escaper escaper = UrlEscapers.urlFormParameterEscaper();

    @Nonnull
    private Function<ProfileRequestContext, RelyingPartyContext> relyingPartyContextLookupStrategy = new ChildContextLookup(RelyingPartyContext.class);

    @NonnullAfterInit
    private Function<ProfileRequestContext, String> discoveryURLLookupStrategy;

    public void setRelyingPartyContextLookupStrategy(@Nonnull Function<ProfileRequestContext, RelyingPartyContext> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.relyingPartyContextLookupStrategy = (Function) Constraint.isNotNull(function, "RelyingPartyContext lookup strategy cannot be null");
    }

    public void setDiscoveryURLLookupStrategy(@Nonnull Function<ProfileRequestContext, String> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.discoveryURLLookupStrategy = (Function) Constraint.isNotNull(function, "Discovery URL lookup strategy cannot be null");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.discoveryURLLookupStrategy == null) {
            throw new ComponentInitializationException("Discovery URL lookup strategy cannot be null");
        }
    }

    @Override // java.util.function.Function
    @Nullable
    public String apply(@Nonnull Pair<RequestContext, ProfileRequestContext> pair) {
        RelyingPartyContext apply = this.relyingPartyContextLookupStrategy.apply(pair.getSecond());
        Constraint.isNotNull(apply, "RelyingPartyContext cannot be null");
        Constraint.isNotNull(apply.getConfiguration(), "RelyingPartyConfiguration cannot be null");
        String apply2 = this.discoveryURLLookupStrategy.apply(pair.getSecond());
        Constraint.isNotEmpty(apply2, "Discovery URL cannot be null or empty");
        String responderId = apply.getConfiguration().getResponderId(pair.getSecond());
        StringBuilder sb = new StringBuilder(apply2);
        sb.append(apply2.contains("?") ? '&' : '?').append("entityID=").append(this.escaper.escape(responderId));
        AuthenticationContext authenticationContext = (AuthenticationContext) pair.getSecond().getSubcontext(AuthenticationContext.class);
        if (authenticationContext != null && authenticationContext.isPassive()) {
            sb.append("&isPassive=true");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) pair.getFirst().getExternalContext().getNativeRequest();
        StringBuilder sb2 = new StringBuilder(httpServletRequest.getScheme());
        sb2.append("://").append(httpServletRequest.getServerName());
        int serverPort = httpServletRequest.getServerPort();
        if (serverPort != (httpServletRequest.isSecure() ? 443 : 80)) {
            sb2.append(':').append(serverPort);
        }
        sb2.append(pair.getFirst().getFlowExecutionUrl()).append("&_eventId_proceed=1");
        sb.append("&return=").append(this.escaper.escape(sb2.toString()));
        return sb.toString();
    }
}
