package org.pac4j.saml.context;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.util.List;
import javax.xml.namespace.QName;
import lombok.Generated;
import net.shibboleth.shared.resolver.CriteriaSet;
import net.shibboleth.shared.resolver.ResolverException;
import org.opensaml.core.criterion.EntityIdCriterion;
import org.opensaml.messaging.context.BaseContext;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.messaging.context.SAMLMetadataContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.messaging.context.SAMLSelfEntityContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
import org.opensaml.saml.saml2.metadata.RoleDescriptor;
import org.opensaml.saml.saml2.metadata.SPSSODescriptor;
import org.pac4j.core.context.CallContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.exceptions.SAMLException;
import org.pac4j.saml.metadata.SAML2MetadataResolver;
import org.pac4j.saml.store.SAMLMessageStoreFactory;
import org.pac4j.saml.transport.DefaultPac4jSAMLResponse;
import org.pac4j.saml.util.SAML2Utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/pac4j-saml-6.0.0-RC10-SNAPSHOT.jar:org/pac4j/saml/context/SAML2ContextProvider.class */
public class SAML2ContextProvider implements SAMLContextProvider {

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SAML2ContextProvider.class);
    private static final String SAML2_WEBSSO_PROFILE_URI = "urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser";
    protected final SAML2MetadataResolver idpEntityId;
    protected final SAML2MetadataResolver spEntityId;
    protected final SAMLMessageStoreFactory samlMessageStoreFactory;

    @Override // org.pac4j.saml.context.SAMLContextProvider
    public final SAML2MessageContext buildServiceProviderContext(CallContext callContext, SAML2Client sAML2Client) {
        SAML2MessageContext sAML2MessageContext = new SAML2MessageContext(callContext);
        sAML2MessageContext.setSaml2Configuration(sAML2Client.getConfiguration());
        addTransportContext(callContext.webContext(), callContext.sessionStore(), sAML2MessageContext);
        addSPContext(sAML2MessageContext);
        return sAML2MessageContext;
    }

    @Override // org.pac4j.saml.context.SAMLContextProvider
    public SAML2MessageContext buildContext(CallContext callContext, SAML2Client sAML2Client) {
        SAML2MessageContext buildServiceProviderContext = buildServiceProviderContext(callContext, sAML2Client);
        addIDPContext(buildServiceProviderContext);
        return buildServiceProviderContext;
    }

    protected final void addTransportContext(WebContext webContext, SessionStore sessionStore, SAML2MessageContext sAML2MessageContext) {
        sAML2MessageContext.getProfileRequestContext().setOutboundMessageContext(prepareOutboundMessageContext(webContext));
        sAML2MessageContext.getSAMLProtocolContext().setProtocol(SAMLConstants.SAML20P_NS);
        sAML2MessageContext.getProfileRequestContext().setProfileId(SAML2_WEBSSO_PROFILE_URI);
        if (this.samlMessageStoreFactory != null) {
            LOGGER.debug("Creating message store by {}", this.samlMessageStoreFactory.getClass().getName());
            sAML2MessageContext.setSamlMessageStore(this.samlMessageStoreFactory.getMessageStore(webContext, sessionStore));
        }
    }

    protected MessageContext prepareOutboundMessageContext(WebContext webContext) {
        DefaultPac4jSAMLResponse defaultPac4jSAMLResponse = new DefaultPac4jSAMLResponse(webContext);
        MessageContext messageContext = new MessageContext();
        messageContext.setMessage(defaultPac4jSAMLResponse);
        return messageContext;
    }

    protected final void addSPContext(SAML2MessageContext sAML2MessageContext) {
        SAMLSelfEntityContext sAMLSelfEntityContext = sAML2MessageContext.getSAMLSelfEntityContext();
        sAMLSelfEntityContext.setEntityId(this.spEntityId.getEntityId());
        sAMLSelfEntityContext.setRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
        addContext(this.spEntityId, sAMLSelfEntityContext, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
    }

    protected final void addIDPContext(SAML2MessageContext sAML2MessageContext) {
        SAMLPeerEntityContext sAMLPeerEntityContext = sAML2MessageContext.getSAMLPeerEntityContext();
        sAMLPeerEntityContext.setEntityId(this.idpEntityId.getEntityId());
        sAMLPeerEntityContext.setRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
        addContext(this.idpEntityId, sAMLPeerEntityContext, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
    }

    protected final void addContext(SAML2MetadataResolver sAML2MetadataResolver, BaseContext baseContext, QName qName) {
        try {
            CriteriaSet criteriaSet = new CriteriaSet();
            String entityId = sAML2MetadataResolver.getEntityId();
            criteriaSet.add(new EntityIdCriterion(entityId));
            EntityDescriptor resolveSingle = SAML2Utils.buildChainingMetadataResolver(this.idpEntityId, this.spEntityId).resolveSingle(criteriaSet);
            if (resolveSingle == null) {
                throw new SAMLException("Cannot find entity " + entityId + " in metadata provider");
            }
            List<RoleDescriptor> roleDescriptors = resolveSingle.getRoleDescriptors(qName, SAMLConstants.SAML20P_NS);
            RoleDescriptor roleDescriptor = CommonHelper.isNotEmpty(roleDescriptors) ? roleDescriptors.get(0) : null;
            if (roleDescriptor == null) {
                throw new SAMLException("Cannot find entity " + entityId + " or role " + qName + " in metadata provider");
            }
            SAMLMetadataContext sAMLMetadataContext = (SAMLMetadataContext) baseContext.getSubcontext(SAMLMetadataContext.class, true);
            sAMLMetadataContext.setEntityDescriptor(resolveSingle);
            sAMLMetadataContext.setRoleDescriptor(roleDescriptor);
        } catch (ResolverException e) {
            throw new SAMLException("An error occurred while getting IDP descriptors", e);
        }
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public SAML2ContextProvider(SAML2MetadataResolver sAML2MetadataResolver, SAML2MetadataResolver sAML2MetadataResolver2, SAMLMessageStoreFactory sAMLMessageStoreFactory) {
        this.idpEntityId = sAML2MetadataResolver;
        this.spEntityId = sAML2MetadataResolver2;
        this.samlMessageStoreFactory = sAMLMessageStoreFactory;
    }
}
