package org.springframework.security.saml2.provider.service.authentication;

import java.time.Clock;
import java.util.UUID;
import org.joda.time.DateTime;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.Issuer;
import org.springframework.util.Assert;

/* loaded from: input_file:org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationRequestFactory.class */
public class OpenSamlAuthenticationRequestFactory implements Saml2AuthenticationRequestFactory {
    private Clock clock = Clock.systemUTC();
    private final OpenSamlImplementation saml = OpenSamlImplementation.getInstance();

    @Override // org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory
    public String createAuthenticationRequest(Saml2AuthenticationRequest saml2AuthenticationRequest) {
        XMLObject xMLObject = (AuthnRequest) this.saml.buildSAMLObject(AuthnRequest.class);
        xMLObject.setID("ARQ" + UUID.randomUUID().toString().substring(1));
        xMLObject.setIssueInstant(new DateTime(this.clock.millis()));
        xMLObject.setForceAuthn(Boolean.FALSE);
        xMLObject.setIsPassive(Boolean.FALSE);
        xMLObject.setProtocolBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
        Issuer issuer = (Issuer) this.saml.buildSAMLObject(Issuer.class);
        issuer.setValue(saml2AuthenticationRequest.getIssuer());
        xMLObject.setIssuer(issuer);
        xMLObject.setDestination(saml2AuthenticationRequest.getDestination());
        xMLObject.setAssertionConsumerServiceURL(saml2AuthenticationRequest.getAssertionConsumerServiceUrl());
        return this.saml.toXml(xMLObject, saml2AuthenticationRequest.getCredentials(), saml2AuthenticationRequest.getIssuer());
    }

    public void setClock(Clock clock) {
        Assert.notNull(clock, "clock cannot be null");
        this.clock = clock;
    }
}
