package org.opensaml.saml.saml2.binding.encoding.impl;

import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.MalformedURLException;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletResponse;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.codec.HTMLEncoder;
import net.shibboleth.utilities.java.support.collection.Pair;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.net.URLBuilder;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.binding.SAMLBindingSupport;
import org.opensaml.saml.common.binding.artifact.SAMLArtifactMap;
import org.opensaml.saml.common.messaging.context.SAMLArtifactContext;
import org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext;
import org.opensaml.saml.common.messaging.context.SAMLSelfEntityContext;
import org.opensaml.saml.config.SAMLConfigurationSupport;
import org.opensaml.saml.saml2.binding.artifact.AbstractSAML2Artifact;
import org.opensaml.saml.saml2.binding.artifact.SAML2ArtifactBuilder;
import org.opensaml.saml.saml2.binding.artifact.SAML2ArtifactType0004;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opensaml/saml/saml2/binding/encoding/impl/HTTPArtifactEncoder.class */
public class HTTPArtifactEncoder extends BaseSAML2MessageEncoder {

    @NotEmpty
    @Nonnull
    public static final String DEFAULT_TEMPLATE_ID = "/templates/saml2-post-artifact-binding.vm";
    private boolean postEncoding;

    @Nullable
    private VelocityEngine velocityEngine;

    @NotEmpty
    @Nonnull
    private String velocityTemplateId;

    @NonnullAfterInit
    private SAMLArtifactMap artifactMap;

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(HTTPArtifactEncoder.class);

    @NotEmpty
    @Nonnull
    private byte[] defaultArtifactType = SAML2ArtifactType0004.TYPE_CODE;

    public HTTPArtifactEncoder() {
        setVelocityTemplateId(DEFAULT_TEMPLATE_ID);
    }

    public String getBindingURI() {
        return "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact";
    }

    public boolean isPostEncoding() {
        return this.postEncoding;
    }

    public void setPostEncoding(boolean z) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        this.postEncoding = z;
    }

    @Nullable
    public VelocityEngine getVelocityEngine() {
        return this.velocityEngine;
    }

    public void setVelocityEngine(@Nullable VelocityEngine velocityEngine) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        this.velocityEngine = velocityEngine;
    }

    @NotEmpty
    @Nonnull
    public String getVelocityTemplateId() {
        return this.velocityTemplateId;
    }

    public void setVelocityTemplateId(@NotEmpty @Nonnull String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        this.velocityTemplateId = (String) Constraint.isNotNull(StringSupport.trimOrNull(str), "Velocity template ID cannot be null or empty");
    }

    @NonnullAfterInit
    public SAMLArtifactMap getArtifactMap() {
        return this.artifactMap;
    }

    public void setArtifactMap(@Nonnull SAMLArtifactMap sAMLArtifactMap) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        this.artifactMap = (SAMLArtifactMap) Constraint.isNotNull(sAMLArtifactMap, "SAMLArtifactMap cannot be null");
    }

    protected void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.artifactMap == null) {
            throw new ComponentInitializationException("SAMLArtifactMap cannot be null");
        }
        if (isPostEncoding() && this.velocityEngine == null) {
            throw new ComponentInitializationException("VelocityEngine cannot be null when POST is used");
        }
    }

    protected void doDestroy() {
        this.velocityEngine = null;
        this.velocityTemplateId = null;
        this.artifactMap = null;
        super.doDestroy();
    }

    protected void doEncode() throws MessageEncodingException {
        HttpServletResponse httpServletResponse = getHttpServletResponse();
        if (httpServletResponse == null) {
            throw new MessageEncodingException("HttpServletResponse was null");
        }
        httpServletResponse.setCharacterEncoding("UTF-8");
        if (this.postEncoding) {
            postEncode();
        } else {
            getEncode();
        }
    }

    protected void postEncode() throws MessageEncodingException {
        this.log.debug("Performing HTTP POST SAML 2 artifact encoding");
        MessageContext messageContext = getMessageContext();
        this.log.debug("Creating velocity context");
        VelocityContext velocityContext = new VelocityContext();
        String uri = getEndpointURL(messageContext).toString();
        String encodeForHTMLAttribute = HTMLEncoder.encodeForHTMLAttribute(uri);
        this.log.debug("Setting action parameter to: '{}', encoded as '{}'", uri, encodeForHTMLAttribute);
        velocityContext.put("action", encodeForHTMLAttribute);
        velocityContext.put("SAMLArt", buildArtifact(messageContext).base64Encode());
        velocityContext.put("binding", getBindingURI());
        String relayState = SAMLBindingSupport.getRelayState(messageContext);
        if (SAMLBindingSupport.checkRelayState(relayState)) {
            String encodeForHTMLAttribute2 = HTMLEncoder.encodeForHTMLAttribute(relayState);
            this.log.debug("Setting RelayState parameter to: '{}', encoded as '{}'", relayState, encodeForHTMLAttribute2);
            velocityContext.put("RelayState", encodeForHTMLAttribute2);
        }
        try {
            this.log.debug("Invoking velocity template");
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(getHttpServletResponse().getOutputStream());
            this.velocityEngine.mergeTemplate(this.velocityTemplateId, "UTF-8", velocityContext, outputStreamWriter);
            outputStreamWriter.flush();
        } catch (Exception e) {
            this.log.error("Error invoking velocity template to create POST form", e);
            throw new MessageEncodingException("Error creating output document", e);
        }
    }

    protected void getEncode() throws MessageEncodingException {
        this.log.debug("Performing HTTP GET SAML 2 artifact encoding");
        MessageContext messageContext = getMessageContext();
        String uri = getEndpointURL(messageContext).toString();
        try {
            URLBuilder uRLBuilder = new URLBuilder(uri);
            List queryParams = uRLBuilder.getQueryParams();
            queryParams.clear();
            AbstractSAML2Artifact buildArtifact = buildArtifact(messageContext);
            if (buildArtifact == null) {
                this.log.error("Unable to build artifact for message to relying party");
                throw new MessageEncodingException("Unable to build artifact for message to relying party");
            }
            queryParams.add(new Pair("SAMLart", buildArtifact.base64Encode()));
            String relayState = SAMLBindingSupport.getRelayState(messageContext);
            if (SAMLBindingSupport.checkRelayState(relayState)) {
                queryParams.add(new Pair("RelayState", relayState));
            }
            try {
                getHttpServletResponse().sendRedirect(uRLBuilder.buildURL());
            } catch (IOException e) {
                throw new MessageEncodingException("Problem sending HTTP redirect", e);
            }
        } catch (MalformedURLException e2) {
            throw new MessageEncodingException("Endpoint URL " + uri + " is not a valid URL", e2);
        }
    }

    @Nonnull
    protected AbstractSAML2Artifact buildArtifact(@Nonnull MessageContext<SAMLObject> messageContext) throws MessageEncodingException {
        SAML2ArtifactBuilder artifactBuilder;
        String inboundMessageIssuer = getInboundMessageIssuer(messageContext);
        String outboundMessageIssuer = getOutboundMessageIssuer(messageContext);
        if (inboundMessageIssuer == null || outboundMessageIssuer == null) {
            throw new MessageEncodingException("Unable to obtain issuer or relying party for message encoding");
        }
        byte[] sAMLArtifactType = getSAMLArtifactType(messageContext);
        if (sAMLArtifactType != null) {
            artifactBuilder = SAMLConfigurationSupport.getSAML2ArtifactBuilderFactory().getArtifactBuilder(sAMLArtifactType);
        } else {
            artifactBuilder = SAMLConfigurationSupport.getSAML2ArtifactBuilderFactory().getArtifactBuilder(this.defaultArtifactType);
            storeSAMLArtifactType(messageContext, this.defaultArtifactType);
        }
        AbstractSAML2Artifact buildArtifact = artifactBuilder.buildArtifact(messageContext);
        if (buildArtifact == null) {
            this.log.error("Unable to build artifact for message to relying party");
            throw new MessageEncodingException("Unable to build artifact for message to relying party");
        }
        try {
            this.artifactMap.put(buildArtifact.base64Encode(), inboundMessageIssuer, outboundMessageIssuer, (SAMLObject) messageContext.getMessage());
            return buildArtifact;
        } catch (IOException e) {
            this.log.error("Unable to store message mapping for artifact", e);
            throw new MessageEncodingException("Unable to store message mapping for artifact", e);
        }
    }

    @Nullable
    private String getOutboundMessageIssuer(@Nonnull MessageContext<SAMLObject> messageContext) {
        SAMLSelfEntityContext subcontext = messageContext.getSubcontext(SAMLSelfEntityContext.class);
        if (subcontext == null) {
            return null;
        }
        return subcontext.getEntityId();
    }

    @Nullable
    private String getInboundMessageIssuer(@Nonnull MessageContext<SAMLObject> messageContext) {
        SAMLPeerEntityContext subcontext = messageContext.getSubcontext(SAMLPeerEntityContext.class);
        if (subcontext == null) {
            return null;
        }
        return subcontext.getEntityId();
    }

    private void storeSAMLArtifactType(@Nonnull MessageContext<SAMLObject> messageContext, @NotEmpty @Nonnull byte[] bArr) {
        messageContext.getSubcontext(SAMLArtifactContext.class, true).setArtifactType(bArr);
    }

    @Nullable
    private byte[] getSAMLArtifactType(@Nonnull MessageContext<SAMLObject> messageContext) {
        return messageContext.getSubcontext(SAMLArtifactContext.class, true).getArtifactType();
    }
}
