package org.picketlink.identity.federation.bindings.wildfly.sp;

import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.Account;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.servlet.handlers.security.ServletFormAuthenticationMechanism;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.locks.Lock;
import javax.servlet.ServletContext;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.exceptions.ConfigurationException;
import org.picketlink.common.exceptions.ParsingException;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.config.federation.PicketLinkType;
import org.picketlink.config.federation.SPType;
import org.picketlink.identity.federation.core.audit.PicketLinkAuditEvent;
import org.picketlink.identity.federation.core.audit.PicketLinkAuditHelper;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain;
import org.picketlink.identity.federation.saml.v2.metadata.EntitiesDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.EntityDescriptorType;
import org.picketlink.identity.federation.saml.v2.metadata.IDPSSODescriptorType;
import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;
import org.w3c.dom.Document;

@WebListener
/* loaded from: input_file:eap7/api-jars/picketlink-wildfly8-2.5.5.SP1.jar:org/picketlink/identity/federation/bindings/wildfly/sp/SPFormAuthenticationMechanism.class */
public class SPFormAuthenticationMechanism extends ServletFormAuthenticationMechanism {
    private static final PicketLinkLogger logger = null;
    public static final String INITIAL_LOCATION_STORED = "org.picketlink.federation.saml.initial_location";
    protected transient String samlHandlerChainClass;
    protected final ServletContext servletContext;
    protected Map<String, Object> chainConfigOptions;
    protected SAMLConfigurationProvider configProvider;
    protected transient X509Certificate idpCertificate;
    protected int timerInterval;
    protected Timer timer;
    public static final String EMPTY_PASSWORD = "EMPTY_STR";
    protected boolean enableAudit;
    public static final String FORM_ACCOUNT_NOTE = "picketlink.form.account";
    public static final String FORM_REQUEST_NOTE = "picketlink.REQUEST";
    protected transient SAML2HandlerChain chain;
    protected SPType spConfiguration;
    protected PicketLinkType configuration;
    protected String serviceURL;
    protected String identityURL;
    protected String issuerID;
    protected String configFile;
    protected boolean saveRestoreRequest;
    protected Lock chainLock;
    protected String canonicalizationMethod;
    protected PicketLinkAuditHelper auditHelper;
    protected TrustKeyManager keyManager;
    private IDPSSODescriptorType idpMetadata;

    /* renamed from: org.picketlink.identity.federation.bindings.wildfly.sp.SPFormAuthenticationMechanism$1, reason: invalid class name */
    /* loaded from: input_file:eap7/api-jars/picketlink-wildfly8-2.5.5.SP1.jar:org/picketlink/identity/federation/bindings/wildfly/sp/SPFormAuthenticationMechanism$1.class */
    class AnonymousClass1 extends TimerTask {
        final /* synthetic */ SPFormAuthenticationMechanism this$0;

        AnonymousClass1(SPFormAuthenticationMechanism sPFormAuthenticationMechanism);

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run();
    }

    public SPFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, ServletContext servletContext, PicketLinkType picketLinkType, PicketLinkAuditHelper picketLinkAuditHelper);

    public SPFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, ServletContext servletContext, SAMLConfigurationProvider sAMLConfigurationProvider, PicketLinkAuditHelper picketLinkAuditHelper) throws ProcessingException;

    @Override // io.undertow.security.impl.FormAuthenticationMechanism, io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext);

    @Override // io.undertow.security.impl.FormAuthenticationMechanism, io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext);

    private AuthenticationMechanism.AuthenticationMechanismOutcome handleSAMLResponse(HttpServerExchange httpServerExchange, SecurityContext securityContext) throws IOException;

    private AuthenticationMechanism.ChallengeResult generalUserRequest(HttpServerExchange httpServerExchange, SecurityContext securityContext) throws IOException;

    protected boolean matchRequest(HttpServletRequest httpServletRequest);

    protected void register(SecurityContext securityContext, Account account);

    protected AuthenticationMechanism.AuthenticationMechanismOutcome localAuthentication(HttpServerExchange httpServerExchange, SecurityContext securityContext) throws IOException;

    private AuthenticationMechanism.AuthenticationMechanismOutcome handleSAMLRequest(HttpServerExchange httpServerExchange, SecurityContext securityContext) throws IOException;

    private AuthenticationMechanism.AuthenticationMechanismOutcome handleSAML2Response(HttpServerExchange httpServerExchange, SecurityContext securityContext) throws IOException;

    protected boolean isHttpPostBinding();

    protected boolean sessionIsValid(HttpSession httpSession);

    protected String savedRequestURL(HttpSession httpSession);

    protected void startPicketLink();

    protected void initKeyProvider(ServletContext servletContext);

    protected boolean doSupportSignature();

    protected void processConfiguration();

    private void reloadConfiguration();

    private void processIdPMetadata(SPType sPType);

    private IDPSSODescriptorType getIdpMetadataFromProvider(SPType sPType);

    protected IDPSSODescriptorType getIdpMetadataFromFile(SPType sPType);

    protected IDPSSODescriptorType handleMetadata(EntitiesDescriptorType entitiesDescriptorType);

    protected IDPSSODescriptorType getIDPSSODescriptor(EntitiesDescriptorType entitiesDescriptorType);

    protected IDPSSODescriptorType handleMetadata(EntityDescriptorType entityDescriptorType);

    protected void initializeHandlerChain() throws ConfigurationException, ProcessingException;

    protected void populateChainConfig() throws ConfigurationException, ProcessingException;

    private boolean isGlobalLogout(HttpServletRequest httpServletRequest);

    private String getSAMLVersion(HttpServletRequest httpServletRequest);

    private Document toSAMLResponseDocument(String str, boolean z) throws ParsingException;

    public AuthenticationMechanism.AuthenticationMechanismOutcome handleSAML11UnsolicitedResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SecurityContext securityContext);

    public void audit(PicketLinkAuditEvent picketLinkAuditEvent);

    private boolean isAjaxRequest(HttpServletRequest httpServletRequest);

    public String getIdentityURL();

    static /* synthetic */ void access$000(SPFormAuthenticationMechanism sPFormAuthenticationMechanism);
}
