package org.picketlink.identity.federation.web.filters;

import java.io.IOException;
import java.security.Principal;
import java.security.PublicKey;
import java.util.List;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.locks.Lock;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.exceptions.ConfigurationException;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.config.federation.IDPType;
import org.picketlink.config.federation.PicketLinkType;
import org.picketlink.config.federation.handler.Handlers;
import org.picketlink.identity.federation.core.audit.PicketLinkAuditHelper;
import org.picketlink.identity.federation.core.impl.DelegatedAttributeManager;
import org.picketlink.identity.federation.core.interfaces.RoleGenerator;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;
import org.picketlink.identity.federation.core.saml.v2.interfaces.SAML2HandlerChain;
import org.picketlink.identity.federation.saml.v1.assertion.SAML11AttributeStatementType;
import org.picketlink.identity.federation.saml.v2.metadata.SPSSODescriptorType;
import org.picketlink.identity.federation.saml.v2.protocol.RequestAbstractType;
import org.picketlink.identity.federation.web.util.IDPWebRequestUtil;
import org.picketlink.identity.federation.web.util.SAMLConfigurationProvider;

/* loaded from: input_file:eap7/api-jars/picketlink-federation-2.5.5.SP1.jar:org/picketlink/identity/federation/web/filters/IDPFilter.class */
public class IDPFilter implements Filter {
    private static final PicketLinkLogger logger = null;
    public static final String SESSION_PARAM_USER_PRINCIPAL = "org.picketlink.federation.saml.idp.USER_PRINCIPAL";
    protected ServletContext servletContext;
    protected boolean enableAudit;
    protected PicketLinkAuditHelper auditHelper;
    protected IDPType idpConfiguration;
    private final IDPType originalConfiguration;
    protected PicketLinkType picketLinkConfiguration;
    private RoleGenerator roleGenerator;
    private TrustKeyManager keyManager;
    private transient DelegatedAttributeManager attribManager;
    private final List<String> attributeKeys;
    private transient SAML2HandlerChain chain;
    protected SAMLConfigurationProvider configProvider;
    protected int timerInterval;
    protected Timer timer;
    protected String authMethod;
    private String configFile;
    private final Lock chainLock;
    private Map<String, SPSSODescriptorType> spSSOMetadataMap;
    private Handlers handlers;
    private String characterEncoding;
    private boolean passUserPrincipalToAttributeManager;

    /* renamed from: org.picketlink.identity.federation.web.filters.IDPFilter$1, reason: invalid class name */
    /* loaded from: input_file:eap7/api-jars/picketlink-federation-2.5.5.SP1.jar:org/picketlink/identity/federation/web/filters/IDPFilter$1.class */
    class AnonymousClass1 extends TimerTask {
        final /* synthetic */ IDPFilter this$0;

        AnonymousClass1(IDPFilter iDPFilter);

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run();
    }

    /* renamed from: org.picketlink.identity.federation.web.filters.IDPFilter$2, reason: invalid class name */
    /* loaded from: input_file:eap7/api-jars/picketlink-federation-2.5.5.SP1.jar:org/picketlink/identity/federation/web/filters/IDPFilter$2.class */
    class AnonymousClass2 extends HttpServletRequestWrapper {
        final /* synthetic */ String val$samlRequest;
        final /* synthetic */ IDPFilter this$0;

        AnonymousClass2(IDPFilter iDPFilter, HttpServletRequest httpServletRequest, String str);

        @Override // javax.servlet.ServletRequestWrapper, javax.servlet.ServletRequest
        public String getParameter(String str);
    }

    public IDPFilter();

    public IDPFilter(IDPType iDPType);

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException;

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException;

    private void configureUserSessionIfNecessary(HttpServletRequest httpServletRequest);

    @Override // javax.servlet.Filter
    public void destroy();

    private void handleSAMLMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException;

    private void forwardHosted(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    private void handleUnauthorizedResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException;

    private boolean isUnauthorized(HttpServletResponse httpServletResponse);

    protected void processSAMLRequestMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RequestAbstractType requestAbstractType, boolean z) throws IOException;

    private PublicKey getIssuerPublicKey(HttpServletRequest httpServletRequest, String str) throws ConfigurationException, ProcessingException;

    protected void processSAMLResponseMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected void cleanUpSessionNote(HttpServletRequest httpServletRequest);

    protected void sendErrorResponseToSP(String str, HttpServletResponse httpServletResponse, String str2, IDPWebRequestUtil iDPWebRequestUtil) throws ServletException, IOException, ConfigurationException;

    protected void initIdentityServer();

    protected void initHandlersChain();

    protected void initKeyManager();

    protected void initIDPConfiguration(PicketLinkType picketLinkType);

    protected void initSTSConfiguration();

    protected String getIdentityURL();

    protected String determineLoginType(boolean z);

    protected void startPicketLink();

    private SAML11AttributeStatementType createAttributeStatement(List<String> list);

    private Boolean willIgnoreSignatureOfCurrentRequest(String str);

    private void initHostedURI();

    protected PicketLinkType getConfiguration();

    private void configureAuditHelper() throws ServletException;

    private void configureConfigurationProvider() throws ServletException;

    private HttpServletRequestWrapper prepareLocalGlobalLogoutRequest(HttpServletRequest httpServletRequest, Principal principal);

    private boolean isGlobalLogout(HttpServletRequest httpServletRequest);

    public SAMLConfigurationProvider getConfigProvider();

    private boolean isUnsolicitedResponse(HttpServletRequest httpServletRequest);

    private void handleSAML2UnsolicitedResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException;

    protected void handleSAML11UnsolicitedResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    private boolean isUserAuthenticated(HttpSession httpSession);
}
