package org.keycloak.adapters.saml.undertow;

import io.undertow.security.api.SecurityContext;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.handlers.ServletRequestContext;
import io.undertow.util.Headers;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.util.Map;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.jboss.logging.Logger;
import org.keycloak.adapters.saml.SamlDeployment;
import org.keycloak.adapters.saml.SamlDeploymentContext;
import org.keycloak.adapters.saml.SamlSessionStore;
import org.keycloak.adapters.spi.HttpFacade;
import org.keycloak.adapters.spi.InMemorySessionIdMapper;
import org.keycloak.adapters.spi.SessionIdMapper;
import org.keycloak.adapters.spi.SessionIdMapperUpdater;
import org.keycloak.adapters.undertow.ServletHttpFacade;
import org.keycloak.adapters.undertow.UndertowHttpFacade;
import org.keycloak.adapters.undertow.UndertowUserSessionManagement;

/* loaded from: input_file:org/keycloak/adapters/saml/undertow/ServletSamlAuthMech.class */
public class ServletSamlAuthMech extends AbstractSamlAuthMech {
    private static final Logger LOG = Logger.getLogger(ServletSamlAuthMech.class);
    protected SessionIdMapper idMapper;
    protected SessionIdMapperUpdater idMapperUpdater;

    public ServletSamlAuthMech(SamlDeploymentContext samlDeploymentContext, UndertowUserSessionManagement undertowUserSessionManagement, String str) {
        super(samlDeploymentContext, undertowUserSessionManagement, str);
        this.idMapper = new InMemorySessionIdMapper();
        this.idMapperUpdater = SessionIdMapperUpdater.DIRECT;
    }

    public void addTokenStoreUpdaters(DeploymentInfo deploymentInfo) {
        deploymentInfo.addSessionListener(new IdMapperUpdaterSessionListener(this.idMapper));
        SessionIdMapperUpdater sessionIdMapperUpdater = SessionIdMapperUpdater.EXTERNAL;
        try {
            Map initParameters = deploymentInfo.getInitParameters();
            String str = initParameters == null ? null : (String) initParameters.get("keycloak.sessionIdMapperUpdater.classes");
            if (str == null) {
                setIdMapperUpdater(sessionIdMapperUpdater);
                return;
            }
            for (String str2 : str.split("\\s*,\\s*")) {
                if (!str2.isEmpty()) {
                    sessionIdMapperUpdater = invokeAddTokenStoreUpdaterMethod(str2, deploymentInfo, sessionIdMapperUpdater);
                }
            }
        } finally {
            setIdMapperUpdater(sessionIdMapperUpdater);
        }
    }

    private SessionIdMapperUpdater invokeAddTokenStoreUpdaterMethod(String str, DeploymentInfo deploymentInfo, SessionIdMapperUpdater sessionIdMapperUpdater) {
        try {
            Method method = deploymentInfo.getClassLoader().loadClass(str).getMethod("addTokenStoreUpdaters", DeploymentInfo.class, SessionIdMapper.class, SessionIdMapperUpdater.class);
            if (Modifier.isStatic(method.getModifiers()) && Modifier.isPublic(method.getModifiers()) && SessionIdMapperUpdater.class.isAssignableFrom(method.getReturnType())) {
                LOG.debugv("Initializing sessionIdMapperUpdater class {0}", str);
                return (SessionIdMapperUpdater) method.invoke(null, deploymentInfo, this.idMapper, sessionIdMapperUpdater);
            }
            LOG.errorv("addTokenStoreUpdaters method in class {0} has to be public static. Ignoring class.", str);
            return sessionIdMapperUpdater;
        } catch (ClassNotFoundException | NoSuchMethodException | SecurityException e) {
            LOG.warnv(e, "Cannot use sessionIdMapperUpdater class {0}", str);
            return sessionIdMapperUpdater;
        } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e2) {
            LOG.warnv(e2, "Cannot use {0}.addTokenStoreUpdaters(DeploymentInfo, SessionIdMapper) method", str);
            return sessionIdMapperUpdater;
        }
    }

    @Override // org.keycloak.adapters.saml.undertow.AbstractSamlAuthMech
    protected SamlSessionStore getTokenStore(HttpServerExchange httpServerExchange, HttpFacade httpFacade, SamlDeployment samlDeployment, SecurityContext securityContext) {
        return new ServletSamlSessionStore(httpServerExchange, this.sessionManagement, securityContext, this.idMapper, this.idMapperUpdater, samlDeployment);
    }

    @Override // org.keycloak.adapters.saml.undertow.AbstractSamlAuthMech
    protected UndertowHttpFacade createFacade(HttpServerExchange httpServerExchange) {
        return new ServletHttpFacade(httpServerExchange);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.keycloak.adapters.saml.undertow.AbstractSamlAuthMech
    public void redirectLogout(SamlDeployment samlDeployment, HttpServerExchange httpServerExchange) {
        httpServerExchange.getResponseHeaders().add(Headers.CACHE_CONTROL, "no-cache, no-store, must-revalidate");
        httpServerExchange.getResponseHeaders().add(Headers.PRAGMA, "no-cache");
        httpServerExchange.getResponseHeaders().add(Headers.EXPIRES, "0");
        super.redirectLogout(samlDeployment, httpServerExchange);
    }

    @Override // org.keycloak.adapters.saml.undertow.AbstractSamlAuthMech
    protected Integer servePage(HttpServerExchange httpServerExchange, String str) {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        ServletRequest servletRequest = servletRequestContext.getServletRequest();
        ServletResponse servletResponse = servletRequestContext.getServletResponse();
        RequestDispatcher requestDispatcher = servletRequest.getRequestDispatcher(str);
        httpServerExchange.getResponseHeaders().add(Headers.CACHE_CONTROL, "no-cache, no-store, must-revalidate");
        httpServerExchange.getResponseHeaders().add(Headers.PRAGMA, "no-cache");
        httpServerExchange.getResponseHeaders().add(Headers.EXPIRES, "0");
        try {
            requestDispatcher.forward(servletRequest, servletResponse);
            return null;
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (ServletException e2) {
            throw new RuntimeException((Throwable) e2);
        }
    }

    public SessionIdMapperUpdater getIdMapperUpdater() {
        return this.idMapperUpdater;
    }

    protected void setIdMapperUpdater(SessionIdMapperUpdater sessionIdMapperUpdater) {
        this.idMapperUpdater = sessionIdMapperUpdater;
    }
}
