package org.keycloak.testsuite.util.saml;

import java.net.URI;
import java.util.UUID;
import java.util.function.Supplier;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.impl.client.CloseableHttpClient;
import org.keycloak.common.util.Base64;
import org.keycloak.dom.saml.v2.protocol.AuthnRequestType;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.saml.common.exceptions.ConfigurationException;
import org.keycloak.saml.common.exceptions.ParsingException;
import org.keycloak.saml.common.exceptions.ProcessingException;
import org.keycloak.saml.common.util.DocumentUtil;
import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request;
import org.keycloak.testsuite.admin.Users;
import org.keycloak.testsuite.util.SamlClient;
import org.keycloak.testsuite.util.SamlClientBuilder;
import org.w3c.dom.Document;

/* loaded from: input_file:org/keycloak/testsuite/util/saml/CreateAuthnRequestStepBuilder.class */
public class CreateAuthnRequestStepBuilder extends SamlDocumentStepBuilder<AuthnRequestType, CreateAuthnRequestStepBuilder> {
    private final String issuer;
    private final URI authServerSamlUrl;
    private final SamlClient.Binding requestBinding;
    private final String assertionConsumerURL;
    private String signingPublicKeyPem;
    private String signingPrivateKeyPem;
    private String signingCertificate;
    private URI protocolBinding;
    private String authorizationHeader;
    private final Document forceLoginRequestDocument;
    private Supplier<String> relayState;

    public CreateAuthnRequestStepBuilder(URI uri, String str, String str2, SamlClient.Binding binding, SamlClientBuilder samlClientBuilder) {
        super(samlClientBuilder);
        this.issuer = str;
        this.authServerSamlUrl = uri;
        this.requestBinding = binding;
        this.assertionConsumerURL = str2;
        this.forceLoginRequestDocument = null;
    }

    public CreateAuthnRequestStepBuilder(URI uri, Document document, SamlClient.Binding binding, SamlClientBuilder samlClientBuilder) {
        super(samlClientBuilder);
        this.forceLoginRequestDocument = document;
        this.authServerSamlUrl = uri;
        this.requestBinding = binding;
        this.issuer = null;
        this.assertionConsumerURL = null;
    }

    public CreateAuthnRequestStepBuilder relayState(Supplier<String> supplier) {
        this.relayState = supplier;
        return this;
    }

    public CreateAuthnRequestStepBuilder relayState(String str) {
        this.relayState = () -> {
            return str;
        };
        return this;
    }

    public CreateAuthnRequestStepBuilder setProtocolBinding(URI uri) {
        this.protocolBinding = uri;
        return this;
    }

    public URI getProtocolBinding() {
        return this.protocolBinding;
    }

    public CreateAuthnRequestStepBuilder signWith(String str, String str2) {
        return signWith(str, str2, null);
    }

    public CreateAuthnRequestStepBuilder signWith(String str, String str2, String str3) {
        this.signingPrivateKeyPem = str;
        this.signingPublicKeyPem = str2;
        this.signingCertificate = str3;
        return this;
    }

    public CreateAuthnRequestStepBuilder basicAuthentication(UserRepresentation userRepresentation) {
        this.authorizationHeader = "Basic " + Base64.encodeBytes((userRepresentation.getUsername() + ":" + Users.getPasswordOf(userRepresentation)).getBytes());
        return this;
    }

    @Override // org.keycloak.testsuite.util.SamlClient.Step
    public HttpUriRequest perform(CloseableHttpClient closeableHttpClient, URI uri, CloseableHttpResponse closeableHttpResponse, HttpClientContext httpClientContext) throws Exception {
        String transform = getTransformer().transform(DocumentUtil.getDocumentAsString(createLoginRequestDocument()));
        if (transform == null) {
            return null;
        }
        Document document = DocumentUtil.getDocument(transform);
        String str = this.relayState == null ? null : this.relayState.get();
        HttpUriRequest createSamlUnsignedRequest = this.signingPrivateKeyPem == null ? this.requestBinding.createSamlUnsignedRequest(this.authServerSamlUrl, str, document) : this.requestBinding.createSamlSignedRequest(this.authServerSamlUrl, str, document, this.signingPrivateKeyPem, this.signingPublicKeyPem, this.signingCertificate);
        if (this.authorizationHeader != null) {
            createSamlUnsignedRequest.addHeader("Authorization", this.authorizationHeader);
        }
        return createSamlUnsignedRequest;
    }

    protected Document createLoginRequestDocument() {
        if (this.forceLoginRequestDocument != null) {
            return this.forceLoginRequestDocument;
        }
        try {
            AuthnRequestType createAuthnRequestType = new SAML2Request().createAuthnRequestType(UUID.randomUUID().toString(), this.assertionConsumerURL, this.authServerSamlUrl.toString(), this.issuer, this.requestBinding.getBindingUri());
            if (this.protocolBinding != null) {
                createAuthnRequestType.setProtocolBinding(this.protocolBinding);
            }
            return SAML2Request.convert(createAuthnRequestType);
        } catch (ConfigurationException | ParsingException | ProcessingException e) {
            throw new RuntimeException((Throwable) e);
        }
    }
}
