package org.overlord.sramp.ui.server.api;

import com.google.common.net.HttpHeaders;
import org.apache.http.HttpRequest;
import org.overlord.commons.auth.util.SAMLAssertionUtil;
import org.overlord.commons.auth.util.SAMLBearerTokenUtil;
import org.overlord.sramp.client.auth.AuthenticationProvider;
import org.overlord.sramp.ui.server.SrampUIConfig;

/* loaded from: input_file:WEB-INF/classes/org/overlord/sramp/ui/server/api/SAMLBearerTokenAuthenticationProvider.class */
public class SAMLBearerTokenAuthenticationProvider implements AuthenticationProvider {
    @Override // org.overlord.sramp.client.auth.AuthenticationProvider
    public void provideAuthentication(HttpRequest httpRequest) {
        httpRequest.setHeader(HttpHeaders.AUTHORIZATION, org.overlord.sramp.client.auth.BasicAuthenticationProvider.createBasicAuthHeader("SAML-BEARER-TOKEN", createSAMLBearerTokenAssertion()));
    }

    private static String createSAMLBearerTokenAssertion() {
        String createSAMLAssertion = SAMLAssertionUtil.createSAMLAssertion(SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_ISSUER), SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_SERVICE));
        if ("true".equals(SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_SIGN_ASSERTIONS))) {
            String string = SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_KEYSTORE);
            String string2 = SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_KEYSTORE_PASSWORD);
            try {
                createSAMLAssertion = SAMLBearerTokenUtil.signSAMLAssertion(createSAMLAssertion, SAMLBearerTokenUtil.getKeyPair(SAMLBearerTokenUtil.loadKeystore(string, string2), SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_KEY_ALIAS), SrampUIConfig.config.getString(SrampUIConfig.SRAMP_API_SAML_AUTH_KEY_PASSWORD)));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return createSAMLAssertion;
    }
}
