package net.shibboleth.idp.saml.profile.impl;

import jakarta.servlet.http.HttpServletRequest;
import java.util.function.Function;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.authn.AbstractAuthenticationAction;
import net.shibboleth.idp.authn.AuthenticationResult;
import net.shibboleth.idp.authn.AuthnEventIds;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.profile.config.navigate.IdentifierGenerationStrategyLookupFunction;
import net.shibboleth.profile.context.navigate.IssuerLookupFunction;
import net.shibboleth.shared.annotation.constraint.NonnullAfterInit;
import net.shibboleth.shared.annotation.constraint.NonnullBeforeExec;
import net.shibboleth.shared.component.ComponentInitializationException;
import net.shibboleth.shared.logic.Constraint;
import net.shibboleth.shared.primitive.LoggerFactory;
import net.shibboleth.shared.security.IdentifierGenerationStrategy;
import net.shibboleth.shared.servlet.HttpServletSupport;
import org.opensaml.profile.action.ActionSupport;
import org.opensaml.profile.action.EventIds;
import org.opensaml.profile.context.ProfileRequestContext;
import org.slf4j.Logger;

/* loaded from: input_file:WEB-INF/lib/idp-saml-impl-5.1.3.jar:net/shibboleth/idp/saml/profile/impl/BaseAddAuthenticationStatementToAssertion.class */
public abstract class BaseAddAuthenticationStatementToAssertion extends AbstractAuthenticationAction {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) BaseAddAuthenticationStatementToAssertion.class);
    private boolean statementInOwnAssertion = false;

    @Nonnull
    private Function<ProfileRequestContext, IdentifierGenerationStrategy> idGeneratorLookupStrategy = new IdentifierGenerationStrategyLookupFunction();

    @Nonnull
    private Function<ProfileRequestContext, String> issuerLookupStrategy = new IssuerLookupFunction();

    @NonnullAfterInit
    private Function<ProfileRequestContext, String> addressLookupStrategy;

    @NonnullBeforeExec
    private AuthenticationResult authenticationResult;

    @NonnullBeforeExec
    private IdentifierGenerationStrategy idGenerator;

    @NonnullBeforeExec
    private String issuerId;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:WEB-INF/lib/idp-saml-impl-5.1.3.jar:net/shibboleth/idp/saml/profile/impl/BaseAddAuthenticationStatementToAssertion$RemoteAddressStrategy.class */
    private class RemoteAddressStrategy implements Function<ProfileRequestContext, String> {
        private RemoteAddressStrategy() {
        }

        @Override // java.util.function.Function
        @Nullable
        public String apply(@Nullable ProfileRequestContext profileRequestContext) {
            HttpServletRequest httpServletRequest = BaseAddAuthenticationStatementToAssertion.this.getHttpServletRequest();
            if (httpServletRequest != null) {
                return HttpServletSupport.getRemoteAddr(httpServletRequest);
            }
            return null;
        }
    }

    public boolean isStatementInOwnAssertion() {
        return this.statementInOwnAssertion;
    }

    public void setStatementInOwnAssertion(boolean z) {
        checkSetterPreconditions();
        this.statementInOwnAssertion = z;
    }

    public void setIdentifierGeneratorLookupStrategy(@Nonnull Function<ProfileRequestContext, IdentifierGenerationStrategy> function) {
        checkSetterPreconditions();
        this.idGeneratorLookupStrategy = (Function) Constraint.isNotNull(function, "IdentifierGenerationStrategy lookup strategy cannot be null");
    }

    public void setIssuerLookupStrategy(@Nonnull Function<ProfileRequestContext, String> function) {
        checkSetterPreconditions();
        this.issuerLookupStrategy = (Function) Constraint.isNotNull(function, "Issuer lookup strategy cannot be null");
    }

    @NonnullAfterInit
    public Function<ProfileRequestContext, String> getAddressLookupStrategy() {
        return this.addressLookupStrategy;
    }

    public void setAddressLookupStrategy(@Nullable Function<ProfileRequestContext, String> function) {
        checkSetterPreconditions();
        this.addressLookupStrategy = function;
    }

    @Nonnull
    public AuthenticationResult getAuthenticationResult() {
        if ($assertionsDisabled || (isPreExecuteCalled() && this.authenticationResult != null)) {
            return this.authenticationResult;
        }
        throw new AssertionError();
    }

    @Nonnull
    public IdentifierGenerationStrategy getIdGenerator() {
        if ($assertionsDisabled || (isPreExecuteCalled() && this.idGenerator != null)) {
            return this.idGenerator;
        }
        throw new AssertionError();
    }

    @Nonnull
    public String getIssuerId() {
        if ($assertionsDisabled || (isPreExecuteCalled() && this.issuerId != null)) {
            return this.issuerId;
        }
        throw new AssertionError();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.shared.component.AbstractInitializableComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.addressLookupStrategy == null) {
            this.addressLookupStrategy = new RemoteAddressStrategy();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.idp.authn.AbstractAuthenticationAction
    public boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext, @Nonnull AuthenticationContext authenticationContext) {
        if (!super.doPreExecute(profileRequestContext, authenticationContext)) {
            return false;
        }
        this.log.debug("{} Attempting to add an AuthenticationStatement to outgoing Assertion", getLogPrefix());
        this.idGenerator = this.idGeneratorLookupStrategy.apply(profileRequestContext);
        if (this.idGenerator == null) {
            this.log.debug("{} No identifier generation strategy", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
            return false;
        }
        this.issuerId = this.issuerLookupStrategy.apply(profileRequestContext);
        if (this.issuerId == null) {
            this.log.debug("{} No assertion issuer value", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
            return false;
        }
        this.authenticationResult = authenticationContext.getAuthenticationResult();
        if (this.authenticationResult != null) {
            return true;
        }
        this.log.debug("{} No AuthenticationResult in current authentication context", getLogPrefix());
        ActionSupport.buildEvent(profileRequestContext, AuthnEventIds.INVALID_AUTHN_CTX);
        return false;
    }

    static {
        $assertionsDisabled = !BaseAddAuthenticationStatementToAssertion.class.desiredAssertionStatus();
    }
}
