package net.shibboleth.idp.plugin.oidc.op.encoding.impl;

import com.nimbusds.oauth2.sdk.AuthorizationResponse;
import com.nimbusds.oauth2.sdk.Response;
import com.nimbusds.oauth2.sdk.ResponseMode;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.oauth2.sdk.http.ServletUtils;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.StringWriter;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletResponse;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.codec.HTMLEncoder;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.net.HttpServletSupport;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import org.opensaml.messaging.encoder.MessageEncodingException;
import org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/idp/plugin/oidc/op/encoding/impl/NimbusResponseEncoder.class */
public class NimbusResponseEncoder extends AbstractHttpServletResponseMessageEncoder {

    @NotEmpty
    @Nonnull
    public static final String DEFAULT_TEMPLATE_ID = "/templates/oidc-form-post.vm";

    @Nullable
    private VelocityEngine velocityEngine;

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(NimbusResponseEncoder.class);

    @Nonnull
    private final Logger protocolMessageLog = LoggerFactory.getLogger("PROTOCOL_MESSAGE.OAUTH2");

    @NotEmpty
    @Nonnull
    private String velocityTemplateId = DEFAULT_TEMPLATE_ID;

    public void setVelocityTemplateId(String str) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        Constraint.isNotEmpty(str, "Velocity template id must not not be null or empty");
        this.velocityTemplateId = str;
    }

    public void setVelocityEngine(VelocityEngine velocityEngine) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        this.velocityEngine = velocityEngine;
    }

    private boolean impliesFormPost(@Nullable Object obj) {
        return (obj instanceof AuthorizationResponse) && ResponseMode.FORM_POST.equals(((AuthorizationResponse) obj).getResponseMode());
    }

    private VelocityContext doPostEncode(@Nonnull AuthorizationResponse authorizationResponse) {
        VelocityContext velocityContext = new VelocityContext();
        for (Map.Entry entry : authorizationResponse.toParameters().entrySet()) {
            velocityContext.put((String) entry.getKey(), ((List) entry.getValue()).get(0));
        }
        velocityContext.put("action", HTMLEncoder.encodeForHTMLAttribute(authorizationResponse.getRedirectionURI().toString()));
        return velocityContext;
    }

    protected void doEncode() throws MessageEncodingException {
        if (!(getMessageContext().getMessage() instanceof Response)) {
            throw new MessageEncodingException("Incorrect message type");
        }
        if (this.protocolMessageLog.isDebugEnabled()) {
            String protocolMessage = ResponseUtil.getProtocolMessage((Response) getMessageContext().getMessage());
            if (protocolMessage == null) {
                this.log.warn("Protocol log message was null, nothing to log");
            } else {
                this.protocolMessageLog.debug(protocolMessage);
            }
        }
        try {
            HttpServletResponse httpServletResponse = getHttpServletResponse();
            if (!impliesFormPost(getMessageContext().getMessage())) {
                HTTPResponse hTTPResponse = ((Response) getMessageContext().getMessage()).toHTTPResponse();
                this.protocolMessageLog.trace("Outbound response {}", ResponseUtil.toString(hTTPResponse));
                ServletUtils.applyHTTPResponse(hTTPResponse, httpServletResponse);
            } else {
                if (this.velocityEngine == null) {
                    throw new MessageEncodingException("VelocityEngine must be supplied for form post response mode");
                }
                VelocityContext doPostEncode = doPostEncode((AuthorizationResponse) getMessageContext().getMessage());
                HttpServletSupport.addNoCacheHeaders(httpServletResponse);
                HttpServletSupport.setUTF8Encoding(httpServletResponse);
                HttpServletSupport.setContentType(httpServletResponse, "text/html");
                OutputStreamWriter outputStreamWriter = new OutputStreamWriter((OutputStream) httpServletResponse.getOutputStream(), "UTF-8");
                this.velocityEngine.mergeTemplate(this.velocityTemplateId, "UTF-8", doPostEncode, outputStreamWriter);
                outputStreamWriter.flush();
                outputStreamWriter.close();
                StringWriter stringWriter = new StringWriter();
                this.velocityEngine.mergeTemplate(this.velocityTemplateId, "UTF-8", doPostEncode, stringWriter);
                this.protocolMessageLog.trace("Outbound response {}", ResponseUtil.toString(httpServletResponse, stringWriter.toString()));
            }
        } catch (IOException e) {
            throw new MessageEncodingException("Problem encoding response", e);
        }
    }
}
