package org.keycloak.protocol.saml;

import java.net.URI;
import org.keycloak.protocol.saml.SAML2BindingBuilder;
import org.picketlink.common.exceptions.ConfigurationException;
import org.picketlink.common.exceptions.ParsingException;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.identity.federation.api.saml.v2.request.SAML2Request;
import org.picketlink.identity.federation.core.saml.v2.util.XMLTimeUtil;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.identity.federation.saml.v2.assertion.NameIDType;
import org.picketlink.identity.federation.saml.v2.protocol.LogoutRequestType;
import org.w3c.dom.Document;

/* loaded from: input_file:org/keycloak/protocol/saml/SAML2LogoutRequestBuilder.class */
public class SAML2LogoutRequestBuilder extends SAML2BindingBuilder<SAML2LogoutRequestBuilder> {
    protected String userPrincipal;
    protected String userPrincipalFormat;

    public SAML2LogoutRequestBuilder userPrincipal(String str, String str2) {
        this.userPrincipal = str;
        this.userPrincipalFormat = str2;
        return this;
    }

    public SAML2BindingBuilder<SAML2LogoutRequestBuilder>.RedirectBindingBuilder redirectBinding() throws ConfigurationException, ProcessingException, ParsingException {
        return new SAML2BindingBuilder.RedirectBindingBuilder(buildDocument());
    }

    public SAML2BindingBuilder<SAML2LogoutRequestBuilder>.PostBindingBuilder postBinding() throws ConfigurationException, ProcessingException, ParsingException {
        return new SAML2BindingBuilder.PostBindingBuilder(buildDocument());
    }

    public Document buildDocument() throws ProcessingException, ConfigurationException, ParsingException {
        Document convert = new SAML2Request().convert(createLogoutRequest());
        if (this.encrypt) {
            encryptDocument(convert);
        }
        return convert;
    }

    private LogoutRequestType createLogoutRequest() throws ConfigurationException {
        LogoutRequestType createLogoutRequest = new SAML2Request().createLogoutRequest(this.responseIssuer);
        NameIDType nameIDType = new NameIDType();
        nameIDType.setValue(this.userPrincipal);
        nameIDType.setFormat(URI.create(this.userPrincipalFormat));
        createLogoutRequest.setNameID(nameIDType);
        createLogoutRequest.setNotOnOrAfter(XMLTimeUtil.add(createLogoutRequest.getIssueInstant(), PicketLinkCoreSTS.instance().getConfiguration().getIssuedTokenTimeout()));
        createLogoutRequest.setDestination(URI.create(this.destination));
        return createLogoutRequest;
    }
}
