package org.jboss.seam.security.external.saml.idp;

import java.io.Reader;
import java.io.Writer;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.enterprise.inject.Instance;
import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi;
import org.jboss.seam.security.external.SamlNameIdImpl;
import org.jboss.seam.security.external.SamlPrincipalImpl;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.jaxb.samlv2.assertion.AttributeType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.EntityDescriptorType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.IDPSSODescriptorType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.IndexedEndpointType;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.ObjectFactory;
import org.jboss.seam.security.external.jaxb.samlv2.metadata.SPSSODescriptorType;
import org.jboss.seam.security.external.saml.SamlConstants;
import org.jboss.seam.security.external.saml.SamlDialogue;
import org.jboss.seam.security.external.saml.SamlEntityBean;
import org.jboss.seam.security.external.saml.SamlExternalEntity;
import org.jboss.seam.security.external.saml.SamlIdpOrSp;
import org.jboss.seam.security.external.saml.SamlServiceType;
import org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi;
import org.jboss.seam.security.external.saml.api.SamlIdpSession;
import org.jboss.seam.security.external.saml.api.SamlNameId;

@Typed({SamlIdpBean.class})
/* loaded from: input_file:WEB-INF/lib/seam-security-external-3.0.0.CR3.jar:org/jboss/seam/security/external/saml/idp/SamlIdpBean.class */
public class SamlIdpBean extends SamlEntityBean implements SamlMultiUserIdentityProviderApi, SamlIdentityProviderConfigurationApi {

    @Inject
    private SamlIdpSingleSignOnService samlIdpSingleSignOnService;

    @Inject
    private SamlIdpSingleLogoutService samlIdpSingleSignLogoutService;

    @Inject
    private SamlIdpSessions samlIdpSessions;
    private List<SamlExternalServiceProvider> serviceProviders = new LinkedList();
    private boolean wantAuthnRequestsSigned = false;

    @Inject
    private Instance<SamlDialogue> samlDialogue;

    @Override // org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi
    public List<SamlExternalServiceProvider> getServiceProviders() {
        return this.serviceProviders;
    }

    public SamlExternalServiceProvider addExternalServiceProvider(String str, SPSSODescriptorType sPSSODescriptorType) {
        SamlExternalServiceProvider samlExternalServiceProvider = new SamlExternalServiceProvider(str, sPSSODescriptorType);
        this.serviceProviders.add(samlExternalServiceProvider);
        return samlExternalServiceProvider;
    }

    @Override // org.jboss.seam.security.external.saml.SamlEntityBean, org.jboss.seam.security.external.saml.api.SamlEntityConfigurationApi
    public SamlExternalServiceProvider addExternalSamlEntity(Reader reader) {
        EntityDescriptorType readEntityDescriptor = readEntityDescriptor(reader);
        return addExternalServiceProvider(readEntityDescriptor.getEntityID(), (SPSSODescriptorType) readEntityDescriptor.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor().get(0));
    }

    @Override // org.jboss.seam.security.external.saml.SamlEntityBean, org.jboss.seam.security.external.saml.api.SamlEntityConfigurationApi
    public List<SamlExternalEntity> getExternalSamlEntities() {
        LinkedList linkedList = new LinkedList();
        Iterator<SamlExternalServiceProvider> it = this.serviceProviders.iterator();
        while (it.hasNext()) {
            linkedList.add(it.next());
        }
        return linkedList;
    }

    @Override // org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi
    public boolean isWantAuthnRequestsSigned() {
        return this.wantAuthnRequestsSigned;
    }

    @Override // org.jboss.seam.security.external.saml.api.SamlIdentityProviderConfigurationApi
    public void setWantAuthnRequestsSigned(boolean z) {
        this.wantAuthnRequestsSigned = z;
    }

    @Override // org.jboss.seam.security.external.saml.SamlEntityBean, org.jboss.seam.security.external.saml.api.SamlEntityConfigurationApi
    public SamlExternalServiceProvider getExternalSamlEntityByEntityId(String str) {
        for (SamlExternalServiceProvider samlExternalServiceProvider : this.serviceProviders) {
            if (samlExternalServiceProvider.getEntityId().equals(str)) {
                return samlExternalServiceProvider;
            }
        }
        return null;
    }

    @Override // org.jboss.seam.security.external.saml.SamlEntityBean
    public void writeMetaData(Writer writer) {
        try {
            ObjectFactory objectFactory = new ObjectFactory();
            IndexedEndpointType createIndexedEndpointType = objectFactory.createIndexedEndpointType();
            createIndexedEndpointType.setBinding(SamlConstants.HTTP_REDIRECT_BINDING);
            createIndexedEndpointType.setLocation(getServiceURL(SamlServiceType.SAML_SINGLE_SIGN_ON_SERVICE));
            IndexedEndpointType createIndexedEndpointType2 = objectFactory.createIndexedEndpointType();
            createIndexedEndpointType2.setBinding(SamlConstants.HTTP_POST_BINDING);
            createIndexedEndpointType2.setLocation(getServiceURL(SamlServiceType.SAML_SINGLE_SIGN_ON_SERVICE));
            IDPSSODescriptorType createIDPSSODescriptorType = objectFactory.createIDPSSODescriptorType();
            createIDPSSODescriptorType.getSingleSignOnService().add(createIndexedEndpointType);
            createIDPSSODescriptorType.getSingleSignOnService().add(createIndexedEndpointType2);
            addSloEndpointsToMetaData(createIDPSSODescriptorType);
            createIDPSSODescriptorType.setWantAuthnRequestsSigned(Boolean.valueOf(isWantAuthnRequestsSigned()));
            createIDPSSODescriptorType.getProtocolSupportEnumeration().add(SamlConstants.PROTOCOL_NSURI);
            addNameIDFormatsToMetaData(createIDPSSODescriptorType);
            addKeyDescriptorToMetaData(createIDPSSODescriptorType);
            EntityDescriptorType createEntityDescriptorType = objectFactory.createEntityDescriptorType();
            createEntityDescriptorType.setEntityID(getEntityId());
            createEntityDescriptorType.getRoleDescriptorOrIDPSSODescriptorOrSPSSODescriptor().add(createIDPSSODescriptorType);
            Marshaller createMarshaller = this.metaDataJaxbContext.createMarshaller();
            createMarshaller.setProperty("jaxb.encoding", "UTF-8");
            createMarshaller.setProperty("jaxb.formatted.output", Boolean.TRUE);
            createMarshaller.marshal(objectFactory.createEntityDescriptor(createEntityDescriptorType), writer);
        } catch (JAXBException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    @Dialogued(join = true)
    public void authenticationSucceeded(SamlIdpSession samlIdpSession, HttpServletResponse httpServletResponse) {
        samlIdpSession.getServiceProviders().add((SamlExternalServiceProvider) ((SamlDialogue) this.samlDialogue.get()).getExternalProvider());
        this.samlIdpSingleSignOnService.handleSucceededAuthentication(samlIdpSession, httpServletResponse);
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    @Dialogued(join = true)
    public void authenticationFailed(HttpServletResponse httpServletResponse) {
        this.samlIdpSingleSignOnService.handleFailedAuthentication(httpServletResponse);
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    public Set<SamlIdpSession> getSessions() {
        HashSet hashSet = new HashSet();
        hashSet.addAll(this.samlIdpSessions.getSessions());
        return hashSet;
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    public SamlIdpSession localLogin(SamlNameId samlNameId, List<AttributeType> list) {
        return createSession(samlNameId, list);
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    public SamlNameId createNameId(String str, String str2, String str3) {
        return new SamlNameIdImpl(str, str2, str3);
    }

    private SamlIdpSession createSession(SamlNameId samlNameId, List<AttributeType> list) {
        SamlPrincipalImpl samlPrincipalImpl = new SamlPrincipalImpl();
        samlPrincipalImpl.setNameId(samlNameId);
        if (list != null) {
            samlPrincipalImpl.setAttributes(list);
        } else {
            samlPrincipalImpl.setAttributes(new LinkedList());
        }
        return this.samlIdpSessions.addSession(samlPrincipalImpl);
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    @Dialogued(join = true)
    public void remoteLogin(String str, SamlIdpSession samlIdpSession, String str2, HttpServletResponse httpServletResponse) {
        Iterator<SamlExternalServiceProvider> it = samlIdpSession.getServiceProviders().iterator();
        while (it.hasNext()) {
            if (it.next().getEntityId().equals(str)) {
                throw new RuntimeException("Service provider " + str + " is already a session participant.");
            }
        }
        samlIdpSession.getServiceProviders().add(getExternalSamlEntityByEntityId(str));
        this.samlIdpSingleSignOnService.remoteLogin(str, samlIdpSession, str2, httpServletResponse);
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    public void localLogout(SamlIdpSession samlIdpSession) {
        this.samlIdpSessions.removeSession((SamlIdpSessionImpl) samlIdpSession);
    }

    @Override // org.jboss.seam.security.external.SamlMultiUserIdentityProviderApi
    @Dialogued(join = true)
    public void globalLogout(SamlIdpSession samlIdpSession, HttpServletResponse httpServletResponse) {
        this.samlIdpSingleSignLogoutService.handleIDPInitiatedSingleLogout(samlIdpSession.getPrincipal(), Arrays.asList(((SamlIdpSessionImpl) samlIdpSession).getSessionIndex()), httpServletResponse);
    }

    @Override // org.jboss.seam.security.external.saml.SamlEntityBean
    public SamlIdpOrSp getIdpOrSp() {
        return SamlIdpOrSp.IDP;
    }
}
