package org.overlord.gadgets.web.server.http.auth;

import com.google.gwt.dom.client.Element;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import com.google.inject.name.Named;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.overlord.commons.auth.util.SAMLAssertionUtil;
import org.overlord.commons.auth.util.SAMLBearerTokenUtil;

@Singleton
/* loaded from: input_file:WEB-INF/classes/org/overlord/gadgets/web/server/http/auth/SAMLBearerTokenAuthenticationProvider.class */
public class SAMLBearerTokenAuthenticationProvider implements AuthenticationProvider {
    private String issuer;
    private String service;
    private boolean signAssertions;
    private String keystorePath;
    private String keystorePassword;
    private String alias;
    private String aliasPassword;

    @Inject
    public SAMLBearerTokenAuthenticationProvider(@Named("gadget-server.config.auth.saml.issuer") String str, @Named("gadget-server.config.auth.saml.service") String str2, @Named("gadget-server.config.auth.saml.sign-assertions") String str3, @Named("gadget-server.config.auth.saml.keystore") String str4, @Named("gadget-server.config.auth.saml.keystore-password") String str5, @Named("gadget-server.config.auth.saml.key-alias") String str6, @Named("gadget-server.config.auth.saml.key-password") String str7) {
        this.issuer = str;
        this.service = str2;
        this.signAssertions = Element.DRAGGABLE_TRUE.equals(str3);
        this.keystorePath = str4;
        this.keystorePassword = str5;
        this.alias = str6;
        this.aliasPassword = str7;
    }

    @Override // org.overlord.gadgets.web.server.http.auth.AuthenticationProvider
    public void provideAuthentication(HttpRequest httpRequest) {
        httpRequest.setHeader("Authorization", BasicAuthenticationProvider.createBasicAuthHeader("SAML-BEARER-TOKEN", createSAMLBearerTokenAssertion()));
    }

    private String createSAMLBearerTokenAssertion() {
        String createSAMLAssertion = SAMLAssertionUtil.createSAMLAssertion(this.issuer, this.service);
        if (this.signAssertions) {
            try {
                createSAMLAssertion = SAMLBearerTokenUtil.signSAMLAssertion(createSAMLAssertion, SAMLBearerTokenUtil.getKeyPair(SAMLBearerTokenUtil.loadKeystore(this.keystorePath, this.keystorePassword), this.alias, this.aliasPassword));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        return createSAMLAssertion;
    }
}
