package org.n52.security.service.authentication.servlet;

import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.authentication.AuthenticationException;
import org.n52.security.authentication.AuthenticationFailedException;
import org.n52.security.authentication.AuthenticationService;
import org.n52.security.authentication.SAMLCredential;
import org.n52.security.authentication.SAMLTicket;
import org.n52.security.authentication.callbacks.CredentialsCallbackHandler;
import org.n52.security.common.util.StringUtils;
import org.opensaml.SAMLException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/service/authentication/servlet/SAMLResponseAuthenticationProcessorFactory.class */
public class SAMLResponseAuthenticationProcessorFactory implements AuthenticationProcessorFactory {
    private static final Logger LOG = LoggerFactory.getLogger(SAMLResponseAuthenticationProcessorFactory.class);
    private static final String DEFAULT_PARAMETER_NAME = "SAMLResponse";
    private Set<String> m_parameterNames;

    public SAMLResponseAuthenticationProcessorFactory() {
        setTicketParameterName(DEFAULT_PARAMETER_NAME);
    }

    public String getTicketParameterName() {
        if (this.m_parameterNames.size() > 0) {
            return this.m_parameterNames.iterator().next();
        }
        return null;
    }

    public void setTicketParameterName(String str) {
        this.m_parameterNames = Collections.singleton(str);
    }

    public void setTicketParameterNames(Set<String> set) {
        this.m_parameterNames = new HashSet(set);
    }

    public Set<String> getTicketParameterNames() {
        return new HashSet(this.m_parameterNames);
    }

    public AuthenticationProcessor getProcessor() {
        final Set<String> ticketParameterNames = getTicketParameterNames();
        return new AuthenticationProcessor() { // from class: org.n52.security.service.authentication.servlet.SAMLResponseAuthenticationProcessorFactory.1
            public AuthenticationContext authenticate(ServletRequestResponseContext servletRequestResponseContext, AuthenticationService authenticationService) throws AuthenticationException {
                String findSAMLResponse = findSAMLResponse(servletRequestResponseContext.getRequest(), ticketParameterNames);
                if (findSAMLResponse == null || findSAMLResponse.length() == 0) {
                    if (SAMLResponseAuthenticationProcessorFactory.LOG.isInfoEnabled()) {
                        SAMLResponseAuthenticationProcessorFactory.LOG.info("no saml response parameter provided");
                    }
                    return authenticationService.createAuthenticationContext();
                }
                try {
                    return authenticationService.login(new CredentialsCallbackHandler().add(new SAMLCredential(new SAMLTicket(StringUtils.decodeBase64(findSAMLResponse)))));
                } catch (SAMLException e) {
                    throw new AuthenticationFailedException("can't parse saml response: " + e, e);
                }
            }

            private String findSAMLResponse(HttpServletRequest httpServletRequest, Set<String> set) {
                boolean z = "GET".equals(httpServletRequest.getMethod()) || httpServletRequest.getContentType().contains("x-www-form");
                for (String str : set) {
                    if (z) {
                        if (SAMLResponseAuthenticationProcessorFactory.LOG.isDebugEnabled()) {
                            SAMLResponseAuthenticationProcessorFactory.LOG.debug("check parameter <" + str + ">");
                        }
                        String parameter = httpServletRequest.getParameter(str);
                        if (parameter != null && parameter.length() > 0) {
                            return parameter;
                        }
                    }
                    if (SAMLResponseAuthenticationProcessorFactory.LOG.isDebugEnabled()) {
                        SAMLResponseAuthenticationProcessorFactory.LOG.debug("check header <" + str + ">");
                    }
                    String header = httpServletRequest.getHeader(str);
                    if (header != null && header.length() > 0) {
                        return header;
                    }
                }
                return null;
            }
        };
    }
}
