package org.n52.security.authentication.saml2.sp;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.n52.security.authentication.saml2.SAML2Binding;
import org.opensaml.common.binding.SAMLMessageContext;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.ecp.RelayState;
import org.opensaml.saml2.ecp.Request;
import org.opensaml.ws.message.MessageContext;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.xml.XMLObject;

/* loaded from: input_file:org/n52/security/authentication/saml2/sp/AuthnRequestPAOSBindingHandler.class */
public class AuthnRequestPAOSBindingHandler extends AuthnRequestBindingHandler {
    private static final String PAOS_HEADER = "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'";
    private static final String SOAP_ACTOR_NEXT = "http://schemas.xmlsoap.org/soap/actor/next";
    private OpenSAML m_saml2Env;
    private ServiceProviderConfig m_spConfig;

    public AuthnRequestPAOSBindingHandler() {
    }

    public AuthnRequestPAOSBindingHandler(OpenSAML openSAML, ServiceProviderConfig serviceProviderConfig) {
        setSaml2Env(openSAML);
        setSpConfig(serviceProviderConfig);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.n52.security.authentication.saml2.sp.AuthnRequestBindingHandler
    public boolean canHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest.getHeader("Accept") == null || httpServletRequest.getHeader("PAOS") == null) {
            return false;
        }
        return httpServletRequest.getHeader("Accept").contains("application/vnd.paos+xml") && httpServletRequest.getHeader("PAOS").replaceAll(" ", "").equals(PAOS_HEADER);
    }

    @Override // org.n52.security.authentication.saml2.sp.AuthnRequestBindingHandler
    protected void encodeBinding(MessageContext messageContext) {
        XMLObject paosRequestSoapHeader = getPaosRequestSoapHeader();
        XMLObject ecpRequestSoapHeader = getEcpRequestSoapHeader();
        XMLObject ecpRelayStateSoapHeader = getEcpRelayStateSoapHeader(((SAMLMessageContext) messageContext).getRelayState());
        try {
            HeaderAwareHTTPSOAP11Encoder headerAwareHTTPSOAP11Encoder = new HeaderAwareHTTPSOAP11Encoder();
            headerAwareHTTPSOAP11Encoder.addHeader(paosRequestSoapHeader);
            headerAwareHTTPSOAP11Encoder.addHeader(ecpRequestSoapHeader);
            headerAwareHTTPSOAP11Encoder.addHeader(ecpRelayStateSoapHeader);
            headerAwareHTTPSOAP11Encoder.encode(messageContext);
        } catch (MessageEncodingException e) {
            throw new IllegalStateException((Throwable) e);
        }
    }

    private PaosRequest getPaosRequestSoapHeader() {
        return new PaosRequest(findAssertionConsumerService(getBinding()).getLocation(), "1234");
    }

    private RelayState getEcpRelayStateSoapHeader(String str) {
        RelayState buildObject = getSaml2Env().buildObject(RelayState.DEFAULT_ELEMENT_NAME);
        buildObject.setSOAP11MustUnderstand(Boolean.TRUE);
        buildObject.setSOAP11Actor(SOAP_ACTOR_NEXT);
        buildObject.setValue(str);
        return buildObject;
    }

    private Request getEcpRequestSoapHeader() {
        Request buildObject = getSaml2Env().buildObject(Request.DEFAULT_ELEMENT_NAME);
        buildObject.setSOAP11MustUnderstand(Boolean.TRUE);
        buildObject.setSOAP11Actor(SOAP_ACTOR_NEXT);
        Issuer buildObject2 = getSaml2Env().buildObject(Issuer.DEFAULT_ELEMENT_NAME);
        buildObject2.setValue(getSpConfig().getEntityId());
        buildObject.setIssuer(buildObject2);
        return buildObject;
    }

    @Override // org.n52.security.authentication.saml2.sp.AuthnRequestBindingHandler
    protected SAML2Binding getBinding() {
        return SAML2Binding.PAOS;
    }

    @Override // org.n52.security.authentication.saml2.sp.AuthnRequestBindingHandler
    public OpenSAML getSaml2Env() {
        return this.m_saml2Env;
    }

    @Override // org.n52.security.authentication.saml2.sp.AuthnRequestBindingHandler
    public ServiceProviderConfig getSpConfig() {
        return this.m_spConfig;
    }

    public void setSaml2Env(OpenSAML openSAML) {
        this.m_saml2Env = openSAML;
    }

    public void setSpConfig(ServiceProviderConfig serviceProviderConfig) {
        this.m_spConfig = serviceProviderConfig;
    }

    @Override // org.n52.security.authentication.saml2.sp.AuthnRequestBindingHandler
    public SAML2Binding getIdpRequestBinding() {
        return SAML2Binding.SOAP;
    }
}
