package org.n52.security.authentication.saml2.sp;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.n52.security.authentication.AuthenticationFailedException;
import org.n52.security.authentication.Credential;
import org.n52.security.authentication.saml2.SAML2AssertionCredential;
import org.n52.security.authentication.saml2.SAML2Binding;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Response;
import org.opensaml.ws.message.decoder.MessageDecodingException;
import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
import org.opensaml.xml.security.SecurityException;

/* loaded from: input_file:org/n52/security/authentication/saml2/sp/AssertionResponseBindingConsumer.class */
public abstract class AssertionResponseBindingConsumer {
    public ConsumptionContext consume(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AssertionConsumerException {
        try {
            BasicSAMLMessageContext decodeMessageContext = decodeMessageContext(createMessageContext(httpServletRequest));
            return new ConsumptionContext(decodeMessageContext, getCredential(decodeMessageContext), getRelayState(decodeMessageContext));
        } catch (SecurityException e) {
            throw new AssertionConsumerException((Throwable) e);
        } catch (MessageDecodingException e2) {
            throw new AssertionConsumerException((Throwable) e2);
        }
    }

    protected abstract SAML2Binding supportedBinding();

    protected abstract BasicSAMLMessageContext decodeMessageContext(BasicSAMLMessageContext basicSAMLMessageContext) throws MessageDecodingException, SecurityException;

    protected Credential getCredential(BasicSAMLMessageContext<Response, ?, ?> basicSAMLMessageContext) {
        List assertions = basicSAMLMessageContext.getInboundSAMLMessage().getAssertions();
        if (assertions.size() != 1) {
            throw new AuthenticationFailedException("Expected the SAMLResponse to contain exactly one assertion. Found " + assertions.size() + ".");
        }
        return new SAML2AssertionCredential((Assertion) assertions.get(0));
    }

    protected abstract String getRelayState(BasicSAMLMessageContext basicSAMLMessageContext);

    protected <T extends SAMLObject> BasicSAMLMessageContext<T, ?, ?> createMessageContext(HttpServletRequest httpServletRequest) {
        BasicSAMLMessageContext<T, ?, ?> basicSAMLMessageContext = new BasicSAMLMessageContext<>();
        basicSAMLMessageContext.setInboundMessageTransport(new HttpServletRequestAdapter(httpServletRequest));
        return basicSAMLMessageContext;
    }
}
