package org.n52.security.apps.wscweb.struts;

import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.n52.security.authentication.UsernamePasswordCredential;
import org.n52.security.precondition.PreconditionHandlingException;
import org.n52.security.service.samlecp.client.FederationMetadata;
import org.n52.security.service.samlecp.client.IdpSelectionPrecondition;
import org.n52.security.service.samlecp.client.SAML2ECPSecurityClient;
import org.n52.security.service.samlecp.client.SAML2IdPConnector;
import org.n52.security.service.samlecp.client.SAML2IdPMetadata;
import org.n52.security.service.samlecp.client.SAML2ResponseMessage;

/* loaded from: input_file:org/n52/security/apps/wscweb/struts/SAML2ResponseSOAPMessagePreconditionAction.class */
public class SAML2ResponseSOAPMessagePreconditionAction extends FacadeCreationAction {
    private static final String BINDING_SOAP = "urn:oasis:names:tc:SAML:2.0:bindings:SOAP";

    @Override // org.n52.security.apps.wscweb.struts.FacadeCreationAction
    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        UsernamePasswordCredential credential = lookupIdentifyPrecondition(httpServletRequest).getCredential();
        SAML2IdPConnector sAML2IdPConnector = new SAML2IdPConnector(getSsoServiceUrl(httpServletRequest));
        SAML2ECPSecurityClient ecpSecurityClient = getEcpSecurityClient(httpServletRequest);
        SAML2ResponseMessage requestAssertion = sAML2IdPConnector.requestAssertion(credential, ecpSecurityClient.getPaosResponse());
        ecpSecurityClient.sendSamlResponseToAssertionConsumer(requestAssertion);
        lookupSAML2ResponsePrecondition(httpServletRequest).setSaml2ResponseMessage(requestAssertion);
        return actionMapping.findForward(FacadeAction.PRECONDITION_CONTROL_FORWARD);
    }

    private URL getSsoServiceUrl(HttpServletRequest httpServletRequest) throws PreconditionHandlingException {
        IdpSelectionPrecondition lookupIdpSelectionPrecondition = lookupIdpSelectionPrecondition(httpServletRequest);
        FederationMetadata federationMetadata = lookupIdpSelectionPrecondition.getFederationMetadata();
        String idpEntityId = lookupIdpSelectionPrecondition.getIdpEntityId();
        for (SAML2IdPMetadata sAML2IdPMetadata : federationMetadata.getIdPMetadataFor(BINDING_SOAP)) {
            if (sAML2IdPMetadata.getOrganisationDisplayName().equals(idpEntityId)) {
                return sAML2IdPMetadata.getSSOServiceFor(BINDING_SOAP);
            }
        }
        throw new PreconditionHandlingException("No SSO Service URL could be found!");
    }

    private SAML2ECPSecurityClient getEcpSecurityClient(HttpServletRequest httpServletRequest) {
        return getFacadeCreator(httpServletRequest.getSession()).getFacadeProperties().getSecurityClient();
    }
}
