package org.asimba.util.saml2.nameid.handler;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.session.ISession;
import com.alfaariss.oa.api.user.IUser;
import com.alfaariss.oa.util.saml2.NameIDFormatter;
import java.util.Locale;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:org/asimba/util/saml2/nameid/handler/MSO365PersistentFormatHandler.class */
public class MSO365PersistentFormatHandler extends DefaultPersistentFormatHandler {
    public static final String EL_MSO365 = "mso365";
    public static final String ATTR_ENTITYID = "entityId";
    public static final String EL_IMMUTABLEID_ATTRIBUTE = "immutableid_attribute";
    public static final String EL_ATTR_MSO365_NAME = "name";
    public static final String EL_ATTR_MSO365_REMOVE = "removeAfterUse";
    public static final String EL_UID_ATTRIBUTE = "uid_attribute";
    public static final String EL_ATTR_UID_ATTR_NAME = "name";
    public static final String EL_ATTR_UIT_ATTR_REMOVE = "removeAfterUse";
    public static final String EL_ATTR_PROPNAME = "name";
    public static final String EL_ATTR_PROPVALUE = "value";
    public static final String ENTITY_ID_MICROSOFT_OFFICE_365 = "urn:federation:MicrosoftOnline";
    private static final Log _oLogger = LogFactory.getLog(MSO365PersistentFormatHandler.class);
    protected String _sMSO365EntityId = ENTITY_ID_MICROSOFT_OFFICE_365;
    protected String _sUIDAttributeName = "uid";
    protected boolean _bUIDAttributeRemoveAfterUse = false;
    protected String _sMSO365ImmutableIdAttributeName = "mso365immutableid";
    protected boolean _bMSO365ImmutableIdRemoveAfterUse = true;

    protected String generateMSO365ImmutableId(IUser iUser) {
        String userAttributeValue = getUserAttributeValue(iUser, this._sUIDAttributeName, false);
        if (userAttributeValue != null) {
            return DigestUtils.shaHex(userAttributeValue).toUpperCase(Locale.ENGLISH);
        }
        _oLogger.warn("No attribute '" + this._sUIDAttributeName + "' available; could not generate ImmutableId! (available: " + iUser.getAttributes().toString() + ")");
        return null;
    }

    @Override // org.asimba.util.saml2.nameid.handler.DefaultPersistentFormatHandler, org.asimba.util.saml2.nameid.INameIDFormatHandler
    public String format(IUser iUser, String str, String str2, ISession iSession) throws OAException {
        String userAttributeValue = getUserAttributeValue(iUser, this._sMSO365ImmutableIdAttributeName, this._bMSO365ImmutableIdRemoveAfterUse);
        if (!this._sMSO365EntityId.equals(str)) {
            _oLogger.trace("Format NameId for non-Microsoft Office 365 requestor '" + str + "'; using default handler.");
            return super.format(iUser, str, str2, iSession);
        }
        if (userAttributeValue != null) {
            return userAttributeValue;
        }
        String generateMSO365ImmutableId = generateMSO365ImmutableId(iUser);
        if (this._bUIDAttributeRemoveAfterUse && iUser.getAttributes().contains(this._sUIDAttributeName)) {
            _oLogger.info("Reformat: removing attribute '" + this._sUIDAttributeName + "'");
            iUser.getAttributes().remove(this._sUIDAttributeName);
        }
        _oLogger.info("Microsoft Office 365 ImmutableId established as " + generateMSO365ImmutableId);
        return generateMSO365ImmutableId;
    }

    @Override // org.asimba.util.saml2.nameid.handler.DefaultPersistentFormatHandler, org.asimba.util.saml2.nameid.INameIDFormatHandler
    public void reformat(IUser iUser, String str, String str2, ISession iSession) throws OAException {
        if (this._bMSO365ImmutableIdRemoveAfterUse && iUser.getAttributes().contains(this._sMSO365ImmutableIdAttributeName)) {
            _oLogger.info("Reformat: removing attribute '" + this._sMSO365ImmutableIdAttributeName + "'");
            iUser.getAttributes().remove(this._sMSO365ImmutableIdAttributeName);
        }
        if (this._bUIDAttributeRemoveAfterUse && iUser.getAttributes().contains(this._sUIDAttributeName)) {
            _oLogger.info("Reformat: removing attribute '" + this._sUIDAttributeName + "'");
            iUser.getAttributes().remove(this._sUIDAttributeName);
        }
        if (this._sMSO365EntityId.equals(str)) {
            return;
        }
        _oLogger.trace("Reformat NameId for non-Microsoft Office 365 requestor '" + str + "'");
        super.reformat(iUser, str, str2, iSession);
    }

    @Override // org.asimba.util.saml2.nameid.handler.DefaultPersistentFormatHandler, org.asimba.util.saml2.nameid.INameIDFormatHandler
    public void init(IConfigurationManager iConfigurationManager, Element element, NameIDFormatter nameIDFormatter) throws OAException {
        super.init(iConfigurationManager, element, nameIDFormatter);
        Element section = iConfigurationManager.getSection(element, EL_MSO365);
        if (section == null) {
            _oLogger.info("Optional 'mso365' is not configured, using '" + this._sMSO365EntityId + "'");
        } else {
            this._sMSO365EntityId = iConfigurationManager.getParam(section, ATTR_ENTITYID);
            if (this._sMSO365EntityId == null) {
                _oLogger.error("No value configured for mso365@entityId");
                throw new OAException(17);
            }
            _oLogger.info("Using MSO365 EntityId '" + this._sMSO365EntityId + "'");
        }
        Element section2 = iConfigurationManager.getSection(element, EL_UID_ATTRIBUTE);
        if (section2 == null) {
            _oLogger.info("Optional 'uid_attribute' is not configured, using '" + this._sUIDAttributeName + "'");
        } else {
            String param = iConfigurationManager.getParam(section2, "name");
            if (param == null) {
                _oLogger.info("Optional uid_attribute@name is not configured, using default '" + this._sUIDAttributeName + "'");
            } else {
                this._sUIDAttributeName = param;
                _oLogger.info("Optional uid_attribute@name is configured with value '" + this._sUIDAttributeName + "'");
            }
            this._bUIDAttributeRemoveAfterUse = false;
            String param2 = iConfigurationManager.getParam(section2, "removeAfterUse");
            if (param2 == null) {
                _oLogger.info("Optional uid_attribute@removeAfterUse is not configured, using default '" + this._bUIDAttributeRemoveAfterUse + "'");
            } else if ("TRUE".equalsIgnoreCase(param2)) {
                _oLogger.info("Optional uid_attribute@removeAfterUse is configured with value '" + this._bUIDAttributeRemoveAfterUse + "'");
                this._bUIDAttributeRemoveAfterUse = true;
            } else {
                if (!"FALSE".equalsIgnoreCase(param2)) {
                    _oLogger.error("Invalid value for uid_attribute@removeAfterUse: " + param2);
                    throw new OAException(17);
                }
                _oLogger.info("Optional uid_attribute@removeAfterUse is configured with value '" + this._bUIDAttributeRemoveAfterUse + "'");
            }
        }
        Element section3 = iConfigurationManager.getSection(element, EL_IMMUTABLEID_ATTRIBUTE);
        if (section3 == null) {
            _oLogger.info("Optional 'immutableid_attribute' element is not configured, using '" + this._sMSO365ImmutableIdAttributeName + "'; removeAfterUse is '" + this._bMSO365ImmutableIdRemoveAfterUse + "'");
            return;
        }
        String param3 = iConfigurationManager.getParam(section3, "name");
        if (param3 == null) {
            _oLogger.info("Optional immutableid_attribute@name is not configured, using default '" + this._sMSO365ImmutableIdAttributeName + "'");
        } else {
            this._sMSO365ImmutableIdAttributeName = param3;
            _oLogger.info("Optional immutableid_attribute@name is configured with value '" + this._sMSO365ImmutableIdAttributeName + "'");
        }
        this._bMSO365ImmutableIdRemoveAfterUse = true;
        String param4 = iConfigurationManager.getParam(section3, "removeAfterUse");
        if (param4 == null) {
            _oLogger.info("Optional immutableid_attribute@removeAfterUse is not configured, using default '" + this._bMSO365ImmutableIdRemoveAfterUse + "'");
            return;
        }
        if ("TRUE".equalsIgnoreCase(param4)) {
            _oLogger.info("Optional immutableid_attribute@removeAfterUse is configured with value '" + this._bMSO365ImmutableIdRemoveAfterUse + "'");
            this._bMSO365ImmutableIdRemoveAfterUse = true;
        } else if ("FALSE".equalsIgnoreCase(param4)) {
            _oLogger.info("Optional immutableid_attribute@removeAfterUse is configured with value '" + this._bUIDAttributeRemoveAfterUse + "'");
        } else {
            _oLogger.error("Invalid value for immutableid_attribute@removeAfterUse: " + param4);
            throw new OAException(17);
        }
    }
}
