package org.asimba.util.saml2.confederation;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.api.IComponent;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.requestor.IRequestor;
import com.alfaariss.oa.engine.core.idp.storage.IIDP;
import com.alfaariss.oa.util.saml2.idp.SAML2IDP;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Timer;
import org.apache.commons.httpclient.URIException;
import org.apache.commons.httpclient.util.URIUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.asimba.engine.core.confederation.IConfederation;
import org.asimba.util.saml2.metadata.provider.IMetadataProviderManager;
import org.asimba.util.saml2.metadata.provider.MetadataProviderUtil;
import org.asimba.util.saml2.nameid.handler.DefaultPersistentFormatHandler;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.w3c.dom.Element;

/* loaded from: input_file:org/asimba/util/saml2/confederation/SAML2Confederation.class */
public class SAML2Confederation implements IConfederation, IComponent {
    public static final String EL_IDP_CATALOG = "idp_catalog";
    public static final String EL_SP_CATALOG = "sp_catalog";
    public static final String EL_DISABLE_SSO = "disable_sso";
    private static Log _oLogger = LogFactory.getLog(SAML2Confederation.class);
    private IConfigurationManager _oConfigManager;
    protected String _sID;
    protected boolean _bDisableSSOForIDPs;
    protected IMetadataProviderManager _oMetadataProviderManager;
    protected MetadataSourceDefinition _oIDPCatalogSource;
    protected MetadataSourceDefinition _oSPCatalogSource;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/asimba/util/saml2/confederation/SAML2Confederation$MetadataSourceDefinition.class */
    public class MetadataSourceDefinition {
        public static final String TYPE_URL = "url";
        public static final String TYPE_FILE = "file";
        public static final String TYPE_TEXT = "text";
        public String _sId;
        public String sType;
        public String _sGenericSourceLocation;
        public String _sSpecificSourceLocation;

        MetadataSourceDefinition() {
        }
    }

    public SAML2Confederation() {
        _oLogger.trace("SAML2Confederation instance created.");
    }

    protected MetadataProvider createMetadataProviderFor(String str, MetadataSourceDefinition metadataSourceDefinition, Timer timer) throws OAException {
        if (MetadataSourceDefinition.TYPE_URL.equals(metadataSourceDefinition.sType)) {
            return MetadataProviderUtil.createProviderForURL(str, MetadataProviderUtil.DEFAULT_PARSERPOOL, timer, MetadataProviderUtil.DEFAULT_HTTPCLIENT);
        }
        if (MetadataSourceDefinition.TYPE_FILE.equals(metadataSourceDefinition.sType)) {
            return MetadataProviderUtil.createProviderForFile(str, MetadataProviderUtil.DEFAULT_PARSERPOOL, timer);
        }
        return null;
    }

    public List<? extends IIDP> getIDPs(String str, Map<String, String> map) throws OAException {
        String paramSourceRef = getParamSourceRef(this._oIDPCatalogSource, str);
        if (!this._oMetadataProviderManager.existsFor(paramSourceRef)) {
            String str2 = "Metadata_SAML2Confed_IDPs_" + this._oIDPCatalogSource._sId;
            Timer timer = new Timer((str == null ? str2 + "[--generic--]" : this._oIDPCatalogSource._sSpecificSourceLocation.equals(paramSourceRef) ? str2 + "[--specific--]" : str2 + "[" + str + "]") + "-Timer", true);
            this._oMetadataProviderManager.setProviderFor(paramSourceRef, createMetadataProviderFor(paramSourceRef, this._oIDPCatalogSource, timer), timer);
        }
        List<IIDP> iDPs = this._oMetadataProviderManager.getIDPs(paramSourceRef);
        Iterator<IIDP> it = iDPs.iterator();
        while (it.hasNext()) {
            SAML2IDP saml2idp = (IIDP) it.next();
            if (saml2idp instanceof SAML2IDP) {
                saml2idp.setDisableSSOForIDP(this._bDisableSSOForIDPs);
            } else {
                _oLogger.warn("Non-SAML2IDP in SAML2Confederation: " + saml2idp.getID());
            }
        }
        return iDPs;
    }

    public List<IRequestor> getSPs(String str, Map<String, String> map) throws OAException {
        String paramSourceRef = getParamSourceRef(this._oSPCatalogSource, str);
        if (!this._oMetadataProviderManager.existsFor(paramSourceRef)) {
            String str2 = "Metadata_SAML2Confed_SPs_" + this._oIDPCatalogSource._sId;
            Timer timer = new Timer((str == null ? str2 + "[--generic--]" : this._oIDPCatalogSource._sSpecificSourceLocation.equals(paramSourceRef) ? str2 + "[--specific--]" : str2 + "[" + str + "]") + "-Timer", true);
            this._oMetadataProviderManager.setProviderFor(paramSourceRef, createMetadataProviderFor(paramSourceRef, this._oSPCatalogSource, timer), timer);
        }
        return null;
    }

    protected SAML2IDP getSAML2IDPFromIDP(IIDP iidp) {
        _oLogger.error("Not yet implemented: getSAML2IDPFromIDP()");
        throw new UnsupportedOperationException("Not yet implemented: getSAML2IDPFromIDP()");
    }

    protected String getParamSourceRef(MetadataSourceDefinition metadataSourceDefinition, String str) throws OAException {
        try {
            if (str == null) {
                return metadataSourceDefinition._sGenericSourceLocation;
            }
            return metadataSourceDefinition._sSpecificSourceLocation.replaceAll("\\" + "${sourceref}".replace("{", "\\{").replace("}", "\\}"), URIUtil.encodeQuery(str));
        } catch (URIException e) {
            _oLogger.error("Exception occurred when encoding URI: " + e.getMessage());
            throw new OAException(1);
        }
    }

    public void start(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        this._oConfigManager = iConfigurationManager;
        _oLogger.info("Starting SAMLconfederation");
        this._sID = iConfigurationManager.getParam(element, "id");
        if (this._sID == null) {
            _oLogger.error("No 'id' configured for confederation");
            throw new OAException(17);
        }
        Element section = iConfigurationManager.getSection(element, "mp_manager");
        if (section == null) {
            _oLogger.error("No 'mp_manager' configured for confederation");
            throw new OAException(17);
        }
        this._oMetadataProviderManager = MetadataProviderUtil.getMetadataProviderManagerFromConfig(iConfigurationManager, section);
        _oLogger.info("MetadataProvider initialized for SAML2Confederation '" + this._sID + "'");
        Element section2 = iConfigurationManager.getSection(element, EL_IDP_CATALOG);
        if (section2 != null) {
            this._oIDPCatalogSource = getMSD(iConfigurationManager, section2);
        } else {
            this._oIDPCatalogSource = null;
        }
        Element section3 = iConfigurationManager.getSection(element, EL_SP_CATALOG);
        if (section3 != null) {
            this._oSPCatalogSource = getMSD(iConfigurationManager, section3);
        } else {
            this._oSPCatalogSource = null;
        }
        if (this._oIDPCatalogSource == null && this._oSPCatalogSource == null) {
            _oLogger.error("Confederation '" + this._sID + "' has no configured SP- or IDP-catalog");
            throw new OAException(17);
        }
        String param = iConfigurationManager.getParam(element, EL_DISABLE_SSO);
        if (param == null) {
            this._bDisableSSOForIDPs = false;
        } else if ("true".equalsIgnoreCase(param)) {
            this._bDisableSSOForIDPs = true;
        } else {
            if (!"false".equalsIgnoreCase(param)) {
                _oLogger.error("Invalid value configured for disable_sso: '" + param + "'");
                throw new OAException(17);
            }
            this._bDisableSSOForIDPs = false;
        }
        _oLogger.info("SSO for IDPs from remote federation is " + (this._bDisableSSOForIDPs ? "disabled" : DefaultPersistentFormatHandler.EL_ATTR_ENABLED) + " by default ");
        _oLogger.info("Started SAMLconfederation from asimba.xml");
    }

    private MetadataSourceDefinition getMSD(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        MetadataSourceDefinition metadataSourceDefinition = new MetadataSourceDefinition();
        metadataSourceDefinition._sId = iConfigurationManager.getParam(element, "id");
        if (metadataSourceDefinition._sId == null) {
            _oLogger.error("No 'id' attribute provided with confederation SP or IDP catalog");
            throw new OAException(17);
        }
        Element section = iConfigurationManager.getSection(element, MetadataSourceDefinition.TYPE_FILE);
        if (section != null) {
            metadataSourceDefinition.sType = MetadataSourceDefinition.TYPE_FILE;
            metadataSourceDefinition._sGenericSourceLocation = iConfigurationManager.getParam(section, "generic");
            metadataSourceDefinition._sSpecificSourceLocation = iConfigurationManager.getParam(section, "specific");
            return metadataSourceDefinition;
        }
        Element section2 = iConfigurationManager.getSection(element, MetadataSourceDefinition.TYPE_URL);
        if (section2 == null) {
            _oLogger.error("No 'file' and not 'url' configured for catalog source.");
            throw new OAException(17);
        }
        metadataSourceDefinition.sType = MetadataSourceDefinition.TYPE_URL;
        metadataSourceDefinition._sGenericSourceLocation = iConfigurationManager.getParam(section2, "generic");
        metadataSourceDefinition._sSpecificSourceLocation = iConfigurationManager.getParam(section2, "specific");
        return metadataSourceDefinition;
    }

    public void restart(Element element) throws OAException {
        synchronized (this) {
            stop();
            start(this._oConfigManager, element);
        }
    }

    public void stop() {
        if (this._oMetadataProviderManager != null) {
            this._oMetadataProviderManager.stop();
        }
    }

    public String getID() {
        return this._sID;
    }
}
