package pl.edu.icm.unity.saml.idp.web;

import eu.unicore.util.configuration.ConfigurationException;
import java.util.EnumSet;
import javax.servlet.DispatcherType;
import javax.servlet.Servlet;
import org.eclipse.jetty.servlet.FilterHolder;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import org.springframework.context.ApplicationContext;
import pl.edu.icm.unity.saml.SamlProperties;
import pl.edu.icm.unity.saml.idp.FreemarkerHandler;
import pl.edu.icm.unity.saml.idp.SamlIdpProperties;
import pl.edu.icm.unity.saml.idp.web.filter.ErrorHandler;
import pl.edu.icm.unity.saml.idp.web.filter.SamlGuardFilter;
import pl.edu.icm.unity.saml.idp.web.filter.SamlParseServlet;
import pl.edu.icm.unity.saml.metadata.MetadataProviderFactory;
import pl.edu.icm.unity.saml.metadata.MetadataServlet;
import pl.edu.icm.unity.server.api.PKIManagement;
import pl.edu.icm.unity.server.api.internal.SessionManagement;
import pl.edu.icm.unity.server.authn.LoginToHttpSessionBinder;
import pl.edu.icm.unity.server.utils.ExecutorsService;
import pl.edu.icm.unity.types.endpoint.EndpointTypeDescription;
import pl.edu.icm.unity.webui.EndpointRegistrationConfiguration;
import pl.edu.icm.unity.webui.UnityVaadinServlet;
import pl.edu.icm.unity.webui.VaadinEndpoint;
import pl.edu.icm.unity.webui.authn.AuthenticationFilter;
import pl.edu.icm.unity.webui.authn.AuthenticationUI;
import xmlbeans.org.oasis.saml2.metadata.EndpointType;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlAuthVaadinEndpoint.class */
public class SamlAuthVaadinEndpoint extends VaadinEndpoint {
    protected SamlIdpProperties samlProperties;
    protected FreemarkerHandler freemarkerHandler;
    protected PKIManagement pkiManagement;
    protected ExecutorsService executorsService;
    protected String samlConsumerPath;
    protected String samlMetadataPath;

    public SamlAuthVaadinEndpoint(EndpointTypeDescription endpointTypeDescription, ApplicationContext applicationContext, FreemarkerHandler freemarkerHandler, Class<?> cls, String str, PKIManagement pKIManagement, ExecutorsService executorsService, String str2, String str3) {
        super(endpointTypeDescription, applicationContext, cls.getSimpleName(), str);
        this.freemarkerHandler = freemarkerHandler;
        this.pkiManagement = pKIManagement;
        this.executorsService = executorsService;
        this.samlConsumerPath = str2;
        this.samlMetadataPath = str3;
    }

    public void setSerializedConfiguration(String str) {
        super.setSerializedConfiguration(str);
        try {
            this.samlProperties = new SamlIdpProperties(this.properties, this.pkiManagement);
        } catch (Exception e) {
            throw new ConfigurationException("Can't initialize the SAML Web IdP endpoint's configuration", e);
        }
    }

    public ServletContextHandler getServletContextHandler() {
        ServletContextHandler servletContextHandler = new ServletContextHandler(1);
        servletContextHandler.setContextPath(this.description.getContextAddress());
        String servletUrl = getServletUrl(this.samlConsumerPath);
        String servletUrl2 = getServletUrl(this.servletPath);
        servletContextHandler.addFilter(new FilterHolder(new SamlGuardFilter(this.servletPath, new ErrorHandler(this.freemarkerHandler))), this.servletPath + "/*", EnumSet.of(DispatcherType.REQUEST));
        servletContextHandler.addServlet(createServletHolder(getSamlParseServlet(servletUrl, servletUrl2), true), this.samlConsumerPath + "/*");
        servletContextHandler.addFilter(new FilterHolder(new AuthenticationFilter(this.servletPath, "/authentication", this.description.getRealm(), (SessionManagement) this.applicationContext.getBean(SessionManagement.class), (LoginToHttpSessionBinder) this.applicationContext.getBean(LoginToHttpSessionBinder.class))), "/*", EnumSet.of(DispatcherType.REQUEST));
        EndpointRegistrationConfiguration registrationConfiguration = getRegistrationConfiguration();
        UnityVaadinServlet unityVaadinServlet = new UnityVaadinServlet(this.applicationContext, AuthenticationUI.class.getSimpleName(), this.description, this.authenticators, registrationConfiguration);
        unityVaadinServlet.setCancelHandler(new SamlAuthnCancelHandler(this.freemarkerHandler, this.description.getContextAddress() + "/authentication"));
        ServletHolder createVaadinServletHolder = createVaadinServletHolder(unityVaadinServlet, true);
        servletContextHandler.addServlet(createVaadinServletHolder, "/authentication/*");
        servletContextHandler.addServlet(createVaadinServletHolder, "/VAADIN/*");
        servletContextHandler.addServlet(createVaadinServletHolder(new UnityVaadinServlet(this.applicationContext, this.uiBeanName, this.description, this.authenticators, registrationConfiguration), false), this.servletPath + "/*");
        if (this.samlProperties.getBooleanValue(SamlProperties.PUBLISH_METADATA).booleanValue()) {
            servletContextHandler.addServlet(createServletHolder(getMetadataServlet(servletUrl), true), this.samlMetadataPath + "/*");
        }
        return servletContextHandler;
    }

    protected Servlet getSamlParseServlet(String str, String str2) {
        return new SamlParseServlet(this.samlProperties, str, str2, new ErrorHandler(this.freemarkerHandler));
    }

    protected Servlet getMetadataServlet(String str) {
        EndpointType newInstance = EndpointType.Factory.newInstance();
        newInstance.setLocation(str);
        newInstance.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
        EndpointType newInstance2 = EndpointType.Factory.newInstance();
        newInstance2.setLocation(str);
        newInstance2.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
        return new MetadataServlet(MetadataProviderFactory.newIdpInstance(this.samlProperties, this.executorsService, new EndpointType[]{newInstance, newInstance2}, null));
    }
}
