package pl.edu.icm.unity.saml.idp.web;

import com.vaadin.annotations.Theme;
import com.vaadin.data.Property;
import com.vaadin.server.Sizeable;
import com.vaadin.server.VaadinRequest;
import com.vaadin.shared.ui.label.ContentMode;
import com.vaadin.ui.Alignment;
import com.vaadin.ui.Button;
import com.vaadin.ui.CheckBox;
import com.vaadin.ui.ComboBox;
import com.vaadin.ui.HorizontalLayout;
import com.vaadin.ui.Label;
import com.vaadin.ui.Panel;
import com.vaadin.ui.TextField;
import com.vaadin.ui.VerticalLayout;
import eu.unicore.samly2.exceptions.SAMLRequesterException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.saml.idp.FreemarkerHandler;
import pl.edu.icm.unity.saml.idp.ctx.SAMLAuthnContext;
import pl.edu.icm.unity.saml.idp.preferences.SamlPreferences;
import pl.edu.icm.unity.saml.idp.processor.AuthnResponseProcessor;
import pl.edu.icm.unity.server.api.PreferencesManagement;
import pl.edu.icm.unity.server.api.internal.IdPEngine;
import pl.edu.icm.unity.server.authn.AuthenticationException;
import pl.edu.icm.unity.server.authn.InvocationContext;
import pl.edu.icm.unity.server.endpoint.BindingAuthn;
import pl.edu.icm.unity.server.translation.out.TranslationResult;
import pl.edu.icm.unity.server.utils.Log;
import pl.edu.icm.unity.server.utils.UnityMessageSource;
import pl.edu.icm.unity.types.basic.Attribute;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.types.basic.Identity;
import pl.edu.icm.unity.types.basic.IdentityParam;
import pl.edu.icm.unity.types.basic.IdentityTypeDefinition;
import pl.edu.icm.unity.types.endpoint.EndpointDescription;
import pl.edu.icm.unity.webui.EndpointRegistrationConfiguration;
import pl.edu.icm.unity.webui.UnityUIBase;
import pl.edu.icm.unity.webui.UnityWebUI;
import pl.edu.icm.unity.webui.authn.AuthenticationProcessor;
import pl.edu.icm.unity.webui.common.ListOfSelectableElements;
import pl.edu.icm.unity.webui.common.Styles;
import pl.edu.icm.unity.webui.common.TopHeaderLight;
import pl.edu.icm.unity.webui.common.attributes.AttributeHandlerRegistry;
import xmlbeans.org.oasis.saml2.assertion.NameIDType;
import xmlbeans.org.oasis.saml2.protocol.AuthnRequestType;

@Theme("unityTheme")
@Scope("prototype")
@Component("SamlIdPWebUI")
/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlIdPWebUI.class */
public class SamlIdPWebUI extends UnityUIBase implements UnityWebUI {
    private static Logger log = Log.getLogger("unity.server.saml", SamlIdPWebUI.class);
    protected UnityMessageSource msg;
    protected EndpointDescription endpointDescription;
    protected IdPEngine idpEngine;
    protected FreemarkerHandler freemarkerHandler;
    protected AttributeHandlerRegistry handlersRegistry;
    protected PreferencesManagement preferencesMan;
    protected AuthenticationProcessor authnProcessor;
    protected AuthnResponseProcessor samlProcessor;
    protected SamlResponseHandler samlResponseHandler;
    protected List<IdentityParam> validIdentities;
    protected IdentityParam selectedIdentity;
    protected Map<String, Attribute<?>> attributes;
    protected ListOfSelectableElements attributesHiding;
    protected CheckBox rememberCB;
    protected ComboBox identitiesCB;

    @Autowired
    public SamlIdPWebUI(UnityMessageSource unityMessageSource, FreemarkerHandler freemarkerHandler, AttributeHandlerRegistry attributeHandlerRegistry, PreferencesManagement preferencesManagement, AuthenticationProcessor authenticationProcessor, IdPEngine idPEngine) {
        super(unityMessageSource);
        this.msg = unityMessageSource;
        this.freemarkerHandler = freemarkerHandler;
        this.handlersRegistry = attributeHandlerRegistry;
        this.preferencesMan = preferencesManagement;
        this.authnProcessor = authenticationProcessor;
        this.idpEngine = idPEngine;
    }

    public void configure(EndpointDescription endpointDescription, List<Map<String, BindingAuthn>> list, EndpointRegistrationConfiguration endpointRegistrationConfiguration) {
        this.endpointDescription = endpointDescription;
    }

    protected TranslationResult getUserInfo(SAMLAuthnContext sAMLAuthnContext, AuthnResponseProcessor authnResponseProcessor) throws EngineException {
        return this.idpEngine.obtainUserInformation(new EntityParam(Long.valueOf(InvocationContext.getCurrent().getLoginSession().getEntityId())), authnResponseProcessor.getChosenGroup(), sAMLAuthnContext.getSamlConfiguration().getValue("translationProfile"), this.samlProcessor.getIdentityTarget(), "SAML2", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect", authnResponseProcessor.isIdentityCreationAllowed());
    }

    protected Collection<Attribute<?>> getUserFilteredAttributes() {
        HashSet hashSet = new HashSet();
        for (CheckBox checkBox : this.attributesHiding.getSelection()) {
            if (((Boolean) checkBox.getValue()).booleanValue()) {
                hashSet.add((String) checkBox.getData());
            }
        }
        ArrayList arrayList = new ArrayList(this.attributes.size());
        for (Attribute<?> attribute : this.attributes.values()) {
            if (!hashSet.contains(attribute.getName())) {
                arrayList.add(attribute);
            }
        }
        return arrayList;
    }

    protected String getMyAddress() {
        return this.endpointDescription.getContextAddress() + SamlIdPWebEndpointFactory.SAML_UI_SERVLET_PATH;
    }

    protected void appInit(VaadinRequest vaadinRequest) {
        SAMLAuthnContext context = SamlResponseHandler.getContext();
        this.samlProcessor = new AuthnResponseProcessor(context, Calendar.getInstance(TimeZone.getTimeZone("UTC")));
        this.samlResponseHandler = new SamlResponseHandler(this.freemarkerHandler, this.samlProcessor, getMyAddress());
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.addComponent(new TopHeaderLight(this.endpointDescription.getId(), this.msg));
        VerticalLayout verticalLayout2 = new VerticalLayout();
        verticalLayout2.setSizeUndefined();
        verticalLayout2.setMargin(true);
        verticalLayout2.setSpacing(true);
        verticalLayout.addComponent(verticalLayout2);
        verticalLayout.setComponentAlignment(verticalLayout2, Alignment.TOP_CENTER);
        try {
            createInfoPart(context, verticalLayout2);
            createExposedDataPart(context, verticalLayout2);
            createButtonsPart(verticalLayout2);
            setContent(verticalLayout);
            loadPreferences(context);
        } catch (EopException e) {
        }
    }

    protected void createInfoPart(SAMLAuthnContext sAMLAuthnContext, VerticalLayout verticalLayout) {
        String stringValue = ((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer().getStringValue();
        String assertionConsumerServiceURL = ((AuthnRequestType) sAMLAuthnContext.getRequest()).getAssertionConsumerServiceURL();
        if (assertionConsumerServiceURL == null) {
            assertionConsumerServiceURL = sAMLAuthnContext.getSamlConfiguration().getReturnAddressForRequester(((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer());
        }
        com.vaadin.ui.Component label = new Label(this.msg.getMessage("SamlIdPWebUI.info1", new Object[0]));
        label.setStyleName("h1");
        com.vaadin.ui.Component label2 = new Label(this.msg.getMessage("SamlIdPWebUI.info1Id", new Object[]{stringValue}));
        label2.setStyleName("h2");
        com.vaadin.ui.Component label3 = new Label(this.msg.getMessage("SamlIdPWebUI.info1Addr", new Object[]{assertionConsumerServiceURL}));
        label3.setStyleName("h2");
        com.vaadin.ui.Component label4 = new Label("<br>", ContentMode.HTML);
        com.vaadin.ui.Component label5 = new Label(this.msg.getMessage("SamlIdPWebUI.info2", new Object[0]));
        com.vaadin.ui.Component label6 = new Label(this.msg.getMessage("SamlIdPWebUI.info3", new Object[0]));
        label6.setStyleName("light");
        verticalLayout.addComponents(new com.vaadin.ui.Component[]{label, label2, label3, label4, label5, label6});
    }

    protected void createExposedDataPart(SAMLAuthnContext sAMLAuthnContext, VerticalLayout verticalLayout) throws EopException {
        Panel panel = new Panel();
        verticalLayout.addComponent(panel);
        VerticalLayout verticalLayout2 = new VerticalLayout();
        verticalLayout2.setMargin(true);
        verticalLayout2.setSpacing(true);
        panel.setContent(verticalLayout2);
        try {
            TranslationResult userInfo = getUserInfo(sAMLAuthnContext, this.samlProcessor);
            createIdentityPart(userInfo, verticalLayout2);
            verticalLayout2.addComponent(new Label("<br>", ContentMode.HTML));
            createAttributesPart(userInfo, verticalLayout2);
            this.rememberCB = new CheckBox("Remember the settings for this service and do not show this dialog again");
            verticalLayout.addComponent(this.rememberCB);
        } catch (Exception e) {
            log.error("Engine problem when handling client request", e);
            this.samlResponseHandler.handleException(e, true);
        } catch (SAMLRequesterException e2) {
            log.debug("SAML problem when handling client request", e2);
            this.samlResponseHandler.handleException(e2, true);
        }
    }

    protected void createIdentityPart(TranslationResult translationResult, VerticalLayout verticalLayout) throws EngineException, SAMLRequesterException {
        this.validIdentities = this.samlProcessor.getCompatibleIdentities(translationResult.getIdentities());
        this.selectedIdentity = this.validIdentities.get(0);
        if (this.validIdentities.size() == 1) {
            com.vaadin.ui.Component label = new Label(this.msg.getMessage("SamlIdPWebUI.identity", new Object[0]));
            label.setStyleName(Styles.bold.toString());
            com.vaadin.ui.Component textField = new TextField();
            textField.setValue(this.selectedIdentity.getValue());
            textField.setReadOnly(true);
            textField.setWidth(100.0f, Sizeable.Unit.PERCENTAGE);
            verticalLayout.addComponents(new com.vaadin.ui.Component[]{label, textField});
            return;
        }
        com.vaadin.ui.Component label2 = new Label(this.msg.getMessage("SamlIdPWebUI.identities", new Object[0]));
        label2.setStyleName(Styles.bold.toString());
        com.vaadin.ui.Component label3 = new Label(this.msg.getMessage("SamlIdPWebUI.infoManyIds", new Object[0]));
        label3.setStyleName("light");
        this.identitiesCB = new ComboBox();
        Iterator<IdentityParam> it = this.validIdentities.iterator();
        while (it.hasNext()) {
            this.identitiesCB.addItem(it.next());
        }
        this.identitiesCB.setImmediate(true);
        this.identitiesCB.select(this.selectedIdentity);
        this.identitiesCB.setNullSelectionAllowed(false);
        this.identitiesCB.addValueChangeListener(new Property.ValueChangeListener() { // from class: pl.edu.icm.unity.saml.idp.web.SamlIdPWebUI.1
            public void valueChange(Property.ValueChangeEvent valueChangeEvent) {
                SamlIdPWebUI.this.selectedIdentity = (Identity) SamlIdPWebUI.this.identitiesCB.getValue();
            }
        });
        verticalLayout.addComponents(new com.vaadin.ui.Component[]{label2, label3, this.identitiesCB});
    }

    protected void createAttributesPart(TranslationResult translationResult, VerticalLayout verticalLayout) throws EngineException {
        this.attributes = new HashMap();
        for (Attribute<?> attribute : translationResult.getAttributes()) {
            this.attributes.put(attribute.getName(), attribute);
        }
        Label label = new Label(this.msg.getMessage("SamlIdPWebUI.attributes", new Object[0]));
        label.setStyleName(Styles.bold.toString());
        Label label2 = new Label(this.msg.getMessage("SamlIdPWebUI.attributesInfo", new Object[0]));
        label2.setStyleName("light");
        label2.setContentMode(ContentMode.HTML);
        Label label3 = new Label(this.msg.getMessage("SamlIdPWebUI.hide", new Object[0]));
        verticalLayout.addComponent(label);
        verticalLayout.addComponent(label2);
        this.attributesHiding = new ListOfSelectableElements((com.vaadin.ui.Component) null, label3, ListOfSelectableElements.DisableMode.WHEN_SELECTED);
        for (Attribute<?> attribute2 : this.attributes.values()) {
            Label label4 = new Label();
            label4.setValue(this.handlersRegistry.getSimplifiedAttributeRepresentation(attribute2, 80));
            this.attributesHiding.addEntry(label4, false, attribute2.getName());
        }
        verticalLayout.addComponent(this.attributesHiding);
    }

    protected void createButtonsPart(VerticalLayout verticalLayout) {
        HorizontalLayout horizontalLayout = new HorizontalLayout();
        com.vaadin.ui.Component button = new Button(this.msg.getMessage("SamlIdPWebUI.confirm", new Object[0]));
        button.addClickListener(new Button.ClickListener() { // from class: pl.edu.icm.unity.saml.idp.web.SamlIdPWebUI.2
            public void buttonClick(Button.ClickEvent clickEvent) {
                try {
                    SamlIdPWebUI.this.confirm();
                } catch (EopException e) {
                }
            }
        });
        com.vaadin.ui.Component button2 = new Button(this.msg.getMessage("SamlIdPWebUI.decline", new Object[0]));
        button2.addClickListener(new Button.ClickListener() { // from class: pl.edu.icm.unity.saml.idp.web.SamlIdPWebUI.3
            public void buttonClick(Button.ClickEvent clickEvent) {
                try {
                    SamlIdPWebUI.this.decline();
                } catch (EopException e) {
                }
            }
        });
        com.vaadin.ui.Component button3 = new Button(this.msg.getMessage("SamlIdPWebUI.logAsAnother", new Object[0]));
        button3.addClickListener(new Button.ClickListener() { // from class: pl.edu.icm.unity.saml.idp.web.SamlIdPWebUI.4
            public void buttonClick(Button.ClickEvent clickEvent) {
                SamlIdPWebUI.this.authnProcessor.logout(true);
            }
        });
        horizontalLayout.addComponents(new com.vaadin.ui.Component[]{button, button2, button3});
        horizontalLayout.setSpacing(true);
        horizontalLayout.setMargin(true);
        horizontalLayout.setSizeUndefined();
        verticalLayout.addComponent(horizontalLayout);
        verticalLayout.setComponentAlignment(horizontalLayout, Alignment.MIDDLE_CENTER);
    }

    protected void loadPreferences(SAMLAuthnContext sAMLAuthnContext) throws EopException {
        try {
            updateUIFromPreferences(SamlPreferences.getPreferences(this.preferencesMan).getSPSettings(((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer()), sAMLAuthnContext);
        } catch (EopException e) {
            throw e;
        } catch (Exception e2) {
            log.error("Engine problem when processing stored preferences", e2);
            this.samlResponseHandler.handleException(e2, true);
        }
    }

    protected void updateUIFromPreferences(SamlPreferences.SPSettings sPSettings, SAMLAuthnContext sAMLAuthnContext) throws EngineException, EopException {
        if (sPSettings == null) {
            return;
        }
        Set<String> hiddenAttribtues = sPSettings.getHiddenAttribtues();
        for (CheckBox checkBox : this.attributesHiding.getSelection()) {
            if (hiddenAttribtues.contains((String) checkBox.getData())) {
                checkBox.setValue(true);
            }
        }
        if (sPSettings.isDoNotAsk()) {
            if (sPSettings.isDefaultAccept()) {
                confirm();
            } else {
                decline();
            }
        }
        String selectedIdentity = sPSettings.getSelectedIdentity();
        if (this.validIdentities.size() <= 0 || selectedIdentity == null) {
            return;
        }
        Iterator<IdentityParam> it = this.validIdentities.iterator();
        while (it.hasNext()) {
            Identity identity = (IdentityParam) it.next();
            if (identity instanceof Identity) {
                if (identity.getComparableValue().equals(selectedIdentity)) {
                    if (this.identitiesCB != null) {
                        this.identitiesCB.select(identity);
                    }
                    this.selectedIdentity = identity;
                    return;
                }
            } else if (identity.getValue().equals(selectedIdentity)) {
                if (this.identitiesCB != null) {
                    this.identitiesCB.select(identity);
                }
                this.selectedIdentity = identity;
                return;
            }
        }
    }

    protected void updatePreferencesFromUI(SamlPreferences samlPreferences, SAMLAuthnContext sAMLAuthnContext, boolean z) throws EngineException {
        if (((Boolean) this.rememberCB.getValue()).booleanValue()) {
            NameIDType issuer = ((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer();
            SamlPreferences.SPSettings sPSettings = samlPreferences.getSPSettings(issuer);
            sPSettings.setDefaultAccept(z);
            sPSettings.setDoNotAsk(true);
            HashSet hashSet = new HashSet();
            for (CheckBox checkBox : this.attributesHiding.getSelection()) {
                if (((Boolean) checkBox.getValue()).booleanValue()) {
                    hashSet.add((String) checkBox.getData());
                }
            }
            sPSettings.setHiddenAttribtues(hashSet);
            boolean z2 = false;
            String value = this.selectedIdentity.getValue();
            if (this.selectedIdentity instanceof Identity) {
                Identity identity = this.selectedIdentity;
                value = identity.getComparableValue();
                IdentityTypeDefinition identityTypeProvider = identity.getType().getIdentityTypeProvider();
                if (identityTypeProvider.isDynamic() || identityTypeProvider.isTargeted()) {
                    z2 = true;
                }
            }
            if (!z2) {
                sPSettings.setSelectedIdentity(value);
            }
            samlPreferences.setSPSettings(issuer, sPSettings);
        }
    }

    protected void storePreferences(boolean z) {
        try {
            SAMLAuthnContext context = SamlResponseHandler.getContext();
            SamlPreferences preferences = SamlPreferences.getPreferences(this.preferencesMan);
            updatePreferencesFromUI(preferences, context, z);
            SamlPreferences.savePreferences(this.preferencesMan, preferences);
        } catch (EngineException e) {
            log.error("Unable to store user's preferences", e);
        }
    }

    protected void decline() throws EopException {
        storePreferences(false);
        this.samlResponseHandler.handleException(new AuthenticationException("Authentication was declined"), false);
    }

    protected void confirm() throws EopException {
        storePreferences(true);
        try {
            this.samlResponseHandler.returnSamlResponse(this.samlProcessor.processAuthnRequest(this.selectedIdentity, getUserFilteredAttributes()));
        } catch (Exception e) {
            this.samlResponseHandler.handleException(e, false);
        }
    }
}
