package pl.edu.icm.unity.saml.idp.web;

import com.vaadin.server.Page;
import com.vaadin.server.SynchronizedRequestHandler;
import com.vaadin.server.VaadinRequest;
import com.vaadin.server.VaadinResponse;
import com.vaadin.server.VaadinSession;
import eu.unicore.samly2.exceptions.SAMLServerException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import org.apache.log4j.Logger;
import org.apache.xml.security.utils.Base64;
import pl.edu.icm.unity.idpcommon.EopException;
import pl.edu.icm.unity.saml.idp.FreemarkerHandler;
import pl.edu.icm.unity.saml.idp.ctx.SAMLAuthnContext;
import pl.edu.icm.unity.saml.idp.processor.AuthnResponseProcessor;
import pl.edu.icm.unity.server.utils.Log;
import xmlbeans.org.oasis.saml2.protocol.AuthnRequestDocument;
import xmlbeans.org.oasis.saml2.protocol.AuthnRequestType;
import xmlbeans.org.oasis.saml2.protocol.ResponseDocument;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlResponseHandler.class */
public class SamlResponseHandler {
    private static final Logger log = Log.getLogger("unity.server.saml", SamlResponseHandler.class);
    protected FreemarkerHandler freemarkerHandler;
    protected AuthnResponseProcessor samlProcessor;

    /* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlResponseHandler$SendResponseRequestHandler.class */
    public class SendResponseRequestHandler extends SynchronizedRequestHandler {
        public SendResponseRequestHandler() {
        }

        public boolean synchronizedHandleRequest(VaadinSession vaadinSession, VaadinRequest vaadinRequest, VaadinResponse vaadinResponse) throws IOException {
            ResponseDocument responseDocument = (ResponseDocument) vaadinSession.getAttribute(ResponseDocument.class);
            if (responseDocument == null) {
                return false;
            }
            String xmlText = responseDocument.xmlText();
            String encode = Base64.encode(xmlText.getBytes(StandardCharsets.UTF_8));
            SessionDisposal sessionDisposal = (SessionDisposal) vaadinSession.getAttribute(SessionDisposal.class);
            SAMLAuthnContext context = SAMLContextSupport.getContext();
            String assertionConsumerServiceURL = ((AuthnRequestDocument) context.getRequestDocument()).getAuthnRequest().getAssertionConsumerServiceURL();
            if (assertionConsumerServiceURL == null) {
                assertionConsumerServiceURL = context.getSamlConfiguration().getReturnAddressForRequester(((AuthnRequestType) context.getRequest()).getIssuer());
            }
            HashMap hashMap = new HashMap();
            hashMap.put("SAMLResponse", encode);
            hashMap.put("samlService", assertionConsumerServiceURL);
            if (sessionDisposal != null) {
                hashMap.put("error", sessionDisposal.getE().getMessage());
            }
            if (context.getRelayState() != null) {
                hashMap.put("RelayState", context.getRelayState());
            }
            if (SamlResponseHandler.log.isTraceEnabled()) {
                SamlResponseHandler.log.trace("About to send SAML response to " + assertionConsumerServiceURL + ", unencoded form:\n" + xmlText);
                if (sessionDisposal != null) {
                    SamlResponseHandler.log.trace("Error information: " + sessionDisposal.getE().getMessage());
                }
                if (context.getRelayState() != null) {
                    SamlResponseHandler.log.trace("RelayState: " + context.getRelayState());
                }
            }
            SAMLContextSupport.cleanContext();
            if (sessionDisposal != null && sessionDisposal.isDestroySession()) {
                vaadinSession.getSession().invalidate();
            }
            vaadinResponse.setContentType("application/xhtml+xml; charset=utf-8");
            SamlResponseHandler.this.freemarkerHandler.process("finishSaml.ftl", hashMap, vaadinResponse.getWriter());
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlResponseHandler$SessionDisposal.class */
    public static class SessionDisposal {
        private SAMLServerException e;
        private boolean destroySession;

        public SessionDisposal(SAMLServerException sAMLServerException, boolean z) {
            this.e = sAMLServerException;
            this.destroySession = z;
        }

        protected SAMLServerException getE() {
            return this.e;
        }

        protected boolean isDestroySession() {
            return this.destroySession;
        }
    }

    public SamlResponseHandler(FreemarkerHandler freemarkerHandler, AuthnResponseProcessor authnResponseProcessor) {
        this.freemarkerHandler = freemarkerHandler;
        this.samlProcessor = authnResponseProcessor;
    }

    public void handleException(Exception exc, boolean z) throws EopException {
        SAMLServerException convert2SAMLError = this.samlProcessor.convert2SAMLError(exc, null, true);
        returnSamlErrorResponse(this.samlProcessor.getErrorResponse(convert2SAMLError), convert2SAMLError, z);
        throw new EopException();
    }

    public void returnSamlErrorResponse(ResponseDocument responseDocument, SAMLServerException sAMLServerException, boolean z) {
        VaadinSession.getCurrent().setAttribute(SessionDisposal.class, new SessionDisposal(sAMLServerException, z));
        VaadinSession.getCurrent().setAttribute(SAMLServerException.class, sAMLServerException);
        returnSamlResponse(responseDocument);
    }

    public void returnSamlResponse(ResponseDocument responseDocument) {
        VaadinSession.getCurrent().setAttribute(ResponseDocument.class, responseDocument);
        VaadinSession.getCurrent().addRequestHandler(new SendResponseRequestHandler());
        Page.getCurrent().reload();
    }
}
