package org.pac4j.saml.config;

import java.net.MalformedURLException;
import java.net.URL;
import java.time.Period;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.function.Supplier;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSocketFactory;
import net.shibboleth.utilities.java.support.net.URIComparator;
import net.shibboleth.utilities.java.support.net.impl.BasicURLComparator;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.HttpClient;
import org.opensaml.core.xml.schema.XSAny;
import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
import org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration;
import org.pac4j.core.client.config.BaseClientConfiguration;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.logout.handler.DefaultLogoutHandler;
import org.pac4j.core.logout.handler.LogoutHandler;
import org.pac4j.core.profile.converter.AttributeConverter;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.saml.crypto.CredentialProvider;
import org.pac4j.saml.crypto.KeyStoreCredentialProvider;
import org.pac4j.saml.exceptions.SAMLException;
import org.pac4j.saml.metadata.BaseSAML2MetadataGenerator;
import org.pac4j.saml.metadata.SAML2FileSystemMetadataGenerator;
import org.pac4j.saml.metadata.SAML2HttpUrlMetadataGenerator;
import org.pac4j.saml.metadata.SAML2IdentityProviderMetadataResolver;
import org.pac4j.saml.metadata.SAML2MetadataContactPerson;
import org.pac4j.saml.metadata.SAML2MetadataGenerator;
import org.pac4j.saml.metadata.SAML2MetadataResolver;
import org.pac4j.saml.metadata.SAML2MetadataSigner;
import org.pac4j.saml.metadata.SAML2MetadataUIInfo;
import org.pac4j.saml.metadata.SAML2ServiceProviderRequestedAttribute;
import org.pac4j.saml.metadata.keystore.SAML2FileSystemKeystoreGenerator;
import org.pac4j.saml.metadata.keystore.SAML2HttpUrlKeystoreGenerator;
import org.pac4j.saml.metadata.keystore.SAML2KeystoreGenerator;
import org.pac4j.saml.profile.converter.SimpleSAML2AttributeConverter;
import org.pac4j.saml.sso.impl.SAML2ScopingIdentityProvider;
import org.pac4j.saml.store.EmptyStoreFactory;
import org.pac4j.saml.store.SAMLMessageStoreFactory;
import org.pac4j.saml.util.SAML2HttpClientBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.core.io.UrlResource;

/* loaded from: input_file:org/pac4j/saml/config/SAML2Configuration.class */
public class SAML2Configuration extends BaseClientConfiguration {
    protected static final String RESOURCE_PREFIX = "resource:";
    protected static final String CLASSPATH_PREFIX = "classpath:";
    protected static final String FILE_PREFIX = "file:";
    protected static final String DEFAULT_PROVIDER_NAME = "pac4j-saml";
    private static final Logger LOGGER = LoggerFactory.getLogger(SAML2Configuration.class);
    private final List<SAML2ScopingIdentityProvider> scopingIdentityProviders;
    private final List<SAML2ServiceProviderRequestedAttribute> requestedServiceProviderAttributes;
    private HostnameVerifier hostnameVerifier;
    private SSLSocketFactory sslSocketFactory;
    private SAML2MetadataSigner metadataSigner;
    private String singleSignOutServiceUrl;
    private String nameIdAttribute;
    private String callbackUrl;
    private Resource keystoreResource;
    private String keystorePassword;
    private String privateKeyPassword;
    private String certificateNameToAppend;
    private Resource identityProviderMetadataResource;
    private String identityProviderEntityId;
    private String serviceProviderEntityId;
    private long maximumAuthenticationLifetime;
    private long acceptedSkew;
    private boolean forceAuth;
    private boolean passive;
    private String comparisonType;
    private boolean isPartialLogoutTreatedAsSuccess;
    private String authnRequestBindingType;
    private String responseBindingType;
    private String spLogoutRequestBindingType;
    private String spLogoutResponseBindingType;
    private List<String> authnContextClassRefs;
    private String nameIdPolicyFormat;
    private boolean useNameQualifier;
    private boolean signMetadata;
    private Resource serviceProviderMetadataResource;
    private boolean forceServiceProviderMetadataGeneration;
    private boolean forceKeystoreGeneration;
    private SAMLMessageStoreFactory samlMessageStoreFactory;
    private SAML2KeystoreGenerator keystoreGenerator;
    private SAML2MetadataGenerator metadataGenerator;
    private boolean authnRequestSigned;
    private boolean spLogoutRequestSigned;
    private Collection<String> blackListedSignatureSigningAlgorithms;
    private List<String> signatureAlgorithms;
    private List<String> signatureReferenceDigestMethods;
    private String signatureCanonicalizationAlgorithm;
    private boolean wantsAssertionsSigned;
    private boolean wantsResponsesSigned;
    private boolean allSignatureValidationDisabled;
    private boolean responseDestinationAttributeMandatory;
    private String keyStoreAlias;
    private String keyStoreType;
    private int assertionConsumerServiceIndex;
    private int attributeConsumingServiceIndex;
    private String providerName;
    private Supplier<List<XSAny>> authnRequestExtensions;
    private String attributeAsId;
    private Map<String, String> mappedAttributes;
    private URIComparator uriComparator;
    private LogoutHandler logoutHandler;
    private String postLogoutURL;
    private Period certificateExpirationPeriod;
    private String certificateSignatureAlg;
    private int privateKeySize;
    private List<SAML2MetadataContactPerson> contactPersons;
    private List<SAML2MetadataUIInfo> metadataUIInfos;
    private String issuerFormat;
    private HttpClient httpClient;
    private AttributeConverter samlAttributeConverter;
    private Boolean nameIdPolicyAllowCreate;
    private List<String> supportedProtocols;
    private SAML2MetadataResolver identityProviderMetadataResolver;

    public SAML2Configuration() {
        this.scopingIdentityProviders = new ArrayList();
        this.requestedServiceProviderAttributes = new ArrayList();
        this.maximumAuthenticationLifetime = 3600L;
        this.acceptedSkew = 300L;
        this.forceAuth = false;
        this.passive = false;
        this.comparisonType = null;
        this.isPartialLogoutTreatedAsSuccess = true;
        this.authnRequestBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.responseBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.spLogoutRequestBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.spLogoutResponseBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.authnContextClassRefs = new ArrayList();
        this.nameIdPolicyFormat = null;
        this.useNameQualifier = false;
        this.samlMessageStoreFactory = new EmptyStoreFactory();
        this.wantsAssertionsSigned = false;
        this.wantsResponsesSigned = false;
        this.allSignatureValidationDisabled = false;
        this.responseDestinationAttributeMandatory = true;
        this.assertionConsumerServiceIndex = -1;
        this.attributeConsumingServiceIndex = -1;
        this.mappedAttributes = new LinkedHashMap();
        this.uriComparator = new BasicURLComparator();
        this.certificateExpirationPeriod = Period.ofYears(20);
        this.certificateSignatureAlg = "SHA1WithRSA";
        this.privateKeySize = 2048;
        this.contactPersons = new ArrayList();
        this.metadataUIInfos = new ArrayList();
        this.issuerFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
        this.samlAttributeConverter = new SimpleSAML2AttributeConverter();
        this.nameIdPolicyAllowCreate = Boolean.TRUE;
        this.supportedProtocols = new ArrayList(Arrays.asList("urn:oasis:names:tc:SAML:2.0:protocol", "urn:oasis:names:tc:SAML:1.0:protocol", "urn:oasis:names:tc:SAML:1.1:protocol"));
    }

    public SAML2Configuration(String str, String str2, String str3, String str4) {
        this(null, null, mapPathToResource(str), str2, str3, mapPathToResource(str4), null, null, DEFAULT_PROVIDER_NAME, null, null);
    }

    public SAML2Configuration(Resource resource, String str, String str2, Resource resource2) {
        this(null, null, resource, str, str2, resource2, null, null, DEFAULT_PROVIDER_NAME, null, null);
    }

    public SAML2Configuration(Resource resource, String str, String str2, String str3, String str4, Resource resource2) {
        this(str, str2, resource, str3, str4, resource2, null, null, DEFAULT_PROVIDER_NAME, null, null);
    }

    protected SAML2Configuration(String str, String str2, Resource resource, String str3, String str4, Resource resource2, String str5, String str6, String str7, Supplier<List<XSAny>> supplier, String str8) {
        this.scopingIdentityProviders = new ArrayList();
        this.requestedServiceProviderAttributes = new ArrayList();
        this.maximumAuthenticationLifetime = 3600L;
        this.acceptedSkew = 300L;
        this.forceAuth = false;
        this.passive = false;
        this.comparisonType = null;
        this.isPartialLogoutTreatedAsSuccess = true;
        this.authnRequestBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.responseBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.spLogoutRequestBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.spLogoutResponseBindingType = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        this.authnContextClassRefs = new ArrayList();
        this.nameIdPolicyFormat = null;
        this.useNameQualifier = false;
        this.samlMessageStoreFactory = new EmptyStoreFactory();
        this.wantsAssertionsSigned = false;
        this.wantsResponsesSigned = false;
        this.allSignatureValidationDisabled = false;
        this.responseDestinationAttributeMandatory = true;
        this.assertionConsumerServiceIndex = -1;
        this.attributeConsumingServiceIndex = -1;
        this.mappedAttributes = new LinkedHashMap();
        this.uriComparator = new BasicURLComparator();
        this.certificateExpirationPeriod = Period.ofYears(20);
        this.certificateSignatureAlg = "SHA1WithRSA";
        this.privateKeySize = 2048;
        this.contactPersons = new ArrayList();
        this.metadataUIInfos = new ArrayList();
        this.issuerFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity";
        this.samlAttributeConverter = new SimpleSAML2AttributeConverter();
        this.nameIdPolicyAllowCreate = Boolean.TRUE;
        this.supportedProtocols = new ArrayList(Arrays.asList("urn:oasis:names:tc:SAML:2.0:protocol", "urn:oasis:names:tc:SAML:1.0:protocol", "urn:oasis:names:tc:SAML:1.1:protocol"));
        this.keyStoreAlias = str;
        this.keyStoreType = str2;
        this.keystoreResource = resource;
        this.keystorePassword = str3;
        this.privateKeyPassword = str4;
        this.identityProviderMetadataResource = resource2;
        this.identityProviderEntityId = str5;
        this.serviceProviderEntityId = str6;
        this.providerName = str7;
        this.authnRequestExtensions = supplier;
        this.attributeAsId = str8;
    }

    protected static UrlResource newUrlResource(String str) {
        try {
            return new UrlResource(str);
        } catch (MalformedURLException e) {
            throw new TechnicalException(e);
        }
    }

    private static Resource mapPathToResource(String str) {
        CommonHelper.assertNotBlank("path", str);
        try {
            return str.startsWith(RESOURCE_PREFIX) ? new ClassPathResource(str.substring(RESOURCE_PREFIX.length())) : str.startsWith(CLASSPATH_PREFIX) ? new ClassPathResource(str.substring(CLASSPATH_PREFIX.length())) : (str.startsWith("http") || str.startsWith("https")) ? new UrlResource(new URL(str)) : str.startsWith(FILE_PREFIX) ? new FileSystemResource(str.substring(FILE_PREFIX.length())) : new FileSystemResource(str);
        } catch (Exception e) {
            throw new TechnicalException(e);
        }
    }

    public void setCallbackUrl(String str) {
        this.callbackUrl = str;
        try {
            if (CommonHelper.isBlank(getServiceProviderEntityId())) {
                URL url = new URL(str);
                if (url.getQuery() != null) {
                    setServiceProviderEntityId(url.toString().replace("?" + url.getQuery(), ""));
                } else {
                    setServiceProviderEntityId(url.toString());
                }
            }
            LOGGER.info("Using service provider entity ID {}", getServiceProviderEntityId());
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    protected void internalInit(boolean z) {
        SAML2KeystoreGenerator keystoreGenerator = getKeystoreGenerator();
        if (keystoreGenerator.shouldGenerate()) {
            LOGGER.warn("Generating keystore one for/via: {}", this.keystoreResource);
            keystoreGenerator.generate();
        }
        if (this.logoutHandler == null) {
            this.logoutHandler = new DefaultLogoutHandler();
        }
        initSignatureSigningConfiguration();
    }

    public SAML2KeystoreGenerator getKeystoreGenerator() {
        return this.keystoreGenerator == null ? this.keystoreResource instanceof UrlResource ? new SAML2HttpUrlKeystoreGenerator(this) : new SAML2FileSystemKeystoreGenerator(this) : this.keystoreGenerator;
    }

    public void setKeystoreGenerator(SAML2KeystoreGenerator sAML2KeystoreGenerator) {
        this.keystoreGenerator = sAML2KeystoreGenerator;
    }

    public Boolean isNameIdPolicyAllowCreate() {
        return this.nameIdPolicyAllowCreate;
    }

    public void setNameIdPolicyAllowCreate(Boolean bool) {
        this.nameIdPolicyAllowCreate = bool;
    }

    public List<SAML2MetadataContactPerson> getContactPersons() {
        return this.contactPersons;
    }

    public void setContactPersons(List<SAML2MetadataContactPerson> list) {
        this.contactPersons = list;
    }

    public List<SAML2MetadataUIInfo> getMetadataUIInfos() {
        return this.metadataUIInfos;
    }

    public void setMetadataUIInfos(List<SAML2MetadataUIInfo> list) {
        this.metadataUIInfos = list;
    }

    public List<String> getSupportedProtocols() {
        return this.supportedProtocols;
    }

    public void setSupportedProtocols(List<String> list) {
        this.supportedProtocols = list;
    }

    public String getCertificateSignatureAlg() {
        return this.certificateSignatureAlg;
    }

    public void setCertificateSignatureAlg(String str) {
        this.certificateSignatureAlg = str;
    }

    public Period getCertificateExpirationPeriod() {
        return this.certificateExpirationPeriod;
    }

    public void setCertificateExpirationPeriod(Period period) {
        this.certificateExpirationPeriod = period;
    }

    public int getPrivateKeySize() {
        return this.privateKeySize;
    }

    public void setPrivateKeySize(int i) {
        this.privateKeySize = i;
    }

    public List<SAML2ScopingIdentityProvider> getScopingIdentityProviders() {
        return this.scopingIdentityProviders;
    }

    public List<SAML2ServiceProviderRequestedAttribute> getRequestedServiceProviderAttributes() {
        return this.requestedServiceProviderAttributes;
    }

    public void setIdentityProviderMetadataResourceFilepath(String str) {
        this.identityProviderMetadataResource = new FileSystemResource(str);
    }

    public void setIdentityProviderMetadataResourceClasspath(String str) {
        this.identityProviderMetadataResource = new ClassPathResource(str);
    }

    public void setIdentityProviderMetadataResourceUrl(String str) {
        this.identityProviderMetadataResource = newUrlResource(str);
    }

    public void setIdentityProviderMetadataPath(String str) {
        this.identityProviderMetadataResource = mapPathToResource(str);
    }

    public int getAssertionConsumerServiceIndex() {
        return this.assertionConsumerServiceIndex;
    }

    public void setAssertionConsumerServiceIndex(int i) {
        this.assertionConsumerServiceIndex = i;
    }

    public boolean isForceKeystoreGeneration() {
        return this.forceKeystoreGeneration;
    }

    public void setForceKeystoreGeneration(boolean z) {
        this.forceKeystoreGeneration = z;
    }

    public long getAcceptedSkew() {
        return this.acceptedSkew;
    }

    public void setAcceptedSkew(long j) {
        this.acceptedSkew = j;
    }

    public Resource getIdentityProviderMetadataResource() {
        return this.identityProviderMetadataResource;
    }

    public void setIdentityProviderMetadataResource(Resource resource) {
        this.identityProviderMetadataResource = resource;
    }

    public String getIdentityProviderEntityId() {
        return this.identityProviderEntityId;
    }

    public void setIdentityProviderEntityId(String str) {
        this.identityProviderEntityId = str;
    }

    public void setKeystoreAlias(String str) {
        this.keyStoreAlias = str;
    }

    public void setKeystoreType(String str) {
        this.keyStoreType = str;
    }

    public void setKeystoreResourceFilepath(String str) {
        this.keystoreResource = new FileSystemResource(str);
    }

    public void setKeystoreResourceClasspath(String str) {
        this.keystoreResource = new ClassPathResource(str);
    }

    public void setKeystoreResourceUrl(String str) {
        this.keystoreResource = mapPathToResource(str);
    }

    public void setKeystorePath(String str) {
        this.keystoreResource = mapPathToResource(str);
    }

    public String getKeyStoreAlias() {
        return this.keyStoreAlias;
    }

    public String getKeyStoreType() {
        return this.keyStoreType;
    }

    public Resource getKeystoreResource() {
        return this.keystoreResource;
    }

    public void setKeystoreResource(Resource resource) {
        this.keystoreResource = resource;
    }

    public String getKeystorePassword() {
        return this.keystorePassword;
    }

    public void setKeystorePassword(String str) {
        this.keystorePassword = str;
    }

    public String getPrivateKeyPassword() {
        return this.privateKeyPassword;
    }

    public void setPrivateKeyPassword(String str) {
        this.privateKeyPassword = str;
    }

    public String getCertificateNameToAppend() {
        return this.certificateNameToAppend;
    }

    public void setCertificateNameToAppend(String str) {
        this.certificateNameToAppend = str;
    }

    public void setServiceProviderMetadataResourceFilepath(String str) {
        this.serviceProviderMetadataResource = new FileSystemResource(str);
    }

    public void setServiceProviderMetadataPath(String str) {
        this.serviceProviderMetadataResource = mapPathToResource(str);
    }

    public Resource getServiceProviderMetadataResource() {
        return this.serviceProviderMetadataResource;
    }

    public void setServiceProviderMetadataResource(Resource resource) {
        this.serviceProviderMetadataResource = resource;
    }

    public String getServiceProviderEntityId() {
        return this.serviceProviderEntityId;
    }

    public void setServiceProviderEntityId(String str) {
        this.serviceProviderEntityId = str;
    }

    public boolean isPassive() {
        return this.passive;
    }

    public void setPassive(boolean z) {
        this.passive = z;
    }

    public boolean isForceAuth() {
        return this.forceAuth;
    }

    public void setForceAuth(boolean z) {
        this.forceAuth = z;
    }

    public String getComparisonType() {
        return this.comparisonType;
    }

    public void setComparisonType(String str) {
        this.comparisonType = str;
    }

    public String getAuthnRequestBindingType() {
        return this.authnRequestBindingType;
    }

    public void setAuthnRequestBindingType(String str) {
        this.authnRequestBindingType = str;
    }

    public String getResponseBindingType() {
        return this.responseBindingType;
    }

    public void setResponseBindingType(String str) {
        this.responseBindingType = str;
    }

    public String getSpLogoutRequestBindingType() {
        return this.spLogoutRequestBindingType;
    }

    public void setSpLogoutRequestBindingType(String str) {
        this.spLogoutRequestBindingType = str;
    }

    public String getSpLogoutResponseBindingType() {
        return this.spLogoutResponseBindingType;
    }

    public void setSpLogoutResponseBindingType(String str) {
        this.spLogoutResponseBindingType = str;
    }

    public List<String> getAuthnContextClassRefs() {
        return this.authnContextClassRefs;
    }

    public void setAuthnContextClassRefs(List<String> list) {
        this.authnContextClassRefs = list;
    }

    public URIComparator getUriComparator() {
        return this.uriComparator;
    }

    public void setUriComparator(URIComparator uRIComparator) {
        this.uriComparator = uRIComparator;
    }

    public String getNameIdPolicyFormat() {
        return this.nameIdPolicyFormat;
    }

    public void setNameIdPolicyFormat(String str) {
        this.nameIdPolicyFormat = str;
    }

    public long getMaximumAuthenticationLifetime() {
        return this.maximumAuthenticationLifetime;
    }

    public void setMaximumAuthenticationLifetime(long j) {
        this.maximumAuthenticationLifetime = j;
    }

    public boolean isForceServiceProviderMetadataGeneration() {
        return this.forceServiceProviderMetadataGeneration;
    }

    public void setForceServiceProviderMetadataGeneration(boolean z) {
        this.forceServiceProviderMetadataGeneration = z;
    }

    public SAMLMessageStoreFactory getSamlMessageStoreFactory() {
        return this.samlMessageStoreFactory;
    }

    public void setSamlMessageStoreFactory(SAMLMessageStoreFactory sAMLMessageStoreFactory) {
        this.samlMessageStoreFactory = sAMLMessageStoreFactory;
    }

    public Collection<String> getBlackListedSignatureSigningAlgorithms() {
        return this.blackListedSignatureSigningAlgorithms;
    }

    public void setBlackListedSignatureSigningAlgorithms(Collection<String> collection) {
        this.blackListedSignatureSigningAlgorithms = collection;
    }

    public List<String> getSignatureAlgorithms() {
        return this.signatureAlgorithms;
    }

    public void setSignatureAlgorithms(List<String> list) {
        this.signatureAlgorithms = list;
    }

    public List<String> getSignatureReferenceDigestMethods() {
        return this.signatureReferenceDigestMethods;
    }

    public void setSignatureReferenceDigestMethods(List<String> list) {
        this.signatureReferenceDigestMethods = list;
    }

    public String getSignatureCanonicalizationAlgorithm() {
        return this.signatureCanonicalizationAlgorithm;
    }

    public void setSignatureCanonicalizationAlgorithm(String str) {
        this.signatureCanonicalizationAlgorithm = str;
    }

    public boolean isWantsAssertionsSigned() {
        return this.wantsAssertionsSigned;
    }

    public void setWantsAssertionsSigned(boolean z) {
        this.wantsAssertionsSigned = z;
    }

    public boolean isWantsResponsesSigned() {
        return this.wantsResponsesSigned;
    }

    public void setWantsResponsesSigned(boolean z) {
        this.wantsResponsesSigned = z;
    }

    public boolean isAuthnRequestSigned() {
        return this.authnRequestSigned;
    }

    public void setAuthnRequestSigned(boolean z) {
        this.authnRequestSigned = z;
    }

    public boolean isSpLogoutRequestSigned() {
        return this.spLogoutRequestSigned;
    }

    public void setSpLogoutRequestSigned(boolean z) {
        this.spLogoutRequestSigned = z;
    }

    public boolean isAllSignatureValidationDisabled() {
        return this.allSignatureValidationDisabled;
    }

    public void setAllSignatureValidationDisabled(boolean z) {
        this.allSignatureValidationDisabled = z;
    }

    public void setResponseDestinationAttributeMandatory(boolean z) {
        this.responseDestinationAttributeMandatory = z;
    }

    public boolean isResponseDestinationAttributeMandatory() {
        return this.responseDestinationAttributeMandatory;
    }

    public int getAttributeConsumingServiceIndex() {
        return this.attributeConsumingServiceIndex;
    }

    public void setAttributeConsumingServiceIndex(int i) {
        this.attributeConsumingServiceIndex = i;
    }

    public String getProviderName() {
        return this.providerName;
    }

    public void setProviderName(String str) {
        this.providerName = str;
    }

    public Supplier<List<XSAny>> getAuthnRequestExtensions() {
        return this.authnRequestExtensions;
    }

    public void setAuthnRequestExtensions(Supplier<List<XSAny>> supplier) {
        this.authnRequestExtensions = supplier;
    }

    public SAML2MetadataSigner getMetadataSigner() {
        return this.metadataSigner;
    }

    public void setMetadataSigner(SAML2MetadataSigner sAML2MetadataSigner) {
        this.metadataSigner = sAML2MetadataSigner;
    }

    public String getAttributeAsId() {
        return this.attributeAsId;
    }

    public void setAttributeAsId(String str) {
        this.attributeAsId = str;
    }

    public boolean isUseNameQualifier() {
        return this.useNameQualifier;
    }

    public void setUseNameQualifier(boolean z) {
        this.useNameQualifier = z;
    }

    public boolean isSignMetadata() {
        return this.signMetadata;
    }

    public void setSignMetadata(boolean z) {
        this.signMetadata = z;
    }

    public Map<String, String> getMappedAttributes() {
        return this.mappedAttributes;
    }

    public void setMappedAttributes(Map<String, String> map) {
        this.mappedAttributes = map;
    }

    public LogoutHandler getLogoutHandler() {
        return this.logoutHandler;
    }

    public void setLogoutHandler(LogoutHandler logoutHandler) {
        this.logoutHandler = logoutHandler;
    }

    public String getPostLogoutURL() {
        return this.postLogoutURL;
    }

    public void setPostLogoutURL(String str) {
        this.postLogoutURL = str;
    }

    public String getNameIdAttribute() {
        return this.nameIdAttribute;
    }

    public void setNameIdAttribute(String str) {
        this.nameIdAttribute = str;
    }

    public HostnameVerifier getHostnameVerifier() {
        return this.hostnameVerifier;
    }

    public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
        this.hostnameVerifier = hostnameVerifier;
    }

    public SSLSocketFactory getSslSocketFactory() {
        return this.sslSocketFactory;
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }

    public LogoutHandler findLogoutHandler() {
        init();
        return this.logoutHandler;
    }

    private void initSignatureSigningConfiguration() {
        BasicSignatureSigningConfiguration buildDefaultSignatureSigningConfiguration = DefaultSecurityConfigurationBootstrap.buildDefaultSignatureSigningConfiguration();
        if (this.blackListedSignatureSigningAlgorithms == null) {
            this.blackListedSignatureSigningAlgorithms = new ArrayList(buildDefaultSignatureSigningConfiguration.getExcludedAlgorithms());
            LOGGER.info("Bootstrapped Blacklisted Algorithms");
        }
        if (this.signatureAlgorithms == null) {
            this.signatureAlgorithms = new ArrayList(buildDefaultSignatureSigningConfiguration.getSignatureAlgorithms());
            LOGGER.info("Bootstrapped Signature Algorithms");
        }
        if (this.signatureReferenceDigestMethods == null) {
            this.signatureReferenceDigestMethods = new ArrayList(buildDefaultSignatureSigningConfiguration.getSignatureReferenceDigestMethods());
            this.signatureReferenceDigestMethods.remove("http://www.w3.org/2001/04/xmlenc#sha512");
            LOGGER.info("Bootstrapped Signature Reference Digest Methods");
        }
        if (this.signatureCanonicalizationAlgorithm == null) {
            this.signatureCanonicalizationAlgorithm = buildDefaultSignatureSigningConfiguration.getSignatureCanonicalizationAlgorithm();
            LOGGER.info("Bootstrapped Canonicalization Algorithm");
        }
    }

    public String getIssuerFormat() {
        return this.issuerFormat;
    }

    public void setIssuerFormat(String str) {
        this.issuerFormat = str;
    }

    public String getSingleSignOutServiceUrl() {
        return this.singleSignOutServiceUrl;
    }

    public void setSingleSignOutServiceUrl(String str) {
        this.singleSignOutServiceUrl = str;
    }

    public HttpClient getHttpClient() {
        if (this.httpClient == null) {
            this.httpClient = new SAML2HttpClientBuilder().build();
        }
        return this.httpClient;
    }

    public void setHttpClient(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    public CredentialProvider getCredentialProvider() {
        return new KeyStoreCredentialProvider(this);
    }

    public SAML2MetadataGenerator toMetadataGenerator() {
        try {
            SAML2MetadataGenerator metadataGenerator = getMetadataGenerator();
            if (metadataGenerator instanceof BaseSAML2MetadataGenerator) {
                BaseSAML2MetadataGenerator baseSAML2MetadataGenerator = (BaseSAML2MetadataGenerator) metadataGenerator;
                baseSAML2MetadataGenerator.setWantAssertionSigned(isWantsAssertionsSigned());
                baseSAML2MetadataGenerator.setAuthnRequestSigned(isAuthnRequestSigned());
                baseSAML2MetadataGenerator.setSignMetadata(isSignMetadata());
                baseSAML2MetadataGenerator.setNameIdPolicyFormat(getNameIdPolicyFormat());
                baseSAML2MetadataGenerator.setRequestedAttributes(getRequestedServiceProviderAttributes());
                baseSAML2MetadataGenerator.setCredentialProvider(getCredentialProvider());
                baseSAML2MetadataGenerator.setMetadataSigner(getMetadataSigner());
                baseSAML2MetadataGenerator.setEntityId(getServiceProviderEntityId());
                baseSAML2MetadataGenerator.setRequestInitiatorLocation(this.callbackUrl);
                baseSAML2MetadataGenerator.setAssertionConsumerServiceUrl(this.callbackUrl);
                baseSAML2MetadataGenerator.setResponseBindingType(getResponseBindingType());
                determineSingleSignOutServiceUrl(baseSAML2MetadataGenerator);
                if (getBlackListedSignatureSigningAlgorithms() != null) {
                    baseSAML2MetadataGenerator.setBlackListedSignatureSigningAlgorithms(new ArrayList(getBlackListedSignatureSigningAlgorithms()));
                }
                baseSAML2MetadataGenerator.setSignatureAlgorithms(getSignatureAlgorithms());
                baseSAML2MetadataGenerator.setSignatureReferenceDigestMethods(getSignatureReferenceDigestMethods());
                baseSAML2MetadataGenerator.setSupportedProtocols(getSupportedProtocols());
                baseSAML2MetadataGenerator.setContactPersons(getContactPersons());
                baseSAML2MetadataGenerator.setMetadataUIInfos(getMetadataUIInfos());
            }
            return metadataGenerator;
        } catch (Exception e) {
            throw new TechnicalException(e);
        }
    }

    protected void determineSingleSignOutServiceUrl(BaseSAML2MetadataGenerator baseSAML2MetadataGenerator) {
        baseSAML2MetadataGenerator.setSingleLogoutServiceUrl(CommonHelper.addParameter((String) StringUtils.defaultIfBlank(this.singleSignOutServiceUrl, this.callbackUrl), "logoutendpoint", "true"));
    }

    public SAML2MetadataGenerator getMetadataGenerator() throws Exception {
        return this.metadataGenerator == null ? this.serviceProviderMetadataResource instanceof UrlResource ? new SAML2HttpUrlMetadataGenerator(this.serviceProviderMetadataResource.getURL(), getHttpClient()) : new SAML2FileSystemMetadataGenerator() : this.metadataGenerator;
    }

    public void setMetadataGenerator(SAML2MetadataGenerator sAML2MetadataGenerator) {
        this.metadataGenerator = sAML2MetadataGenerator;
    }

    public SAML2MetadataResolver getIdentityProviderMetadataResolver() {
        return this.identityProviderMetadataResolver == null ? new SAML2IdentityProviderMetadataResolver(this) : this.identityProviderMetadataResolver;
    }

    public void setIdentityProviderMetadataResolver(SAML2MetadataResolver sAML2MetadataResolver) {
        this.identityProviderMetadataResolver = sAML2MetadataResolver;
    }

    public boolean isPartialLogoutTreatedAsSuccess() {
        return this.isPartialLogoutTreatedAsSuccess;
    }

    public void setPartialLogoutTreatedAsSuccess(boolean z) {
        this.isPartialLogoutTreatedAsSuccess = z;
    }

    public AttributeConverter getSamlAttributeConverter() {
        return this.samlAttributeConverter;
    }

    public void setSamlAttributeConverter(AttributeConverter attributeConverter) {
        this.samlAttributeConverter = attributeConverter;
    }
}
