package org.wso2.carbon.identity.api.server.application.management.v1.core.functions.application.inbound.saml;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.function.Function;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.api.server.application.management.v1.AssertionEncryptionConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.IdpInitiatedSingleLogout;
import org.wso2.carbon.identity.api.server.application.management.v1.SAML2ServiceProvider;
import org.wso2.carbon.identity.api.server.application.management.v1.SAMLAssertionConfiguration;
import org.wso2.carbon.identity.api.server.application.management.v1.SAMLAttributeProfile;
import org.wso2.carbon.identity.api.server.application.management.v1.SAMLRequestValidation;
import org.wso2.carbon.identity.api.server.application.management.v1.SAMLResponseSigning;
import org.wso2.carbon.identity.api.server.application.management.v1.SingleLogoutProfile;
import org.wso2.carbon.identity.api.server.application.management.v1.SingleSignOnProfile;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO;
import org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.api.server.application.management.v1-1.1.24.jar:org/wso2/carbon/identity/api/server/application/management/v1/core/functions/application/inbound/saml/SAMLSSOServiceProviderToAPIModel.class */
public class SAMLSSOServiceProviderToAPIModel implements Function<SAMLSSOServiceProviderDTO, SAML2ServiceProvider> {
    @Override // java.util.function.Function
    public SAML2ServiceProvider apply(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SAML2ServiceProvider().issuer(getIssuerWithoutQualifier(sAMLSSOServiceProviderDTO)).serviceProviderQualifier(sAMLSSOServiceProviderDTO.getIssuerQualifier()).assertionConsumerUrls(Arrays.asList(sAMLSSOServiceProviderDTO.getAssertionConsumerUrls())).defaultAssertionConsumerUrl(sAMLSSOServiceProviderDTO.getDefaultAssertionConsumerUrl()).idpEntityIdAlias(sAMLSSOServiceProviderDTO.getIdpEntityIDAlias()).singleSignOnProfile(buildSingleSignOnProfile(sAMLSSOServiceProviderDTO)).attributeProfile(buildAttributeProfile(sAMLSSOServiceProviderDTO)).singleLogoutProfile(buildSingleLogoutProfile(sAMLSSOServiceProviderDTO)).requestValidation(buildRequestValidationConfig(sAMLSSOServiceProviderDTO)).responseSigning(buildResponseSigning(sAMLSSOServiceProviderDTO)).enableAssertionQueryProfile(Boolean.valueOf(sAMLSSOServiceProviderDTO.isAssertionQueryRequestProfileEnabled()));
    }

    private SAMLResponseSigning buildResponseSigning(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SAMLResponseSigning().enabled(Boolean.valueOf(sAMLSSOServiceProviderDTO.isDoSignResponse())).signingAlgorithm(sAMLSSOServiceProviderDTO.getSigningAlgorithmURI());
    }

    private SAMLRequestValidation buildRequestValidationConfig(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SAMLRequestValidation().enableSignatureValidation(Boolean.valueOf(sAMLSSOServiceProviderDTO.isDoValidateSignatureInRequests())).signatureValidationCertAlias(sAMLSSOServiceProviderDTO.getCertAlias());
    }

    private SingleLogoutProfile buildSingleLogoutProfile(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SingleLogoutProfile().enabled(Boolean.valueOf(sAMLSSOServiceProviderDTO.isDoSingleLogout())).logoutRequestUrl(sAMLSSOServiceProviderDTO.getSloRequestURL()).logoutResponseUrl(sAMLSSOServiceProviderDTO.getSloResponseURL()).logoutMethod(getSingleLogoutMethod(sAMLSSOServiceProviderDTO)).idpInitiatedSingleLogout(buildIdpInitiatedLogoutConfig(sAMLSSOServiceProviderDTO));
    }

    private IdpInitiatedSingleLogout buildIdpInitiatedLogoutConfig(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new IdpInitiatedSingleLogout().enabled(Boolean.valueOf(sAMLSSOServiceProviderDTO.isIdPInitSLOEnabled())).returnToUrls(Arrays.asList(sAMLSSOServiceProviderDTO.getIdpInitSLOReturnToURLs()));
    }

    private SingleSignOnProfile buildSingleSignOnProfile(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SingleSignOnProfile().bindings(getBindings(sAMLSSOServiceProviderDTO)).enableSignatureValidationForArtifactBinding(Boolean.valueOf(sAMLSSOServiceProviderDTO.isDoValidateSignatureInArtifactResolve())).attributeConsumingServiceIndex(sAMLSSOServiceProviderDTO.getAttributeConsumingServiceIndex()).enableIdpInitiatedSingleSignOn(Boolean.valueOf(sAMLSSOServiceProviderDTO.isIdPInitSSOEnabled())).assertion(buildAssertionConfiguration(sAMLSSOServiceProviderDTO));
    }

    private SAMLAssertionConfiguration buildAssertionConfiguration(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SAMLAssertionConfiguration().nameIdFormat(sAMLSSOServiceProviderDTO.getNameIDFormat()).audiences(Arrays.asList(sAMLSSOServiceProviderDTO.getRequestedAudiences())).recipients(Arrays.asList(sAMLSSOServiceProviderDTO.getRequestedRecipients())).digestAlgorithm(sAMLSSOServiceProviderDTO.getDigestAlgorithmURI()).encryption(buildAssertionEncryptionConfiguration(sAMLSSOServiceProviderDTO));
    }

    private AssertionEncryptionConfiguration buildAssertionEncryptionConfiguration(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new AssertionEncryptionConfiguration().enabled(Boolean.valueOf(sAMLSSOServiceProviderDTO.isDoEnableEncryptedAssertion())).assertionEncryptionAlgorithm(sAMLSSOServiceProviderDTO.getAssertionEncryptionAlgorithmURI()).keyEncryptionAlgorithm(sAMLSSOServiceProviderDTO.getKeyEncryptionAlgorithmURI());
    }

    private List<SingleSignOnProfile.BindingsEnum> getBindings(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(SingleSignOnProfile.BindingsEnum.HTTP_POST);
        arrayList.add(SingleSignOnProfile.BindingsEnum.HTTP_REDIRECT);
        if (sAMLSSOServiceProviderDTO.isEnableSAML2ArtifactBinding()) {
            arrayList.add(SingleSignOnProfile.BindingsEnum.ARTIFACT);
        }
        return arrayList;
    }

    private SAMLAttributeProfile buildAttributeProfile(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return new SAMLAttributeProfile().enabled(Boolean.valueOf(sAMLSSOServiceProviderDTO.isEnableAttributeProfile())).alwaysIncludeAttributesInResponse(Boolean.valueOf(sAMLSSOServiceProviderDTO.isEnableAttributesByDefault()));
    }

    private String getIssuerWithoutQualifier(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return SAMLSSOUtil.getIssuerWithoutQualifier(sAMLSSOServiceProviderDTO.getIssuer());
    }

    private SingleLogoutProfile.LogoutMethodEnum getSingleLogoutMethod(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) {
        return sAMLSSOServiceProviderDTO.isDoFrontChannelLogout() ? getFrontChannelLogoutBinding(sAMLSSOServiceProviderDTO.getFrontChannelLogoutBinding()) : SingleLogoutProfile.LogoutMethodEnum.BACKCHANNEL;
    }

    private SingleLogoutProfile.LogoutMethodEnum getFrontChannelLogoutBinding(String str) {
        return StringUtils.equals(str, "HTTPPostBinding") ? SingleLogoutProfile.LogoutMethodEnum.FRONTCHANNEL_HTTP_POST : SingleLogoutProfile.LogoutMethodEnum.FRONTCHANNEL_HTTP_REDIRECT;
    }
}
