package org.springframework.security.saml;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.opensaml.common.SAMLException;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.ws.message.decoder.MessageDecodingException;
import org.opensaml.xml.security.SecurityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.saml.context.SAMLContextProvider;
import org.springframework.security.saml.context.SAMLMessageContext;
import org.springframework.security.saml.processor.SAMLProcessor;
import org.springframework.security.saml.util.SAMLUtil;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.util.Assert;

/* loaded from: input_file:org/springframework/security/saml/SAMLProcessingFilter.class */
public class SAMLProcessingFilter extends AbstractAuthenticationProcessingFilter {
    protected static final Logger logger = LoggerFactory.getLogger(SAMLProcessingFilter.class);
    protected SAMLProcessor processor;
    protected SAMLContextProvider contextProvider;
    public static final String FILTER_URL = "/saml/SSO";

    public SAMLProcessingFilter() {
        this(FILTER_URL);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SAMLProcessingFilter(String str) {
        super(str);
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        try {
            logger.debug("Attempting SAML2 authentication using profile {}", getProfileName());
            SAMLMessageContext localEntity = this.contextProvider.getLocalEntity(httpServletRequest, httpServletResponse);
            this.processor.retrieveMessage(localEntity);
            localEntity.setCommunicationProfileId(getProfileName());
            localEntity.setLocalEntityEndpoint(SAMLUtil.getEndpoint(localEntity.getLocalEntityRoleMetadata().getEndpoints(), localEntity.getInboundSAMLBinding(), getFilterProcessesUrl()));
            return getAuthenticationManager().authenticate(new SAMLAuthenticationToken(localEntity));
        } catch (MetadataProviderException e) {
            logger.debug("Error determining metadata contracts", e);
            throw new AuthenticationServiceException("Error determining metadata contracts", e);
        } catch (SAMLException e2) {
            logger.debug("Incoming SAML message is invalid", e2);
            throw new AuthenticationServiceException("Incoming SAML message is invalid", e2);
        } catch (SecurityException e3) {
            logger.debug("Incoming SAML message is invalid", e3);
            throw new AuthenticationServiceException("Incoming SAML message is invalid", e3);
        } catch (MessageDecodingException e4) {
            logger.debug("Error decoding incoming SAML message", e4);
            throw new AuthenticationServiceException("Error decoding incoming SAML message", e4);
        }
    }

    protected String getProfileName() {
        return SAMLConstants.SAML2_WEBSSO_PROFILE_URI;
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return SAMLUtil.processFilter(getFilterProcessesUrl(), httpServletRequest);
    }

    @Deprecated
    public void setDefaultTargetUrl(String str) {
        SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        savedRequestAwareAuthenticationSuccessHandler.setDefaultTargetUrl(str);
        setAuthenticationSuccessHandler(savedRequestAwareAuthenticationSuccessHandler);
    }

    @Autowired
    public void setSAMLProcessor(SAMLProcessor sAMLProcessor) {
        Assert.notNull(sAMLProcessor, "SAML Processor can't be null");
        this.processor = sAMLProcessor;
    }

    @Autowired
    public void setContextProvider(SAMLContextProvider sAMLContextProvider) {
        Assert.notNull(sAMLContextProvider, "Context provider can't be null");
        this.contextProvider = sAMLContextProvider;
    }

    public void afterPropertiesSet() {
        super.afterPropertiesSet();
        Assert.notNull(this.processor, "SAMLProcessor must be set");
        Assert.notNull(this.contextProvider, "Context provider must be set");
    }
}
