package org.wso2.carbon.identity.sso.saml;

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Optional;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementClientException;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.InboundAuthenticationRequestConfig;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.inbound.InboundFunctions;
import org.wso2.carbon.identity.application.mgt.inbound.dto.InboundProtocolConfigurationDTO;
import org.wso2.carbon.identity.application.mgt.inbound.dto.InboundProtocolsDTO;
import org.wso2.carbon.identity.application.mgt.inbound.protocol.ApplicationInboundAuthConfigHandler;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.sso.saml.dto.SAML2ProtocolConfigDTO;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOServiceProviderDTO;
import org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2ClientException;
import org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2SSOException;
import org.wso2.carbon.identity.sso.saml.internal.IdentitySAMLSSOServiceComponentHolder;
import org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil;

/* loaded from: input_file:org/wso2/carbon/identity/sso/saml/SAML2InboundAuthConfigHandler.class */
public class SAML2InboundAuthConfigHandler implements ApplicationInboundAuthConfigHandler {
    private static final String ATTRIBUTE_CONSUMING_SERVICE_INDEX = "attrConsumServiceIndex";

    public boolean canHandle(InboundProtocolsDTO inboundProtocolsDTO) {
        return inboundProtocolsDTO.getInboundProtocolConfigurationMap().containsKey("samlsso");
    }

    public boolean canHandle(String str) {
        return StringUtils.containsIgnoreCase("samlsso", str);
    }

    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable, org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2SSOException] */
    /* JADX WARN: Type inference failed for: r10v1, types: [java.lang.Throwable, org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2ClientException] */
    public InboundAuthenticationRequestConfig handleConfigCreation(ServiceProvider serviceProvider, InboundProtocolsDTO inboundProtocolsDTO) throws IdentityApplicationManagementException {
        try {
            return createSAMLInbound(serviceProvider, getSAML2ProtocolConfigDTO(inboundProtocolsDTO));
        } catch (IdentitySAML2ClientException e) {
            throw new IdentityApplicationManagementClientException(e.getErrorCode(), e.getMessage(), (Throwable) e);
        } catch (IdentitySAML2SSOException e2) {
            throw new IdentityApplicationManagementException(e2.getErrorCode(), e2.getMessage(), (Throwable) e2);
        }
    }

    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable, org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2SSOException] */
    /* JADX WARN: Type inference failed for: r10v1, types: [java.lang.Throwable, org.wso2.carbon.identity.sso.saml.exception.IdentitySAML2ClientException] */
    public InboundAuthenticationRequestConfig handleConfigUpdate(ServiceProvider serviceProvider, InboundProtocolConfigurationDTO inboundProtocolConfigurationDTO) throws IdentityApplicationManagementException {
        try {
            return updateSAMLInbound(serviceProvider, (SAML2ProtocolConfigDTO) inboundProtocolConfigurationDTO);
        } catch (IdentitySAML2ClientException e) {
            throw new IdentityApplicationManagementClientException(e.getErrorCode(), e.getMessage(), (Throwable) e);
        } catch (IdentitySAML2SSOException e2) {
            throw new IdentityApplicationManagementException(e2.getErrorCode(), e2.getMessage(), (Throwable) e2);
        }
    }

    public void handleConfigDeletion(String str) throws IdentityApplicationManagementException {
        try {
            IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().removeServiceProvider(str, false);
        } catch (IdentityException e) {
            throw new IdentityApplicationManagementException(e.getErrorCode(), e.getMessage(), e);
        }
    }

    public InboundProtocolConfigurationDTO handleConfigRetrieval(String str) throws IdentityApplicationManagementException {
        try {
            SAML2ProtocolConfigDTO sAML2ProtocolConfigDTO = new SAML2ProtocolConfigDTO();
            sAML2ProtocolConfigDTO.setManualConfiguration(IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().getServiceProvider(str));
            return sAML2ProtocolConfigDTO;
        } catch (IdentityException e) {
            throw new IdentityApplicationManagementException(e.getErrorCode(), e.getMessage(), e);
        }
    }

    private static SAML2ProtocolConfigDTO getSAML2ProtocolConfigDTO(InboundProtocolsDTO inboundProtocolsDTO) {
        return (SAML2ProtocolConfigDTO) ((InboundProtocolConfigurationDTO) inboundProtocolsDTO.getInboundProtocolConfigurationMap().get("samlsso"));
    }

    private InboundAuthenticationRequestConfig createSAMLInbound(ServiceProvider serviceProvider, SAML2ProtocolConfigDTO sAML2ProtocolConfigDTO) throws IdentitySAML2SSOException {
        SAMLSSOServiceProviderDTO samlSsoServiceProviderDTO = getSamlSsoServiceProviderDTO(sAML2ProtocolConfigDTO);
        if (samlSsoServiceProviderDTO.getCertificateContent() != null) {
            serviceProvider.setCertificateContent(base64Encode(samlSsoServiceProviderDTO.getCertificateContent()));
        }
        return createInboundAuthenticationRequestConfig(samlSsoServiceProviderDTO);
    }

    private static SAMLSSOServiceProviderDTO getSamlSsoServiceProviderDTO(SAML2ProtocolConfigDTO sAML2ProtocolConfigDTO) throws IdentitySAML2SSOException {
        SAMLSSOServiceProviderDTO manualConfiguration = sAML2ProtocolConfigDTO.getManualConfiguration();
        if (sAML2ProtocolConfigDTO.getMetadataFile() != null) {
            return createSAMLSpWithMetadataFile(sAML2ProtocolConfigDTO.getMetadataFile());
        }
        if (sAML2ProtocolConfigDTO.getMetadataURL() != null) {
            return createSAMLSpWithMetadataUrl(sAML2ProtocolConfigDTO.getMetadataURL());
        }
        if (manualConfiguration != null) {
            return createSAMLSpWithManualConfiguration(manualConfiguration);
        }
        throw new IdentitySAML2ClientException("Invalid SAML2 Configuration. One of metadataFile, metaDataUrl or serviceProvider manual configuration needs to be present.");
    }

    private static SAMLSSOServiceProviderDTO createSAMLSpWithMetadataFile(String str) throws IdentitySAML2SSOException {
        return IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().uploadRPServiceProvider(new String(Base64.getDecoder().decode(str.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8), false);
    }

    private static SAMLSSOServiceProviderDTO createSAMLSpWithMetadataUrl(String str) throws IdentitySAML2SSOException {
        return IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().createServiceProviderWithMetadataURL(str, false);
    }

    private static SAMLSSOServiceProviderDTO createSAMLSpWithManualConfiguration(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) throws IdentitySAML2SSOException {
        try {
            return IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().createServiceProvider(sAMLSSOServiceProviderDTO, false);
        } catch (IdentityException e) {
            throw handleException("Error while creating SAML2 service provider.", e);
        }
    }

    private static String base64Encode(String str) {
        return new String(Base64.getEncoder().encode(str.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
    }

    InboundAuthenticationRequestConfig updateSAMLInbound(ServiceProvider serviceProvider, SAML2ProtocolConfigDTO sAML2ProtocolConfigDTO) throws IdentitySAML2SSOException {
        InboundAuthenticationRequestConfig createSAMLInbound;
        Optional inboundAuthKey = InboundFunctions.getInboundAuthKey(serviceProvider, "samlsso");
        if (inboundAuthKey.isPresent()) {
            SAMLSSOServiceProviderDTO updateSamlSSoServiceProviderDTO = updateSamlSSoServiceProviderDTO(sAML2ProtocolConfigDTO, (String) inboundAuthKey.get());
            if (updateSamlSSoServiceProviderDTO.getCertificateContent() != null) {
                serviceProvider.setCertificateContent(base64Encode(updateSamlSSoServiceProviderDTO.getCertificateContent()));
            }
            createSAMLInbound = createInboundAuthenticationRequestConfig(updateSamlSSoServiceProviderDTO);
        } else {
            createSAMLInbound = createSAMLInbound(serviceProvider, sAML2ProtocolConfigDTO);
        }
        return createSAMLInbound;
    }

    private static SAMLSSOServiceProviderDTO updateSamlSSoServiceProviderDTO(SAML2ProtocolConfigDTO sAML2ProtocolConfigDTO, String str) throws IdentitySAML2SSOException {
        SAMLSSOServiceProviderDTO manualConfiguration = sAML2ProtocolConfigDTO.getManualConfiguration();
        if (sAML2ProtocolConfigDTO.getMetadataFile() != null) {
            return updateSAMLSpWithMetadataFile(sAML2ProtocolConfigDTO.getMetadataFile(), str);
        }
        if (sAML2ProtocolConfigDTO.getMetadataURL() != null) {
            return updateSAMLSpWithMetadataUrl(sAML2ProtocolConfigDTO.getMetadataURL(), str);
        }
        if (manualConfiguration != null) {
            return updateSAMLSpWithManualConfiguration(manualConfiguration, str);
        }
        throw new IdentitySAML2ClientException("Invalid SAML2 Configuration. One of metadataFile, metaDataUrl or serviceProvider manual configuration needs to be present.");
    }

    private static SAMLSSOServiceProviderDTO updateSAMLSpWithMetadataFile(String str, String str2) throws IdentitySAML2SSOException {
        return IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().updateRPServiceProviderWithMetadata(new String(Base64.getDecoder().decode(str.getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8), str2, false);
    }

    private static SAMLSSOServiceProviderDTO updateSAMLSpWithMetadataUrl(String str, String str2) throws IdentitySAML2SSOException {
        return IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().updateServiceProviderWithMetadataURL(str, str2, false);
    }

    private static SAMLSSOServiceProviderDTO updateSAMLSpWithManualConfiguration(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO, String str) throws IdentitySAML2SSOException {
        try {
            return IdentitySAMLSSOServiceComponentHolder.getInstance().getSamlSSOConfigService().updateServiceProvider(sAMLSSOServiceProviderDTO, str, false);
        } catch (IdentityException e) {
            throw handleException(e.getMessage(), e);
        }
    }

    private static InboundAuthenticationRequestConfig createInboundAuthenticationRequestConfig(SAMLSSOServiceProviderDTO sAMLSSOServiceProviderDTO) throws IdentitySAML2SSOException {
        InboundAuthenticationRequestConfig inboundAuthenticationRequestConfig = new InboundAuthenticationRequestConfig();
        inboundAuthenticationRequestConfig.setInboundAuthType("samlsso");
        inboundAuthenticationRequestConfig.setInboundAuthKey(sAMLSSOServiceProviderDTO.getIssuer());
        if (sAMLSSOServiceProviderDTO.isEnableAttributeProfile()) {
            Property[] propertyArr = new Property[1];
            Property property = new Property();
            property.setName(ATTRIBUTE_CONSUMING_SERVICE_INDEX);
            if (StringUtils.isNotBlank(sAMLSSOServiceProviderDTO.getAttributeConsumingServiceIndex())) {
                property.setValue(sAMLSSOServiceProviderDTO.getAttributeConsumingServiceIndex());
            } else {
                try {
                    property.setValue(Integer.toString(IdentityUtil.getRandomInteger()));
                } catch (IdentityException e) {
                    throw handleException(e.getMessage(), e);
                }
            }
            propertyArr[0] = property;
            inboundAuthenticationRequestConfig.setProperties(propertyArr);
        }
        inboundAuthenticationRequestConfig.setData(SAMLSSOUtil.buildSPDataFromJsonString(sAMLSSOServiceProviderDTO.getAuditLogData()));
        return inboundAuthenticationRequestConfig;
    }

    private static IdentitySAML2SSOException handleException(String str, IdentityException identityException) {
        return identityException instanceof IdentitySAML2ClientException ? (IdentitySAML2ClientException) identityException : identityException instanceof IdentitySAML2SSOException ? (IdentitySAML2SSOException) identityException : new IdentitySAML2SSOException(identityException.getErrorCode(), str, identityException);
    }
}
