package org.wso2.carbon.identity.sso.saml.validators;

import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.sso.saml.SAMLSSOConstants;
import org.wso2.carbon.identity.sso.saml.dto.QueryParamDTO;
import org.wso2.carbon.identity.sso.saml.dto.SAMLSSOReqValidationResponseDTO;
import org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil;
import org.wso2.carbon.user.api.UserStoreException;

/* loaded from: input_file:org/wso2/carbon/identity/sso/saml/validators/IdPInitSSOAuthnRequestValidator.class */
public class IdPInitSSOAuthnRequestValidator extends SSOAuthnRequestAbstractValidator {
    private static final Log log = LogFactory.getLog(IdPInitSSOAuthnRequestValidator.class);
    private String spEntityID;
    private String acs;

    public IdPInitSSOAuthnRequestValidator(QueryParamDTO[] queryParamDTOArr, String str) throws IdentityException {
        init(queryParamDTOArr);
    }

    @Override // org.wso2.carbon.identity.sso.saml.validators.SSOAuthnRequestValidator
    public SAMLSSOReqValidationResponseDTO validate() throws IdentityException {
        SAMLSSOReqValidationResponseDTO sAMLSSOReqValidationResponseDTO = new SAMLSSOReqValidationResponseDTO();
        try {
            if (!StringUtils.isNotBlank(this.spEntityID)) {
                String buildErrorResponse = SAMLSSOUtil.buildErrorResponse(SAMLSSOConstants.StatusCodes.REQUESTOR_ERROR, "spEntityID parameter not found in request", null);
                if (log.isDebugEnabled()) {
                    log.debug("spEntityID parameter not found in request");
                }
                sAMLSSOReqValidationResponseDTO.setResponse(buildErrorResponse);
                sAMLSSOReqValidationResponseDTO.setValid(false);
                return sAMLSSOReqValidationResponseDTO;
            }
            sAMLSSOReqValidationResponseDTO.setIssuer(this.spEntityID);
            String issuerQualifier = SAMLSSOUtil.getIssuerQualifier();
            if (StringUtils.isNotBlank(issuerQualifier)) {
                sAMLSSOReqValidationResponseDTO.setIssuerQualifier(issuerQualifier);
            }
            if (!SAMLSSOUtil.isSAMLIssuerExists(this.spEntityID, SAMLSSOUtil.getTenantDomainFromThreadLocal())) {
                String str = "A SAML Service Provider with the Issuer '" + this.spEntityID + "' is not registered. Service Provider should be registered in advance";
                log.error(str);
                sAMLSSOReqValidationResponseDTO.setResponse(SAMLSSOUtil.buildErrorResponse(SAMLSSOConstants.StatusCodes.REQUESTOR_ERROR, str, null));
                sAMLSSOReqValidationResponseDTO.setValid(false);
                return sAMLSSOReqValidationResponseDTO;
            }
            if (StringUtils.isNotBlank(this.acs)) {
                sAMLSSOReqValidationResponseDTO.setAssertionConsumerURL(this.acs);
            }
            if (StringUtils.isBlank(SAMLSSOUtil.getTenantDomainFromThreadLocal())) {
                SAMLSSOUtil.setTenantDomainInThreadLocal("carbon.super");
            }
            sAMLSSOReqValidationResponseDTO.setValid(true);
            if (log.isDebugEnabled()) {
                log.debug("IdP Initiated SSO request validation is successful");
            }
            return sAMLSSOReqValidationResponseDTO;
        } catch (Exception e) {
            throw IdentityException.error("Error validating the IdP Initiated SSO request", e);
        }
    }

    private void init(QueryParamDTO[] queryParamDTOArr) throws IdentityException {
        for (QueryParamDTO queryParamDTO : queryParamDTOArr) {
            if (SAMLSSOConstants.QueryParameter.SP_ENTITY_ID.toString().equals(queryParamDTO.getKey())) {
                try {
                    this.spEntityID = SAMLSSOUtil.resolveIssuerQualifier(queryParamDTOArr, splitAppendedTenantDomain(queryParamDTO.getValue()));
                } catch (UserStoreException e) {
                    throw new IdentityException("Error occurred while splitting appended tenant domain from issuer.", e);
                }
            } else if (SAMLSSOConstants.QueryParameter.ACS.toString().equals(queryParamDTO.getKey())) {
                this.acs = queryParamDTO.getValue();
            }
        }
    }
}
