package org.wso2.carbon.identity.sso.agent.bean;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.wso2.carbon.identity.sso.agent.SSOAgentConstants;
import org.wso2.carbon.identity.sso.agent.SSOAgentException;
import org.wso2.carbon.identity.sso.agent.openid.AttributesRequestor;
import org.wso2.carbon.identity.sso.agent.saml.SSOAgentCarbonX509Credential;
import org.wso2.carbon.identity.sso.agent.saml.SSOAgentX509Credential;

/* loaded from: input_file:org/wso2/carbon/identity/sso/agent/bean/SSOAgentConfig.class */
public class SSOAgentConfig {
    private static Logger LOGGER = Logger.getLogger(SSOAgentConstants.LOGGER_NAME);
    private Boolean isSAML2SSOLoginEnabled = false;
    private Boolean isOpenIdLoginEnabled = false;
    private Boolean isOAuth2SAML2GrantEnabled = false;
    private String saml2SSOURL = null;
    private String openIdURL = null;
    private String oauth2SAML2GrantURL = null;
    private Set<String> skipURIs = new HashSet();
    private Map<String, String[]> queryParams = new HashMap();
    private SAML2 saml2 = new SAML2();
    private OpenID openId = new OpenID();
    private OAuth2 oauth2 = new OAuth2();

    /* loaded from: input_file:org/wso2/carbon/identity/sso/agent/bean/SSOAgentConfig$OAuth2.class */
    public class OAuth2 {
        private String tokenURL = null;
        private String clientId = null;
        private String clientSecret = null;

        public OAuth2() {
        }

        public String getClientSecret() {
            return this.clientSecret;
        }

        public void setClientSecret(String str) {
            this.clientSecret = str;
        }

        public String getTokenURL() {
            return this.tokenURL;
        }

        public void setTokenURL(String str) {
            this.tokenURL = str;
        }

        public String getClientId() {
            return this.clientId;
        }

        public void setClientId(String str) {
            this.clientId = str;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/identity/sso/agent/bean/SSOAgentConfig$OpenID.class */
    public class OpenID {
        private String mode = null;
        private String providerURL = null;
        private String returnToURL = null;
        private String claimedId = null;
        private AttributesRequestor attributesRequestor = null;
        private boolean isAttributeExchangeEnabled = false;
        private boolean isDumbModeEnabled = false;

        public OpenID() {
        }

        public String getMode() {
            return this.mode;
        }

        public void setMode(String str) {
            this.mode = str;
        }

        public String getProviderURL() {
            return this.providerURL;
        }

        public void setProviderURL(String str) {
            this.providerURL = str;
        }

        public String getReturnToURL() {
            return this.returnToURL;
        }

        public void setReturnToURL(String str) {
            this.returnToURL = str;
        }

        public String getClaimedId() {
            return this.claimedId;
        }

        public void setClaimedId(String str) {
            this.claimedId = str;
        }

        public AttributesRequestor getAttributesRequestor() {
            return this.attributesRequestor;
        }

        public void setAttributesRequestor(AttributesRequestor attributesRequestor) {
            this.attributesRequestor = attributesRequestor;
        }

        public boolean isAttributeExchangeEnabled() {
            return this.isAttributeExchangeEnabled;
        }

        public void setAttributeExchangeEnabled(boolean z) {
            this.isAttributeExchangeEnabled = z;
        }

        public boolean isDumbModeEnabled() {
            return this.isDumbModeEnabled;
        }

        public void setDumbModeEnabled(boolean z) {
            this.isDumbModeEnabled = z;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/identity/sso/agent/bean/SSOAgentConfig$SAML2.class */
    public class SAML2 {
        private String httpBinding = null;
        private String spEntityId = null;
        private String acsURL = null;
        private String idPEntityId = null;
        private String idPURL = null;
        private Boolean isSLOEnabled = false;
        private String sloURL = null;
        private String attributeConsumingServiceIndex = null;
        private SSOAgentX509Credential ssoAgentX509Credential = null;
        private Boolean isAssertionSigned = false;
        private Boolean isAssertionEncrypted = false;
        private Boolean isResponseSigned = false;
        private Boolean isRequestSigned = false;
        private Boolean isPassiveAuthn = false;
        private Boolean isForceAuthn = false;
        private String relayState = null;
        private String signatureValidatorImplClass = null;
        private String postBindingRequestHTMLPayload = null;

        public SAML2() {
        }

        public String getHttpBinding() {
            return this.httpBinding;
        }

        public void setHttpBinding(String str) {
            this.httpBinding = str;
        }

        public String getSPEntityId() {
            return this.spEntityId;
        }

        public void setSPEntityId(String str) {
            this.spEntityId = str;
        }

        public String getACSURL() {
            return this.acsURL;
        }

        public void setACSURL(String str) {
            this.acsURL = str;
        }

        public String getIdPEntityId() {
            return this.idPEntityId;
        }

        public void setIdPEntityId(String str) {
            this.idPEntityId = str;
        }

        public String getIdPURL() {
            return this.idPURL;
        }

        public void setIdPURL(String str) {
            this.idPURL = str;
        }

        public Boolean isSLOEnabled() {
            return this.isSLOEnabled;
        }

        public String getSLOURL() {
            return this.sloURL;
        }

        public void setSLOURL(String str) {
            this.sloURL = str;
        }

        public String getAttributeConsumingServiceIndex() {
            return this.attributeConsumingServiceIndex;
        }

        public void setAttributeConsumingServiceIndex(String str) {
            this.attributeConsumingServiceIndex = str;
        }

        public SSOAgentX509Credential getSSOAgentX509Credential() {
            return this.ssoAgentX509Credential;
        }

        public void setSSOAgentX509Credential(SSOAgentX509Credential sSOAgentX509Credential) {
            this.ssoAgentX509Credential = sSOAgentX509Credential;
        }

        public Boolean isAssertionSigned() {
            return this.isAssertionSigned;
        }

        public Boolean isAssertionEncrypted() {
            return this.isAssertionEncrypted;
        }

        public Boolean isResponseSigned() {
            return this.isResponseSigned;
        }

        public Boolean isRequestSigned() {
            return this.isRequestSigned;
        }

        public Boolean isPassiveAuthn() {
            return this.isPassiveAuthn;
        }

        public Boolean isForceAuthn() {
            return this.isForceAuthn;
        }

        public String getRelayState() {
            return this.relayState;
        }

        public void setRelayState(String str) {
            this.relayState = str;
        }

        public String getPostBindingRequestHTMLPayload() {
            return this.postBindingRequestHTMLPayload;
        }

        public void setPostBindingRequestHTMLPayload(String str) {
            this.postBindingRequestHTMLPayload = str;
        }

        public void setSLOEnabled(Boolean bool) {
            this.isSLOEnabled = bool;
        }

        public void setAssertionSigned(Boolean bool) {
            this.isAssertionSigned = bool;
        }

        public void setAssertionEncrypted(Boolean bool) {
            this.isAssertionEncrypted = bool;
        }

        public void setResponseSigned(Boolean bool) {
            this.isResponseSigned = bool;
        }

        public void setRequestSigned(Boolean bool) {
            this.isRequestSigned = bool;
        }

        public void setPassiveAuthn(Boolean bool) {
            this.isPassiveAuthn = bool;
        }

        public void setForceAuthn(Boolean bool) {
            this.isForceAuthn = bool;
        }

        public String getSignatureValidatorImplClass() {
            return this.signatureValidatorImplClass;
        }
    }

    public Boolean isSAML2SSOLoginEnabled() {
        return this.isSAML2SSOLoginEnabled;
    }

    public Boolean isOpenIdLoginEnabled() {
        return this.isOpenIdLoginEnabled;
    }

    public Boolean isOAuth2SAML2GrantEnabled() {
        return this.isOAuth2SAML2GrantEnabled;
    }

    public String getSAML2SSOURL() {
        return this.saml2SSOURL;
    }

    public void setSAML2SSOURL(String str) {
        this.saml2SSOURL = str;
    }

    public String getOpenIdURL() {
        return this.openIdURL;
    }

    public void setOpenIdURL(String str) {
        this.openIdURL = str;
    }

    public String getOAuth2SAML2GrantURL() {
        return this.oauth2SAML2GrantURL;
    }

    public void setOAuth2SAML2GrantURL(String str) {
        this.oauth2SAML2GrantURL = str;
    }

    public Set<String> getSkipURIs() {
        return this.skipURIs;
    }

    public void setSkipURIs(Set<String> set) {
        this.skipURIs = set;
    }

    public Map<String, String[]> getQueryParams() {
        return this.queryParams;
    }

    public void setQueryParams(Map<String, String[]> map) {
        this.queryParams = map;
    }

    public SAML2 getSAML2() {
        return this.saml2;
    }

    public OAuth2 getOAuth2() {
        return this.oauth2;
    }

    public OpenID getOpenId() {
        return this.openId;
    }

    public void setSAML2SSOLoginEnabled(Boolean bool) {
        this.isSAML2SSOLoginEnabled = bool;
    }

    public void setOpenIdLoginEnabled(Boolean bool) {
        this.isOpenIdLoginEnabled = bool;
    }

    public void setOAuth2SAML2GrantEnabled(Boolean bool) {
        this.isOAuth2SAML2GrantEnabled = bool;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void initConfig(Properties properties) throws SSOAgentException {
        String property = properties.getProperty(SSOAgentConstants.SSOAgentConfig.ENABLE_SAML2_SSO_LOGIN);
        if (property != null) {
            this.isSAML2SSOLoginEnabled = Boolean.valueOf(Boolean.parseBoolean(property));
        } else {
            LOGGER.log(Level.FINE, "EnableSAML2SSOLogin not configured. Defaulting to 'false'");
            this.isSAML2SSOLoginEnabled = false;
        }
        String property2 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.ENABLE_OPENID_SSO_LOGIN);
        if (property2 != null) {
            this.isOpenIdLoginEnabled = Boolean.valueOf(Boolean.parseBoolean(property2));
        } else {
            LOGGER.log(Level.FINE, "EnableOpenIDLogin not configured. Defaulting to 'false'");
            this.isOpenIdLoginEnabled = false;
        }
        String property3 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.ENABLE_OAUTH2_SAML2_OAUTH2_GRANT);
        if (property3 != null) {
            this.isOAuth2SAML2GrantEnabled = Boolean.valueOf(Boolean.parseBoolean(property3));
        } else {
            LOGGER.log(Level.FINE, "EnableOAuth2SAML2Grant not configured. Defaulting to 'false'");
            this.isOAuth2SAML2GrantEnabled = false;
        }
        this.saml2SSOURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2_SSO_URL);
        this.openIdURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OPENID_URL);
        this.oauth2SAML2GrantURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OAUTH2_SAML2_GRANT_URL);
        String property4 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SKIP_URIS);
        if (property4 != null && !property4.isEmpty()) {
            for (String str : property4.split(",")) {
                this.skipURIs.add(str);
            }
        }
        String property5 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.QUERY_PARAMS);
        if (property5 != null && !property5.isEmpty()) {
            String[] split = property5.split("&");
            HashMap hashMap = new HashMap();
            if (split.length > 0) {
                for (String str2 : split) {
                    String[] split2 = str2.split("=");
                    if (split2.length == 2) {
                        if (hashMap.get(split2[0]) != null) {
                            ((List) hashMap.get(split2[0])).add(split2[1]);
                        } else {
                            ArrayList arrayList = new ArrayList();
                            arrayList.add(split2[1]);
                            hashMap.put(split2[0], arrayList);
                        }
                    }
                }
                for (Map.Entry entry : hashMap.entrySet()) {
                    this.queryParams.put(entry.getKey(), (String[]) ((List) entry.getValue()).toArray(new String[((List) entry.getValue()).size()]));
                }
            }
        }
        this.saml2.httpBinding = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.HTTP_BINDING);
        if (this.saml2.httpBinding == null || this.saml2.httpBinding.isEmpty()) {
            LOGGER.log(Level.FINE, "SAML2.HTTPBinding not configured. Defaulting to 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'");
            this.saml2.httpBinding = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST";
        }
        this.saml2.spEntityId = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.SP_ENTITY_ID);
        this.saml2.acsURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ACS_URL);
        this.saml2.idPEntityId = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.IDP_ENTITY_ID);
        this.saml2.idPURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.IDP_URL);
        this.saml2.attributeConsumingServiceIndex = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ATTRIBUTE_CONSUMING_SERVICE_INDEX);
        String property6 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ENABLE_SLO);
        if (property6 != null) {
            this.saml2.isSLOEnabled = Boolean.valueOf(Boolean.parseBoolean(property6));
        } else {
            LOGGER.info("'SAML2.EnableSLO' not configured. Defaulting to 'false'");
            this.saml2.isSLOEnabled = false;
        }
        this.saml2.sloURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.SLO_URL);
        String property7 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ENABLE_ASSERTION_SIGNING);
        if (property7 != null) {
            this.saml2.isAssertionSigned = Boolean.valueOf(Boolean.parseBoolean(property7));
        } else {
            LOGGER.log(Level.FINE, "SAML2.EnableAssertionSigning not configured. Defaulting to 'false'");
            this.saml2.isAssertionSigned = false;
        }
        String property8 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ENABLE_ASSERTION_ENCRYPTION);
        if (property8 != null) {
            this.saml2.isAssertionEncrypted = Boolean.valueOf(Boolean.parseBoolean(property8));
        } else {
            LOGGER.log(Level.FINE, "SAML2.EnableAssertionEncryption not configured. Defaulting to 'false'");
            this.saml2.isAssertionEncrypted = false;
        }
        String property9 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ENABLE_RESPONSE_SIGNING);
        if (property9 != null) {
            this.saml2.isResponseSigned = Boolean.valueOf(Boolean.parseBoolean(property9));
        } else {
            LOGGER.log(Level.FINE, "SAML2.EnableResponseSigning not configured. Defaulting to 'false'");
            this.saml2.isResponseSigned = false;
        }
        if (this.saml2.isResponseSigned().booleanValue()) {
            String property10 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.SIGNATURE_VALIDATOR);
            if (property10 != null) {
                this.saml2.signatureValidatorImplClass = property10;
            } else {
                LOGGER.log(Level.FINE, "SAML2.SignatureValidatorImplClass not configured.");
            }
        }
        String property11 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.ENABLE_REQUEST_SIGNING);
        if (property11 != null) {
            this.saml2.isRequestSigned = Boolean.valueOf(Boolean.parseBoolean(property11));
        } else {
            LOGGER.log(Level.FINE, "SAML2.EnableRequestSigning not configured. Defaulting to 'false'");
            this.saml2.isRequestSigned = false;
        }
        String property12 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.IS_PASSIVE_AUTHN);
        if (property12 != null) {
            this.saml2.isPassiveAuthn = Boolean.valueOf(Boolean.parseBoolean(property12));
        } else {
            LOGGER.log(Level.FINE, "'SAML2.IsPassiveAuthn' not configured. Defaulting to 'false'");
            this.saml2.isPassiveAuthn = false;
        }
        String property13 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.IS_FORCE_AUTHN);
        if (property13 != null) {
            this.saml2.isForceAuthn = Boolean.valueOf(Boolean.parseBoolean(properties.getProperty(property13)));
        } else {
            LOGGER.log(Level.FINE, "'SAML2.IsForceAuthn' not configured. Defaulting to 'false'");
            this.saml2.isForceAuthn = false;
        }
        this.saml2.relayState = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.RELAY_STATE);
        this.saml2.postBindingRequestHTMLPayload = properties.getProperty(SSOAgentConstants.SSOAgentConfig.SAML2.POST_BINDING_REQUEST_HTML_PAYLOAD);
        this.oauth2.tokenURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OAuth2.TOKEN_URL);
        this.oauth2.clientId = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OAuth2.CLIENT_ID);
        this.oauth2.clientSecret = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OAuth2.CLIENT_SECRET);
        this.openId.providerURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OpenID.PROVIDER_URL);
        this.openId.returnToURL = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OpenID.RETURN_TO_URL);
        String property14 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OpenID.ENABLE_ATTRIBUTE_EXCHANGE);
        if (property14 != null) {
            this.openId.isAttributeExchangeEnabled = Boolean.parseBoolean(property14);
        } else {
            LOGGER.log(Level.FINE, "'OpenId.EnableAttributeExchange' not configured. Defaulting to 'true'");
            this.openId.isAttributeExchangeEnabled = true;
        }
        String property15 = properties.getProperty(SSOAgentConstants.SSOAgentConfig.OpenID.ENABLE_DUMB_MODE);
        if (property14 != null) {
            this.openId.isDumbModeEnabled = Boolean.parseBoolean(property15);
        } else {
            LOGGER.log(Level.FINE, "'OpenId.EnableDumbMode' not configured. Defaulting to 'false'");
            this.openId.isDumbModeEnabled = false;
        }
    }

    public void verifyConfig() throws SSOAgentException {
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2SSOURL == null) {
            throw new SSOAgentException("'SAML2SSOURL' not configured");
        }
        if (this.isOpenIdLoginEnabled.booleanValue() && this.openIdURL == null) {
            throw new SSOAgentException("'OpenIdURL' not configured");
        }
        if (!this.isSAML2SSOLoginEnabled.booleanValue() && this.isOAuth2SAML2GrantEnabled.booleanValue()) {
            throw new SSOAgentException("SAML2 SSO Login is disabled. Cannot use SAML2 Bearer Grant type for OAuth2");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.isOAuth2SAML2GrantEnabled.booleanValue() && this.oauth2SAML2GrantURL == null) {
            throw new SSOAgentException("'OAuth2SAML2GrantURL' not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2.spEntityId == null) {
            throw new SSOAgentException("'SAML2.SPEntityId' not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2.acsURL == null) {
            throw new SSOAgentException("'SAML2.AssertionConsumerURL' not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2.idPEntityId == null) {
            throw new SSOAgentException("'SAML2.IdPEntityId' not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2.idPURL == null) {
            throw new SSOAgentException("'SAML2.IdPURL' not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2.attributeConsumingServiceIndex == null) {
            LOGGER.log(Level.FINE, "'SAML2.AttributeConsumingServiceIndex' not configured. No attributes of the Subject will be requested");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.saml2.isSLOEnabled.booleanValue() && this.saml2.sloURL == null) {
            throw new SSOAgentException("Single Logout enabled, but SLO URL not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && ((this.saml2.isAssertionSigned.booleanValue() || this.saml2.isAssertionEncrypted.booleanValue() || this.saml2.isResponseSigned.booleanValue() || this.saml2.isRequestSigned.booleanValue()) && this.saml2.ssoAgentX509Credential == null)) {
            LOGGER.log(Level.FINE, "'SSOAgentX509Credential' not configured. Defaulting to " + SSOAgentCarbonX509Credential.class.getName());
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && ((this.saml2.isAssertionSigned.booleanValue() || this.saml2.isResponseSigned.booleanValue()) && this.saml2.ssoAgentX509Credential.getEntityCertificate() == null)) {
            throw new SSOAgentException("Public certificate of IdP not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && ((this.saml2.isRequestSigned.booleanValue() || this.saml2.isAssertionEncrypted.booleanValue()) && this.saml2.ssoAgentX509Credential.getPrivateKey() == null)) {
            throw new SSOAgentException("Private key of SP not configured");
        }
        if (this.isOpenIdLoginEnabled.booleanValue() && this.openId.providerURL == null) {
            throw new SSOAgentException("'OpenId.ProviderURL' not configured");
        }
        if (this.isOpenIdLoginEnabled.booleanValue() && this.openId.returnToURL == null) {
            throw new SSOAgentException("'OpenId.ReturnToURL' not configured");
        }
        if (this.isOpenIdLoginEnabled.booleanValue() && this.openId.attributesRequestor == null) {
            LOGGER.log(Level.FINE, "'OpenId.ProviderURL' not configured. No attributes of the Subject will be fetched");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.isOAuth2SAML2GrantEnabled.booleanValue() && this.oauth2.tokenURL == null) {
            throw new SSOAgentException("OAuth2 Token endpoint not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.isOAuth2SAML2GrantEnabled.booleanValue() && this.oauth2.clientId == null) {
            throw new SSOAgentException("OAuth2 Client Id not configured");
        }
        if (this.isSAML2SSOLoginEnabled.booleanValue() && this.isOAuth2SAML2GrantEnabled.booleanValue() && this.oauth2.clientSecret == null) {
            throw new SSOAgentException("OAuth2 Client Secret not configured");
        }
    }
}
