package org.apache.cxf.fediz.core.samlsso;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.Issuer;
import org.opensaml.saml.saml2.core.LogoutRequest;
import org.opensaml.saml.saml2.core.NameID;
import org.opensaml.saml.saml2.core.Subject;

/* loaded from: input_file:BOOT-INF/lib/fediz-core-1.4.3.jar:org/apache/cxf/fediz/core/samlsso/DefaultSAMLPRequestBuilder.class */
public class DefaultSAMLPRequestBuilder implements SAMLPRequestBuilder {
    private boolean forceAuthn;
    private boolean isPassive;
    private String protocolBinding = SAMLConstants.SAML2_POST_BINDING_URI;

    @Override // org.apache.cxf.fediz.core.samlsso.SAMLPRequestBuilder
    public AuthnRequest createAuthnRequest(String str, String str2) throws Exception {
        return SamlpRequestComponentBuilder.createAuthnRequest(str2, this.forceAuthn, this.isPassive, this.protocolBinding, SAMLVersion.VERSION_20, SamlpRequestComponentBuilder.createIssuer(str), SamlpRequestComponentBuilder.createNameIDPolicy(true, "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", str), SamlpRequestComponentBuilder.createRequestedAuthnCtxPolicy(AuthnContextComparisonTypeEnumeration.EXACT, Collections.singletonList(SamlpRequestComponentBuilder.createAuthnCtxClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport")), null));
    }

    public boolean isForceAuthn() {
        return this.forceAuthn;
    }

    public void setForceAuthn(boolean z) {
        this.forceAuthn = z;
    }

    public boolean isPassive() {
        return this.isPassive;
    }

    public void setPassive(boolean z) {
        this.isPassive = z;
    }

    public String getProtocolBinding() {
        return this.protocolBinding;
    }

    public void setProtocolBinding(String str) {
        this.protocolBinding = str;
    }

    @Override // org.apache.cxf.fediz.core.samlsso.SAMLPRequestBuilder
    public LogoutRequest createLogoutRequest(String str, String str2, SamlAssertionWrapper samlAssertionWrapper) throws Exception {
        Subject subject;
        Issuer createIssuer = SamlpRequestComponentBuilder.createIssuer(str);
        NameID nameID = null;
        ArrayList arrayList = new ArrayList();
        if (samlAssertionWrapper != null) {
            if (samlAssertionWrapper.getSaml2() != null && (subject = samlAssertionWrapper.getSaml2().getSubject()) != null && subject.getNameID() != null) {
                nameID = subject.getNameID();
            }
            if (nameID != null) {
                nameID.detach();
            }
            List<AuthnStatement> authnStatements = samlAssertionWrapper.getSaml2().getAuthnStatements();
            if (authnStatements != null && !authnStatements.isEmpty()) {
                for (AuthnStatement authnStatement : authnStatements) {
                    if (authnStatement.getSessionIndex() != null) {
                        arrayList.add(authnStatement.getSessionIndex());
                    }
                }
            }
        }
        return SamlpRequestComponentBuilder.createLogoutRequest(createIssuer, str2, nameID, arrayList);
    }
}
