package org.wso2.carbon.identity.sso.saml.cloud.response;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.Cookie;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.owasp.encoder.Encode;
import org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityResponse;
import org.wso2.carbon.identity.application.authentication.framework.inbound.HttpIdentityResponseFactory;
import org.wso2.carbon.identity.application.authentication.framework.inbound.IdentityResponse;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.sso.saml.cloud.SAMLSSOConstants;
import org.wso2.carbon.identity.sso.saml.cloud.internal.IdentitySAMLSSOServiceComponent;
import org.wso2.carbon.identity.sso.saml.cloud.util.SAMLSSOUtil;

/* loaded from: input_file:org/wso2/carbon/identity/sso/saml/cloud/response/HttpSAMLResponseFactory.class */
public class HttpSAMLResponseFactory extends HttpIdentityResponseFactory {
    private static final Log log = LogFactory.getLog(HttpSAMLResponseFactory.class);

    public String getName() {
        return "HttpSAMLResponseFactory";
    }

    public boolean canHandle(IdentityResponse identityResponse) {
        return identityResponse instanceof SAMLResponse;
    }

    public HttpIdentityResponse.HttpIdentityResponseBuilder create(IdentityResponse identityResponse) {
        return ((identityResponse instanceof SAMLLoginResponse) || (identityResponse instanceof SAMLLogoutResponse)) ? sendResponse(identityResponse) : sendNotification(identityResponse);
    }

    public HttpIdentityResponse.HttpIdentityResponseBuilder create(HttpIdentityResponse.HttpIdentityResponseBuilder httpIdentityResponseBuilder, IdentityResponse identityResponse) {
        return create(identityResponse);
    }

    private HttpIdentityResponse.HttpIdentityResponseBuilder sendResponse(IdentityResponse identityResponse) {
        Map<String, Cookie> cookies;
        HttpIdentityResponse.HttpIdentityResponseBuilder httpIdentityResponseBuilder = new HttpIdentityResponse.HttpIdentityResponseBuilder();
        if (identityResponse instanceof SAMLLoginResponse) {
            SAMLLoginResponse sAMLLoginResponse = (SAMLLoginResponse) identityResponse;
            String authenticatedIdPs = sAMLLoginResponse.getAuthenticatedIdPs();
            String relayState = sAMLLoginResponse.getRelayState();
            String aCSUrlWithTenantPartitioning = getACSUrlWithTenantPartitioning(sAMLLoginResponse.getAcsUrl(), sAMLLoginResponse.getTenantDomain());
            if (IdentitySAMLSSOServiceComponent.getSsoRedirectHtml() != null) {
                httpIdentityResponseBuilder.setBody(getRedirectHtml(aCSUrlWithTenantPartitioning, relayState, authenticatedIdPs, sAMLLoginResponse));
            } else {
                httpIdentityResponseBuilder.setBody(getPostHtml(aCSUrlWithTenantPartitioning, relayState, authenticatedIdPs, sAMLLoginResponse));
            }
            cookies = ((SAMLLoginResponse) identityResponse).getContext().getCookies();
        } else {
            SAMLLogoutResponse sAMLLogoutResponse = (SAMLLogoutResponse) identityResponse;
            String relayState2 = sAMLLogoutResponse.getRelayState();
            String aCSUrlWithTenantPartitioning2 = getACSUrlWithTenantPartitioning(sAMLLogoutResponse.getAcsUrl(), sAMLLogoutResponse.getTenantDomain());
            if (IdentitySAMLSSOServiceComponent.getSsoRedirectHtml() != null) {
                httpIdentityResponseBuilder.setBody(getRedirectHtml(aCSUrlWithTenantPartitioning2, relayState2, sAMLLogoutResponse));
            } else {
                httpIdentityResponseBuilder.setBody(getPostHtml(aCSUrlWithTenantPartitioning2, relayState2, sAMLLogoutResponse));
            }
            httpIdentityResponseBuilder.setRedirectURL(aCSUrlWithTenantPartitioning2);
            cookies = ((SAMLLogoutResponse) identityResponse).getContext().getCookies();
        }
        Iterator<Map.Entry<String, Cookie>> it = cookies.entrySet().iterator();
        while (it.hasNext()) {
            httpIdentityResponseBuilder.addCookie(it.next().getValue());
        }
        httpIdentityResponseBuilder.setStatusCode(200);
        return httpIdentityResponseBuilder;
    }

    private String getRedirectHtml(String str, String str2, String str3, SAMLLoginResponse sAMLLoginResponse) {
        String replace = IdentitySAMLSSOServiceComponent.getSsoRedirectHtml().replace("$acUrl", str).replace("<!--$params-->", "<!--$params-->\n<input type='hidden' name='SAMLResponse' value='" + Encode.forHtmlAttribute(sAMLLoginResponse.getRespString()) + "'>");
        String str4 = replace;
        if (str2 != null) {
            str4 = replace.replace("<!--$params-->", "<!--$params-->\n<input type='hidden' name='RelayState' value='" + Encode.forHtmlAttribute(str2) + "'>");
        }
        String replace2 = StringUtils.isBlank(str3) ? str4 : str4.replace("<!--$additionalParams-->", "<input type='hidden' name='AuthenticatedIdPs' value='" + Encode.forHtmlAttribute(str3) + "'>");
        if (log.isDebugEnabled()) {
            log.debug("samlsso_response.html " + replace2);
        }
        return replace2;
    }

    private String getRedirectHtml(String str, String str2, SAMLLogoutResponse sAMLLogoutResponse) {
        String replace = IdentitySAMLSSOServiceComponent.getSsoRedirectHtml().replace("$acUrl", str).replace("<!--$params-->", "<!--$params-->\n<input type='hidden' name='SAMLResponse' value='" + Encode.forHtmlAttribute(sAMLLogoutResponse.getRespString()) + "'>");
        String str3 = replace;
        if (str2 != null) {
            str3 = replace.replace("<!--$params-->", "<!--$params-->\n<input type='hidden' name='RelayState' value='" + Encode.forHtmlAttribute(str2) + "'>");
        }
        String str4 = str3;
        if (log.isDebugEnabled()) {
            log.debug("samlsso_response.html " + str4);
        }
        return str4;
    }

    private String getPostHtml(String str, String str2, String str3, SAMLLoginResponse sAMLLoginResponse) {
        StringBuilder sb = new StringBuilder();
        sb.append("<html>");
        sb.append("<body>");
        sb.append("<p>You are now redirected back to " + Encode.forHtmlContent(str));
        sb.append(" If the redirection fails, please click the post button.</p>");
        sb.append("<form method='post' action='" + Encode.forHtmlAttribute(str) + "'>");
        sb.append("<p>");
        sb.append("<input type='hidden' name='SAMLResponse' value='" + Encode.forHtmlAttribute(sAMLLoginResponse.getRespString()) + "'>");
        if (str2 != null) {
            sb.append("<input type='hidden' name='RelayState' value='" + Encode.forHtmlAttribute(str2) + "'>");
        }
        if (StringUtils.isBlank(str3)) {
            sb.append("<input type='hidden' name='AuthenticatedIdPs' value='" + Encode.forHtmlAttribute(str3) + "'>");
        }
        sb.append("<button type='submit'>POST</button>");
        sb.append("</p>");
        sb.append("</form>");
        sb.append("<script type='text/javascript'>");
        sb.append("document.forms[0].submit();");
        sb.append("</script>");
        sb.append("</body>");
        sb.append("</html>");
        return sb.toString();
    }

    private String getPostHtml(String str, String str2, SAMLLogoutResponse sAMLLogoutResponse) {
        StringBuilder sb = new StringBuilder();
        sb.append("<html>");
        sb.append("<body>");
        sb.append("<p>You are now redirected back to " + Encode.forHtmlContent(str));
        sb.append(" If the redirection fails, please click the post button.</p>");
        sb.append("<form method='post' action='" + Encode.forHtmlAttribute(str) + "'>");
        sb.append("<p>");
        sb.append("<input type='hidden' name='SAMLResponse' value='" + Encode.forHtmlAttribute(sAMLLogoutResponse.getRespString()) + "'>");
        if (str2 != null) {
            sb.append("<input type='hidden' name='RelayState' value='" + Encode.forHtmlAttribute(str2) + "'>");
        }
        sb.append("<button type='submit'>POST</button>");
        sb.append("</p>");
        sb.append("</form>");
        sb.append("<script type='text/javascript'>");
        sb.append("document.forms[0].submit();");
        sb.append("</script>");
        sb.append("</body>");
        sb.append("</html>");
        return sb.toString();
    }

    private HttpIdentityResponse.HttpIdentityResponseBuilder sendNotification(IdentityResponse identityResponse) {
        SAMLErrorResponse sAMLErrorResponse = (SAMLErrorResponse) identityResponse;
        HttpIdentityResponse.HttpIdentityResponseBuilder httpIdentityResponseBuilder = new HttpIdentityResponse.HttpIdentityResponseBuilder();
        String notificationEndpoint = SAMLSSOUtil.getNotificationEndpoint();
        HashMap hashMap = new HashMap();
        try {
            hashMap.put(SAMLSSOConstants.STATUS, new String[]{URLEncoder.encode(sAMLErrorResponse.getStatus(), StandardCharsets.UTF_8.name())});
            hashMap.put(SAMLSSOConstants.STATUS_MSG, new String[]{URLEncoder.encode(sAMLErrorResponse.getMessageLog(), StandardCharsets.UTF_8.name())});
            if (StringUtils.isNotEmpty(sAMLErrorResponse.getErrorResponse())) {
                hashMap.put(SAMLSSOConstants.SAML_RESP, new String[]{URLEncoder.encode(sAMLErrorResponse.getErrorResponse(), StandardCharsets.UTF_8.name())});
            }
            if (StringUtils.isNotEmpty(sAMLErrorResponse.getAcsUrl())) {
                hashMap.put(SAMLSSOConstants.ASSRTN_CONSUMER_URL, new String[]{URLEncoder.encode(sAMLErrorResponse.getAcsUrl(), StandardCharsets.UTF_8.name())});
            }
        } catch (UnsupportedEncodingException e) {
        }
        httpIdentityResponseBuilder.setStatusCode(302);
        httpIdentityResponseBuilder.setParameters(hashMap);
        httpIdentityResponseBuilder.setRedirectURL(notificationEndpoint);
        return httpIdentityResponseBuilder;
    }

    private String getACSUrlWithTenantPartitioning(String str, String str2) {
        String str3 = str;
        if (str2 != null && "true".equals(IdentityUtil.getProperty("SSOService.TenantPartitioningEnabled"))) {
            str3 = str3 + "?tenantDomain=" + str2;
        }
        return str3;
    }
}
