package org.apereo.cas.support.saml.authentication.principal;

import java.io.BufferedReader;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import org.apache.commons.lang3.NotImplementedException;
import org.apereo.cas.authentication.principal.AbstractServiceFactory;
import org.apereo.cas.support.saml.SamlProtocolConstants;
import org.apereo.cas.support.saml.util.AbstractSamlObjectBuilder;
import org.jdom2.Attribute;
import org.jdom2.Document;
import org.jdom2.Element;
import org.jdom2.Namespace;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml1.core.AssertionArtifact;
import org.opensaml.saml.saml1.core.RequestAbstractType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-saml-core-api-6.5.3.jar:org/apereo/cas/support/saml/authentication/principal/SamlServiceFactory.class */
public class SamlServiceFactory extends AbstractServiceFactory<SamlService> {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SamlServiceFactory.class);
    private static final Namespace NAMESPACE_ENVELOPE = Namespace.getNamespace("http://schemas.xmlsoap.org/soap/envelope/");
    private static final Namespace NAMESPACE_SAML1 = Namespace.getNamespace(SAMLConstants.SAML10P_NS);

    @Override // org.apereo.cas.authentication.principal.ServiceFactory
    public SamlService createService(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("TARGET");
        String requestBody = (httpServletRequest.getRequestURI().contains(SamlProtocolConstants.ENDPOINT_SAML_VALIDATE) && httpServletRequest.getMethod().equalsIgnoreCase(HttpMethod.POST.name())) ? getRequestBody(httpServletRequest) : null;
        LOGGER.trace("Request Body: [{}]", requestBody);
        if (!StringUtils.hasText(parameter) && !StringUtils.hasText(requestBody)) {
            LOGGER.trace("Request does not specify a [{}] or request body is empty", "TARGET");
            return null;
        }
        String cleanupUrl = cleanupUrl(parameter);
        if (StringUtils.hasText(requestBody)) {
            httpServletRequest.setAttribute("SAMLRequest", requestBody);
        }
        Element requestDocumentElement = getRequestDocumentElement(requestBody);
        String artifactIdFromRequest = getArtifactIdFromRequest(requestDocumentElement);
        String requestIdFromRequest = getRequestIdFromRequest(requestDocumentElement);
        LOGGER.trace("Extracted ArtifactId: [{}]. Extracted Request Id: [{}]", artifactIdFromRequest, requestIdFromRequest);
        SamlService samlService = new SamlService(cleanupUrl, parameter, artifactIdFromRequest, requestIdFromRequest);
        samlService.setSource("TARGET");
        return samlService;
    }

    @Override // org.apereo.cas.authentication.principal.ServiceFactory
    public SamlService createService(String str) {
        throw new NotImplementedException("This operation is not supported. ");
    }

    private static String getRequestBody(HttpServletRequest httpServletRequest) {
        String readRequestBodyIfAny = readRequestBodyIfAny(httpServletRequest);
        if (StringUtils.hasText(readRequestBodyIfAny)) {
            return readRequestBodyIfAny;
        }
        LOGGER.trace("Looking at the request attribute [{}] to locate SAML request body", "SAMLRequest");
        return (String) httpServletRequest.getAttribute("SAMLRequest");
    }

    private static String readRequestBodyIfAny(HttpServletRequest httpServletRequest) {
        try {
            BufferedReader reader = httpServletRequest.getReader();
            try {
                String str = (String) reader.lines().collect(Collectors.joining());
                if (reader != null) {
                    reader.close();
                }
                return str;
            } finally {
            }
        } catch (Exception e) {
            LOGGER.trace("Could not obtain the saml request body from the http request", (Throwable) e);
            return null;
        }
    }

    private static Element getRequestDocumentElement(String str) {
        if (!StringUtils.hasText(str)) {
            return null;
        }
        Document constructDocumentFromXml = AbstractSamlObjectBuilder.constructDocumentFromXml(str);
        if (constructDocumentFromXml == null) {
            LOGGER.trace("XML document could not extracted from request body [{}]", str);
            return null;
        }
        Element child = constructDocumentFromXml.getRootElement().getChild("Body", NAMESPACE_ENVELOPE);
        if (child != null) {
            return child.getChild("Request", NAMESPACE_SAML1);
        }
        LOGGER.trace("XML document root has no child body element");
        return null;
    }

    private static String getRequestIdFromRequest(Element element) {
        if (element == null) {
            LOGGER.trace("Element responsible for RequestID is undefined");
            return null;
        }
        Attribute attribute = element.getAttribute(RequestAbstractType.ID_ATTRIB_NAME);
        if (attribute != null) {
            return attribute.getValue().trim();
        }
        LOGGER.trace("XML element has no attribute for RequestID");
        return null;
    }

    private static String getArtifactIdFromRequest(Element element) {
        if (element == null) {
            LOGGER.trace("Element responsible for AssertionArtifact is undefined");
            return null;
        }
        Element child = element.getChild(AssertionArtifact.DEFAULT_ELEMENT_LOCAL_NAME, NAMESPACE_SAML1);
        if (child != null) {
            return child.getValue().trim();
        }
        LOGGER.trace("Element [{}] does not contain a child element for AssertionArtifact", element.getName());
        return null;
    }

    @Generated
    public SamlServiceFactory() {
    }
}
