package org.apereo.cas.support.saml.util;

import java.security.SecureRandom;
import lombok.Generated;
import org.apereo.cas.ticket.UniqueTicketIdGenerator;
import org.apereo.cas.util.DigestUtils;
import org.apereo.cas.util.RandomUtils;
import org.opensaml.saml.common.binding.artifact.AbstractSAMLArtifact;
import org.opensaml.saml.saml1.binding.artifact.SAML1ArtifactType0001;
import org.opensaml.saml.saml2.binding.artifact.SAML2ArtifactType0004;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-saml-core-api-6.5.4.jar:org/apereo/cas/support/saml/util/SamlCompliantUniqueTicketIdGenerator.class */
public class SamlCompliantUniqueTicketIdGenerator implements UniqueTicketIdGenerator {
    private static final int ASSERTION_HANDLE_SIZE = 20;
    private static final byte[] ENDPOINT_ID = {0, 1};
    private final byte[] sourceIdDigest;
    private final SecureRandom random;
    private boolean saml2compliant;

    public SamlCompliantUniqueTicketIdGenerator(String str) {
        this.sourceIdDigest = DigestUtils.rawDigest("SHA", str.getBytes("8859_1"));
        this.random = RandomUtils.getNativeInstance();
    }

    @Override // org.apereo.cas.ticket.UniqueTicketIdGenerator
    public String getNewTicketId(String str) {
        return str + "-" + getSAMLArtifactType().base64Encode();
    }

    private AbstractSAMLArtifact getSAMLArtifactType() {
        return this.saml2compliant ? new SAML2ArtifactType0004(ENDPOINT_ID, newAssertionHandle(), this.sourceIdDigest) : new SAML1ArtifactType0001(this.sourceIdDigest, newAssertionHandle());
    }

    private byte[] newAssertionHandle() {
        byte[] bArr = new byte[20];
        this.random.nextBytes(bArr);
        return bArr;
    }

    @Generated
    public void setSaml2compliant(boolean z) {
        this.saml2compliant = z;
    }
}
