package org.apereo.cas.support.saml.web.idp.profile.artifact;

import java.util.Objects;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.saml.SamlIdPConstants;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.apereo.cas.support.saml.web.idp.profile.AbstractSamlIdPProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.SamlProfileHandlerConfigurationContext;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.artifact.SamlArtifactTicket;
import org.apereo.cas.ticket.artifact.SamlArtifactTicketFactory;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.LoggingUtils;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.ArtifactResolve;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.PostMapping;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-saml-idp-web-6.5.4.jar:org/apereo/cas/support/saml/web/idp/profile/artifact/SamlIdPSaml1ArtifactResolutionProfileHandlerController.class */
public class SamlIdPSaml1ArtifactResolutionProfileHandlerController extends AbstractSamlIdPProfileHandlerController {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SamlIdPSaml1ArtifactResolutionProfileHandlerController.class);

    public SamlIdPSaml1ArtifactResolutionProfileHandlerController(SamlProfileHandlerConfigurationContext samlProfileHandlerConfigurationContext) {
        super(samlProfileHandlerConfigurationContext);
    }

    @PostMapping(path = {SamlIdPConstants.ENDPOINT_SAML1_SOAP_ARTIFACT_RESOLUTION})
    protected void handlePostRequest(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        MessageContext decodeSoapRequest = decodeSoapRequest(httpServletRequest);
        ArtifactResolve artifactResolve = (ArtifactResolve) decodeSoapRequest.getMessage();
        try {
            String value = ((ArtifactResolve) Objects.requireNonNull(artifactResolve)).getIssuer().getValue();
            SamlRegisteredService verifySamlRegisteredService = verifySamlRegisteredService(value);
            Optional<SamlRegisteredServiceServiceProviderMetadataFacade> samlMetadataFacadeFor = getSamlMetadataFacadeFor(verifySamlRegisteredService, artifactResolve);
            if (samlMetadataFacadeFor.isEmpty()) {
                throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, "Cannot find metadata linked to " + value);
            }
            SamlRegisteredServiceServiceProviderMetadataFacade samlRegisteredServiceServiceProviderMetadataFacade = samlMetadataFacadeFor.get();
            verifyAuthenticationContextSignature(decodeSoapRequest, httpServletRequest, artifactResolve, samlRegisteredServiceServiceProviderMetadataFacade, verifySamlRegisteredService);
            String createTicketIdFor = ((SamlArtifactTicketFactory) getConfigurationContext().getTicketFactory().get(SamlArtifactTicket.class)).createTicketIdFor(artifactResolve.getArtifact().getValue());
            SamlArtifactTicket ticket = getConfigurationContext().getTicketRegistry().getTicket(createTicketIdFor, (Class<SamlArtifactTicket>) SamlArtifactTicket.class);
            if (ticket == null) {
                throw new InvalidTicketException(createTicketIdFor);
            }
            getConfigurationContext().getResponseBuilder().build(artifactResolve, httpServletRequest, httpServletResponse, buildCasAssertion(ticket.getTicketGrantingTicket().getAuthentication(), getConfigurationContext().getWebApplicationServiceFactory().createService(value), verifySamlRegisteredService, CollectionUtils.wrap("artifact", ticket)), verifySamlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, SAMLConstants.SAML2_ARTIFACT_BINDING_URI, decodeSoapRequest);
        } catch (Exception e) {
            LoggingUtils.error(LOGGER, e);
            httpServletRequest.setAttribute(SamlIdPConstants.REQUEST_ATTRIBUTE_ERROR, "Unable to build SOAP response: " + StringUtils.defaultString(e.getMessage()));
            getConfigurationContext().getSamlFaultResponseBuilder().build(artifactResolve, httpServletRequest, httpServletResponse, null, null, null, SAMLConstants.SAML2_ARTIFACT_BINDING_URI, decodeSoapRequest);
        }
    }
}
