package org.apereo.cas.support.saml.util;

import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.namespace.QName;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.SamlUtils;
import org.apereo.cas.support.saml.authentication.principal.SamlService;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.saml1.core.Assertion;
import org.opensaml.saml.saml1.core.Attribute;
import org.opensaml.saml.saml1.core.AttributeStatement;
import org.opensaml.saml.saml1.core.AttributeValue;
import org.opensaml.saml.saml1.core.Audience;
import org.opensaml.saml.saml1.core.AudienceRestrictionCondition;
import org.opensaml.saml.saml1.core.AuthenticationStatement;
import org.opensaml.saml.saml1.core.Conditions;
import org.opensaml.saml.saml1.core.ConfirmationMethod;
import org.opensaml.saml.saml1.core.NameIdentifier;
import org.opensaml.saml.saml1.core.Response;
import org.opensaml.saml.saml1.core.Status;
import org.opensaml.saml.saml1.core.StatusCode;
import org.opensaml.saml.saml1.core.StatusMessage;
import org.opensaml.saml.saml1.core.Subject;
import org.opensaml.saml.saml1.core.SubjectConfirmation;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-saml-core-api-6.6.0.jar:org/apereo/cas/support/saml/util/Saml10ObjectBuilder.class */
public class Saml10ObjectBuilder extends AbstractSamlObjectBuilder {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) Saml10ObjectBuilder.class);
    private static final String CONFIRMATION_METHOD = "urn:oasis:names:tc:SAML:1.0:cm:artifact";
    private static final long serialVersionUID = -4711012620700270554L;

    public Saml10ObjectBuilder(OpenSamlConfigBean openSamlConfigBean) {
        super(openSamlConfigBean);
    }

    private static void setInResponseToForSamlResponseIfNeeded(Service service, Response response) {
        if (service instanceof SamlService) {
            String requestId = ((SamlService) service).getRequestId();
            if (StringUtils.isNotBlank(requestId)) {
                response.setInResponseTo(requestId);
            }
        }
    }

    public Response newResponse(String str, ZonedDateTime zonedDateTime, String str2, WebApplicationService webApplicationService) {
        Response response = (Response) SamlUtils.newSamlObject(Response.class);
        response.setID(str);
        response.setIssueInstant(zonedDateTime.toInstant());
        response.setVersion(SAMLVersion.VERSION_11);
        response.setInResponseTo(str2);
        setInResponseToForSamlResponseIfNeeded(webApplicationService, response);
        return response;
    }

    public Assertion newAssertion(AuthenticationStatement authenticationStatement, String str, ZonedDateTime zonedDateTime, String str2) {
        Assertion assertion = (Assertion) SamlUtils.newSamlObject(Assertion.class);
        assertion.setID(str2);
        assertion.setIssueInstant(zonedDateTime.toInstant());
        assertion.setIssuer(str);
        assertion.getAuthenticationStatements().add(authenticationStatement);
        return assertion;
    }

    public Conditions newConditions(ZonedDateTime zonedDateTime, String str, long j) {
        Conditions conditions = (Conditions) SamlUtils.newSamlObject(Conditions.class);
        conditions.setNotBefore(zonedDateTime.toInstant());
        conditions.setNotOnOrAfter(ZonedDateTime.now(ZoneOffset.UTC).plus(j, (TemporalUnit) ChronoUnit.SECONDS).toInstant());
        AudienceRestrictionCondition audienceRestrictionCondition = (AudienceRestrictionCondition) SamlUtils.newSamlObject(AudienceRestrictionCondition.class);
        Audience audience = (Audience) SamlUtils.newSamlObject(Audience.class);
        audience.setURI(str);
        audienceRestrictionCondition.getAudiences().add(audience);
        conditions.getAudienceRestrictionConditions().add(audienceRestrictionCondition);
        return conditions;
    }

    public Status newStatus(QName qName) {
        return newStatus(qName, "");
    }

    public Status newStatus(QName qName, String str) {
        Status status = (Status) SamlUtils.newSamlObject(Status.class);
        StatusCode statusCode = (StatusCode) SamlUtils.newSamlObject(StatusCode.class);
        statusCode.setValue(qName);
        status.setStatusCode(statusCode);
        if (StringUtils.isNotBlank(str)) {
            StatusMessage statusMessage = (StatusMessage) SamlUtils.newSamlObject(StatusMessage.class);
            statusMessage.setValue(str);
            status.setStatusMessage(statusMessage);
        }
        return status;
    }

    public AuthenticationStatement newAuthenticationStatement(ZonedDateTime zonedDateTime, Collection<Object> collection, String str) {
        AuthenticationStatement authenticationStatement = (AuthenticationStatement) SamlUtils.newSamlObject(AuthenticationStatement.class);
        authenticationStatement.setAuthenticationInstant(zonedDateTime.toInstant());
        authenticationStatement.setAuthenticationMethod((collection == null || collection.isEmpty()) ? "urn:oasis:names:tc:SAML:1.0:am:unspecified" : collection.iterator().next().toString());
        authenticationStatement.setSubject(newSubject(str));
        return authenticationStatement;
    }

    public Subject newSubject(String str) {
        return newSubject(str, "urn:oasis:names:tc:SAML:1.0:cm:artifact");
    }

    public Subject newSubject(String str, String str2) {
        SubjectConfirmation subjectConfirmation = (SubjectConfirmation) SamlUtils.newSamlObject(SubjectConfirmation.class);
        ConfirmationMethod confirmationMethod = (ConfirmationMethod) SamlUtils.newSamlObject(ConfirmationMethod.class);
        confirmationMethod.setURI(str2);
        subjectConfirmation.getConfirmationMethods().add(confirmationMethod);
        NameIdentifier nameIdentifier = (NameIdentifier) SamlUtils.newSamlObject(NameIdentifier.class);
        nameIdentifier.setValue(str);
        Subject subject = (Subject) SamlUtils.newSamlObject(Subject.class);
        subject.setNameIdentifier(nameIdentifier);
        subject.setSubjectConfirmation(subjectConfirmation);
        return subject;
    }

    public void addAttributeValuesToSaml1Attribute(String str, Object obj, List<XMLObject> list) {
        addAttributeValuesToSamlAttribute(str, obj, "", list, AttributeValue.DEFAULT_ELEMENT_NAME);
    }

    public AttributeStatement newAttributeStatement(Subject subject, Map<String, Object> map, String str) {
        AttributeStatement attributeStatement = (AttributeStatement) SamlUtils.newSamlObject(AttributeStatement.class);
        attributeStatement.setSubject(subject);
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            if ((entry.getValue() instanceof Collection) && ((Collection) entry.getValue()).isEmpty()) {
                LOGGER.info("Skipping attribute [{}] because it does not have any values.", entry.getKey());
            } else {
                Attribute attribute = (Attribute) SamlUtils.newSamlObject(Attribute.class);
                attribute.setAttributeName(entry.getKey());
                if (StringUtils.isNotBlank(str)) {
                    attribute.setAttributeNamespace(str);
                }
                addAttributeValuesToSaml1Attribute(entry.getKey(), entry.getValue(), attribute.getAttributeValues());
                attributeStatement.getAttributes().add(attribute);
            }
        }
        return attributeStatement;
    }

    public void encodeSamlResponse(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest, Response response) throws Exception {
        this.openSamlConfigBean.logObject(response);
        CasHttpSoap11Encoder casHttpSoap11Encoder = new CasHttpSoap11Encoder();
        MessageContext messageContext = new MessageContext();
        messageContext.setMessage(response);
        casHttpSoap11Encoder.setHttpServletResponse(httpServletResponse);
        casHttpSoap11Encoder.setMessageContext(messageContext);
        casHttpSoap11Encoder.initialize();
        casHttpSoap11Encoder.prepareContext();
        casHttpSoap11Encoder.encode();
    }
}
