package org.apereo.cas.support.saml.web.idp.profile.builders.authn;

import java.time.ZonedDateTime;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.SamlException;
import org.apereo.cas.support.saml.SamlIdPUtils;
import org.apereo.cas.support.saml.SamlUtils;
import org.apereo.cas.support.saml.util.AbstractSaml20ObjectBuilder;
import org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileBuilderContext;
import org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder;
import org.apereo.cas.util.DateTimeUtils;
import org.apereo.cas.util.RandomUtils;
import org.apereo.inspektr.common.web.ClientInfoHolder;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.SubjectLocality;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-saml-idp-web-6.6.14.jar:org/apereo/cas/support/saml/web/idp/profile/builders/authn/SamlProfileSamlAuthNStatementBuilder.class */
public class SamlProfileSamlAuthNStatementBuilder extends AbstractSaml20ObjectBuilder implements SamlProfileObjectBuilder<AuthnStatement> {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SamlProfileSamlAuthNStatementBuilder.class);
    private static final long serialVersionUID = 8761566449790497226L;
    private final SamlProfileAuthnContextClassRefBuilder authnContextClassRefBuilder;
    private final CasConfigurationProperties casProperties;

    public SamlProfileSamlAuthNStatementBuilder(OpenSamlConfigBean openSamlConfigBean, SamlProfileAuthnContextClassRefBuilder samlProfileAuthnContextClassRefBuilder, CasConfigurationProperties casConfigurationProperties) {
        super(openSamlConfigBean);
        this.authnContextClassRefBuilder = samlProfileAuthnContextClassRefBuilder;
        this.casProperties = casConfigurationProperties;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder
    public AuthnStatement build(SamlProfileBuilderContext samlProfileBuilderContext) throws Exception {
        return buildAuthnStatement(samlProfileBuilderContext);
    }

    protected SubjectLocality buildSubjectLocality(SamlProfileBuilderContext samlProfileBuilderContext) throws SamlException {
        SubjectLocality subjectLocality = (SubjectLocality) SamlUtils.newSamlObject(SubjectLocality.class);
        String issuerFromSamlObject = SamlIdPUtils.getIssuerFromSamlObject(samlProfileBuilderContext.getSamlRequest());
        String defaultString = StringUtils.defaultString(samlProfileBuilderContext.getRegisteredService().getSubjectLocality(), (String) Optional.ofNullable(ClientInfoHolder.getClientInfo()).map((v0) -> {
            return v0.getClientIpAddress();
        }).orElse(""));
        LOGGER.debug("Built SAML2 subject locality address [{}] for [{}]", defaultString, issuerFromSamlObject);
        subjectLocality.setAddress(defaultString);
        return subjectLocality;
    }

    private AuthnStatement buildAuthnStatement(SamlProfileBuilderContext samlProfileBuilderContext) throws Exception {
        String build = this.authnContextClassRefBuilder.build(samlProfileBuilderContext);
        String str = (String) Optional.ofNullable(samlProfileBuilderContext.getHttpRequest()).map(httpServletRequest -> {
            return httpServletRequest.getParameter("ticket");
        }).filter((v0) -> {
            return StringUtils.isNotBlank(v0);
        }).orElse("");
        if (StringUtils.isBlank(str)) {
            LOGGER.info("Unable to locate service ticket as the session index; Generating random identifier instead...");
            str = "_" + String.valueOf(RandomUtils.nextLong());
        }
        AuthnStatement newAuthnStatement = newAuthnStatement(build, DateTimeUtils.zonedDateTimeOf(samlProfileBuilderContext.getAuthenticatedAssertion().getAuthenticationDate()), str);
        ZonedDateTime zonedDateTimeOf = DateTimeUtils.zonedDateTimeOf(samlProfileBuilderContext.getAuthenticatedAssertion().getValidUntilDate());
        if (!samlProfileBuilderContext.getRegisteredService().isSkipGeneratingSessionNotOnOrAfter()) {
            newAuthnStatement.setSessionNotOnOrAfter(zonedDateTimeOf.plusSeconds(samlProfileBuilderContext.getRegisteredService().getSkewAllowance() != 0 ? samlProfileBuilderContext.getRegisteredService().getSkewAllowance() : Beans.newDuration(this.casProperties.getAuthn().getSamlIdp().getResponse().getSkewAllowance()).toSeconds()).toInstant());
        }
        SubjectLocality buildSubjectLocality = buildSubjectLocality(samlProfileBuilderContext);
        if (buildSubjectLocality != null) {
            newAuthnStatement.setSubjectLocality(buildSubjectLocality);
        }
        return newAuthnStatement;
    }
}
