package pl.edu.icm.unity.saml.sp.web;

import eu.unicore.samly2.binding.HttpPostBindingSupport;
import eu.unicore.samly2.binding.HttpRedirectBindingSupport;
import eu.unicore.samly2.binding.SAMLMessageType;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.saml.SamlProperties;
import pl.edu.icm.unity.saml.sp.RemoteAuthnContext;

/* loaded from: input_file:pl/edu/icm/unity/saml/sp/web/RedirectRequestHandler.class */
public class RedirectRequestHandler {
    private static final Logger log = Log.getLogger("unity.server.saml", RedirectRequestHandler.class);

    public static boolean handleRequest(RemoteAuthnContext remoteAuthnContext, HttpServletResponse httpServletResponse) throws IOException {
        SamlProperties.Binding requestBinding = remoteAuthnContext.getRequestBinding();
        if (requestBinding == SamlProperties.Binding.HTTP_POST) {
            handlePost(remoteAuthnContext, httpServletResponse);
            return true;
        }
        if (requestBinding != SamlProperties.Binding.HTTP_REDIRECT) {
            return false;
        }
        handleRedirect(remoteAuthnContext, httpServletResponse);
        return true;
    }

    private static void handlePost(RemoteAuthnContext remoteAuthnContext, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("text/html; charset=utf-8");
        setCommonHeaders(httpServletResponse);
        httpServletResponse.setDateHeader("Expires", -1L);
        log.debug("Starting SAML HTTP POST binding exchange with IdP " + remoteAuthnContext.getIdpUrl());
        String htmlPOSTFormContents = HttpPostBindingSupport.getHtmlPOSTFormContents(SAMLMessageType.SAMLRequest, remoteAuthnContext.getIdpUrl(), remoteAuthnContext.getRequest(), remoteAuthnContext.getRelayState());
        if (log.isTraceEnabled()) {
            log.trace("SAML request is:\n" + remoteAuthnContext.getRequest());
            log.trace("Returned POST form is:\n" + htmlPOSTFormContents);
        }
        httpServletResponse.getWriter().append((CharSequence) htmlPOSTFormContents);
    }

    private static void handleRedirect(RemoteAuthnContext remoteAuthnContext, HttpServletResponse httpServletResponse) throws IOException {
        setCommonHeaders(httpServletResponse);
        log.debug("Starting SAML HTTP Redirect binding exchange with IdP " + remoteAuthnContext.getIdpUrl());
        String redirectURL = HttpRedirectBindingSupport.getRedirectURL(SAMLMessageType.SAMLRequest, remoteAuthnContext.getRelayState(), remoteAuthnContext.getRequest(), remoteAuthnContext.getIdpUrl());
        log.debug("SAML request is:\n{}", remoteAuthnContext.getRequest());
        log.debug("Returned Redirect URL is: {}", redirectURL);
        httpServletResponse.sendRedirect(redirectURL);
    }

    private static void setCommonHeaders(HttpServletResponse httpServletResponse) {
        httpServletResponse.setHeader("Cache-Control", "no-cache,no-store");
        httpServletResponse.setHeader("Pragma", "no-cache");
    }
}
