package pl.edu.icm.unity.saml.idp.web;

import com.vaadin.flow.component.UI;
import com.vaadin.flow.server.SynchronizedRequestHandler;
import com.vaadin.flow.server.VaadinRequest;
import com.vaadin.flow.server.VaadinResponse;
import com.vaadin.flow.server.VaadinSession;
import eu.unicore.samly2.exceptions.SAMLServerException;
import io.imunity.vaadin.endpoint.common.EopException;
import io.imunity.vaadin.endpoint.common.consent_utils.LoginInProgressService;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.endpoint.Endpoint;
import pl.edu.icm.unity.base.endpoint.idp.IdpStatistic;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.utils.FreemarkerAppHandler;
import pl.edu.icm.unity.saml.idp.SamlIdpStatisticReporter;
import pl.edu.icm.unity.saml.idp.ctx.SAMLAuthnContext;
import pl.edu.icm.unity.saml.idp.processor.AuthnResponseProcessor;
import xmlbeans.org.oasis.saml2.protocol.ResponseDocument;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlResponseHandler.class */
public class SamlResponseHandler {
    private static final Logger log = Log.getLogger("unity.server.saml", SamlResponseHandler.class);
    protected FreemarkerAppHandler freemarkerHandler;
    protected AuthnResponseProcessor samlProcessor;
    private final SamlIdpStatisticReporter reporter;

    /* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlResponseHandler$SendResponseRequestHandler.class */
    public class SendResponseRequestHandler extends SynchronizedRequestHandler {
        public SendResponseRequestHandler() {
        }

        public boolean synchronizedHandleRequest(VaadinSession vaadinSession, VaadinRequest vaadinRequest, VaadinResponse vaadinResponse) throws IOException {
            ResponseDocument responseDocument = (ResponseDocument) vaadinSession.getSession().getAttribute(ResponseDocument.class.getName());
            if (responseDocument == null) {
                return false;
            }
            String xmlText = responseDocument.xmlText();
            String encodeToString = Base64.getEncoder().encodeToString(xmlText.getBytes(StandardCharsets.UTF_8));
            SessionDisposal sessionDisposal = (SessionDisposal) vaadinSession.getSession().getAttribute(SessionDisposal.class.getName());
            LoginInProgressService.VaadinContextSession vaadinContextSession = new LoginInProgressService.VaadinContextSession(vaadinSession.getSession());
            SAMLAuthnContext vaadinContext = SamlSessionService.getVaadinContext(vaadinContextSession);
            String responseDestination = vaadinContext.getResponseDestination();
            HashMap hashMap = new HashMap();
            hashMap.put("SAMLResponse", encodeToString);
            hashMap.put("samlService", responseDestination);
            if (sessionDisposal != null) {
                hashMap.put("error", sessionDisposal.getE().getMessage());
            }
            if (vaadinContext.getRelayState() != null) {
                hashMap.put("RelayState", vaadinContext.getRelayState());
            }
            if (SamlResponseHandler.log.isTraceEnabled()) {
                SamlResponseHandler.log.trace("About to send SAML response to " + responseDestination + ", unencoded form:\n" + xmlText);
                if (sessionDisposal != null) {
                    SamlResponseHandler.log.trace("Error information: " + sessionDisposal.getE().getMessage());
                }
                if (vaadinContext.getRelayState() != null) {
                    SamlResponseHandler.log.trace("RelayState: " + vaadinContext.getRelayState());
                }
            }
            SamlSessionService.cleanContext(vaadinContextSession);
            if (sessionDisposal == null || !sessionDisposal.isDestroySession()) {
                vaadinSession.getSession().setAttribute("automaticLoginWasTriggered", (Object) null);
            } else {
                vaadinSession.getSession().invalidate();
            }
            vaadinResponse.setContentType("application/xhtml+xml; charset=utf-8");
            SamlResponseHandler.this.freemarkerHandler.printGenericPage(vaadinResponse.getWriter(), "samlFinish.ftl", hashMap);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlResponseHandler$SessionDisposal.class */
    public static class SessionDisposal {
        private SAMLServerException e;
        private boolean destroySession;

        public SessionDisposal(SAMLServerException sAMLServerException, boolean z) {
            this.e = sAMLServerException;
            this.destroySession = z;
        }

        protected SAMLServerException getE() {
            return this.e;
        }

        protected boolean isDestroySession() {
            return this.destroySession;
        }
    }

    public SamlResponseHandler(FreemarkerAppHandler freemarkerAppHandler, AuthnResponseProcessor authnResponseProcessor, SamlIdpStatisticReporter.SamlIdpStatisticReporterFactory samlIdpStatisticReporterFactory, Endpoint endpoint) {
        this.freemarkerHandler = freemarkerAppHandler;
        this.samlProcessor = authnResponseProcessor;
        this.reporter = samlIdpStatisticReporterFactory.getForEndpoint(endpoint);
    }

    public void handleException(Exception exc, boolean z) throws EopException {
        handleExceptionNotThrowing(exc, z);
        throw new EopException();
    }

    public void handleExceptionNotThrowing(Exception exc, boolean z) {
        log.warn("Exception raised and will trigger SAML error response from IdP", exc);
        SAMLServerException convert2SAMLError = this.samlProcessor.convert2SAMLError(exc, null, true);
        returnSamlErrorResponse(this.samlProcessor.getErrorResponse(convert2SAMLError), convert2SAMLError, z);
    }

    public void returnSamlErrorResponse(ResponseDocument responseDocument, SAMLServerException sAMLServerException, boolean z) {
        VaadinSession current = VaadinSession.getCurrent();
        current.getSession().setAttribute(SessionDisposal.class.getName(), new SessionDisposal(sAMLServerException, z));
        current.getSession().setAttribute(SAMLServerException.class.getName(), sAMLServerException);
        returnSamlResponse(responseDocument, IdpStatistic.Status.FAILED);
    }

    public void returnSamlResponse(ResponseDocument responseDocument, IdpStatistic.Status status) {
        VaadinSession current = VaadinSession.getCurrent();
        current.getSession().setAttribute(ResponseDocument.class.getName(), responseDocument);
        current.addRequestHandler(new SendResponseRequestHandler());
        this.reporter.reportStatus(SamlSessionService.getVaadinContext(), status);
        UI.getCurrent().getPage().reload();
    }
}
