package com.atlassian.plugins.authentication.sso.config.saml;

import com.atlassian.plugins.authentication.api.config.SsoType;
import com.atlassian.plugins.authentication.api.config.ValidationError;
import com.atlassian.plugins.authentication.api.config.saml.SamlConfig;
import com.atlassian.plugins.authentication.sso.config.AbstractIdpConfigValidator;
import com.atlassian.plugins.authentication.sso.config.ValidationContext;
import com.atlassian.plugins.authentication.sso.rest.model.IdpConfigEntity;
import com.atlassian.plugins.authentication.sso.util.HttpsValidator;
import com.atlassian.plugins.authentication.sso.util.ValidationUtils;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableMultimap;
import com.google.common.collect.Multimap;
import javax.annotation.Nonnull;
import javax.inject.Inject;
import javax.inject.Named;

@Named
/* loaded from: input_file:com/atlassian/plugins/authentication/sso/config/saml/SamlConfigValidator.class */
public class SamlConfigValidator extends AbstractIdpConfigValidator<SamlConfig> {
    @Inject
    public SamlConfigValidator(HttpsValidator httpsValidator) {
        super(httpsValidator);
    }

    @Override // com.atlassian.plugins.authentication.sso.config.AbstractIdpConfigValidator
    protected SsoType getSsoType() {
        return SsoType.SAML;
    }

    @Override // com.atlassian.plugins.authentication.sso.config.AbstractIdpConfigValidator
    protected Class<SamlConfig> getSsoClass() {
        return SamlConfig.class;
    }

    /* renamed from: validate, reason: avoid collision after fix types in other method */
    protected void validate2(@Nonnull ImmutableMultimap.Builder<String, ValidationError> builder, @Nonnull SamlConfig samlConfig) {
        String str = samlConfig.getIdpType() == SamlConfig.IdpType.CROWD ? IdpConfigEntity.Config.Saml.CROWD_URL : "sso-url";
        String str2 = samlConfig.getIdpType() == SamlConfig.IdpType.CROWD ? IdpConfigEntity.Config.Saml.CROWD_URL : "sso-issuer";
        builder.putAll(str, validateRequiredField(samlConfig.getSsoUrl()));
        builder.putAll(str2, validateRequiredField(samlConfig.getIssuer()));
        builder.putAll(IdpConfigEntity.Config.Saml.CERTIFICATE, validateRequiredField(samlConfig.getCertificate()));
        builder.putAll("idp-type", validateIdpType(samlConfig.getIdpType(), samlConfig.getInferredIdpType()));
        builder.putAll(str, validateUrl(samlConfig.getSsoUrl()));
        builder.putAll(IdpConfigEntity.Config.Saml.CERTIFICATE, validateCertificate(samlConfig.getCertificate()));
        if (samlConfig.getIdpType().equals(SamlConfig.IdpType.GENERIC)) {
            builder.putAll("username-attribute", validateMappingExpression(samlConfig.getUsernameAttribute()));
            builder.putAll(validateJitFields(samlConfig.getJustInTimeConfig()));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.atlassian.plugins.authentication.sso.config.AbstractIdpConfigValidator
    public Multimap<String, ValidationError> validateInContext(SamlConfig samlConfig, ValidationContext validationContext) {
        throw new IllegalArgumentException("Validation in context " + validationContext + " is not supported for SAML configuration");
    }

    private Iterable<? extends ValidationError> validateIdpType(SamlConfig.IdpType idpType, SamlConfig.IdpType idpType2) {
        return idpType2 == idpType ? NO_ERRORS : (idpType == SamlConfig.IdpType.GENERIC && idpType2 == SamlConfig.IdpType.CROWD) ? NO_ERRORS : ERROR_INCORRECT;
    }

    private Iterable<ValidationError> validateCertificate(String str) {
        if (!Strings.isNullOrEmpty(str)) {
            try {
                ValidationUtils.convertToCertificate(str);
            } catch (Exception e) {
                return ERROR_INCORRECT;
            }
        }
        return NO_ERRORS;
    }

    @Override // com.atlassian.plugins.authentication.sso.config.AbstractIdpConfigValidator
    protected /* bridge */ /* synthetic */ void validate(@Nonnull ImmutableMultimap.Builder builder, @Nonnull SamlConfig samlConfig) {
        validate2((ImmutableMultimap.Builder<String, ValidationError>) builder, samlConfig);
    }
}
