package com.liferay.saml.opensaml.integration.internal.metadata;

import com.liferay.portal.kernel.util.PortalUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.saml.opensaml.integration.internal.util.OpenSamlUtil;
import com.liferay.saml.runtime.exception.CredentialException;
import com.liferay.saml.runtime.exception.EntityIdException;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.IDPSSODescriptor;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.saml2.metadata.SingleLogoutService;
import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.credential.UsageType;

/* loaded from: input_file:com/liferay/saml/opensaml/integration/internal/metadata/MetadataGeneratorUtil.class */
public class MetadataGeneratorUtil {
    public static EntityDescriptor buildIdpEntityDescriptor(HttpServletRequest httpServletRequest, String str, boolean z, boolean z2, boolean z3, Credential credential) throws Exception {
        if (Validator.isNull(str)) {
            throw new EntityIdException("Entity ID is required");
        }
        if (credential == null) {
            throw new CredentialException("Credential is required");
        }
        EntityDescriptor buildEntityDescriptor = OpenSamlUtil.buildEntityDescriptor();
        buildEntityDescriptor.setEntityID(str);
        buildEntityDescriptor.getRoleDescriptors().add(buildIdpSsoDescriptor(httpServletRequest, str, z, z3, credential));
        if (z2) {
            OpenSamlUtil.signObject(buildEntityDescriptor, credential);
        }
        return buildEntityDescriptor;
    }

    public static IDPSSODescriptor buildIdpSsoDescriptor(HttpServletRequest httpServletRequest, String str, boolean z, boolean z2, Credential credential) throws Exception {
        IDPSSODescriptor buildIdpSsoDescriptor = OpenSamlUtil.buildIdpSsoDescriptor();
        buildIdpSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
        buildIdpSsoDescriptor.setID(str);
        buildIdpSsoDescriptor.setWantAuthnRequestsSigned(Boolean.valueOf(z));
        buildIdpSsoDescriptor.getKeyDescriptors().add(OpenSamlUtil.buildKeyDescriptor(UsageType.SIGNING, OpenSamlUtil.buildKeyInfo(credential)));
        List<SingleSignOnService> singleSignOnServices = buildIdpSsoDescriptor.getSingleSignOnServices();
        String portalURL = PortalUtil.getPortalURL(httpServletRequest, z2);
        String pathMain = PortalUtil.getPathMain();
        singleSignOnServices.add(OpenSamlUtil.buildSingleSignOnService(SAMLConstants.SAML2_REDIRECT_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/sso")));
        singleSignOnServices.add(OpenSamlUtil.buildSingleSignOnService(SAMLConstants.SAML2_POST_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/sso")));
        List<SingleLogoutService> singleLogoutServices = buildIdpSsoDescriptor.getSingleLogoutServices();
        singleLogoutServices.add(OpenSamlUtil.buildSingleLogoutService(SAMLConstants.SAML2_POST_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/slo")));
        singleLogoutServices.add(OpenSamlUtil.buildSingleLogoutService(SAMLConstants.SAML2_REDIRECT_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/slo")));
        return buildIdpSsoDescriptor;
    }

    public static EntityDescriptor buildSpEntityDescriptor(HttpServletRequest httpServletRequest, String str, boolean z, boolean z2, boolean z3, boolean z4, Credential credential) throws Exception {
        EntityDescriptor buildEntityDescriptor = OpenSamlUtil.buildEntityDescriptor();
        buildEntityDescriptor.setEntityID(str);
        buildEntityDescriptor.getRoleDescriptors().add(buildSpSsoDescriptor(httpServletRequest, str, z, z3, z4, credential));
        if (z2) {
            OpenSamlUtil.signObject(buildEntityDescriptor, credential);
        }
        return buildEntityDescriptor;
    }

    public static SPSSODescriptor buildSpSsoDescriptor(HttpServletRequest httpServletRequest, String str, boolean z, boolean z2, boolean z3, Credential credential) throws Exception {
        SPSSODescriptor buildSpSsoDescriptor = OpenSamlUtil.buildSpSsoDescriptor();
        buildSpSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
        buildSpSsoDescriptor.setAuthnRequestsSigned(Boolean.valueOf(z));
        buildSpSsoDescriptor.setID(str);
        buildSpSsoDescriptor.setWantAssertionsSigned(Boolean.valueOf(z3));
        List<AssertionConsumerService> assertionConsumerServices = buildSpSsoDescriptor.getAssertionConsumerServices();
        String portalURL = PortalUtil.getPortalURL(httpServletRequest, z2);
        String pathMain = PortalUtil.getPathMain();
        assertionConsumerServices.add(OpenSamlUtil.buildAssertionConsumerService(SAMLConstants.SAML2_POST_BINDING_URI, 1, true, portalURL.concat(pathMain).concat("/portal/saml/acs")));
        buildSpSsoDescriptor.getKeyDescriptors().add(OpenSamlUtil.buildKeyDescriptor(UsageType.SIGNING, OpenSamlUtil.buildKeyInfo(credential)));
        List<SingleLogoutService> singleLogoutServices = buildSpSsoDescriptor.getSingleLogoutServices();
        singleLogoutServices.add(OpenSamlUtil.buildSingleLogoutService(SAMLConstants.SAML2_POST_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/slo")));
        singleLogoutServices.add(OpenSamlUtil.buildSingleLogoutService(SAMLConstants.SAML2_REDIRECT_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/slo")));
        singleLogoutServices.add(OpenSamlUtil.buildSingleLogoutService(SAMLConstants.SAML2_SOAP11_BINDING_URI, portalURL.concat(pathMain).concat("/portal/saml/slo_soap")));
        return buildSpSsoDescriptor;
    }
}
