package edu.internet2.middleware.shibboleth.idp.util;

import edu.internet2.middleware.shibboleth.common.attribute.filtering.AttributeFilteringEngine;
import edu.internet2.middleware.shibboleth.common.attribute.provider.SAML1AttributeAuthority;
import edu.internet2.middleware.shibboleth.common.attribute.provider.SAML2AttributeAuthority;
import edu.internet2.middleware.shibboleth.common.attribute.resolver.AttributeResolver;
import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager;
import edu.internet2.middleware.shibboleth.common.relyingparty.provider.SAMLMDRelyingPartyConfigurationManager;
import edu.internet2.middleware.shibboleth.common.session.SessionManager;
import edu.internet2.middleware.shibboleth.idp.authn.LoginContext;
import edu.internet2.middleware.shibboleth.idp.authn.LoginContextEntry;
import edu.internet2.middleware.shibboleth.idp.profile.IdPProfileHandlerManager;
import edu.internet2.middleware.shibboleth.idp.session.Session;
import java.util.UUID;
import javax.servlet.ServletContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.util.storage.StorageService;
import org.opensaml.xml.util.DatatypeHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/idp/util/HttpServletHelper.class */
public class HttpServletHelper {
    public static final String IDP_SESSION_COOKIE = "_idp_session";
    public static final String LOGIN_CTX_KEY_NAME = "_idp_authn_lc_key";
    public static final String ATTRIBUTE_FILTER_ENGINE_SID_CTX_PARAM = "AttributeFilterEngineId";
    public static final String ATTRIBUTE_RESOLVER_SID_CTX_PARAM = "AttributeResolverId";
    public static final String LOGIN_CTX_PARTITION_CTX_PARAM = "loginContextPartitionName";
    public static final String PROFILE_HANDLER_MNGR_SID_CTX_PARAM = "ProfileHandlerMngrId";
    public static final String RP_CONFIG_MNGR_SID_CTX_PARAM = "RelyingPartyConfigurationManagerId";
    public static final String SAML1_AA_SID_CTX_PARAM = "SAML1AttributeAuthorityId";
    public static final String SAML2_AA_SID_CTX_PARAM = "SAML2AttributeAuthorityId";
    public static final String SESSION_MNGR_SID_CTX_PARAM = "SessionManagerId";
    public static final String STORAGE_SERVICE_SID_CTX_PARAM = "StorageServiceId";
    public static final String DEFAULT_ATTRIBUTE_FILTER_ENGINE_SID = "shibboleth.AttributeFilterEngine";
    public static final String DEFAULT_ATTRIBUTE_RESOLVER_SID = "shibboleth.AttributeResolver";
    public static final String DEFAULT_LOGIN_CTX_PARITION = "loginContexts";
    public static final String DEFAULT_PROFILE_HANDLER_MNGR_SID = "shibboleth.HandlerManager";
    public static final String DEFAULT_RP_CONFIG_MNGR_SID = "shibboleth.RelyingPartyConfigurationManager";
    public static final String DEFAULT_SAML1_AA_SID = "shibboleth.SAML1AttributeAuthority";
    public static final String DEFAULT_SAML2_AA_SID = "shibboleth.SAML2AttributeAuthority";
    public static final String DEFAULT_SESSION_MNGR_SID = "shibboleth.SessionManager";
    public static final String DEFAULT_STORAGE_SERVICE_SID = "shibboleth.StorageService";
    private static final Logger log = LoggerFactory.getLogger(HttpServletHelper.class);

    public static void bindLoginContext(LoginContext loginContext, HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("HTTP request may not be null");
        }
        httpServletRequest.setAttribute("_idp_authn_lc_key", loginContext);
    }

    public static void bindLoginContext(LoginContext loginContext, StorageService storageService, ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str;
        if (storageService == null) {
            throw new IllegalArgumentException("Storage service may not be null");
        }
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("HTTP request may not be null");
        }
        if (loginContext == null) {
            return;
        }
        bindLoginContext(loginContext, httpServletRequest);
        String contextParam = getContextParam(servletContext, "loginContextPartitionName", DEFAULT_LOGIN_CTX_PARITION);
        log.debug("LoginContext parition: {}", contextParam);
        String uuid = UUID.randomUUID().toString();
        while (true) {
            str = uuid;
            if (!storageService.contains(contextParam, str)) {
                break;
            } else {
                uuid = UUID.randomUUID().toString();
            }
        }
        log.debug("LoginContext key: {}", str);
        storageService.put(contextParam, str, new LoginContextEntry(loginContext, 1800000L));
        Cookie cookie = new Cookie("_idp_authn_lc_key", str);
        cookie.setVersion(1);
        cookie.setPath(httpServletRequest.getContextPath() == "" ? "/" : httpServletRequest.getContextPath());
        cookie.setSecure(httpServletRequest.isSecure());
        httpServletResponse.addCookie(cookie);
    }

    public static AttributeFilteringEngine<?> getAttributeFilterEnginer(ServletContext servletContext) {
        return getAttributeFilterEnginer(servletContext, getContextParam(servletContext, ATTRIBUTE_FILTER_ENGINE_SID_CTX_PARAM, DEFAULT_ATTRIBUTE_FILTER_ENGINE_SID));
    }

    public static AttributeFilteringEngine<?> getAttributeFilterEnginer(ServletContext servletContext, String str) {
        return (AttributeFilteringEngine) servletContext.getAttribute(str);
    }

    public static AttributeResolver<?> getAttributeResolver(ServletContext servletContext) {
        return getAttributeResolver(servletContext, getContextParam(servletContext, ATTRIBUTE_RESOLVER_SID_CTX_PARAM, DEFAULT_ATTRIBUTE_RESOLVER_SID));
    }

    public static AttributeResolver<?> getAttributeResolver(ServletContext servletContext, String str) {
        return (AttributeResolver) servletContext.getAttribute(str);
    }

    public static String getContextParam(ServletContext servletContext, String str, String str2) {
        String safeTrimOrNullString = DatatypeHelper.safeTrimOrNullString(servletContext.getInitParameter(str));
        if (safeTrimOrNullString == null) {
            safeTrimOrNullString = str2;
        }
        return safeTrimOrNullString;
    }

    public static Cookie getCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (cookie != null && DatatypeHelper.safeEquals(cookie.getName(), str)) {
                return cookie;
            }
        }
        return null;
    }

    public static LoginContext getLoginContext(HttpServletRequest httpServletRequest) {
        return (LoginContext) httpServletRequest.getAttribute("_idp_authn_lc_key");
    }

    public static LoginContext getLoginContext(StorageService storageService, ServletContext servletContext, HttpServletRequest httpServletRequest) {
        if (storageService == null) {
            throw new IllegalArgumentException("Storage service may not be null");
        }
        if (servletContext == null) {
            throw new IllegalArgumentException("Servlet context may not be null");
        }
        if (httpServletRequest == null) {
            throw new IllegalArgumentException("HTTP request may not be null");
        }
        LoginContext loginContext = getLoginContext(httpServletRequest);
        if (loginContext == null) {
            log.debug("LoginContext not bound to HTTP request, retrieving it from storage service");
            Cookie cookie = getCookie(httpServletRequest, "_idp_authn_lc_key");
            if (cookie == null) {
                log.debug("LoginContext key cookie was not present in request");
                return null;
            }
            String safeTrimOrNullString = DatatypeHelper.safeTrimOrNullString(cookie.getValue());
            if (safeTrimOrNullString == null) {
                log.warn("Corrupted LoginContext Key cookie, it did not contain a value");
            }
            log.debug("LoginContext key is '{}'", safeTrimOrNullString);
            String contextParam = getContextParam(servletContext, "loginContextPartitionName", DEFAULT_LOGIN_CTX_PARITION);
            log.debug("parition: {}", contextParam);
            LoginContextEntry loginContextEntry = (LoginContextEntry) storageService.get(contextParam, safeTrimOrNullString);
            if (loginContextEntry == null) {
                log.debug("No login context in storage service");
            } else if (loginContextEntry.isExpired()) {
                log.debug("LoginContext found but it was expired");
            } else {
                loginContext = loginContextEntry.getLoginContext();
            }
        }
        return loginContext;
    }

    public static IdPProfileHandlerManager getProfileHandlerManager(ServletContext servletContext) {
        return getProfileHandlerManager(servletContext, getContextParam(servletContext, PROFILE_HANDLER_MNGR_SID_CTX_PARAM, DEFAULT_PROFILE_HANDLER_MNGR_SID));
    }

    public static IdPProfileHandlerManager getProfileHandlerManager(ServletContext servletContext, String str) {
        return (IdPProfileHandlerManager) servletContext.getAttribute(str);
    }

    public static RelyingPartyConfigurationManager getRelyingPartyConfirmationManager(ServletContext servletContext) {
        return getRelyingPartyConfirmationManager(servletContext, getContextParam(servletContext, RP_CONFIG_MNGR_SID_CTX_PARAM, DEFAULT_RP_CONFIG_MNGR_SID));
    }

    public static RelyingPartyConfigurationManager getRelyingPartyConfirmationManager(ServletContext servletContext, String str) {
        return (RelyingPartyConfigurationManager) servletContext.getAttribute(str);
    }

    public static EntityDescriptor getRelyingPartyMetadata(String str, RelyingPartyConfigurationManager relyingPartyConfigurationManager) {
        if (!(relyingPartyConfigurationManager instanceof SAMLMDRelyingPartyConfigurationManager)) {
            return null;
        }
        try {
            return ((SAMLMDRelyingPartyConfigurationManager) relyingPartyConfigurationManager).getMetadataProvider().getEntityDescriptor(str);
        } catch (MetadataProviderException e) {
            return null;
        }
    }

    public static SAML1AttributeAuthority getSAML1AttributeAuthority(ServletContext servletContext) {
        return getSAML1AttributeAuthority(servletContext, getContextParam(servletContext, SAML1_AA_SID_CTX_PARAM, DEFAULT_SAML1_AA_SID));
    }

    public static SAML1AttributeAuthority getSAML1AttributeAuthority(ServletContext servletContext, String str) {
        return (SAML1AttributeAuthority) servletContext.getAttribute(str);
    }

    public static SAML2AttributeAuthority getSAML2AttributeAuthority(ServletContext servletContext) {
        return getSAML2AttributeAuthority(servletContext, getContextParam(servletContext, SAML2_AA_SID_CTX_PARAM, DEFAULT_SAML2_AA_SID));
    }

    public static SAML2AttributeAuthority getSAML2AttributeAuthority(ServletContext servletContext, String str) {
        return (SAML2AttributeAuthority) servletContext.getAttribute(str);
    }

    public static SessionManager<Session> getSessionManager(ServletContext servletContext) {
        return getSessionManager(servletContext, getContextParam(servletContext, SESSION_MNGR_SID_CTX_PARAM, DEFAULT_SESSION_MNGR_SID));
    }

    public static SessionManager<Session> getSessionManager(ServletContext servletContext, String str) {
        return (SessionManager) servletContext.getAttribute(str);
    }

    public static StorageService<?, ?> getStorageService(ServletContext servletContext) {
        return getStorageService(servletContext, getContextParam(servletContext, STORAGE_SERVICE_SID_CTX_PARAM, DEFAULT_STORAGE_SERVICE_SID));
    }

    public static StorageService<?, ?> getStorageService(ServletContext servletContext, String str) {
        return (StorageService) servletContext.getAttribute(str);
    }

    public static Session getUserSession(HttpServletRequest httpServletRequest) {
        return (Session) httpServletRequest.getAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE);
    }

    public static LoginContext unbindLoginContext(StorageService storageService, ServletContext servletContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie cookie;
        if (storageService == null || servletContext == null || httpServletRequest == null || httpServletResponse == null || (cookie = getCookie(httpServletRequest, "_idp_authn_lc_key")) == null) {
            return null;
        }
        String safeTrimOrNullString = DatatypeHelper.safeTrimOrNullString(cookie.getValue());
        if (safeTrimOrNullString == null) {
            log.warn("Corrupted LoginContext Key cookie, it did not contain a value");
        }
        httpServletRequest.setAttribute("_idp_authn_lc_key", (Object) null);
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
        LoginContextEntry loginContextEntry = (LoginContextEntry) storageService.remove(getContextParam(servletContext, "loginContextPartitionName", DEFAULT_LOGIN_CTX_PARITION), safeTrimOrNullString);
        if (loginContextEntry == null || loginContextEntry.isExpired()) {
            return null;
        }
        return loginContextEntry.getLoginContext();
    }
}
