package fr.wseduc.cas.endpoint;

import fr.wseduc.cas.async.Handler;
import fr.wseduc.cas.entities.User;
import fr.wseduc.cas.exceptions.ErrorCodes;
import fr.wseduc.cas.http.Request;
import java.io.StringReader;
import java.io.StringWriter;
import java.util.GregorianCalendar;
import java.util.Map;
import java.util.TimeZone;
import java.util.UUID;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.datatype.DatatypeConfigurationException;
import javax.xml.datatype.DatatypeFactory;
import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLOutputFactory;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamWriter;
import org.xmlsoap.schemas.soap.envelope.Envelope;
import urn.oasis.names.tc.saml.assertion.AssertionType;
import urn.oasis.names.tc.saml.protocol.RequestType;
import urn.oasis.names.tc.saml.protocol.ResponseType;

/* loaded from: input_file:fr/wseduc/cas/endpoint/SamlValidator.class */
public class SamlValidator extends Validator {
    private long assertionValidityTimeMillis = 30000;

    @Override // fr.wseduc.cas.endpoint.Validator
    public void serviceValidate(final Request request) {
        final String parameter = request.getParameter("TARGET");
        request.getBody(new Handler<String>() { // from class: fr.wseduc.cas.endpoint.SamlValidator.1
            @Override // fr.wseduc.cas.async.Handler
            public void handle(String str) {
                try {
                    SamlValidator.this.doValidate(request, parameter, ((RequestType) ((JAXBElement) ((Envelope) JAXBContext.newInstance(new Class[]{Envelope.class, ResponseType.class, AssertionType.class}).createUnmarshaller().unmarshal(XMLInputFactory.newInstance().createXMLStreamReader(new StringReader(str)), Envelope.class).getValue()).getBody().getAny().get(0)).getValue()).getAssertionArtifact().get(0));
                } catch (JAXBException | XMLStreamException e) {
                    Validator.log.severe(e.toString());
                    request.getResponse().setStatusCode(500);
                    request.getResponse().setBody(e.getMessage());
                    SamlValidator.this.error(request, ErrorCodes.INVALID_REQUEST);
                } catch (Exception e2) {
                    Validator.log.severe(e2.toString());
                    request.getResponse().setStatusCode(500);
                    request.getResponse().setBody(e2.getMessage());
                    SamlValidator.this.error(request, ErrorCodes.INVALID_REQUEST);
                }
            }
        }, "UTF-8");
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    protected void success(Request request, User user, String str) {
        try {
            try {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                gregorianCalendar.setTimeZone(TimeZone.getTimeZone("GMT"));
                gregorianCalendar.setTimeInMillis(System.currentTimeMillis());
                String xMLFormat = DatatypeFactory.newInstance().newXMLGregorianCalendar(gregorianCalendar).toXMLFormat();
                gregorianCalendar.setTimeInMillis(System.currentTimeMillis() + this.assertionValidityTimeMillis);
                String xMLFormat2 = DatatypeFactory.newInstance().newXMLGregorianCalendar(gregorianCalendar).toXMLFormat();
                StringWriter stringWriter = new StringWriter();
                XMLStreamWriter createXMLStreamWriter = XMLOutputFactory.newInstance().createXMLStreamWriter(stringWriter);
                writeEnvelopeStart(createXMLStreamWriter);
                writeResponseStart(createXMLStreamWriter, str, xMLFormat);
                writeSuccess(createXMLStreamWriter);
                writeAssertion(createXMLStreamWriter, user, str, xMLFormat, xMLFormat2);
                writeResponseEnd(createXMLStreamWriter);
                writeEnvelopeEnd(createXMLStreamWriter);
                request.getResponse().setStatusCode(200);
                request.getResponse().setBody(stringWriter.toString());
                request.getResponse().close();
            } catch (DatatypeConfigurationException | XMLStreamException e) {
                log.severe(e.toString());
                request.getResponse().setStatusCode(500);
                request.getResponse().setBody(e.getMessage());
                request.getResponse().close();
            }
        } catch (Throwable th) {
            request.getResponse().close();
            throw th;
        }
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    protected void success(Request request, User user, String str, String str2) {
        error(request, ErrorCodes.UNSUPPORTED_SAML_PROXY_REQUEST);
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    protected void success(Request request, User user, String str, String str2, String[] strArr) {
        error(request, ErrorCodes.UNSUPPORTED_SAML_PROXY_REQUEST);
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    protected void error(Request request, ErrorCodes errorCodes) {
        try {
            try {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                gregorianCalendar.setTimeZone(TimeZone.getTimeZone("GMT"));
                gregorianCalendar.setTimeInMillis(System.currentTimeMillis());
                String xMLFormat = DatatypeFactory.newInstance().newXMLGregorianCalendar(gregorianCalendar).toXMLFormat();
                StringWriter stringWriter = new StringWriter();
                XMLStreamWriter createXMLStreamWriter = XMLOutputFactory.newInstance().createXMLStreamWriter(stringWriter);
                writeEnvelopeStart(createXMLStreamWriter);
                writeResponseStart(createXMLStreamWriter, "localhost", xMLFormat);
                writeError(createXMLStreamWriter, errorCodes.getMessage());
                writeResponseEnd(createXMLStreamWriter);
                writeEnvelopeEnd(createXMLStreamWriter);
                request.getResponse().setStatusCode(200);
                request.getResponse().setBody(stringWriter.toString());
                request.getResponse().close();
            } catch (DatatypeConfigurationException | XMLStreamException e) {
                log.severe(e.toString());
                request.getResponse().setStatusCode(500);
                request.getResponse().setBody(e.getMessage());
                request.getResponse().close();
            }
        } catch (Throwable th) {
            request.getResponse().close();
            throw th;
        }
    }

    private void writeEnvelopeStart(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        xMLStreamWriter.setPrefix("SOAP-ENV", "http://schemas.xmlsoap.org/soap/envelope/");
        xMLStreamWriter.writeStartElement("http://schemas.xmlsoap.org/soap/envelope/", "Envelope");
        xMLStreamWriter.writeNamespace("SOAP-ENV", "http://schemas.xmlsoap.org/soap/envelope/");
        xMLStreamWriter.writeEmptyElement("http://schemas.xmlsoap.org/soap/envelope/", "Header");
        xMLStreamWriter.writeStartElement("http://schemas.xmlsoap.org/soap/envelope/", "Body");
    }

    private void writeEnvelopeEnd(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
    }

    private void writeResponseStart(XMLStreamWriter xMLStreamWriter, String str, String str2) throws XMLStreamException {
        xMLStreamWriter.setPrefix("", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeStartElement("urn:oasis:names:tc:SAML:1.0:protocol", "Response");
        xMLStreamWriter.writeNamespace("", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeNamespace("samlp", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeNamespace("saml", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeNamespace("xsd", "http://www.w3.org/2001/XMLSchema");
        xMLStreamWriter.writeNamespace("xsi", "http://www.w3.org/2001/XMLSchema-instance");
        xMLStreamWriter.writeAttribute("IssueInstant", str2);
        xMLStreamWriter.writeAttribute("MajorVersion", "1");
        xMLStreamWriter.writeAttribute("MinorVersion", "1");
        xMLStreamWriter.writeAttribute("Recipient", str);
        xMLStreamWriter.writeAttribute("ResponseID", "_" + UUID.randomUUID().toString());
    }

    private void writeResponseEnd(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        xMLStreamWriter.writeEndElement();
    }

    private void writeSuccess(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        xMLStreamWriter.writeStartElement("", "Status", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeStartElement("", "StatusCode", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeAttribute("Value", "samlp:Success");
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
    }

    private void writeError(XMLStreamWriter xMLStreamWriter, String str) throws XMLStreamException {
        xMLStreamWriter.writeStartElement("", "Status", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeStartElement("", "StatusCode", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeAttribute("Value", "samlp:Responder");
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeStartElement("", "StatusMessage", "urn:oasis:names:tc:SAML:1.0:protocol");
        xMLStreamWriter.writeCharacters(str);
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
    }

    private void writeAssertion(XMLStreamWriter xMLStreamWriter, User user, String str, String str2, String str3) throws XMLStreamException {
        xMLStreamWriter.setPrefix("", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeStartElement("", "Assertion", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeNamespace("", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeAttribute("AssertionID", "_" + UUID.randomUUID().toString());
        xMLStreamWriter.writeAttribute("IssueInstant", str2);
        xMLStreamWriter.writeAttribute("Issuer", "localhost");
        xMLStreamWriter.writeAttribute("MajorVersion", "1");
        xMLStreamWriter.writeAttribute("MinorVersion", "1");
        xMLStreamWriter.writeStartElement("", "Conditions", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeAttribute("NotBefore", str2);
        xMLStreamWriter.writeAttribute("NotOnOrAfter", str3);
        xMLStreamWriter.writeStartElement("", "AudienceRestrictionCondition", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeStartElement("", "Audience", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeCharacters(str);
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeStartElement("", "AttributeStatement", "urn:oasis:names:tc:SAML:1.0:assertion");
        writeSubject(xMLStreamWriter, user);
        writeAttributes(xMLStreamWriter, user);
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeStartElement("", "AuthenticationStatement ", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeAttribute("AuthenticationInstant", str2);
        xMLStreamWriter.writeAttribute("AuthenticationMethod", "urn:oasis:names:tc:SAML:1.0:am:password");
        writeSubject(xMLStreamWriter, user);
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
    }

    private void writeSubject(XMLStreamWriter xMLStreamWriter, User user) throws XMLStreamException {
        xMLStreamWriter.writeStartElement("", "Subject", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeStartElement("", "NameIdentifier", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeCharacters(user.getUser());
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeStartElement("", "SubjectConfirmation", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeStartElement("", "ConfirmationMethod", "urn:oasis:names:tc:SAML:1.0:assertion");
        xMLStreamWriter.writeCharacters("urn:oasis:names:tc:SAML:1.0:cm:artifact");
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
        xMLStreamWriter.writeEndElement();
    }

    private void writeAttributes(XMLStreamWriter xMLStreamWriter, User user) throws XMLStreamException {
        if (user == null || user.getAttributes() == null) {
            return;
        }
        for (Map.Entry<String, String> entry : user.getAttributes().entrySet()) {
            xMLStreamWriter.writeStartElement("", "Attribute ", "urn:oasis:names:tc:SAML:1.0:assertion");
            xMLStreamWriter.writeAttribute("AttributeName", entry.getKey());
            xMLStreamWriter.writeAttribute("AttributeNamespace", "http://www.ja-sig.org/products/cas");
            xMLStreamWriter.writeStartElement("", "AttributeValue ", "urn:oasis:names:tc:SAML:1.0:assertion");
            xMLStreamWriter.writeCharacters(entry.getValue());
            xMLStreamWriter.writeEndElement();
            xMLStreamWriter.writeEndElement();
        }
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    public void proxyValidate(Request request) {
        error(request, ErrorCodes.UNSUPPORTED_SAML_PROXY_VALIDATION);
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    public void proxy(Request request) {
        error(request, ErrorCodes.UNSUPPORTED_SAML_PROXY_VALIDATION);
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    protected void successProxy(Request request, String str) {
        error(request, ErrorCodes.UNSUPPORTED_SAML_PROXY_VALIDATION);
    }

    @Override // fr.wseduc.cas.endpoint.Validator
    protected void errorProxy(Request request, ErrorCodes errorCodes) {
        error(request, ErrorCodes.UNSUPPORTED_SAML_PROXY_VALIDATION);
    }

    public long getAssertionValidityTimeMillis() {
        return this.assertionValidityTimeMillis;
    }

    public void setAssertionValidityTimeMillis(long j) {
        this.assertionValidityTimeMillis = j;
    }
}
