package com.ibm.ws.security.saml.sso20.binding;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.saml.Constants;
import com.ibm.ws.security.saml.SsoRequest;
import com.ibm.ws.security.saml.SsoSamlService;
import com.ibm.ws.security.saml.error.SamlException;
import com.ibm.ws.security.saml.impl.Saml20HTTPPostDecoder;
import com.ibm.ws.security.saml.sso20.internal.utils.RequestUtil;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/saml/sso20/binding/BasicMessageContextBuilder.class */
public class BasicMessageContextBuilder<InboundMessageType extends SAMLObject, OutboundMessageType extends SAMLObject, NameIdentifierType extends SAMLObject> {
    private static TraceComponent tc = Tr.register(BasicMessageContextBuilder.class, "SAML20", "com.ibm.ws.security.saml.sso20.internal.resources.SamlSso20Messages");
    static BasicMessageContextBuilder<?, ?, ?> instance = new BasicMessageContextBuilder<>();
    static final long serialVersionUID = 1087992428369251503L;

    public static void setInstance(BasicMessageContextBuilder<?, ?, ?> basicMessageContextBuilder) {
        instance = basicMessageContextBuilder;
    }

    public static BasicMessageContextBuilder<?, ?, ?> getInstance() {
        return instance;
    }

    BasicMessageContext<InboundMessageType, OutboundMessageType> getBasicMessageContext(SsoSamlService ssoSamlService) {
        return new BasicMessageContext<>(ssoSamlService);
    }

    BasicMessageContext<InboundMessageType, OutboundMessageType> getBasicMessageContext(SsoSamlService ssoSamlService, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return new BasicMessageContext<>(ssoSamlService, httpServletRequest, httpServletResponse);
    }

    public BasicMessageContext<InboundMessageType, OutboundMessageType> buildAcs(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SsoSamlService ssoSamlService, String str, SsoRequest ssoRequest) throws SamlException {
        BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext = getBasicMessageContext(ssoSamlService, httpServletRequest, httpServletResponse);
        basicMessageContext.setAndRemoveCachedRequestInfo(str, ssoRequest);
        setIdpMetadaProvider(basicMessageContext);
        decodeSamlResponse(basicMessageContext, httpServletRequest);
        return basicMessageContext;
    }

    public BasicMessageContext<InboundMessageType, OutboundMessageType> buildSLO(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SsoSamlService ssoSamlService, String str, SsoRequest ssoRequest) throws SamlException {
        BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext = getBasicMessageContext(ssoSamlService, httpServletRequest, httpServletResponse);
        basicMessageContext.setAndRemoveCachedRequestInfo(str, ssoRequest);
        setIdpMetadaProvider(basicMessageContext);
        decodeSamlLogoutMessage(basicMessageContext, httpServletRequest);
        return basicMessageContext;
    }

    public BasicMessageContext<InboundMessageType, OutboundMessageType> buildRsSaml(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SsoSamlService ssoSamlService, String str, SsoRequest ssoRequest) throws SamlException {
        BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext = getBasicMessageContext(ssoSamlService, httpServletRequest, httpServletResponse);
        basicMessageContext.setMessageContext(new MessageContext<>());
        return basicMessageContext;
    }

    public BasicMessageContext<InboundMessageType, OutboundMessageType> buildIdp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SsoSamlService ssoSamlService) throws SamlException {
        BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext = getBasicMessageContext(ssoSamlService);
        setIdpMetadaProvider(basicMessageContext);
        return basicMessageContext;
    }

    public boolean decodeSamlResponse(BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext, HttpServletRequest httpServletRequest) throws SamlException {
        String acsUrl = RequestUtil.getAcsUrl(basicMessageContext.getHttpServletRequest(), Constants.SAML20_CONTEXT_PATH, basicMessageContext.getSsoService().getProviderId(), basicMessageContext.getSsoConfig());
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "acsUrl:", new Object[]{acsUrl});
        }
        try {
            HTTPPostDecoder samlHttpPostDecoder = getSamlHttpPostDecoder(acsUrl, httpServletRequest);
            samlHttpPostDecoder.decode();
            basicMessageContext.setMessageContext(samlHttpPostDecoder.getMessageContext());
            return true;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder", "134", this, new Object[]{basicMessageContext, httpServletRequest});
            throw decodeError(e);
        }
    }

    public boolean decodeSamlLogoutMessage(BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext, HttpServletRequest httpServletRequest) throws SamlException {
        String sloUrl = RequestUtil.getSloUrl(basicMessageContext.getHttpServletRequest(), Constants.SAML20_CONTEXT_PATH, basicMessageContext.getSsoService().getProviderId(), basicMessageContext.getSsoConfig());
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "SLO Url:", new Object[]{sloUrl});
        }
        try {
            HTTPPostDecoder samlHttpPostDecoder = getSamlHttpPostDecoder(sloUrl, httpServletRequest);
            samlHttpPostDecoder.decode();
            basicMessageContext.setMessageContext(samlHttpPostDecoder.getMessageContext());
            return true;
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder", "156", this, new Object[]{basicMessageContext, httpServletRequest});
            throw decodeError(e);
        }
    }

    HTTPPostDecoder getSamlHttpPostDecoder(String str, HttpServletRequest httpServletRequest) throws ComponentInitializationException {
        Saml20HTTPPostDecoder saml20HTTPPostDecoder = new Saml20HTTPPostDecoder(str);
        saml20HTTPPostDecoder.setHttpServletRequest(httpServletRequest);
        saml20HTTPPostDecoder.setParserPool(XMLObjectProviderRegistrySupport.getParserPool());
        saml20HTTPPostDecoder.initialize();
        return saml20HTTPPostDecoder;
    }

    BasicMessageContext<InboundMessageType, OutboundMessageType> setIdpMetadaProvider(BasicMessageContext<InboundMessageType, OutboundMessageType> basicMessageContext) throws SamlException {
        basicMessageContext.setMetadataProvider(basicMessageContext.getSsoConfig().getIdpMetadataProvider());
        return basicMessageContext;
    }

    public static SamlException decodeError(Exception exc) {
        return new SamlException("SAML20_DECODE_SAML_RESPONSE_FAILURE_LOG", exc, new Object[]{exc.getMessage(), exc.getClass().getName()});
    }
}
