package org.pac4j.saml.credentials.extractor;

import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.LogoutRequest;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.extractor.CredentialsExtractor;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.context.SAML2MessageContext;
import org.pac4j.saml.context.SAMLContextProvider;
import org.pac4j.saml.credentials.SAML2Credentials;
import org.pac4j.saml.logout.impl.SAML2LogoutResponseBuilder;
import org.pac4j.saml.logout.impl.SAML2LogoutResponseMessageSender;
import org.pac4j.saml.metadata.SAML2ServiceProviderMetadataResolver;
import org.pac4j.saml.profile.api.SAML2ProfileHandler;
import org.pac4j.saml.transport.Pac4jSAMLResponse;

/* loaded from: input_file:WEB-INF/lib/pac4j-saml-3.7.0.jar:org/pac4j/saml/credentials/extractor/SAML2CredentialsExtractor.class */
public class SAML2CredentialsExtractor implements CredentialsExtractor<SAML2Credentials> {
    protected final SAMLContextProvider contextProvider;
    protected final SAML2ProfileHandler<AuthnRequest> profileHandler;
    protected final SAML2ProfileHandler<LogoutRequest> logoutProfileHandler;
    protected final String spLogoutResponseBindingType;
    protected SAML2LogoutResponseBuilder saml2LogoutResponseBuilder;
    protected final SAML2LogoutResponseMessageSender saml2LogoutResponseMessageSender;

    public SAML2CredentialsExtractor(SAML2Client sAML2Client) {
        this.contextProvider = sAML2Client.getContextProvider();
        this.profileHandler = sAML2Client.getProfileHandler();
        this.logoutProfileHandler = sAML2Client.getLogoutProfileHandler();
        this.spLogoutResponseBindingType = sAML2Client.getConfiguration().getSpLogoutResponseBindingType();
        this.saml2LogoutResponseBuilder = new SAML2LogoutResponseBuilder(this.spLogoutResponseBindingType);
        this.saml2LogoutResponseMessageSender = new SAML2LogoutResponseMessageSender(sAML2Client.getSignatureSigningParametersProvider(), this.spLogoutResponseBindingType, false, sAML2Client.getConfiguration().isSpLogoutRequestSigned());
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.pac4j.core.credentials.extractor.CredentialsExtractor
    public SAML2Credentials extract(WebContext webContext) {
        boolean z = webContext.getRequestParameter(SAML2ServiceProviderMetadataResolver.LOGOUT_ENDPOINT_PARAMETER) != null;
        SAML2MessageContext buildContext = this.contextProvider.buildContext(webContext);
        if (!z) {
            return (SAML2Credentials) this.profileHandler.receive(buildContext);
        }
        this.logoutProfileHandler.receive(buildContext);
        this.saml2LogoutResponseMessageSender.sendMessage(buildContext, this.saml2LogoutResponseBuilder.build(buildContext), buildContext.getSAMLBindingContext().getRelayState());
        Pac4jSAMLResponse profileRequestContextOutboundMessageTransportResponse = buildContext.getProfileRequestContextOutboundMessageTransportResponse();
        if (this.spLogoutResponseBindingType.equalsIgnoreCase(SAMLConstants.SAML2_POST_BINDING_URI)) {
            throw HttpAction.ok(webContext, profileRequestContextOutboundMessageTransportResponse.getOutgoingContent());
        }
        throw HttpAction.redirect(webContext, profileRequestContextOutboundMessageTransportResponse.getRedirectUrl());
    }

    public SAML2LogoutResponseBuilder getSaml2LogoutResponseBuilder() {
        return this.saml2LogoutResponseBuilder;
    }

    public void setSaml2LogoutResponseBuilder(SAML2LogoutResponseBuilder sAML2LogoutResponseBuilder) {
        this.saml2LogoutResponseBuilder = sAML2LogoutResponseBuilder;
    }
}
