package org.jenkinsci.plugins.saml;

import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.kohsuke.stapler.StaplerRequest2;
import org.kohsuke.stapler.StaplerResponse2;
import org.opensaml.core.config.InitializationException;
import org.opensaml.core.config.InitializationService;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.http.callback.NoParameterCallbackUrlResolver;
import org.pac4j.jee.context.JEEContext;
import org.pac4j.jee.context.JEEFrameworkParameters;
import org.pac4j.jee.context.session.JEESessionStoreFactory;
import org.pac4j.saml.client.SAML2Client;
import org.pac4j.saml.config.SAML2Configuration;

/* loaded from: input_file:org/jenkinsci/plugins/saml/OpenSAMLWrapper.class */
public abstract class OpenSAMLWrapper<T> {
    private static final Logger LOG = Logger.getLogger(OpenSAMLWrapper.class.getName());
    protected SamlPluginConfig samlPluginConfig;
    protected StaplerRequest2 request;
    protected StaplerResponse2 response;

    public T get() {
        try {
            LOG.finest("adapt TCCL");
            Thread currentThread = Thread.currentThread();
            ClassLoader contextClassLoader = currentThread.getContextClassLoader();
            currentThread.setContextClassLoader(InitializationService.class.getClassLoader());
            try {
                InitializationService.initialize();
                T process = process();
                LOG.finest("reset TCCL");
                currentThread.setContextClassLoader(contextClassLoader);
                return process;
            } catch (Throwable th) {
                LOG.finest("reset TCCL");
                currentThread.setContextClassLoader(contextClassLoader);
                throw th;
            }
        } catch (InitializationException e) {
            LOG.log(Level.SEVERE, "Could not initialize opensaml service.", e);
            throw new IllegalStateException(e);
        }
    }

    protected abstract T process();

    /* JADX INFO: Access modifiers changed from: protected */
    public WebContext createWebContext() {
        return new JEEContext(this.request, this.response);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SessionStore createSessionStore() {
        return JEESessionStoreFactory.INSTANCE.newSessionStore(new JEEFrameworkParameters(this.request, this.response));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SAML2Client createSAML2Client() {
        List<SamlPropertyExecution> list = this.samlPluginConfig.properties().stream().map((v0) -> {
            return v0.newExecution();
        }).toList();
        return createSAML2Client(createSAML2Configuration(list), list);
    }

    private SAML2Client createSAML2Client(SAML2Configuration sAML2Configuration, List<SamlPropertyExecution> list) {
        SAML2Client sAML2Client = new SAML2Client(sAML2Configuration);
        sAML2Client.setCallbackUrl(this.samlPluginConfig.getConsumerServiceUrl());
        sAML2Client.setCallbackUrlResolver(new NoParameterCallbackUrlResolver());
        sAML2Client.setStateGenerator(new RefererStateGenerator());
        list.forEach(samlPropertyExecution -> {
            samlPropertyExecution.customizeClient(sAML2Client);
        });
        sAML2Client.init();
        try {
            LOG.fine(() -> {
                return sAML2Client.getServiceProviderMetadataResolver().getMetadata();
            });
        } catch (TechnicalException e) {
            LOG.fine(() -> {
                return "Is not possible to show the metadata : " + e.getMessage();
            });
        }
        return sAML2Client;
    }

    private static SAML2Configuration createSAML2Configuration(List<SamlPropertyExecution> list) {
        SAML2Configuration sAML2Configuration = new SAML2Configuration();
        sAML2Configuration.setResponseDestinationAttributeMandatory(false);
        sAML2Configuration.setForceServiceProviderMetadataGeneration(true);
        SamlPropertyDescriptor.all().forEach(samlPropertyDescriptor -> {
            samlPropertyDescriptor.getDefaultConfiguration(sAML2Configuration);
        });
        boolean anyMatch = list.stream().anyMatch((v0) -> {
            return v0.isUseDiskCache();
        });
        sAML2Configuration.setIdentityProviderMetadataResource(SamlFileResourceFactory.create(SamlSecurityRealm.getIDPMetadataFilePath(), anyMatch));
        sAML2Configuration.setServiceProviderMetadataResource(SamlFileResourceFactory.create(SamlSecurityRealm.getSPMetadataFilePath(), anyMatch));
        list.forEach(samlPropertyExecution -> {
            samlPropertyExecution.customizeConfiguration(sAML2Configuration);
        });
        return sAML2Configuration;
    }
}
