package net.shibboleth.idp.plugin.authn.oidc.rp.messaging.context.logic;

import java.util.function.Function;
import javax.annotation.Nonnull;
import net.shibboleth.idp.profile.context.RelyingPartyContext;
import net.shibboleth.idp.profile.logic.AbstractRelyingPartyPredicate;
import net.shibboleth.oidc.metadata.context.OIDCProviderMetadataContext;
import net.shibboleth.oidc.profile.config.OIDCAuthenticationRelyingPartyProfileConfiguration;
import net.shibboleth.oidc.profile.messaging.context.OIDCPeerEntityContext;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.opensaml.messaging.context.navigate.ChildContextLookup;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.profile.context.navigate.InboundMessageContextLookup;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/idp/plugin/authn/oidc/rp/messaging/context/logic/RequestObjectRequiredAndSupported.class */
public class RequestObjectRequiredAndSupported extends AbstractRelyingPartyPredicate {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(RequestObjectRequiredAndSupported.class);

    @Nonnull
    private Function<ProfileRequestContext, OIDCProviderMetadataContext> oidcProviderMetadataContextLookupStrategy = new ChildContextLookup(OIDCProviderMetadataContext.class).compose(new ChildContextLookup(OIDCPeerEntityContext.class)).compose(new InboundMessageContextLookup());

    public void setOidcProviderMetadataContextLookupStrategy(@Nonnull Function<ProfileRequestContext, OIDCProviderMetadataContext> function) {
        this.oidcProviderMetadataContextLookupStrategy = (Function) Constraint.isNotNull(function, "OidcProviderMetadataContextLookupStrategy lookup strategy cannot be null");
    }

    public boolean test(ProfileRequestContext profileRequestContext) {
        boolean z = false;
        RelyingPartyContext relyingPartyContext = (RelyingPartyContext) getRelyingPartyContextLookupStrategy().apply(profileRequestContext);
        if (relyingPartyContext != null && (relyingPartyContext.getProfileConfig() instanceof OIDCAuthenticationRelyingPartyProfileConfiguration)) {
            z = relyingPartyContext.getProfileConfig().isUseRequestObject(profileRequestContext);
        }
        OIDCProviderMetadataContext apply = this.oidcProviderMetadataContextLookupStrategy.apply(profileRequestContext);
        if (apply == null || apply.getProviderInformation() == null) {
            this.log.warn("OIDC Provider Metadata is not available, can not determine if request object is supported, will not build request object");
            return false;
        }
        boolean supportsRequestParam = apply.getProviderInformation().supportsRequestParam();
        boolean z2 = z && supportsRequestParam;
        this.log.debug("Authentication RequestObject was enabled '{}', is supported by the OP '{}', will be used '{}'", new Object[]{Boolean.valueOf(z), Boolean.valueOf(supportsRequestParam), Boolean.valueOf(z2)});
        return z2;
    }
}
