package org.apereo.cas.support.saml.web.idp.profile.query;

import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.apereo.cas.support.saml.web.idp.profile.AbstractSamlProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.SamlProfileHandlerConfigurationContext;
import org.apereo.cas.ticket.query.SamlAttributeQueryTicket;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.saml2.core.AttributeQuery;
import org.opensaml.saml.saml2.core.RequestAbstractType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.PostMapping;

/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/profile/query/Saml2AttributeQueryProfileHandlerController.class */
public class Saml2AttributeQueryProfileHandlerController extends AbstractSamlProfileHandlerController {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(Saml2AttributeQueryProfileHandlerController.class);

    public Saml2AttributeQueryProfileHandlerController(SamlProfileHandlerConfigurationContext samlProfileHandlerConfigurationContext) {
        super(samlProfileHandlerConfigurationContext);
    }

    @PostMapping(path = {"/idp/profile/SAML2/SOAP/AttributeQuery"})
    protected void handlePostRequest(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        MessageContext decodeSoapRequest = decodeSoapRequest(httpServletRequest);
        RequestAbstractType requestAbstractType = (AttributeQuery) decodeSoapRequest.getMessage();
        try {
            String value = requestAbstractType.getIssuer().getValue();
            SamlRegisteredService verifySamlRegisteredService = verifySamlRegisteredService(value);
            Optional<SamlRegisteredServiceServiceProviderMetadataFacade> samlMetadataFacadeFor = getSamlMetadataFacadeFor(verifySamlRegisteredService, requestAbstractType);
            if (samlMetadataFacadeFor.isEmpty()) {
                throw new UnauthorizedServiceException("screen.service.error.message", "Cannot find metadata linked to " + value);
            }
            SamlRegisteredServiceServiceProviderMetadataFacade samlRegisteredServiceServiceProviderMetadataFacade = samlMetadataFacadeFor.get();
            verifyAuthenticationContextSignature(decodeSoapRequest, httpServletRequest, requestAbstractType, samlRegisteredServiceServiceProviderMetadataFacade);
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            if (requestAbstractType.getAttributes().isEmpty()) {
                Authentication authentication = getSamlProfileHandlerConfigurationContext().getTicketRegistry().getTicket(getSamlProfileHandlerConfigurationContext().getSamlAttributeQueryTicketFactory().createTicketIdFor(requestAbstractType.getSubject().getNameID().getValue()), SamlAttributeQueryTicket.class).getTicketGrantingTicket().getAuthentication();
                Principal principal = authentication.getPrincipal();
                Map attributes = authentication.getAttributes();
                Map attributes2 = principal.getAttributes();
                requestAbstractType.getAttributes().forEach(attribute -> {
                    if (attributes.containsKey(attribute.getName())) {
                        linkedHashMap.put(attribute.getName(), attributes.get(attribute.getName()));
                    } else if (attributes2.containsKey(attribute.getName())) {
                        linkedHashMap.put(attribute.getName(), attributes2.get(attribute.getName()));
                    }
                });
            }
            getSamlProfileHandlerConfigurationContext().getResponseBuilder().mo19build(requestAbstractType, httpServletRequest, httpServletResponse, buildCasAssertion(value, verifySamlRegisteredService, linkedHashMap), verifySamlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, "urn:oasis:names:tc:SAML:2.0:bindings:SOAP", decodeSoapRequest);
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
            httpServletRequest.setAttribute("samlError", e.getMessage());
            getSamlProfileHandlerConfigurationContext().getSamlFaultResponseBuilder().mo19build(requestAbstractType, httpServletRequest, httpServletResponse, null, null, null, "urn:oasis:names:tc:SAML:2.0:bindings:SOAP", decodeSoapRequest);
        }
    }
}
