package org.apereo.cas.support.saml.web.idp.profile.builders.assertion;

import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.support.saml.OpenSamlConfigBean;
import org.apereo.cas.support.saml.SamlException;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.apereo.cas.support.saml.util.AbstractSaml20ObjectBuilder;
import org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder;
import org.apereo.cas.support.saml.web.idp.profile.builders.enc.SamlIdPObjectSigner;
import org.apereo.cas.util.RandomUtils;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.AttributeStatement;
import org.opensaml.saml.saml2.core.AuthnStatement;
import org.opensaml.saml.saml2.core.Conditions;
import org.opensaml.saml.saml2.core.RequestAbstractType;
import org.opensaml.saml.saml2.core.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/profile/builders/assertion/SamlProfileSamlAssertionBuilder.class */
public class SamlProfileSamlAssertionBuilder extends AbstractSaml20ObjectBuilder implements SamlProfileObjectBuilder<Assertion> {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SamlProfileSamlAssertionBuilder.class);
    private static final long serialVersionUID = -3945938960014421135L;
    private final CasConfigurationProperties casProperties;
    private final SamlProfileObjectBuilder<AuthnStatement> samlProfileSamlAuthNStatementBuilder;
    private final SamlProfileObjectBuilder<AttributeStatement> samlProfileSamlAttributeStatementBuilder;
    private final SamlProfileObjectBuilder<Subject> samlProfileSamlSubjectBuilder;
    private final SamlProfileObjectBuilder<Conditions> samlProfileSamlConditionsBuilder;
    private final transient SamlIdPObjectSigner samlObjectSigner;

    public SamlProfileSamlAssertionBuilder(OpenSamlConfigBean openSamlConfigBean, CasConfigurationProperties casConfigurationProperties, SamlProfileObjectBuilder<AuthnStatement> samlProfileObjectBuilder, SamlProfileObjectBuilder<AttributeStatement> samlProfileObjectBuilder2, SamlProfileObjectBuilder<Subject> samlProfileObjectBuilder3, SamlProfileObjectBuilder<Conditions> samlProfileObjectBuilder4, SamlIdPObjectSigner samlIdPObjectSigner) {
        super(openSamlConfigBean);
        this.samlProfileSamlAuthNStatementBuilder = samlProfileObjectBuilder;
        this.samlProfileSamlAttributeStatementBuilder = samlProfileObjectBuilder2;
        this.samlProfileSamlSubjectBuilder = samlProfileObjectBuilder3;
        this.samlProfileSamlConditionsBuilder = samlProfileObjectBuilder4;
        this.samlObjectSigner = samlIdPObjectSigner;
        this.casProperties = casConfigurationProperties;
    }

    @Override // org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileObjectBuilder
    /* renamed from: build, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
    public Assertion mo19build(RequestAbstractType requestAbstractType, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, SamlRegisteredService samlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade samlRegisteredServiceServiceProviderMetadataFacade, String str, MessageContext messageContext) throws SamlException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.samlProfileSamlAuthNStatementBuilder.mo19build(requestAbstractType, httpServletRequest, httpServletResponse, obj, samlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, str, messageContext));
        AttributeStatement mo19build = this.samlProfileSamlAttributeStatementBuilder.mo19build(requestAbstractType, httpServletRequest, httpServletResponse, obj, samlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, str, messageContext);
        if (!mo19build.getAttributes().isEmpty() || !mo19build.getEncryptedAttributes().isEmpty()) {
            arrayList.add(mo19build);
        }
        Assertion newAssertion = newAssertion(arrayList, StringUtils.isBlank(samlRegisteredService.getIssuerEntityId()) ? this.casProperties.getAuthn().getSamlIdp().getEntityId() : samlRegisteredService.getIssuerEntityId(), ZonedDateTime.now(ZoneOffset.UTC), "_" + String.valueOf(RandomUtils.nextLong()));
        newAssertion.setSubject(this.samlProfileSamlSubjectBuilder.mo19build(requestAbstractType, httpServletRequest, httpServletResponse, obj, samlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, str, messageContext));
        newAssertion.setConditions(this.samlProfileSamlConditionsBuilder.mo19build(requestAbstractType, httpServletRequest, httpServletResponse, obj, samlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, str, messageContext));
        signAssertion(newAssertion, httpServletRequest, httpServletResponse, samlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, str, requestAbstractType);
        return newAssertion;
    }

    protected void signAssertion(Assertion assertion, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SamlRegisteredService samlRegisteredService, SamlRegisteredServiceServiceProviderMetadataFacade samlRegisteredServiceServiceProviderMetadataFacade, String str, RequestAbstractType requestAbstractType) throws SamlException {
        if (!samlRegisteredService.isSignAssertions()) {
            LOGGER.debug("SAML registered service [{}] does not require assertions to be signed", samlRegisteredServiceServiceProviderMetadataFacade.getEntityId());
        } else {
            LOGGER.debug("SAML registered service [{}] requires assertions to be signed", samlRegisteredServiceServiceProviderMetadataFacade.getEntityId());
            this.samlObjectSigner.encode(assertion, samlRegisteredService, samlRegisteredServiceServiceProviderMetadataFacade, httpServletResponse, httpServletRequest, str, requestAbstractType);
        }
    }
}
