package com.imcode.saml2.store;

import com.imcode.entities.Role;
import com.imcode.entities.User;
import com.imcode.repositories.RoleRepository;
import com.imcode.repositories.UserRepository;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.joda.time.DateTime;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.binding.SAMLMessageContext;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.saml2.core.AuthnStatement;
import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.core.Response;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: input_file:com/imcode/saml2/store/SAMLSessionManager.class */
public class SAMLSessionManager {
    private static String SAML_SESSION_INFO = "SAML_SESSION_INFO";
    private static SAMLSessionManager instance = new SAMLSessionManager();
    private static final String SESSION_ATTRIBUTE__NEXT_URL = "next_url";

    private SAMLSessionManager() {
    }

    public static SAMLSessionManager getInstance() {
        return instance;
    }

    public void createSAMLSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SAMLMessageContext<Response, SAMLObject, NameID> sAMLMessageContext) {
        List<Assertion> assertions = sAMLMessageContext.getInboundSAMLMessage().getAssertions();
        NameID nameID = (assertions.size() == 0 || assertions.get(0).getSubject() == null) ? null : assertions.get(0).getSubject().getNameID();
        SAMLSessionInfo sAMLSessionInfo = new SAMLSessionInfo(nameID == null ? null : nameID.getValue(), getAttributesMap(getSAMLAttributes(assertions)), getSAMLSessionValidTo(assertions));
        httpServletRequest.getSession().setAttribute(SAML_SESSION_INFO, sAMLSessionInfo);
        loginUser(sAMLSessionInfo, httpServletRequest, httpServletResponse);
    }

    public void loginUser(SAMLSessionInfo sAMLSessionInfo, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        WebApplicationContext webApplicationContext = WebApplicationContextUtils.getWebApplicationContext(httpServletRequest.getSession().getServletContext());
        UserRepository userRepository = (UserRepository) webApplicationContext.getBean(UserRepository.class);
        String str = sAMLSessionInfo.getAttributes().get("Subject_SerialNumber");
        User findBySaml2Id = userRepository.findBySaml2Id(str);
        if (findBySaml2Id == null) {
            User user = new User(str, UUID.randomUUID().toString(), true, Collections.singleton((Role) ((RoleRepository) webApplicationContext.getBean(RoleRepository.class)).findFirstByName("ROLE_USER")));
            user.setSaml2Id(str);
            findBySaml2Id = (User) userRepository.save(user);
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(findBySaml2Id, (Object) null, findBySaml2Id.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
        try {
            new SavedRequestAwareAuthenticationSuccessHandler().onAuthenticationSuccess(httpServletRequest, httpServletResponse, usernamePasswordAuthenticationToken);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public boolean isSAMLSessionValid(HttpSession httpSession) {
        SAMLSessionInfo sAMLSessionInfo = (SAMLSessionInfo) httpSession.getAttribute(SAML_SESSION_INFO);
        return sAMLSessionInfo != null && (sAMLSessionInfo.getValidTo() == null || new Date().before(sAMLSessionInfo.getValidTo()));
    }

    public SAMLSessionInfo getSAMLSession(HttpSession httpSession) {
        return (SAMLSessionInfo) httpSession.getAttribute(SAML_SESSION_INFO);
    }

    public void destroySAMLSession(HttpSession httpSession) {
        httpSession.removeAttribute(SAML_SESSION_INFO);
    }

    public List<Attribute> getSAMLAttributes(List<Assertion> list) {
        ArrayList arrayList = new ArrayList();
        if (list != null) {
            Iterator<Assertion> it = list.iterator();
            while (it.hasNext()) {
                Iterator it2 = it.next().getAttributeStatements().iterator();
                while (it2.hasNext()) {
                    Iterator it3 = ((AttributeStatement) it2.next()).getAttributes().iterator();
                    while (it3.hasNext()) {
                        arrayList.add((Attribute) it3.next());
                    }
                }
            }
        }
        return arrayList;
    }

    public Date getSAMLSessionValidTo(List<Assertion> list) {
        DateTime dateTime = null;
        if (list != null) {
            Iterator<Assertion> it = list.iterator();
            while (it.hasNext()) {
                Iterator it2 = it.next().getAuthnStatements().iterator();
                while (it2.hasNext()) {
                    dateTime = ((AuthnStatement) it2.next()).getSessionNotOnOrAfter();
                }
            }
        }
        if (dateTime != null) {
            return dateTime.toCalendar(Locale.getDefault()).getTime();
        }
        return null;
    }

    public Map<String, String> getAttributesMap(List<Attribute> list) {
        HashMap hashMap = new HashMap();
        for (Attribute attribute : list) {
            hashMap.put(attribute.getName(), attribute.getDOM().getTextContent());
        }
        return hashMap;
    }
}
