package otoroshi.auth;

import akka.http.scaladsl.util.FastFuture$;
import java.io.Reader;
import java.net.URLEncoder;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.xml.namespace.QName;
import net.shibboleth.utilities.java.support.xml.BasicParserPool;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.schema.impl.XSStringImpl;
import org.opensaml.saml.saml2.core.Assertion;
import org.opensaml.saml.saml2.core.RequestAbstractType;
import org.opensaml.saml.saml2.core.Response;
import org.opensaml.security.x509.BasicX509Credential;
import otoroshi.controllers.routes;
import otoroshi.env.Env;
import otoroshi.models.BackOfficeUser;
import otoroshi.models.BackOfficeUser$;
import otoroshi.models.GlobalConfig;
import otoroshi.models.PrivateAppsUser;
import otoroshi.models.PrivateAppsUser$;
import otoroshi.models.ServiceDescriptor;
import otoroshi.models.TeamAccess$;
import otoroshi.models.TenantAccess$;
import otoroshi.models.UserRight;
import otoroshi.models.UserRights;
import otoroshi.security.IdGenerator$;
import otoroshi.views.html.oto.saml$;
import play.api.Logger;
import play.api.MarkerContext$;
import play.api.http.ContentTypeOf$;
import play.api.http.Writeable$;
import play.api.libs.json.Json$;
import play.api.libs.json.Writes$;
import play.api.mvc.AnyContent;
import play.api.mvc.Codec$;
import play.api.mvc.Request;
import play.api.mvc.RequestHeader;
import play.api.mvc.Result;
import play.api.mvc.Results$;
import play.twirl.api.TwirlHelperImports$;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Product;
import scala.Serializable;
import scala.Some;
import scala.Tuple2;
import scala.collection.Iterable;
import scala.collection.Iterable$;
import scala.collection.IterableLike;
import scala.collection.Iterator;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.TraversableLike;
import scala.collection.TraversableOnce;
import scala.collection.immutable.$colon;
import scala.collection.immutable.List$;
import scala.collection.immutable.Map;
import scala.collection.immutable.Map$;
import scala.collection.immutable.Nil$;
import scala.collection.mutable.Buffer;
import scala.collection.mutable.Buffer$;
import scala.concurrent.ExecutionContext;
import scala.concurrent.Future;
import scala.jdk.CollectionConverters$;
import scala.package$;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.ScalaRunTime$;
import scala.util.Either;
import scala.util.Left;
import scala.util.Right;

/* compiled from: SAMLClient.scala */
@ScalaSignature(bytes = "\u0006\u0001\r\u001de\u0001\u0002\u0016,\u0001BB\u0001\"\u0011\u0001\u0003\u0016\u0004%\tA\u0011\u0005\t\r\u0002\u0011\t\u0012)A\u0005\u0007\")q\t\u0001C\u0001\u0011\")1\n\u0001C!\u0019\")A\u0010\u0001C!{\"9\u0011Q\t\u0001\u0005B\u0005\u001d\u0003bBA3\u0001\u0011\u0005\u0013q\r\u0005\b\u0003g\u0002A\u0011IA;\u0011\u001d\tI\t\u0001C!\u0003\u0017C\u0011\"a'\u0001\u0003\u0003%\t!!(\t\u0013\u0005\u0005\u0006!%A\u0005\u0002\u0005\r\u0006\"CA]\u0001\u0005\u0005I\u0011IA^\u0011%\tY\rAA\u0001\n\u0003\ti\rC\u0005\u0002V\u0002\t\t\u0011\"\u0001\u0002X\"I\u00111\u001d\u0001\u0002\u0002\u0013\u0005\u0013Q\u001d\u0005\n\u0003g\u0004\u0011\u0011!C\u0001\u0003kD\u0011\"a@\u0001\u0003\u0003%\tE!\u0001\t\u0013\t\r\u0001!!A\u0005B\t\u0015\u0001\"\u0003B\u0004\u0001\u0005\u0005I\u0011\tB\u0005\u000f\u001d\u0011ia\u000bE\u0001\u0005\u001f1aAK\u0016\t\u0002\tE\u0001BB$\u0016\t\u0003\u0011\u0019\u0002\u0003\u0006\u0003\u0016UA)\u0019!C\u0001\u0005/AqA!\t\u0016\t\u0003\u0011\u0019\u0003C\u0004\u0003.U!\tAa\f\t\u000f\teR\u0003\"\u0001\u0003<!9!1L\u000b\u0005\u0002\tu\u0003b\u0002B@+\u0011\u0005!\u0011\u0011\u0005\b\u0005++B\u0011\u0001BL\u0011\u001d\u0011y*\u0006C\u0001\u0005CCqA!-\u0016\t\u0003\u0011\u0019\fC\u0004\u0003VV!\tAa6\t\u000f\t\u0015X\u0003\"\u0001\u0003h\"91QB\u000b\u0005\u0002\r=\u0001bBB\u000b+\u0011\u00051q\u0003\u0005\b\u0007O)B\u0011AB\u0015\u0011\u001d\u0019I$\u0006C\u0001\u0007wAqa!\u0017\u0016\t\u0003\u0019Y\u0006C\u0005\u0004nU\t\t\u0011\"!\u0004p!I11O\u000b\u0002\u0002\u0013\u00055Q\u000f\u0005\n\u0007{*\u0012\u0011!C\u0005\u0007\u007f\u0012!bU!N\u00196{G-\u001e7f\u0015\taS&\u0001\u0003bkRD'\"\u0001\u0018\u0002\u0011=$xN]8tQ&\u001c\u0001aE\u0003\u0001c]Zd\b\u0005\u00023k5\t1GC\u00015\u0003\u0015\u00198-\u00197b\u0013\t14G\u0001\u0004B]f\u0014VM\u001a\t\u0003qej\u0011aK\u0005\u0003u-\u0012!\"Q;uQ6{G-\u001e7f!\t\u0011D(\u0003\u0002>g\t9\u0001K]8ek\u000e$\bC\u0001\u001a@\u0013\t\u00015G\u0001\u0007TKJL\u0017\r\\5{C\ndW-\u0001\u0006tC6d7i\u001c8gS\u001e,\u0012a\u0011\t\u0003q\u0011K!!R\u0016\u0003)M\u000bW\u000e\\!vi\"lu\u000eZ;mK\u000e{gNZ5h\u0003-\u0019\u0018-\u001c7D_:4\u0017n\u001a\u0011\u0002\rqJg.\u001b;?)\tI%\n\u0005\u00029\u0001!)\u0011i\u0001a\u0001\u0007\u0006Y\u0001/\u0019'pO&t\u0007+Y4f)\u0011i%n\\<\u0015\u00079s6\rE\u0002P%Rk\u0011\u0001\u0015\u0006\u0003#N\n!bY8oGV\u0014(/\u001a8u\u0013\t\u0019\u0006K\u0001\u0004GkR,(/\u001a\t\u0003+rk\u0011A\u0016\u0006\u0003/b\u000b1!\u001c<d\u0015\tI&,A\u0002ba&T\u0011aW\u0001\u0005a2\f\u00170\u0003\u0002^-\n1!+Z:vYRDQa\u0018\u0003A\u0004\u0001\f!!Z2\u0011\u0005=\u000b\u0017B\u00012Q\u0005A)\u00050Z2vi&|gnQ8oi\u0016DH\u000fC\u0003e\t\u0001\u000fQ-A\u0002f]Z\u0004\"A\u001a5\u000e\u0003\u001dT!\u0001Z\u0017\n\u0005%<'aA#om\")1\u000e\u0002a\u0001Y\u00069!/Z9vKN$\bCA+n\u0013\tqgKA\u0007SKF,Xm\u001d;IK\u0006$WM\u001d\u0005\u0006a\u0012\u0001\r!]\u0001\u0007G>tg-[4\u0011\u0005I,X\"A:\u000b\u0005Ql\u0013AB7pI\u0016d7/\u0003\u0002wg\naq\t\\8cC2\u001cuN\u001c4jO\")\u0001\u0010\u0002a\u0001s\u0006QA-Z:de&\u0004Ho\u001c:\u0011\u0005IT\u0018BA>t\u0005E\u0019VM\u001d<jG\u0016$Um]2sSB$xN]\u0001\ta\u0006dunZ8viRIa0a\r\u00026\u0005\u0005\u00131\t\u000b\u0006\u007f\u0006=\u0012\u0011\u0007\t\u0005\u001fJ\u000b\t\u0001E\u0004\u0002\u0004\u0005MA+!\u0007\u000f\t\u0005\u0015\u0011q\u0002\b\u0005\u0003\u000f\ti!\u0004\u0002\u0002\n)\u0019\u00111B\u0018\u0002\rq\u0012xn\u001c;?\u0013\u0005!\u0014bAA\tg\u00059\u0001/Y2lC\u001e,\u0017\u0002BA\u000b\u0003/\u0011a!R5uQ\u0016\u0014(bAA\tgA)!'a\u0007\u0002 %\u0019\u0011QD\u001a\u0003\r=\u0003H/[8o!\u0011\t\t#!\u000b\u000f\t\u0005\r\u0012Q\u0005\t\u0004\u0003\u000f\u0019\u0014bAA\u0014g\u00051\u0001K]3eK\u001aLA!a\u000b\u0002.\t11\u000b\u001e:j]\u001eT1!a\n4\u0011\u0015yV\u0001q\u0001a\u0011\u0015!W\u0001q\u0001f\u0011\u0015YW\u00011\u0001m\u0011\u001d\t9$\u0002a\u0001\u0003s\tA!^:feB)!'a\u0007\u0002<A\u0019!/!\u0010\n\u0007\u0005}2OA\bQe&4\u0018\r^3BaB\u001cXk]3s\u0011\u0015\u0001X\u00011\u0001r\u0011\u0015AX\u00011\u0001z\u0003)\u0001\u0018mQ1mY\n\f7m\u001b\u000b\t\u0003\u0013\n\u0019&!\u0019\u0002dQ1\u00111JA(\u0003#\u0002Ba\u0014*\u0002NAA\u00111AA\n\u0003?\tY\u0004C\u0003`\r\u0001\u000f\u0001\rC\u0003e\r\u0001\u000fQ\r\u0003\u0004l\r\u0001\u0007\u0011Q\u000b\t\u0006+\u0006]\u00131L\u0005\u0004\u000332&a\u0002*fcV,7\u000f\u001e\t\u0004+\u0006u\u0013bAA0-\nQ\u0011I\\=D_:$XM\u001c;\t\u000bA4\u0001\u0019A9\t\u000ba4\u0001\u0019A=\u0002\u0017\t|Gj\\4j]B\u000bw-\u001a\u000b\u0007\u0003S\ny'!\u001d\u0015\u000b9\u000bY'!\u001c\t\u000b};\u00019\u00011\t\u000b\u0011<\u00019A3\t\u000b-<\u0001\u0019\u00017\t\u000bA<\u0001\u0019A9\u0002\u0011\t|Gj\\4pkR$\u0002\"a\u001e\u0002~\u0005}\u0014q\u0011\u000b\u0006\u007f\u0006e\u00141\u0010\u0005\u0006?\"\u0001\u001d\u0001\u0019\u0005\u0006I\"\u0001\u001d!\u001a\u0005\u0006W\"\u0001\r\u0001\u001c\u0005\b\u0003oA\u0001\u0019AAA!\r\u0011\u00181Q\u0005\u0004\u0003\u000b\u001b(A\u0004\"bG.|eMZ5dKV\u001bXM\u001d\u0005\u0006a\"\u0001\r!]\u0001\u000bE>\u001c\u0015\r\u001c7cC\u000e\\GCBAG\u0003/\u000bI\n\u0006\u0004\u0002\u0010\u0006M\u0015Q\u0013\t\u0005\u001fJ\u000b\t\n\u0005\u0005\u0002\u0004\u0005M\u0011qDAA\u0011\u0015y\u0016\u0002q\u0001a\u0011\u0015!\u0017\u0002q\u0001f\u0011\u0019Y\u0017\u00021\u0001\u0002V!)\u0001/\u0003a\u0001c\u0006!1m\u001c9z)\rI\u0015q\u0014\u0005\b\u0003*\u0001\n\u00111\u0001D\u00039\u0019w\u000e]=%I\u00164\u0017-\u001e7uIE*\"!!*+\u0007\r\u000b9k\u000b\u0002\u0002*B!\u00111VA[\u001b\t\tiK\u0003\u0003\u00020\u0006E\u0016!C;oG\",7m[3e\u0015\r\t\u0019lM\u0001\u000bC:tw\u000e^1uS>t\u0017\u0002BA\\\u0003[\u0013\u0011#\u001e8dQ\u0016\u001c7.\u001a3WCJL\u0017M\\2f\u00035\u0001(o\u001c3vGR\u0004&/\u001a4jqV\u0011\u0011Q\u0018\t\u0005\u0003\u007f\u000bI-\u0004\u0002\u0002B*!\u00111YAc\u0003\u0011a\u0017M\\4\u000b\u0005\u0005\u001d\u0017\u0001\u00026bm\u0006LA!a\u000b\u0002B\u0006a\u0001O]8ek\u000e$\u0018I]5usV\u0011\u0011q\u001a\t\u0004e\u0005E\u0017bAAjg\t\u0019\u0011J\u001c;\u0002\u001dA\u0014x\u000eZ;di\u0016cW-\\3oiR!\u0011\u0011\\Ap!\r\u0011\u00141\\\u0005\u0004\u0003;\u001c$aA!os\"I\u0011\u0011\u001d\b\u0002\u0002\u0003\u0007\u0011qZ\u0001\u0004q\u0012\n\u0014a\u00049s_\u0012,8\r^%uKJ\fGo\u001c:\u0016\u0005\u0005\u001d\bCBAu\u0003_\fI.\u0004\u0002\u0002l*\u0019\u0011Q^\u001a\u0002\u0015\r|G\u000e\\3di&|g.\u0003\u0003\u0002r\u0006-(\u0001C%uKJ\fGo\u001c:\u0002\u0011\r\fg.R9vC2$B!a>\u0002~B\u0019!'!?\n\u0007\u0005m8GA\u0004C_>dW-\u00198\t\u0013\u0005\u0005\b#!AA\u0002\u0005e\u0017\u0001\u00035bg\"\u001cu\u000eZ3\u0015\u0005\u0005=\u0017\u0001\u0003;p'R\u0014\u0018N\\4\u0015\u0005\u0005u\u0016AB3rk\u0006d7\u000f\u0006\u0003\u0002x\n-\u0001\"CAq'\u0005\u0005\t\u0019AAm\u0003)\u0019\u0016)\u0014'N_\u0012,H.\u001a\t\u0003qU\u00192!F\u0019?)\t\u0011y!\u0001\u0004m_\u001e<WM]\u000b\u0003\u00053\u0001BAa\u0007\u0003\u001e5\t\u0001,C\u0002\u0003 a\u0013a\u0001T8hO\u0016\u0014\u0018AC4fiJ+\u0017/^3tiR1!Q\u0005B\u0015\u0005W\u0001Ba\u0014*\u0003(AA\u00111AA\n\u0003?\ty\u0002C\u0003e1\u0001\u0007Q\rC\u0003B1\u0001\u00071)\u0001\thKRdunZ8viJ+\u0017/^3tiRA!Q\u0005B\u0019\u0005g\u0011)\u0004C\u0003e3\u0001\u0007Q\rC\u0003B3\u0001\u00071\tC\u0004\u00038e\u0001\r!!\u0007\u0002\r9\fW.Z%e\u0003IAX\u000e\u001c+p\u0005\u0006\u001cXM\u000e\u001bF]\u000e|G-\u001a3\u0015\t\u0005}!Q\b\u0005\u0007Wj\u0001\rAa\u0010\u0011\t\t\u0005#qK\u0007\u0003\u0005\u0007RAA!\u0012\u0003H\u0005!1m\u001c:f\u0015\u0011\u0011IEa\u0013\u0002\u000bM\fW\u000e\u001c\u001a\u000b\t\t5#qJ\u0001\u0005g\u0006lGN\u0003\u0003\u0003R\tM\u0013\u0001C8qK:\u001c\u0018-\u001c7\u000b\u0005\tU\u0013aA8sO&!!\u0011\fB\"\u0005M\u0011V-];fgR\f%m\u001d;sC\u000e$H+\u001f9f\u0003u!WmY8eK\u0006sGMV1mS\u0012\fG/Z*b[2\u0014Vm\u001d9p]N,GC\u0003B0\u0005g\u0012)Ha\u001e\u0003|AA\u00111AA\n\u0003?\u0011\t\u0007\u0005\u0004\u0003d\t%$QN\u0007\u0003\u0005KRAAa\u001a\u0002F\u0006!Q\u000f^5m\u0013\u0011\u0011YG!\u001a\u0003\t1K7\u000f\u001e\t\u0005\u0005\u0003\u0012y'\u0003\u0003\u0003r\t\r#!C!tg\u0016\u0014H/[8o\u0011\u0015!7\u00041\u0001f\u0011\u0015\t5\u00041\u0001D\u0011\u001d\u0011Ih\u0007a\u0001\u0003?\tq\"\u001a8d_\u0012,GMU3ta>t7/\u001a\u0005\b\u0005{Z\u0002\u0019AA\u0010\u0003\u0019iW\r\u001e5pI\u0006iq-\u001a;Qe&4\u0018\r^3LKf$BAa!\u0003\u0012BA\u00111AA\n\u0003?\u0011)\t\u0005\u0003\u0003\b\n5UB\u0001BE\u0015\u0011\u0011Y)!2\u0002\u0011M,7-\u001e:jifLAAa$\u0003\n\nQ\u0001K]5wCR,7*Z=\t\u000f\tME\u00041\u0001\u0002 \u0005QQM\\2pI\u0016$7\u000b\u001e:\u00025M,\b\u000f]8si\u0016$7*Z=QC&\u0014\u0018\t\\4pe&$\b.\\:\u0015\u0005\te\u0005CBA\u0002\u00057\u000by\"\u0003\u0003\u0003\u001e\u0006]!aA*fc\u0006aRM\\2pI\u0016$7)\u001a:u)>DV\u0007M\u001dDKJ$\u0018NZ5dCR,G\u0003\u0002BR\u0005_\u0003BA!*\u0003,6\u0011!q\u0015\u0006\u0005\u0005S\u0013I)\u0001\u0003dKJ$\u0018\u0002\u0002BW\u0005O\u0013q\u0002W\u001b1s\r+'\u000f^5gS\u000e\fG/\u001a\u0005\b\u0005's\u0002\u0019AA\u0010\u0003]\u0019'/\u001a3f]RL\u0017\r\u001c+p\u0007\u0016\u0014H/\u001b4jG\u0006$X\r\u0006\u0004\u00036\n%'1\u001a\t\u0005\u001fJ\u00139\f\u0005\u0005\u0002\u0004\u0005M\u0011q\u0004B]!\u0015\u0011\u00141\u0004B^!\u0011\u0011iL!2\u000e\u0005\t}&\u0002\u0002Ba\u0005\u0007\fA\u0001_\u001b1s)!!1\u0012B(\u0013\u0011\u00119Ma0\u0003'\t\u000b7/[2YkAJ4I]3eK:$\u0018.\u00197\t\u000b\u0011|\u0002\u0019A3\t\u000f\t5w\u00041\u0001\u0003P\u0006Q1M]3eK:$\u0018.\u00197\u0011\u0007a\u0012\t.C\u0002\u0003T.\u0012!b\u0011:fI\u0016tG/[1m\u00039\u0019\u0018n\u001a8T\u00036cuJ\u00196fGR$\u0002B!7\u0003^\n}'\u0011\u001d\t\u0005\u001fJ\u0013Y\u000e\u0005\u0005\u0002\u0004\u0005M\u0011q\u0004B \u0011\u0015!\u0007\u00051\u0001f\u0011\u0015\t\u0005\u00051\u0001D\u0011\u001d\u0011\u0019\u000f\ta\u0001\u0005\u007f\t!b]1nY>\u0013'.Z2u\u0003-\u0011W/\u001b7e\u001f\nTWm\u0019;\u0015\t\t%(q\u001f\t\u0005\u0005W\u0014\u00190\u0004\u0002\u0003n*!!q\u001eBy\u0003\rAX\u000e\u001c\u0006\u0005\u0005\u000b\u0012y%\u0003\u0003\u0003v\n5(!\u0003-N\u0019>\u0013'.Z2u\u0011\u001d\u0011I0\ta\u0001\u0005w\fQ!\u001d8b[\u0016\u0004BA!@\u0004\n5\u0011!q \u0006\u0005\u0007\u0003\u0019\u0019!A\u0005oC6,7\u000f]1dK*!!q^B\u0003\u0015\t\u00199!A\u0003kCZ\f\u00070\u0003\u0003\u0004\f\t}(!B)OC6,\u0017!\u00049beN,'+Z:q_:\u001cX\r\u0006\u0004\u0003j\u000eE11\u0003\u0005\b\u0005s\u0012\u0003\u0019AA\u0010\u0011\u001d\u0011iH\ta\u0001\u0003?\t\u0001\u0004Z3d_\u0012,WI\\2ssB$X\rZ!tg\u0016\u0014H/[8o)!\tIn!\u0007\u0004\u001c\ru\u0001\"\u00023$\u0001\u0004)\u0007\"B!$\u0001\u0004\u0019\u0005bBB\u0010G\u0001\u00071\u0011E\u0001\te\u0016\u001c\bo\u001c8tKB!!\u0011IB\u0012\u0013\u0011\u0019)Ca\u0011\u0003\u0011I+7\u000f]8og\u0016\fa\u0004Z3d_\u0012,\u0017i]:feRLwN\\,ji\"\u001cUM\u001d;jM&\u001c\u0017\r^3\u0015\r\r-21GB\u001b!\u0011y%k!\f\u0011\u0007I\u001ay#C\u0002\u00042M\u0012A!\u00168ji\"91q\u0004\u0013A\u0002\r\u0005\u0002bBB\u001cI\u0001\u0007!1X\u0001\fG\u0016\u0014H/\u001b4jG\u0006$X-A\bde\u0016\fG/\u001a#P\u001bB\u000b'o]3s)\t\u0019i\u0004\u0005\u0003\u0004@\rUSBAB!\u0015\u0011\u0011yoa\u0011\u000b\t\r\u00153qI\u0001\bgV\u0004\bo\u001c:u\u0015\u0011\t9m!\u0013\u000b\t\r-3QJ\u0001\nkRLG.\u001b;jKNTAaa\u0014\u0004R\u0005Q1\u000f[5cE>dW\r\u001e5\u000b\u0005\rM\u0013a\u00018fi&!1qKB!\u0005=\u0011\u0015m]5d!\u0006\u00148/\u001a:Q_>d\u0017\u0001\u00053fG>$W-\u00118e\u0013:4G.\u0019;f)\u0019\u0019if!\u001b\u0004lA!1qLB3\u001b\t\u0019\tG\u0003\u0003\u0004d\u0005\u0015\u0017AA5p\u0013\u0011\u00199g!\u0019\u0003\rI+\u0017\rZ3s\u0011\u001d\u0011IH\na\u0001\u0003?AqA! '\u0001\u0004\ty\"A\u0003baBd\u0017\u0010F\u0002J\u0007cBQ!Q\u0014A\u0002\r\u000bq!\u001e8baBd\u0017\u0010\u0006\u0003\u0004x\re\u0004\u0003\u0002\u001a\u0002\u001c\rC\u0001ba\u001f)\u0003\u0003\u0005\r!S\u0001\u0004q\u0012\u0002\u0014a\u0003:fC\u0012\u0014Vm]8mm\u0016$\"a!!\u0011\t\u0005}61Q\u0005\u0005\u0007\u000b\u000b\tM\u0001\u0004PE*,7\r\u001e")
/* loaded from: input_file:otoroshi/auth/SAMLModule.class */
public class SAMLModule implements AuthModule, Product, Serializable {
    private final SamlAuthModuleConfig samlConfig;

    public static Option<SamlAuthModuleConfig> unapply(SAMLModule sAMLModule) {
        return SAMLModule$.MODULE$.unapply(sAMLModule);
    }

    public static SAMLModule apply(SamlAuthModuleConfig samlAuthModuleConfig) {
        return SAMLModule$.MODULE$.apply(samlAuthModuleConfig);
    }

    public static Reader decodeAndInflate(String str, String str2) {
        return SAMLModule$.MODULE$.decodeAndInflate(str, str2);
    }

    public static BasicParserPool createDOMParser() {
        return SAMLModule$.MODULE$.createDOMParser();
    }

    public static Future<BoxedUnit> decodeAssertionWithCertificate(Response response, BasicX509Credential basicX509Credential) {
        return SAMLModule$.MODULE$.decodeAssertionWithCertificate(response, basicX509Credential);
    }

    public static Object decodeEncryptedAssertion(Env env, SamlAuthModuleConfig samlAuthModuleConfig, Response response) {
        return SAMLModule$.MODULE$.decodeEncryptedAssertion(env, samlAuthModuleConfig, response);
    }

    public static XMLObject parseResponse(String str, String str2) {
        return SAMLModule$.MODULE$.parseResponse(str, str2);
    }

    public static XMLObject buildObject(QName qName) {
        return SAMLModule$.MODULE$.buildObject(qName);
    }

    public static Future<Either<String, RequestAbstractType>> signSAMLObject(Env env, SamlAuthModuleConfig samlAuthModuleConfig, RequestAbstractType requestAbstractType) {
        return SAMLModule$.MODULE$.signSAMLObject(env, samlAuthModuleConfig, requestAbstractType);
    }

    public static Future<Either<String, Option<BasicX509Credential>>> credentialToCertificate(Env env, Credential credential) {
        return SAMLModule$.MODULE$.credentialToCertificate(env, credential);
    }

    public static X509Certificate encodedCertToX509Certificate(String str) {
        return SAMLModule$.MODULE$.encodedCertToX509Certificate(str);
    }

    public static Seq<String> supportedKeyPairAlgorithms() {
        return SAMLModule$.MODULE$.supportedKeyPairAlgorithms();
    }

    public static Either<String, PrivateKey> getPrivateKey(String str) {
        return SAMLModule$.MODULE$.getPrivateKey(str);
    }

    public static Either<String, List<Assertion>> decodeAndValidateSamlResponse(Env env, SamlAuthModuleConfig samlAuthModuleConfig, String str, String str2) {
        return SAMLModule$.MODULE$.decodeAndValidateSamlResponse(env, samlAuthModuleConfig, str, str2);
    }

    public static String xmlToBase64Encoded(RequestAbstractType requestAbstractType) {
        return SAMLModule$.MODULE$.xmlToBase64Encoded(requestAbstractType);
    }

    public static Future<Either<String, String>> getLogoutRequest(Env env, SamlAuthModuleConfig samlAuthModuleConfig, Option<String> option) {
        return SAMLModule$.MODULE$.getLogoutRequest(env, samlAuthModuleConfig, option);
    }

    public static Future<Either<String, String>> getRequest(Env env, SamlAuthModuleConfig samlAuthModuleConfig) {
        return SAMLModule$.MODULE$.getRequest(env, samlAuthModuleConfig);
    }

    public static Logger logger() {
        return SAMLModule$.MODULE$.logger();
    }

    public SamlAuthModuleConfig samlConfig() {
        return this.samlConfig;
    }

    @Override // otoroshi.auth.AuthModule
    public Future<Result> paLoginPage(RequestHeader requestHeader, GlobalConfig globalConfig, ServiceDescriptor serviceDescriptor, ExecutionContext executionContext, Env env) {
        Option queryString = requestHeader.getQueryString("redirect");
        String encode = URLEncoder.encode(new StringBuilder(25).append("hash=").append(env.sign(new StringBuilder(13).append(samlConfig().id()).append(":::backoffice").toString())).append("&desc=").append(serviceDescriptor.id()).append("&redirect_uri=").append(queryString.getOrElse(() -> {
            return routes.PrivateAppsController.home().absoluteURL(env.exposedRootSchemeIsHttps(), requestHeader);
        })).toString(), "UTF-8");
        return SAMLModule$.MODULE$.getRequest(env, samlConfig()).map(either -> {
            if (either instanceof Left) {
                return Results$.MODULE$.BadRequest().apply((String) ((Left) either).value(), Writeable$.MODULE$.wString(Codec$.MODULE$.utf_8()));
            }
            if (!(either instanceof Right)) {
                throw new MatchError(either);
            }
            String str = (String) ((Right) either).value();
            SAMLProtocolBinding ssoProtocolBinding = this.samlConfig().ssoProtocolBinding();
            SAMLProtocolBinding$Post$ sAMLProtocolBinding$Post$ = SAMLProtocolBinding$Post$.MODULE$;
            return (ssoProtocolBinding != null ? !ssoProtocolBinding.equals(sAMLProtocolBinding$Post$) : sAMLProtocolBinding$Post$ != null) ? Results$.MODULE$.Redirect(new StringBuilder(25).append(this.samlConfig().singleSignOnUrl()).append("?SAMLRequest=").append(URLEncoder.encode(str, "UTF-8")).append("&RelayState=").append(encode).toString(), Results$.MODULE$.Redirect$default$2(), Results$.MODULE$.Redirect$default$3()).addingToSession(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("hash"), env.sign(new StringBuilder(13).append(this.samlConfig().id()).append(":::backoffice").toString()))}), requestHeader) : Results$.MODULE$.Ok().apply(saml$.MODULE$.apply(str, this.samlConfig().singleSignOnUrl(), env, new Some(encode)), Writeable$.MODULE$.writeableOf_Content(Codec$.MODULE$.utf_8(), ContentTypeOf$.MODULE$.contentTypeOf_Html(Codec$.MODULE$.utf_8())));
        }, executionContext);
    }

    @Override // otoroshi.auth.AuthModule
    public Future<Either<Result, Option<String>>> paLogout(RequestHeader requestHeader, Option<PrivateAppsUser> option, GlobalConfig globalConfig, ServiceDescriptor serviceDescriptor, ExecutionContext executionContext, Env env) {
        return SAMLModule$.MODULE$.getLogoutRequest(env, samlConfig(), option.map(privateAppsUser -> {
            return (String) privateAppsUser.metadata().getOrElse("saml-id", () -> {
                return "";
            });
        })).map(either -> {
            if (either instanceof Left) {
                return package$.MODULE$.Right().apply(None$.MODULE$);
            }
            if (!(either instanceof Right)) {
                throw new MatchError(either);
            }
            String str = (String) ((Right) either).value();
            SAMLProtocolBinding singleLogoutProtocolBinding = this.samlConfig().singleLogoutProtocolBinding();
            SAMLProtocolBinding$Post$ sAMLProtocolBinding$Post$ = SAMLProtocolBinding$Post$.MODULE$;
            if (singleLogoutProtocolBinding != null ? singleLogoutProtocolBinding.equals(sAMLProtocolBinding$Post$) : sAMLProtocolBinding$Post$ == null) {
                return package$.MODULE$.Left().apply(Results$.MODULE$.Ok().apply(saml$.MODULE$.apply(str, this.samlConfig().singleLogoutUrl(), env, saml$.MODULE$.apply$default$4()), Writeable$.MODULE$.writeableOf_Content(Codec$.MODULE$.utf_8(), ContentTypeOf$.MODULE$.contentTypeOf_Html(Codec$.MODULE$.utf_8()))));
            }
            env.Ws().url(new StringBuilder(13).append(this.samlConfig().singleLogoutUrl()).append("?SAMLRequest=").append(URLEncoder.encode(str, "UTF-8")).toString()).get();
            return package$.MODULE$.Right().apply(None$.MODULE$);
        }, executionContext);
    }

    @Override // otoroshi.auth.AuthModule
    public Future<Either<String, PrivateAppsUser>> paCallback(Request<AnyContent> request, GlobalConfig globalConfig, ServiceDescriptor serviceDescriptor, ExecutionContext executionContext, Env env) {
        Some asFormUrlEncoded = ((AnyContent) request.body()).asFormUrlEncoded();
        if (!(asFormUrlEncoded instanceof Some)) {
            if (None$.MODULE$.equals(asFormUrlEncoded)) {
                return (Future) FastFuture$.MODULE$.successful().apply(package$.MODULE$.Left().apply(""));
            }
            throw new MatchError(asFormUrlEncoded);
        }
        Left decodeAndValidateSamlResponse = SAMLModule$.MODULE$.decodeAndValidateSamlResponse(env, samlConfig(), (String) ((IterableLike) ((Map) asFormUrlEncoded.value()).apply("SAMLResponse")).head(), "");
        if (decodeAndValidateSamlResponse instanceof Left) {
            String str = (String) decodeAndValidateSamlResponse.value();
            env.logger().error(() -> {
                return str;
            }, MarkerContext$.MODULE$.NoMarker());
            return (Future) FastFuture$.MODULE$.successful().apply(package$.MODULE$.Left().apply(str));
        }
        if (!(decodeAndValidateSamlResponse instanceof Right)) {
            throw new MatchError(decodeAndValidateSamlResponse);
        }
        Assertion assertion = (Assertion) ((List) ((Right) decodeAndValidateSamlResponse).value()).get(0);
        Map map = (Map) ((TraversableLike) ((TraversableOnce) ((Buffer) CollectionConverters$.MODULE$.asScalaBufferConverter(assertion.getAttributeStatements()).asScala()).flatMap(attributeStatement -> {
            return (Buffer) CollectionConverters$.MODULE$.asScalaBufferConverter(attributeStatement.getAttributes()).asScala();
        }, Buffer$.MODULE$.canBuildFrom())).toList().map(attribute -> {
            return new Tuple2(attribute.getName(), TwirlHelperImports$.MODULE$.twirlJavaCollectionToScala(attribute.getAttributeValues()).map(xMLObject -> {
                if (xMLObject instanceof XSStringImpl) {
                    return ((XSStringImpl) xMLObject).getValue();
                }
                if (xMLObject != null) {
                    return xMLObject.getDOM().getTextContent();
                }
                throw new MatchError(xMLObject);
            }, Iterable$.MODULE$.canBuildFrom()));
        }, List$.MODULE$.canBuildFrom())).groupBy(tuple2 -> {
            return (String) tuple2._1();
        }).map(tuple22 -> {
            return new Tuple2(tuple22._1(), ((scala.collection.immutable.List) tuple22._2()).flatMap(tuple22 -> {
                return (Iterable) tuple22._2();
            }, List$.MODULE$.canBuildFrom()));
        }, Map$.MODULE$.canBuildFrom());
        String value = samlConfig().usedNameIDAsEmail() ? assertion.getSubject().getNameID().getValue() : (String) map.get("Email").map(list -> {
            return (String) list.head();
        }).getOrElse(() -> {
            return "no.name@oto.tools";
        });
        String str2 = (String) map.get("Name").map(list2 -> {
            return (String) list2.head();
        }).getOrElse(() -> {
            return "No name";
        });
        return (Future) FastFuture$.MODULE$.successful().apply(new PrivateAppsUser(IdGenerator$.MODULE$.token(64), str2, value, Json$.MODULE$.obj(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("name"), Json$.MODULE$.toJsFieldJsValueWrapper(str2, Writes$.MODULE$.StringWrites())), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("email"), Json$.MODULE$.toJsFieldJsValueWrapper(value, Writes$.MODULE$.StringWrites()))})), Json$.MODULE$.obj(Nil$.MODULE$), samlConfig().cookieSuffix(serviceDescriptor), samlConfig().id(), None$.MODULE$, PrivateAppsUser$.MODULE$.apply$default$9(), PrivateAppsUser$.MODULE$.apply$default$10(), PrivateAppsUser$.MODULE$.apply$default$11(), Nil$.MODULE$, Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("saml-id"), assertion.getSubject().getNameID().getValue())})), samlConfig().location()).validate(samlConfig().userValidators()));
    }

    @Override // otoroshi.auth.AuthModule
    public Future<Result> boLoginPage(RequestHeader requestHeader, GlobalConfig globalConfig, ExecutionContext executionContext, Env env) {
        return SAMLModule$.MODULE$.getRequest(env, samlConfig()).map(either -> {
            if (either instanceof Left) {
                return Results$.MODULE$.BadRequest().apply((String) ((Left) either).value(), Writeable$.MODULE$.wString(Codec$.MODULE$.utf_8()));
            }
            if (!(either instanceof Right)) {
                throw new MatchError(either);
            }
            String str = (String) ((Right) either).value();
            SAMLProtocolBinding ssoProtocolBinding = this.samlConfig().ssoProtocolBinding();
            SAMLProtocolBinding$Post$ sAMLProtocolBinding$Post$ = SAMLProtocolBinding$Post$.MODULE$;
            return (ssoProtocolBinding != null ? !ssoProtocolBinding.equals(sAMLProtocolBinding$Post$) : sAMLProtocolBinding$Post$ != null) ? Results$.MODULE$.Redirect(new StringBuilder(13).append(this.samlConfig().singleSignOnUrl()).append("?SAMLRequest=").append(URLEncoder.encode(str, "UTF-8")).toString(), Results$.MODULE$.Redirect$default$2(), Results$.MODULE$.Redirect$default$3()).addingToSession(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("hash"), env.sign(new StringBuilder(13).append(this.samlConfig().id()).append(":::backoffice").toString()))}), requestHeader) : Results$.MODULE$.Ok().apply(saml$.MODULE$.apply(str, this.samlConfig().singleSignOnUrl(), env, saml$.MODULE$.apply$default$4()), Writeable$.MODULE$.writeableOf_Content(Codec$.MODULE$.utf_8(), ContentTypeOf$.MODULE$.contentTypeOf_Html(Codec$.MODULE$.utf_8())));
        }, executionContext);
    }

    @Override // otoroshi.auth.AuthModule
    public Future<Either<Result, Option<String>>> boLogout(RequestHeader requestHeader, BackOfficeUser backOfficeUser, GlobalConfig globalConfig, ExecutionContext executionContext, Env env) {
        return SAMLModule$.MODULE$.getLogoutRequest(env, samlConfig(), new Some(backOfficeUser.metadata().getOrElse("saml-id", () -> {
            return "";
        }))).map(either -> {
            if (either instanceof Left) {
                return package$.MODULE$.Right().apply(None$.MODULE$);
            }
            if (!(either instanceof Right)) {
                throw new MatchError(either);
            }
            String str = (String) ((Right) either).value();
            SAMLProtocolBinding singleLogoutProtocolBinding = this.samlConfig().singleLogoutProtocolBinding();
            SAMLProtocolBinding$Post$ sAMLProtocolBinding$Post$ = SAMLProtocolBinding$Post$.MODULE$;
            if (singleLogoutProtocolBinding != null ? singleLogoutProtocolBinding.equals(sAMLProtocolBinding$Post$) : sAMLProtocolBinding$Post$ == null) {
                return package$.MODULE$.Left().apply(Results$.MODULE$.Ok().apply(saml$.MODULE$.apply(str, this.samlConfig().singleLogoutUrl(), env, saml$.MODULE$.apply$default$4()), Writeable$.MODULE$.writeableOf_Content(Codec$.MODULE$.utf_8(), ContentTypeOf$.MODULE$.contentTypeOf_Html(Codec$.MODULE$.utf_8()))));
            }
            env.Ws().url(new StringBuilder(13).append(this.samlConfig().singleLogoutUrl()).append("?SAMLRequest=").append(URLEncoder.encode(str, "UTF-8")).toString()).get();
            return package$.MODULE$.Right().apply(None$.MODULE$);
        }, executionContext);
    }

    @Override // otoroshi.auth.AuthModule
    public Future<Either<String, BackOfficeUser>> boCallback(Request<AnyContent> request, GlobalConfig globalConfig, ExecutionContext executionContext, Env env) {
        Some asFormUrlEncoded = ((AnyContent) request.body()).asFormUrlEncoded();
        if (!(asFormUrlEncoded instanceof Some)) {
            if (None$.MODULE$.equals(asFormUrlEncoded)) {
                return (Future) FastFuture$.MODULE$.successful().apply(package$.MODULE$.Left().apply(""));
            }
            throw new MatchError(asFormUrlEncoded);
        }
        Left decodeAndValidateSamlResponse = SAMLModule$.MODULE$.decodeAndValidateSamlResponse(env, samlConfig(), (String) ((IterableLike) ((Map) asFormUrlEncoded.value()).apply("SAMLResponse")).head(), "");
        if (decodeAndValidateSamlResponse instanceof Left) {
            String str = (String) decodeAndValidateSamlResponse.value();
            env.logger().error(() -> {
                return str;
            }, MarkerContext$.MODULE$.NoMarker());
            return (Future) FastFuture$.MODULE$.successful().apply(package$.MODULE$.Left().apply(str));
        }
        if (!(decodeAndValidateSamlResponse instanceof Right)) {
            throw new MatchError(decodeAndValidateSamlResponse);
        }
        Assertion assertion = (Assertion) ((List) ((Right) decodeAndValidateSamlResponse).value()).get(0);
        Map map = (Map) ((TraversableLike) ((TraversableOnce) ((Buffer) CollectionConverters$.MODULE$.asScalaBufferConverter(assertion.getAttributeStatements()).asScala()).flatMap(attributeStatement -> {
            return (Buffer) CollectionConverters$.MODULE$.asScalaBufferConverter(attributeStatement.getAttributes()).asScala();
        }, Buffer$.MODULE$.canBuildFrom())).toList().map(attribute -> {
            return new Tuple2(attribute.getName(), TwirlHelperImports$.MODULE$.twirlJavaCollectionToScala(attribute.getAttributeValues()).map(xMLObject -> {
                if (xMLObject instanceof XSStringImpl) {
                    return ((XSStringImpl) xMLObject).getValue();
                }
                if (xMLObject != null) {
                    return xMLObject.getDOM().getTextContent();
                }
                throw new MatchError(xMLObject);
            }, Iterable$.MODULE$.canBuildFrom()));
        }, List$.MODULE$.canBuildFrom())).groupBy(tuple2 -> {
            return (String) tuple2._1();
        }).map(tuple22 -> {
            return new Tuple2(tuple22._1(), ((scala.collection.immutable.List) tuple22._2()).flatMap(tuple22 -> {
                return (Iterable) tuple22._2();
            }, List$.MODULE$.canBuildFrom()));
        }, Map$.MODULE$.canBuildFrom());
        String value = samlConfig().usedNameIDAsEmail() ? assertion.getSubject().getNameID().getValue() : (String) map.get("Email").map(list -> {
            return (String) list.head();
        }).getOrElse(() -> {
            return "no.name@oto.tools";
        });
        String str2 = (String) map.get("Name").map(list2 -> {
            return (String) list2.head();
        }).getOrElse(() -> {
            return "No name";
        });
        return (Future) FastFuture$.MODULE$.successful().apply(new BackOfficeUser(IdGenerator$.MODULE$.token(64), str2, value, Json$.MODULE$.obj(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("name"), Json$.MODULE$.toJsFieldJsValueWrapper(str2, Writes$.MODULE$.StringWrites())), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("email"), Json$.MODULE$.toJsFieldJsValueWrapper(value, Writes$.MODULE$.StringWrites()))})), BackOfficeUser$.MODULE$.apply$default$5(), samlConfig().id(), false, BackOfficeUser$.MODULE$.apply$default$8(), BackOfficeUser$.MODULE$.apply$default$9(), BackOfficeUser$.MODULE$.apply$default$10(), Nil$.MODULE$, Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("saml-id"), assertion.getSubject().getNameID().getValue())})), new UserRights(new $colon.colon(new UserRight(TenantAccess$.MODULE$.apply(samlConfig().location().tenant().value()), (Seq) samlConfig().location().teams().map(teamId -> {
            return TeamAccess$.MODULE$.apply(teamId.value());
        }, Seq$.MODULE$.canBuildFrom())), Nil$.MODULE$)), samlConfig().location()).validate(samlConfig().userValidators()));
    }

    public SAMLModule copy(SamlAuthModuleConfig samlAuthModuleConfig) {
        return new SAMLModule(samlAuthModuleConfig);
    }

    public SamlAuthModuleConfig copy$default$1() {
        return samlConfig();
    }

    public String productPrefix() {
        return "SAMLModule";
    }

    public int productArity() {
        return 1;
    }

    public Object productElement(int i) {
        switch (i) {
            case 0:
                return samlConfig();
            default:
                throw new IndexOutOfBoundsException(Integer.toString(i));
        }
    }

    public Iterator<Object> productIterator() {
        return ScalaRunTime$.MODULE$.typedProductIterator(this);
    }

    public boolean canEqual(Object obj) {
        return obj instanceof SAMLModule;
    }

    public int hashCode() {
        return ScalaRunTime$.MODULE$._hashCode(this);
    }

    public String toString() {
        return ScalaRunTime$.MODULE$._toString(this);
    }

    public boolean equals(Object obj) {
        if (this != obj) {
            if (obj instanceof SAMLModule) {
                SAMLModule sAMLModule = (SAMLModule) obj;
                SamlAuthModuleConfig samlConfig = samlConfig();
                SamlAuthModuleConfig samlConfig2 = sAMLModule.samlConfig();
                if (samlConfig != null ? samlConfig.equals(samlConfig2) : samlConfig2 == null) {
                    if (sAMLModule.canEqual(this)) {
                    }
                }
            }
            return false;
        }
        return true;
    }

    public SAMLModule(SamlAuthModuleConfig samlAuthModuleConfig) {
        this.samlConfig = samlAuthModuleConfig;
        Product.$init$(this);
    }
}
