package nl._42.boot.saml.config;

import java.net.URI;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import nl._42.boot.saml.SAMLProperties;
import nl._42.boot.saml.web.SAMLDefaultEntryPoint;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;

@Component
/* loaded from: input_file:nl/_42/boot/saml/config/SAMLLoginUrlResolver.class */
class SAMLLoginUrlResolver {
    private static final Logger log = LoggerFactory.getLogger(SAMLLoginUrlResolver.class);
    private final RestTemplate template = new RestTemplate();
    private final SAMLProperties properties;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:nl/_42/boot/saml/config/SAMLLoginUrlResolver$UriBuilder.class */
    public class UriBuilder {
        private StringBuilder uri = new StringBuilder();

        UriBuilder(String str) {
            append(str);
        }

        UriBuilder path(String str) {
            if (!str.isEmpty() && !str.startsWith("/")) {
                this.uri.append("/");
            }
            return append(str);
        }

        UriBuilder append(String str) {
            if (str.endsWith("/")) {
                return append(str.substring(0, str.length() - 1));
            }
            this.uri.append(str);
            return this;
        }

        String build() {
            return this.uri.toString();
        }
    }

    SAMLLoginUrlResolver(SAMLProperties sAMLProperties) {
        this.properties = sAMLProperties;
    }

    public String getLoginUrl(HttpServletRequest httpServletRequest) {
        if (!this.properties.isEnabled()) {
            return "";
        }
        String loginUrl = getLoginUrl(httpServletRequest.getParameter(SAMLDefaultEntryPoint.SUCCESS_URL_PARAMETER));
        if (this.properties.isSkipLoginRedirect()) {
            loginUrl = getLocation(loginUrl);
        }
        return loginUrl;
    }

    private String getLoginUrl(String str) {
        UriBuilder path = new UriBuilder(this.properties.getSpBaseUrl()).path("/saml/login");
        if (StringUtils.isNotEmpty(str)) {
            path.append("?successUrl=").append(str);
        }
        return path.build();
    }

    private String getLocation(String str) {
        ResponseEntity forEntity = this.template.getForEntity(str, String.class, new Object[0]);
        HttpStatus statusCode = forEntity.getStatusCode();
        if (statusCode.is3xxRedirection()) {
            URI location = forEntity.getHeaders().getLocation();
            Objects.requireNonNull("SAML login with status " + statusCode.value() + " (redirect) is missing the required 'Location' header");
            str = location.toString();
        } else {
            log.warn("Expected HTTP status 3xx (redirect) on login, but received {}, please disable 'saml.skip_login_redirect'", Integer.valueOf(statusCode.value()));
        }
        return str;
    }
}
