package org.apereo.cas.support.saml.web.idp.profile.artifact;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Objects;
import java.util.Optional;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceMetadataAdaptor;
import org.apereo.cas.support.saml.web.idp.profile.AbstractSamlIdPProfileHandlerController;
import org.apereo.cas.support.saml.web.idp.profile.SamlProfileHandlerConfigurationContext;
import org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileBuilderContext;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.artifact.SamlArtifactTicket;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.LoggingUtils;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.saml.saml2.core.ArtifactResolve;
import org.opensaml.saml.saml2.core.RequestAbstractType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.PostMapping;

/* loaded from: input_file:org/apereo/cas/support/saml/web/idp/profile/artifact/SamlIdPSaml1ArtifactResolutionProfileHandlerController.class */
public class SamlIdPSaml1ArtifactResolutionProfileHandlerController extends AbstractSamlIdPProfileHandlerController {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(SamlIdPSaml1ArtifactResolutionProfileHandlerController.class);

    public SamlIdPSaml1ArtifactResolutionProfileHandlerController(SamlProfileHandlerConfigurationContext samlProfileHandlerConfigurationContext) {
        super(samlProfileHandlerConfigurationContext);
    }

    /* JADX WARN: Type inference failed for: r0v61, types: [org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileBuilderContext$SamlProfileBuilderContextBuilder] */
    /* JADX WARN: Type inference failed for: r0v8, types: [org.apereo.cas.support.saml.web.idp.profile.builders.SamlProfileBuilderContext$SamlProfileBuilderContextBuilder] */
    @PostMapping(path = {"/idp/profile/SAML1/SOAP/ArtifactResolution"})
    protected void handlePostRequest(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws Throwable {
        MessageContext decodeSoapRequest = decodeSoapRequest(httpServletRequest);
        ArtifactResolve artifactResolve = (ArtifactResolve) decodeSoapRequest.getMessage();
        try {
            String value = ((ArtifactResolve) Objects.requireNonNull(artifactResolve)).getIssuer().getValue();
            SamlRegisteredService verifySamlRegisteredService = verifySamlRegisteredService(value, httpServletRequest);
            Optional<SamlRegisteredServiceMetadataAdaptor> samlMetadataFacadeFor = getSamlMetadataFacadeFor(verifySamlRegisteredService, (RequestAbstractType) artifactResolve);
            if (samlMetadataFacadeFor.isEmpty()) {
                throw UnauthorizedServiceException.denied("Cannot find metadata linked to %s".formatted(value));
            }
            SamlRegisteredServiceMetadataAdaptor samlRegisteredServiceMetadataAdaptor = samlMetadataFacadeFor.get();
            verifyAuthenticationContextSignature(decodeSoapRequest, httpServletRequest, (RequestAbstractType) artifactResolve, samlRegisteredServiceMetadataAdaptor, verifySamlRegisteredService);
            String createTicketIdFor = getConfigurationContext().getTicketFactory().get(SamlArtifactTicket.class).createTicketIdFor(artifactResolve.getArtifact().getValue());
            SamlArtifactTicket ticket = getConfigurationContext().getTicketRegistry().getTicket(createTicketIdFor, SamlArtifactTicket.class);
            if (ticket == null) {
                throw new InvalidTicketException(createTicketIdFor);
            }
            getConfigurationContext().getResponseBuilder().mo26build(SamlProfileBuilderContext.builder().samlRequest(artifactResolve).httpRequest(httpServletRequest).httpResponse(httpServletResponse).authenticatedAssertion(Optional.of(buildCasAssertion(ticket.getTicketGrantingTicket().getAuthentication(), getConfigurationContext().getWebApplicationServiceFactory().createService(value), verifySamlRegisteredService, CollectionUtils.wrap("artifact", ticket)))).registeredService(verifySamlRegisteredService).adaptor(samlRegisteredServiceMetadataAdaptor).binding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact").messageContext(decodeSoapRequest).build());
        } catch (Exception e) {
            LoggingUtils.error(LOGGER, e);
            httpServletRequest.setAttribute("samlError", "Unable to build SOAP response: " + StringUtils.defaultString(e.getMessage()));
            getConfigurationContext().getSamlFaultResponseBuilder().mo26build(SamlProfileBuilderContext.builder().samlRequest(artifactResolve).httpRequest(httpServletRequest).httpResponse(httpServletResponse).binding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact").messageContext(decodeSoapRequest).build());
        }
    }
}
