package org.apereo.cas.support.saml.web.flow;

import java.util.Optional;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServiceAccessStrategyUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.saml.mdui.MetadataUIUtils;
import org.apereo.cas.support.saml.services.SamlRegisteredService;
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade;
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver;
import org.apereo.cas.web.support.WebUtils;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/support/saml/web/flow/SamlIdPMetadataUIAction.class */
public class SamlIdPMetadataUIAction extends AbstractAction {
    private final ServicesManager servicesManager;
    private final SamlRegisteredServiceCachingMetadataResolver resolver;
    private final AuthenticationServiceSelectionPlan serviceSelectionStrategy;

    public SamlIdPMetadataUIAction(ServicesManager servicesManager, SamlRegisteredServiceCachingMetadataResolver samlRegisteredServiceCachingMetadataResolver, AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan) {
        this.servicesManager = servicesManager;
        this.resolver = samlRegisteredServiceCachingMetadataResolver;
        this.serviceSelectionStrategy = authenticationServiceSelectionPlan;
    }

    protected Event doExecute(RequestContext requestContext) throws Exception {
        Service resolveService = this.serviceSelectionStrategy.resolveService(WebUtils.getService(requestContext));
        if (resolveService != null) {
            RegisteredService findServiceBy = this.servicesManager.findServiceBy(resolveService);
            RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(resolveService, findServiceBy);
            if (findServiceBy instanceof SamlRegisteredService) {
                Optional optional = SamlRegisteredServiceServiceProviderMetadataFacade.get(this.resolver, (SamlRegisteredService) SamlRegisteredService.class.cast(findServiceBy), resolveService.getId());
                if (!optional.isPresent()) {
                    throw new UnauthorizedServiceException("screen.service.error.message", "Cannot find metadata linked to " + resolveService.getId());
                }
                WebUtils.putServiceUserInterfaceMetadata(requestContext, MetadataUIUtils.locateMetadataUserInterfaceForEntityId(((SamlRegisteredServiceServiceProviderMetadataFacade) optional.get()).getEntityDescriptor(), resolveService.getId(), findServiceBy, WebUtils.getHttpServletRequest(requestContext)));
            }
        }
        return success();
    }
}
