package org.opensaml.provider;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.ProviderException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.log4j.NDC;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.opensaml.BindingException;
import org.opensaml.SAMLConfig;
import org.opensaml.SAMLException;
import org.opensaml.SAMLRequest;
import org.opensaml.SAMLResponse;
import org.opensaml.SAMLSOAPHTTPBinding;
import org.opensaml.SOAPBinding;
import org.opensaml.SOAPException;
import org.opensaml.XML;
import org.w3c.dom.Element;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:META-INF/lib/opensaml-1.1.jar:org/opensaml/provider/SOAPHTTPBindingProvider.class */
public class SOAPHTTPBindingProvider extends SOAPBinding implements SAMLSOAPHTTPBinding {
    private static SAMLConfig config = SAMLConfig.instance();
    private static SSLContext sslctx;
    private Logger log;
    private Map httpHooks;
    static Class class$org$opensaml$provider$SOAPHTTPBindingProvider;

    public SOAPHTTPBindingProvider(String str, Element element) throws SAMLException {
        Class cls;
        if (class$org$opensaml$provider$SOAPHTTPBindingProvider == null) {
            cls = class$("org.opensaml.provider.SOAPHTTPBindingProvider");
            class$org$opensaml$provider$SOAPHTTPBindingProvider = cls;
        } else {
            cls = class$org$opensaml$provider$SOAPHTTPBindingProvider;
        }
        this.log = Logger.getLogger(cls.getName());
        this.httpHooks = Collections.synchronizedMap(new HashMap(4));
        if (!str.equals("urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding")) {
            throw new SAMLException(new StringBuffer().append("SOAPHTTPBindingProvider does not support requested binding (").append(str).append(")").toString());
        }
    }

    @Override // org.opensaml.SAMLSOAPHTTPBinding
    public void addHook(SAMLSOAPHTTPBinding.HTTPHook hTTPHook) {
        addHook(hTTPHook, (Object) null);
    }

    @Override // org.opensaml.SAMLSOAPHTTPBinding
    public void addHook(SAMLSOAPHTTPBinding.HTTPHook hTTPHook, Object obj) {
        this.httpHooks.put(hTTPHook, obj);
    }

    @Override // org.opensaml.SAMLBinding
    public SAMLResponse send(String str, SAMLRequest sAMLRequest, Object obj) throws SAMLException {
        try {
            try {
                try {
                    try {
                        NDC.push(WSHandlerConstants.SEND);
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Preparing to send the following SAML request to ").append(str).append("\n").append(sAMLRequest.toString()).toString());
                        }
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Wrapping request to ").append(str).append(" in a SOAP envelope").toString());
                        }
                        Element sendRequest = sendRequest(sAMLRequest, obj);
                        this.log.debug(new StringBuffer().append("Setting connection properties for connecting to ").append(str).toString());
                        URLConnection openConnection = new URL(str).openConnection();
                        openConnection.setAllowUserInteraction(false);
                        openConnection.setDoOutput(true);
                        ((HttpURLConnection) openConnection).setInstanceFollowRedirects(false);
                        ((HttpURLConnection) openConnection).setRequestMethod("POST");
                        ((HttpURLConnection) openConnection).setRequestProperty("Content-Type", "text/xml; charset=UTF-8");
                        ((HttpURLConnection) openConnection).setRequestProperty("SOAPAction", "http://www.oasis-open.org/committees/security");
                        if ((openConnection instanceof HttpsURLConnection) && sslctx != null) {
                            if (this.log.isDebugEnabled()) {
                                this.log.debug(new StringBuffer().append("Connection to ").append(str).append(" is an HTTPS connection, setting default SSL socket factory.").toString());
                            }
                            ((HttpsURLConnection) openConnection).setSSLSocketFactory(sslctx.getSocketFactory());
                        }
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Connection to ").append(str).append(" set up, running ").append(this.httpHooks.size()).append(" outgoing client-side HTTP hooks.").toString());
                        }
                        for (Map.Entry entry : this.httpHooks.entrySet()) {
                            if (!((SAMLSOAPHTTPBinding.HTTPHook) entry.getKey()).outgoing((HttpURLConnection) openConnection, entry.getValue(), obj)) {
                                this.log.warn("HTTP processing hook returned false, aborting outgoing request");
                                throw new BindingException(SAMLException.REQUESTER, "SOAPHTTPBindingProvider.send() HTTP processing hook returned false, aborted outgoing request");
                            }
                        }
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Connecting to ").append(str).toString());
                        }
                        openConnection.connect();
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Canonicalizing SOAP envelope-wrapped request and sending it to ").append(str).toString());
                        }
                        openConnection.getOutputStream().write(Canonicalizer.getInstance("http://www.w3.org/TR/2001/REC-xml-c14n-20010315").canonicalizeSubtree(sendRequest));
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Message sent to ").append(str).append(", running ").append(this.httpHooks.size()).append(" incoming client-side HTTP hooks.").toString());
                        }
                        for (Map.Entry entry2 : this.httpHooks.entrySet()) {
                            if (!((SAMLSOAPHTTPBinding.HTTPHook) entry2.getKey()).incoming((HttpURLConnection) openConnection, entry2.getValue(), obj)) {
                                this.log.warn("HTTP processing hook returned false, aborting incoming response");
                                throw new BindingException("SOAPHTTPBindingProvider.send() HTTP processing hook returned false, aborted incoming response");
                            }
                        }
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Starting to process response from ").append(str).toString());
                        }
                        String contentType = ((HttpURLConnection) openConnection).getContentType();
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Response content type is ").append(contentType).toString());
                        }
                        if (contentType == null || !contentType.startsWith("text/xml")) {
                            this.log.error(new StringBuffer().append("received an invalid content type in the response (").append(contentType != null ? contentType : "none").append("), with the following content:").toString());
                            this.log.error(new BufferedReader(new InputStreamReader(openConnection.getInputStream())).readLine());
                            throw new BindingException(new StringBuffer().append("SOAPHTTPBindingProvider.send() detected an invalid content type (").append(contentType != null ? contentType : "none").append(") in the response.").toString());
                        }
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Unmarshalling response from ").append(str).append(" into a DOM document.").toString());
                        }
                        Element documentElement = XML.parserPool.parse(new InputSource(openConnection.getInputStream()), sAMLRequest.getMinorVersion() > 0 ? XML.parserPool.getSchemaSAML11() : XML.parserPool.getSchemaSAML10()).getDocumentElement();
                        if (this.log.isDebugEnabled()) {
                            this.log.debug("Parsing and verifying SOAP response and retrieving SAML response from it.");
                        }
                        SAMLResponse recvResponse = recvResponse(documentElement, obj);
                        if (this.log.isDebugEnabled()) {
                            this.log.debug(new StringBuffer().append("Received the following SAML response as the response to the request to ").append(str).append("\n").append(recvResponse.toString()).toString());
                        }
                        if (recvResponse.getInResponseTo().equals(sAMLRequest.getId())) {
                            NDC.pop();
                            return recvResponse;
                        }
                        this.log.error(new StringBuffer().append("Unable to match SAML InResponseTo value to request made to ").append(str).toString());
                        throw new BindingException("SOAPHTTPBindingProvider.send() unable to match SAML InResponseTo value to request");
                    } catch (IOException e) {
                        throw new SAMLException("SAMLSOAPBinding.send() caught an I/O exception", e);
                    }
                } catch (CanonicalizationException e2) {
                    throw new SAMLException("SAMLSOAPBinding.send() caught a C14N exception while serializing the request", e2);
                } catch (SAXException e3) {
                    throw new SAMLException("SAMLSOAPBinding.send() caught an XML exception while parsing the response", e3);
                }
            } catch (MalformedURLException e4) {
                throw new SAMLException("SAMLSOAPBinding.send() detected a malformed URL in the binding provided", e4);
            } catch (InvalidCanonicalizerException e5) {
                throw new SAMLException("SAMLSOAPBinding.send() caught a C14N exception while serializing the request", e5);
            }
        } catch (Throwable th) {
            NDC.pop();
            throw th;
        }
    }

    @Override // org.opensaml.SAMLBinding
    public SAMLRequest receive(Object obj, Object obj2, int i) throws SAMLException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) obj;
        if (!httpServletRequest.getMethod().equals("POST") || !httpServletRequest.getContentType().startsWith("text/xml")) {
            throw new BindingException(SAMLException.REQUESTER, "SOAPHTTPBindingProvider.receive() found bad HTTP method or content type");
        }
        for (Map.Entry entry : this.httpHooks.entrySet()) {
            if (!((SAMLSOAPHTTPBinding.HTTPHook) entry.getKey()).incoming(httpServletRequest, entry.getValue(), obj2)) {
                this.log.warn("HTTP processing hook returned false, aborting incoming request");
                throw new BindingException(SAMLException.REQUESTER, "SOAPHTTPBindingProvider.recvRequest() HTTP processing hook returned false, aborted incoming request");
            }
        }
        try {
            return recvRequest(XML.parserPool.parse(new InputSource((InputStream) httpServletRequest.getInputStream()), i > 0 ? XML.parserPool.getSchemaSAML11() : XML.parserPool.getSchemaSAML10()).getDocumentElement(), obj2);
        } catch (IOException e) {
            throw new SOAPException(SOAPException.SERVER, new StringBuffer().append("SOAPHTTPBindingProvider.receive() detected an I/O error: ").append(e.getMessage()).toString());
        } catch (SAXException e2) {
            throw new SOAPException(SOAPException.CLIENT, new StringBuffer().append("SOAPHTTPBindingProvider.receive() detected an XML parsing error: ").append(e2.getMessage()).toString());
        }
    }

    @Override // org.opensaml.SAMLBinding
    public void respond(Object obj, SAMLResponse sAMLResponse, SAMLException sAMLException, Object obj2) throws SAMLException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) obj;
        try {
            Element sendResponse = sendResponse(sAMLResponse, sAMLException, obj2);
            for (Map.Entry entry : this.httpHooks.entrySet()) {
                if (!((SAMLSOAPHTTPBinding.HTTPHook) entry.getKey()).outgoing(httpServletResponse, entry.getValue(), obj2)) {
                    this.log.warn("HTTP processing hook returned false, aborting outgoing response");
                    throw new BindingException("SOAPHTTPBindingProvider.respond() HTTP processing hook returned false, aborted outgoing response");
                }
            }
            Canonicalizer canonicalizer = Canonicalizer.getInstance("http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
            if (sAMLException != null) {
                httpServletResponse.setStatus(500);
            }
            httpServletResponse.setContentType("text/xml; charset=UTF-8");
            httpServletResponse.getOutputStream().write(canonicalizer.canonicalizeSubtree(sendResponse));
        } catch (IOException e) {
            e.printStackTrace();
            throw new SAMLException("SAMLSOAPBinding.respond() caught I/O exception while sending error response", e);
        } catch (CanonicalizationException e2) {
            e2.printStackTrace();
            try {
                httpServletResponse.sendError(500, "SAMLSOAPBinding.respond() unable to serialize XML document instance");
            } catch (IOException e3) {
                throw new SAMLException("SAMLSOAPBinding.respond() caught I/O exception while sending error response", e3);
            }
        } catch (InvalidCanonicalizerException e4) {
            e4.printStackTrace();
            try {
                httpServletResponse.sendError(500, "SAMLSOAPBinding.respond() unable to serialize XML document instance");
            } catch (IOException e5) {
                throw new SAMLException("SAMLSOAPBinding.respond() caught I/O exception while sending error response", e5);
            }
        }
    }

    @Override // org.opensaml.SAMLBinding
    public SAMLResponse send(String str, SAMLRequest sAMLRequest) throws SAMLException {
        return send(str, sAMLRequest, null);
    }

    @Override // org.opensaml.SAMLBinding
    public SAMLRequest receive(Object obj, int i) throws SAMLException {
        return receive(obj, null, i);
    }

    @Override // org.opensaml.SAMLBinding
    public void respond(Object obj, SAMLResponse sAMLResponse, SAMLException sAMLException) throws SAMLException {
        respond(obj, sAMLResponse, sAMLException, null);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        sslctx = null;
        try {
            String property = config.getProperty("org.opensaml.ssl.keystore");
            String property2 = config.getProperty("org.opensaml.ssl.truststore");
            if (property != null || property2 != null) {
                KeyManagerFactory keyManagerFactory = null;
                TrustManagerFactory trustManagerFactory = null;
                if (property != null) {
                    String property3 = config.getProperty("org.opensaml.ssl.keystore-pwd");
                    String property4 = config.getProperty("org.opensaml.ssl.key-pwd");
                    String property5 = config.getProperty("org.opensaml.ssl.keystore-type");
                    KeyStore keyStore = KeyStore.getInstance(property5 != null ? property5 : "JKS");
                    keyStore.load(new FileInputStream(property), property3 != null ? property3.toCharArray() : null);
                    keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                    keyManagerFactory.init(keyStore, property4 != null ? property4.toCharArray() : null);
                }
                if (property2 != null) {
                    String property6 = config.getProperty("org.opensaml.ssl.truststore-pwd");
                    String property7 = config.getProperty("org.opensaml.ssl.truststore-type");
                    KeyStore keyStore2 = KeyStore.getInstance(property7 != null ? property7 : "JKS");
                    keyStore2.load(new FileInputStream(property2), property6 != null ? property6.toCharArray() : null);
                    trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
                    trustManagerFactory.init(keyStore2);
                }
                sslctx = SSLContext.getInstance("SSL");
                sslctx.init(keyManagerFactory != null ? keyManagerFactory.getKeyManagers() : null, trustManagerFactory != null ? trustManagerFactory.getTrustManagers() : null, null);
            }
        } catch (IOException e) {
            throw new ProviderException(new StringBuffer().append("SOAPHTTPBindingProvider caught I/O error initializing SSL context: ").append(e.getMessage()).toString());
        } catch (GeneralSecurityException e2) {
            throw new ProviderException(new StringBuffer().append("SOAPHTTPBindingProvider caught security exception initializing SSL context: ").append(e2.getMessage()).toString());
        }
    }
}
