package com.sun.identity.federation.message;

import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.message.common.Extension;
import com.sun.identity.federation.message.common.FSMsgException;
import com.sun.identity.federation.message.common.RequestAuthnContext;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLResponderException;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.protocol.AbstractRequest;
import com.sun.identity.saml.xmlsig.XMLSignatureManager;
import com.sun.identity.shared.DateUtils;
import com.sun.identity.shared.encode.Base64;
import com.sun.identity.shared.encode.URLEncDec;
import com.sun.identity.shared.xml.XMLUtils;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.forgerock.openam.utils.Time;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

@Deprecated
/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/federation/message/FSAuthnRequest.class */
public class FSAuthnRequest extends AbstractRequest {
    private List extensions;
    private boolean isPassive;
    private boolean forceAuthn;
    private boolean federate;
    private String nameIDPolicy;
    private String protocolProfile;
    private String providerId;
    private RequestAuthnContext authnContext;
    private String relayState;
    protected String xmlString;
    protected String signatureString;
    protected String authContextCompType;
    protected String id;
    protected String assertionConsumerServiceID;
    protected String consentURI;
    protected String affiliationID;
    protected int minorVersion;
    protected FSScoping scoping;
    private static final String QUERY_STRING_EXTENSION_PREFIX = "AE_";

    public FSAuthnRequest() {
        this.extensions = null;
        this.isPassive = false;
        this.forceAuthn = false;
        this.federate = false;
        this.nameIDPolicy = null;
        this.protocolProfile = null;
        this.providerId = null;
        this.authnContext = null;
        this.relayState = null;
        this.xmlString = null;
        this.signatureString = null;
        this.authContextCompType = null;
        this.id = null;
        this.assertionConsumerServiceID = null;
        this.consentURI = null;
        this.affiliationID = null;
        this.minorVersion = 0;
        this.scoping = null;
        setIssueInstant(Time.newDate());
    }

    public FSAuthnRequest(String str, List list, String str2, boolean z, boolean z2, boolean z3, String str3, String str4, RequestAuthnContext requestAuthnContext, String str5, String str6) throws FSMsgException {
        this.extensions = null;
        this.isPassive = false;
        this.forceAuthn = false;
        this.federate = false;
        this.nameIDPolicy = null;
        this.protocolProfile = null;
        this.providerId = null;
        this.authnContext = null;
        this.relayState = null;
        this.xmlString = null;
        this.signatureString = null;
        this.authContextCompType = null;
        this.id = null;
        this.assertionConsumerServiceID = null;
        this.consentURI = null;
        this.affiliationID = null;
        this.minorVersion = 0;
        this.scoping = null;
        setIssueInstant(Time.newDate());
        if (list != null && list != Collections.EMPTY_LIST) {
            int size = list.size();
            for (int i = 0; i < size; i++) {
                if (!(list.get(i) instanceof String)) {
                    FSUtils.debug.error("FSAuthnRequest: wrong input for RespondWith");
                    throw new FSMsgException("wrongInput", (Object[]) null);
                }
            }
            this.respondWiths = list;
        }
        if (str == null || str.length() == 0) {
            this.requestID = SAMLUtils.generateID();
            if (this.requestID == null) {
                FSUtils.debug.error("FSAuthnRequest: couldn't gen RequestID.");
                throw new FSMsgException("errorGenerateID", (Object[]) null);
            }
        } else {
            this.requestID = str;
        }
        this.isPassive = z2;
        this.forceAuthn = z;
        this.providerId = str2;
        this.federate = z3;
        this.nameIDPolicy = str3;
        this.protocolProfile = str4;
        this.relayState = str5;
        this.authnContext = requestAuthnContext;
        this.authContextCompType = str6;
        this.id = this.requestID;
    }

    public FSAuthnRequest(Element element) throws FSMsgException {
        this.extensions = null;
        this.isPassive = false;
        this.forceAuthn = false;
        this.federate = false;
        this.nameIDPolicy = null;
        this.protocolProfile = null;
        this.providerId = null;
        this.authnContext = null;
        this.relayState = null;
        this.xmlString = null;
        this.signatureString = null;
        this.authContextCompType = null;
        this.id = null;
        this.assertionConsumerServiceID = null;
        this.consentURI = null;
        this.affiliationID = null;
        this.minorVersion = 0;
        this.scoping = null;
        if (element == null) {
            FSUtils.debug.error("FSAuthnRequest(Element): null input.");
            throw new FSMsgException("nullInput", (Object[]) null);
        }
        String localName = element.getLocalName();
        if (localName == null || !localName.equals("AuthnRequest")) {
            FSUtils.debug.error("FSAuthnRequest(Element): wrong input");
            throw new FSMsgException("wrongInput", (Object[]) null);
        }
        String attribute = element.getAttribute("IssueInstant");
        if (attribute == null || attribute.length() == 0) {
            FSUtils.debug.error("FSAuthnRequest(Element): missing IssueInstant");
            throw new FSMsgException("missingAttribute", new String[]{"IssueInstant"});
        }
        try {
            this.issueInstant = DateUtils.stringToDate(attribute);
            this.consentURI = element.getAttribute(IFSConstants.CONSENT);
            this.id = element.getAttribute("id");
            this.requestID = element.getAttribute("RequestID");
            parseMajorVersion(element.getAttribute(IFSConstants.MAJOR_VERSION));
            parseMinorVersion(element.getAttribute(IFSConstants.MINOR_VERSION));
            NodeList childNodes = element.getChildNodes();
            int length = childNodes.getLength();
            for (int i = 0; i < length; i++) {
                Node item = childNodes.item(i);
                String localName2 = item.getLocalName();
                if (localName2 != null) {
                    if (localName2.equals(IFSConstants.RESPONDWITH)) {
                        if (this.respondWiths == Collections.EMPTY_LIST) {
                            this.respondWiths = new ArrayList();
                        }
                        this.respondWiths.add(XMLUtils.getElementValue((Element) item));
                    } else if (localName2.equals("ProviderID")) {
                        if (this.providerId != null && this.providerId.length() != 0) {
                            FSUtils.debug.error("FSAuthnRequest(Element): shouldcontain only one ProviderID.");
                            throw new FSMsgException("wrongInput", (Object[]) null);
                        }
                        this.providerId = XMLUtils.getElementValue((Element) item);
                    } else if (localName2.equals("NameIDPolicy")) {
                        this.nameIDPolicy = XMLUtils.getElementValue((Element) item);
                        if (this.nameIDPolicy != null && (this.nameIDPolicy.equals(IFSConstants.NAME_ID_POLICY_FEDERATED) || this.nameIDPolicy.equals(IFSConstants.NAME_ID_POLICY_ONETIME))) {
                            this.federate = true;
                        }
                    } else if (localName2.equals(IFSConstants.FEDERATE)) {
                        String elementValue = XMLUtils.getElementValue((Element) item);
                        if ((elementValue != null && elementValue.length() != 0 && elementValue.equals("true")) || elementValue.equals("1")) {
                            this.federate = true;
                        }
                    } else if (localName2.equals("IsPassive")) {
                        String elementValue2 = XMLUtils.getElementValue((Element) item);
                        if (elementValue2 == null || elementValue2.length() == 0 || !elementValue2.equals("true")) {
                            this.isPassive = false;
                        } else {
                            this.isPassive = true;
                        }
                    } else if (localName2.equals("ForceAuthn")) {
                        String elementValue3 = XMLUtils.getElementValue((Element) item);
                        if (elementValue3 == null || elementValue3.length() == 0 || !elementValue3.equals("true")) {
                            this.forceAuthn = false;
                        } else {
                            this.forceAuthn = true;
                        }
                    } else if (localName2.equals(IFSConstants.PROTOCOL_PROFILE)) {
                        if (this.protocolProfile != null && this.protocolProfile.length() != 0) {
                            FSUtils.debug.error("FSAuthnRequest(Element): should contain only one ProtocolProfile.");
                            throw new FSMsgException("wrongInput", (Object[]) null);
                        }
                        this.protocolProfile = XMLUtils.getElementValue((Element) item);
                    } else if (localName2.equals("AuthnContext")) {
                        this.authnContext = new RequestAuthnContext((Element) item);
                    } else if (localName2.equals("RequestAuthnContext")) {
                        this.authnContext = new RequestAuthnContext((Element) item);
                    } else if (localName2.equals("RelayState")) {
                        this.relayState = XMLUtils.getElementValue((Element) item);
                    } else if (localName2.equals(IFSConstants.AUTHN_CONTEXT_COMPARISON)) {
                        this.authContextCompType = XMLUtils.getElementValue((Element) item);
                        if (!this.authContextCompType.equals(IFSConstants.MINIMUM) && !this.authContextCompType.equals("exact") && !this.authContextCompType.equals(IFSConstants.MAXIMUM) && !this.authContextCompType.equals(IFSConstants.BETTER)) {
                            throw new FSMsgException("wrongInput", (Object[]) null);
                        }
                    } else if (localName2.equals(IFSConstants.ASSERTION_CONSUMER_SVC_ID)) {
                        this.assertionConsumerServiceID = XMLUtils.getElementValue((Element) item);
                    } else if (localName2.equals(IFSConstants.AFFILIATIONID)) {
                        this.affiliationID = XMLUtils.getElementValue((Element) item);
                    } else if (localName2.equals(IFSConstants.EXTENSION)) {
                        if (this.extensions == null) {
                            this.extensions = new ArrayList();
                        }
                        this.extensions.add(new Extension((Element) item));
                    } else {
                        if (!localName2.equals("Scoping")) {
                            FSUtils.debug.error("FSAuthnRequest(Element): invalid node" + localName2);
                            throw new FSMsgException("wrongInput", (Object[]) null);
                        }
                        this.scoping = new FSScoping((Element) item);
                    }
                }
            }
            List elementsByTagNameNS1 = XMLUtils.getElementsByTagNameNS1(element, "http://www.w3.org/2000/09/xmldsig#", "Signature");
            int size = elementsByTagNameNS1.size();
            if (size == 1) {
                setSignature((Element) elementsByTagNameNS1.get(0));
                this.xmlString = XMLUtils.print(element);
                this.signed = true;
            } else if (size != 0) {
                FSUtils.debug.error("FSAuthnRequest(Element): included more than one Signature element.");
                throw new FSMsgException("moreElement", (Object[]) null);
            }
        } catch (ParseException e) {
            FSUtils.debug.error("FSAuthnRequest(Element): could not parse IssueInstant", e);
            throw new FSMsgException("wrongInput", (Object[]) null);
        }
    }

    public String toXMLString() throws FSMsgException {
        return toXMLString(true, true);
    }

    public String toXMLString(boolean z, boolean z2) throws FSMsgException {
        return toXMLString(z, z2, false);
    }

    public String toXMLString(boolean z, boolean z2, boolean z3) throws FSMsgException {
        if (this.xmlString != null) {
            return this.xmlString;
        }
        if (this.providerId == null || this.providerId.length() == 0) {
            FSUtils.debug.error("FSAuthnRequest.toXMLString: providerId is null in the request with requestId:" + this.requestID);
            throw new FSMsgException("nullProviderIdWRequestId", new String[]{this.requestID});
        }
        if (this.requestID == null || this.requestID.length() == 0) {
            this.requestID = SAMLUtils.generateID();
            if (this.requestID == null) {
                FSUtils.debug.error("FSAuthnRequest.toXMLString: couldn't generate RequestID.");
                throw new FSMsgException("errorGenerateID", (Object[]) null);
            }
        }
        StringBuffer stringBuffer = new StringBuffer(300);
        if (z3) {
            stringBuffer.append(IFSConstants.XML_PREFIX).append("UTF-8").append("\" ?>");
        }
        String str = "";
        String str2 = "";
        String str3 = "";
        String str4 = "";
        if (z) {
            str = IFSConstants.LIB_PREFIX;
            str2 = "samlp:";
        }
        if (z2) {
            str3 = this.minorVersion == 2 ? IFSConstants.LIB_12_NAMESPACE_STRING : IFSConstants.LIB_NAMESPACE_STRING;
            str4 = " xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\"";
        }
        String uTCDateFormat = DateUtils.toUTCDateFormat(this.issueInstant);
        if (this.requestID == null) {
            FSUtils.debug.error("FSAuthnRequest.toString: requestID is null ");
            throw new FSMsgException("nullAuthnRequestID", (Object[]) null);
        }
        stringBuffer.append("<").append(str).append("AuthnRequest").append(str3).append(" ").append(str4);
        if (this.minorVersion == 0 && this.id != null && this.id.length() != 0) {
            stringBuffer.append(" ").append("id").append('=').append("\"").append(this.id).append("\"");
        }
        stringBuffer.append(" ").append("RequestID").append('=').append("\"").append(this.requestID).append("\"").append(" ").append(IFSConstants.MAJOR_VERSION).append('=').append("\"").append(this.majorVersion).append("\"").append(" ").append(IFSConstants.MINOR_VERSION).append('=').append("\"").append(this.minorVersion).append("\"").append(" ").append("IssueInstant").append('=').append("\"").append(uTCDateFormat).append("\"");
        if (this.consentURI != null) {
            stringBuffer.append(" ").append(IFSConstants.CONSENT).append('=').append("\"").append(this.consentURI).append("\"");
        }
        stringBuffer.append(">");
        if (this.respondWiths != null && this.respondWiths != Collections.EMPTY_LIST) {
            Iterator it = this.respondWiths.iterator();
            while (it.hasNext()) {
                stringBuffer.append("<").append(str2).append(IFSConstants.RESPONDWITH).append(">").append((String) it.next()).append("</").append(str2).append(IFSConstants.RESPONDWITH).append(">");
            }
        }
        if (this.signed) {
            if (this.signatureString != null) {
                stringBuffer.append(this.signatureString);
            } else if (this.signature != null) {
                this.signatureString = XMLUtils.print(this.signature);
                stringBuffer.append(this.signatureString);
            }
        }
        if (this.extensions != null && !this.extensions.isEmpty()) {
            for (Extension extension : this.extensions) {
                extension.setMinorVersion(this.minorVersion);
                stringBuffer.append(extension.toXMLString());
            }
        }
        stringBuffer.append("<").append(str).append("ProviderID").append(">").append(this.providerId).append("</").append(str).append("ProviderID").append(">");
        if (this.affiliationID != null) {
            stringBuffer.append("<").append(str).append(IFSConstants.AFFILIATIONID).append(">").append(this.affiliationID).append("</").append(str).append(IFSConstants.AFFILIATIONID).append(">");
        }
        if (this.minorVersion == 2) {
            String str5 = "none";
            if (this.federate) {
                str5 = IFSConstants.NAME_ID_POLICY_FEDERATED;
                if (this.nameIDPolicy != null && this.nameIDPolicy.length() > 0) {
                    str5 = this.nameIDPolicy;
                }
            }
            stringBuffer.append("<").append(str).append("NameIDPolicy").append(">").append(str5).append("</").append(str).append("NameIDPolicy").append(">");
        } else {
            stringBuffer.append("<").append(str).append(IFSConstants.FEDERATE).append(">").append(this.federate ? "true" : "false").append("</").append(str).append(IFSConstants.FEDERATE).append(">");
        }
        stringBuffer.append("<").append(str).append("ForceAuthn").append(">").append(this.forceAuthn ? "true" : "false").append("</").append(str).append("ForceAuthn").append(">");
        stringBuffer.append("<").append(str).append("IsPassive").append(">").append(this.isPassive ? "true" : "false").append("</").append(str).append("IsPassive").append(">");
        if (this.protocolProfile != null && this.protocolProfile.length() != 0) {
            stringBuffer.append("<").append(str).append(IFSConstants.PROTOCOL_PROFILE).append(">").append(this.protocolProfile).append("</").append(str).append(IFSConstants.PROTOCOL_PROFILE).append(">");
        }
        if (this.assertionConsumerServiceID != null) {
            stringBuffer.append("<").append(str).append(IFSConstants.ASSERTION_CONSUMER_SVC_ID).append(">").append(this.assertionConsumerServiceID).append("</").append(str).append(IFSConstants.ASSERTION_CONSUMER_SVC_ID).append(">");
        }
        if (this.authnContext != null) {
            this.authnContext.setMinorVersion(this.minorVersion);
            stringBuffer.append(this.authnContext.toXMLString());
        }
        if (this.relayState != null && this.relayState.length() != 0) {
            stringBuffer.append("<").append(str).append("RelayState").append(">").append(XMLUtils.escapeSpecialCharacters(this.relayState)).append("</").append(str).append("RelayState").append(">");
        }
        if (this.minorVersion == 2 && this.scoping != null) {
            stringBuffer.append(this.scoping.toXMLString(true, false));
        }
        if (this.minorVersion == 0 && this.authContextCompType != null && this.authContextCompType.length() != 0) {
            stringBuffer.append("<").append(str).append(IFSConstants.AUTHN_CONTEXT_COMPARISON).append(">").append(this.authContextCompType).append("</").append(str).append(IFSConstants.AUTHN_CONTEXT_COMPARISON).append(">");
        }
        stringBuffer.append("</").append(str).append("AuthnRequest").append(">");
        return stringBuffer.toString();
    }

    public static FSAuthnRequest parseXML(String str) throws FSMsgException {
        Document dOMDocument = XMLUtils.toDOMDocument(str, FSUtils.debug);
        if (dOMDocument != null) {
            return new FSAuthnRequest(dOMDocument.getDocumentElement());
        }
        FSUtils.debug.error("FSAuthnRequest.parseXML:Error while parsing input xml string");
        throw new FSMsgException("parseError", (Object[]) null);
    }

    public String getSignedXMLString() {
        return this.xmlString;
    }

    public String getSignatureString() {
        return this.signatureString;
    }

    public List getExtensions() {
        return this.extensions;
    }

    public void setExtensions(List list) {
        this.extensions = list;
    }

    public boolean getForceAuthn() {
        return this.forceAuthn;
    }

    public void setForceAuthn(boolean z) {
        this.forceAuthn = z;
    }

    public boolean getIsPassive() {
        return this.isPassive;
    }

    public void setIsPassive(boolean z) {
        this.isPassive = z;
    }

    public boolean getFederate() {
        return this.federate;
    }

    public void setFederate(boolean z) {
        this.federate = z;
    }

    public String getNameIDPolicy() {
        return this.nameIDPolicy;
    }

    public void setNameIDPolicy(String str) {
        this.nameIDPolicy = str;
    }

    public String getProtocolProfile() {
        return this.protocolProfile;
    }

    public void setProtocolProfile(String str) {
        this.protocolProfile = str;
    }

    public String getRelayState() {
        return this.relayState;
    }

    public void setRelayState(String str) {
        this.relayState = str;
    }

    public RequestAuthnContext getAuthnContext() {
        return this.authnContext;
    }

    public void setAuthnContext(RequestAuthnContext requestAuthnContext) {
        this.authnContext = requestAuthnContext;
    }

    public String getProviderId() {
        return this.providerId;
    }

    public void setProviderId(String str) {
        this.providerId = str;
    }

    public String getAuthContextCompType() {
        return this.authContextCompType;
    }

    public void setAuthContextCompType(String str) {
        this.authContextCompType = str;
    }

    public String getID() {
        return this.id;
    }

    public void setID(String str) {
        this.id = str;
    }

    @Override // com.sun.identity.saml.protocol.AbstractRequest
    public int getMinorVersion() {
        return this.minorVersion;
    }

    @Override // com.sun.identity.saml.protocol.AbstractRequest
    public void setMinorVersion(int i) {
        this.minorVersion = i;
    }

    public String getAffiliationID() {
        return this.affiliationID;
    }

    public void setAffiliationID(String str) {
        this.affiliationID = str;
    }

    public String getAssertionConsumerServiceID() {
        return this.assertionConsumerServiceID;
    }

    public void setAssertionConsumerServiceID(String str) {
        this.assertionConsumerServiceID = str;
    }

    public String getConsent() {
        return this.consentURI;
    }

    public void setConsent(String str) {
        this.consentURI = str;
    }

    public void setScoping(FSScoping fSScoping) {
        this.scoping = fSScoping;
    }

    public FSScoping getScoping() {
        return this.scoping;
    }

    private void parseMajorVersion(String str) throws FSMsgException {
        try {
            this.majorVersion = Integer.parseInt(str);
            if (this.majorVersion != 1) {
                if (this.majorVersion > 1) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("FSAuthnRequest(Element): MajorVersion of the AuthnRequest is too high.");
                    }
                    throw new FSMsgException("requestVersionTooHigh", (Object[]) null);
                }
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSAuthnRequest(Element): MajorVersion of the AuthnRequest is too low.");
                }
                throw new FSMsgException("requestVersionTooLow", (Object[]) null);
            }
        } catch (NumberFormatException e) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest(Element): invalid MajorVersion", e);
            }
            throw new FSMsgException("wrongInput", (Object[]) null);
        }
    }

    private void parseMinorVersion(String str) throws FSMsgException {
        try {
            this.minorVersion = Integer.parseInt(str);
            if (this.minorVersion > 2) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSAuthnRequest.checkMinorVersion: Minor Version of the AuthnRequest is too high.");
                }
                throw new FSMsgException("requestVersionTooHigh", (Object[]) null);
            }
            if (this.minorVersion < 0) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSAuthnRequest.checkMinorVersion: Minor Version of the AuthnRequest is too low.");
                }
                throw new FSMsgException("requestVersionTooLow", (Object[]) null);
            }
        } catch (NumberFormatException e) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest(Element): invalid MinorVersion", e);
            }
            throw new FSMsgException("wrongInput", (Object[]) null);
        }
    }

    private static int checkMajorVersion(String str) throws FSMsgException {
        if (str == null) {
            throw new FSMsgException("nullMajorVersion", (Object[]) null);
        }
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt == 1) {
                return parseInt;
            }
            if (parseInt > 1) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSAuthnRequest.checkMajorVersion: MajorVersion of the AuthnRequest is too high" + parseInt);
                }
                throw new FSMsgException("requestVersionTooHigh", (Object[]) null);
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest.checkMajorVersion:MajorVersion of the AuthnRequest is too low. " + parseInt);
            }
            throw new FSMsgException("requestVersionTooLow", (Object[]) null);
        } catch (NumberFormatException e) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest.checkMajorVersion: invalid MajorVersion: " + e.getMessage());
            }
            throw new FSMsgException("wrongInput", (Object[]) null);
        }
    }

    private static int checkMinorVersion(String str) throws FSMsgException {
        if (str == null) {
            throw new FSMsgException("nullMinorVersion", (Object[]) null);
        }
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt == 2 || parseInt == 0) {
                return parseInt;
            }
            if (parseInt > 2) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSAuthnRequest.checkMinorVersion: Minor Version of the AuthnRequest is too high.");
                }
                throw new FSMsgException("requestVersionTooHigh", (Object[]) null);
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest.checkMinorVersion: Minor Version of the AuthnRequest is too low.");
            }
            throw new FSMsgException("requestVersionTooLow", (Object[]) null);
        } catch (NumberFormatException e) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest.checkMinorVersion: invalid MinorVersion", e);
            }
            throw new FSMsgException("wrongInput", (Object[]) null);
        }
    }

    public String toURLEncodedQueryString() throws FSMsgException {
        if (this.providerId == null || this.providerId.length() == 0) {
            FSUtils.debug.error("FSAuthnRequest.toURLEncodedQueryString: providerId is null in the request with requestId:" + this.requestID);
            throw new FSMsgException("nullProviderIdWRequestId", new String[]{this.requestID});
        }
        if (this.requestID == null || this.requestID.length() == 0) {
            this.requestID = SAMLUtils.generateID();
            if (this.requestID == null) {
                FSUtils.debug.error("FSAuthnRequest.toURLEncodedQueryString: couldn't generate RequestID.");
                throw new FSMsgException("errorGenerateID", (Object[]) null);
            }
        }
        StringBuffer stringBuffer = new StringBuffer(300);
        stringBuffer.append("RequestID").append('=').append(URLEncDec.encode(this.requestID)).append('&').append(IFSConstants.MAJOR_VERSION).append('=').append(this.majorVersion).append('&').append(IFSConstants.MINOR_VERSION).append('=').append(this.minorVersion).append('&');
        if (this.extensions != null && !this.extensions.isEmpty()) {
            stringBuffer.append(((Extension) this.extensions.get(0)).toURLEncodedQueryString(QUERY_STRING_EXTENSION_PREFIX)).append('&');
            if (this.extensions.size() > 1 && FSUtils.debug.warningEnabled()) {
                FSUtils.debug.warning("FSAuthnRequest.toURLEncodedQueryString: only one Extension element is allowed and extras  will be removed");
            }
        }
        stringBuffer.append("ProviderID").append('=').append(URLEncDec.encode(this.providerId)).append('&');
        if (this.consentURI != null) {
            stringBuffer.append(IFSConstants.CONSENT).append('=').append(URLEncDec.encode(this.consentURI)).append('&');
        }
        if (this.affiliationID != null) {
            stringBuffer.append(IFSConstants.AFFILIATIONID).append('=').append(URLEncDec.encode(this.affiliationID)).append('&');
        }
        if (this.issueInstant == null) {
            FSUtils.debug.error("FSAuthnRequest.toURLEncodedQueryString: issueInstant missing");
            throw new FSMsgException("missingAttribute", new String[]{"IssueInstant"});
        }
        stringBuffer.append("IssueInstant").append('=').append(URLEncDec.encode(DateUtils.toUTCDateFormat(this.issueInstant))).append('&');
        stringBuffer.append("ForceAuthn").append('=').append(this.forceAuthn ? "true" : "false").append('&');
        stringBuffer.append("IsPassive").append('=').append(this.isPassive ? "true" : "false").append('&');
        if (this.minorVersion == 2) {
            String str = "none";
            if (this.federate) {
                str = IFSConstants.NAME_ID_POLICY_FEDERATED;
                if (this.nameIDPolicy != null && this.nameIDPolicy.length() > 0) {
                    str = this.nameIDPolicy;
                }
            }
            stringBuffer.append("NameIDPolicy").append('=').append(str).append('&');
        } else {
            stringBuffer.append(IFSConstants.FEDERATE).append('=').append(this.federate ? "true" : "false").append('&');
        }
        if (this.protocolProfile != null && this.protocolProfile.length() != 0) {
            stringBuffer.append(IFSConstants.PROTOCOL_PROFILE).append('=').append(URLEncDec.encode(this.protocolProfile)).append('&');
        }
        if (this.authnContext != null) {
            this.authnContext.setMinorVersion(this.minorVersion);
            stringBuffer.append(this.authnContext.toURLEncodedQueryString());
        }
        if (this.relayState != null && this.relayState.length() != 0) {
            stringBuffer.append("RelayState").append('=').append(URLEncDec.encode(this.relayState)).append('&');
        }
        if (this.scoping != null) {
            stringBuffer.append(this.scoping.toURLEncodedQueryString());
        }
        if (this.minorVersion == 0 && this.authContextCompType != null && this.authContextCompType.length() != 0) {
            stringBuffer.append(IFSConstants.AUTHN_CONTEXT_COMPARISON).append('=').append(URLEncDec.encode(this.authContextCompType)).append('&');
        }
        int length = stringBuffer.length() - 1;
        if (stringBuffer.charAt(length) == '&') {
            stringBuffer = stringBuffer.deleteCharAt(length);
        }
        return stringBuffer.toString();
    }

    public String toBASE64EncodedString() throws FSMsgException {
        if (this.providerId == null || this.providerId.length() == 0) {
            FSUtils.debug.error("FSAuthnRequest.toBASE64EncodedString: providerId is null in the request with requestId:" + this.requestID);
            throw new FSMsgException("nullProviderIdWRequestId", new String[]{this.requestID});
        }
        if (this.requestID == null || this.requestID.length() == 0) {
            this.requestID = SAMLUtils.generateID();
            if (this.requestID == null) {
                FSUtils.debug.error("FSAuthnRequest.toBASE64EncodedString: couldn't generate RequestID.");
                throw new FSMsgException("errorGenerateID", (Object[]) null);
            }
        }
        return Base64.encode(toXMLString().getBytes());
    }

    public static FSAuthnRequest parseURLEncodedRequest(HttpServletRequest httpServletRequest) throws FSMsgException {
        FSAuthnRequest fSAuthnRequest = new FSAuthnRequest();
        String parameter = httpServletRequest.getParameter("RequestID");
        if (parameter == null || parameter.length() == 0) {
            throw new FSMsgException("nullAuthnRequestID", (Object[]) null);
        }
        fSAuthnRequest.requestID = parameter;
        String parameter2 = httpServletRequest.getParameter("IssueInstant");
        if (parameter2 == null || parameter2.length() == 0) {
            throw new FSMsgException("missingAttribute", new String[]{"IssueInstant"});
        }
        try {
            fSAuthnRequest.issueInstant = DateUtils.stringToDate(parameter2);
            fSAuthnRequest.majorVersion = checkMajorVersion(httpServletRequest.getParameter(IFSConstants.MAJOR_VERSION));
            fSAuthnRequest.minorVersion = checkMinorVersion(httpServletRequest.getParameter(IFSConstants.MINOR_VERSION));
            String parameter3 = httpServletRequest.getParameter("ProviderID");
            if (parameter3 == null || parameter3.length() == 0) {
                throw new FSMsgException("nullProviderIdInRequest", (Object[]) null);
            }
            FSUtils.debug.message("ProviderID of the sender: " + parameter3);
            fSAuthnRequest.providerId = parameter3;
            fSAuthnRequest.affiliationID = httpServletRequest.getParameter(IFSConstants.AFFILIATIONID);
            String parameter4 = httpServletRequest.getParameter("ForceAuthn");
            if (parameter4 == null || parameter4.length() == 0 || !(parameter4.equals("true") || parameter4.equals("1"))) {
                fSAuthnRequest.forceAuthn = false;
            } else {
                fSAuthnRequest.forceAuthn = true;
            }
            String parameter5 = httpServletRequest.getParameter("IsPassive");
            if (parameter5 == null || parameter5.length() == 0 || !(parameter5.equals("true") || parameter5.equals("1"))) {
                fSAuthnRequest.isPassive = false;
            } else {
                fSAuthnRequest.isPassive = true;
            }
            if (fSAuthnRequest.minorVersion == 2) {
                String parameter6 = httpServletRequest.getParameter("NameIDPolicy");
                if (parameter6 != null && (parameter6.equals(IFSConstants.NAME_ID_POLICY_FEDERATED) || parameter6.equals(IFSConstants.NAME_ID_POLICY_ONETIME))) {
                    fSAuthnRequest.federate = true;
                }
                fSAuthnRequest.nameIDPolicy = parameter6;
            } else {
                String parameter7 = httpServletRequest.getParameter(IFSConstants.FEDERATE);
                if (parameter7 == null || parameter7.length() == 0 || !(parameter7.equals("true") || parameter7.equals("1"))) {
                    fSAuthnRequest.federate = false;
                } else {
                    fSAuthnRequest.federate = true;
                }
            }
            String parameter8 = httpServletRequest.getParameter(IFSConstants.PROTOCOL_PROFILE);
            if (parameter8 != null && parameter8.length() != 0) {
                fSAuthnRequest.protocolProfile = parameter8;
            }
            String parameter9 = httpServletRequest.getParameter("RelayState");
            if (parameter9 != null && parameter9.length() != 0) {
                fSAuthnRequest.setRelayState(parameter9);
            }
            String parameter10 = httpServletRequest.getParameter(IFSConstants.AUTHN_CONTEXT_COMPARISON);
            if (parameter10 != null && parameter10.length() != 0) {
                fSAuthnRequest.setAuthContextCompType(parameter10);
                String authContextCompType = fSAuthnRequest.getAuthContextCompType();
                if (!authContextCompType.equals(IFSConstants.MINIMUM) && !authContextCompType.equals("exact") && !authContextCompType.equals(IFSConstants.MAXIMUM) && !authContextCompType.equals(IFSConstants.BETTER)) {
                    throw new FSMsgException("wrongInput", (Object[]) null);
                }
            }
            fSAuthnRequest.authnContext = RequestAuthnContext.parseURLEncodedRequest(httpServletRequest, fSAuthnRequest.getMinorVersion());
            fSAuthnRequest.scoping = FSScoping.parseURLEncodedRequest(httpServletRequest);
            Extension parseURLEncodedRequest = Extension.parseURLEncodedRequest(httpServletRequest, QUERY_STRING_EXTENSION_PREFIX, fSAuthnRequest.getMinorVersion());
            if (parseURLEncodedRequest != null) {
                fSAuthnRequest.extensions = new ArrayList();
                fSAuthnRequest.extensions.add(parseURLEncodedRequest);
            }
            return fSAuthnRequest;
        } catch (ParseException e) {
            throw new FSMsgException("parseError", (Object[]) null);
        }
    }

    public static FSAuthnRequest parseBASE64EncodedString(String str) throws FSMsgException {
        if (str == null || str.length() == 0) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest.parseBASE64EncodedString: null String passed in as argument.");
            }
            throw new FSMsgException("nullInput", (Object[]) null);
        }
        String str2 = new String(Base64.decode(str));
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnRequest.parseBASE64EncodedString: decoded input string: " + str2);
        }
        return parseXML(str2);
    }

    public void signXML(String str) throws SAMLException {
        FSUtils.debug.message("FSAuthnRequest.signXML: Called");
        if (this.signed) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthnRequest.signXML: the assertion is already signed.");
            }
            throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "alreadySigned", null);
        }
        if (str == null || str.length() == 0) {
            throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "cannotFindCertAlias", null);
        }
        try {
            XMLSignatureManager xMLSignatureManager = XMLSignatureManager.getInstance();
            if (this.minorVersion == 0) {
                this.signatureString = xMLSignatureManager.signXML(toXMLString(true, true), str, (String) null, "id", this.id, false);
            } else if (this.minorVersion == 2) {
                this.signatureString = xMLSignatureManager.signXML(toXMLString(true, true), str, (String) null, "RequestID", getRequestID(), false);
            } else if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("invalid minor version.");
            }
            this.signature = XMLUtils.toDOMDocument(this.signatureString, FSUtils.debug).getDocumentElement();
            this.signed = true;
            this.xmlString = toXMLString(true, true);
        } catch (Exception e) {
            throw new SAMLResponderException(FSUtils.BUNDLE_NAME, "signFailed", null);
        }
    }

    @Override // com.sun.identity.saml.protocol.AbstractRequest
    public void signXML() throws SAMLException {
        throw new SAMLException(FSUtils.BUNDLE_NAME, "unsupportedOperation", null);
    }

    @Override // com.sun.identity.saml.protocol.AbstractRequest
    public boolean setSignature(Element element) {
        this.signatureString = XMLUtils.print(element);
        return super.setSignature(element);
    }
}
