package org.wso2.carbon.hostobjects.sso.internal.builder;

import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.joda.time.DateTime;
import org.opensaml.common.SAMLVersion;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.impl.IssuerBuilder;
import org.opensaml.xml.Configuration;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.x509.X509Credential;
import org.opensaml.xml.signature.KeyInfo;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.Signer;
import org.opensaml.xml.signature.X509Certificate;
import org.opensaml.xml.signature.X509Data;
import org.opensaml.xml.util.Base64;
import org.wso2.carbon.hostobjects.sso.exception.SSOHostObjectException;
import org.wso2.carbon.hostobjects.sso.internal.util.SSOAgentCarbonX509Credential;
import org.wso2.carbon.hostobjects.sso.internal.util.Util;
import org.wso2.carbon.hostobjects.sso.internal.util.X509CredentialImpl;

/* loaded from: input_file:org/wso2/carbon/hostobjects/sso/internal/builder/AuthReqBuilder.class */
public class AuthReqBuilder {
    private static Log log = LogFactory.getLog(AuthReqBuilder.class);

    public AuthnRequest buildAuthenticationRequest(String str, String str2, boolean z, String str3) throws SSOHostObjectException {
        Util.doBootstrap();
        AuthnRequest buildXMLObject = Util.buildXMLObject(AuthnRequest.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setID(Util.createID());
        buildXMLObject.setVersion(SAMLVersion.VERSION_20);
        buildXMLObject.setIssueInstant(new DateTime());
        buildXMLObject.setIssuer(buildIssuer(str));
        buildXMLObject.setNameIDPolicy(Util.buildNameIDPolicy(str3));
        if (z) {
            buildXMLObject.setIsPassive(true);
        }
        if (!StringUtils.isEmpty(str2)) {
            buildXMLObject.setAssertionConsumerServiceURL(Util.processAcsUrl(str2));
        }
        return buildXMLObject;
    }

    public AuthnRequest buildSignedAuthRequest(String str, String str2, String str3, boolean z, int i, String str4, String str5) throws SSOHostObjectException {
        Util.doBootstrap();
        AuthnRequest buildXMLObject = Util.buildXMLObject(AuthnRequest.DEFAULT_ELEMENT_NAME);
        buildXMLObject.setID(Util.createID());
        buildXMLObject.setVersion(SAMLVersion.VERSION_20);
        buildXMLObject.setIssueInstant(new DateTime());
        buildXMLObject.setIssuer(buildIssuer(str));
        buildXMLObject.setNameIDPolicy(Util.buildNameIDPolicy(str5));
        if (!StringUtils.isEmpty(str3)) {
            buildXMLObject.setAssertionConsumerServiceURL(Util.processAcsUrl(str3));
        }
        if (z) {
            buildXMLObject.setIsPassive(true);
        }
        buildXMLObject.setDestination(str2);
        setSignature(buildXMLObject, "http://www.w3.org/2000/09/xmldsig#rsa-sha1", new X509CredentialImpl(new SSOAgentCarbonX509Credential(i, str4)));
        return buildXMLObject;
    }

    private static Issuer buildIssuer(String str) {
        Issuer buildObject = new IssuerBuilder().buildObject();
        buildObject.setValue(str);
        return buildObject;
    }

    public static AuthnRequest setSignature(AuthnRequest authnRequest, String str, X509Credential x509Credential) throws SSOHostObjectException {
        try {
            Signature buildXMLObject = Util.buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
            buildXMLObject.setSigningCredential(x509Credential);
            buildXMLObject.setSignatureAlgorithm(str);
            buildXMLObject.setCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
            KeyInfo buildXMLObject2 = Util.buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
            X509Data buildXMLObject3 = Util.buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
            X509Certificate buildXMLObject4 = Util.buildXMLObject(X509Certificate.DEFAULT_ELEMENT_NAME);
            buildXMLObject4.setValue(Base64.encodeBytes(x509Credential.getEntityCertificate().getEncoded()));
            buildXMLObject3.getX509Certificates().add(buildXMLObject4);
            buildXMLObject2.getX509Datas().add(buildXMLObject3);
            buildXMLObject.setKeyInfo(buildXMLObject2);
            authnRequest.setSignature(buildXMLObject);
            ArrayList arrayList = new ArrayList();
            arrayList.add(buildXMLObject);
            Configuration.getMarshallerFactory().getMarshaller(authnRequest).marshall(authnRequest);
            Signer.signObjects(arrayList);
            return authnRequest;
        } catch (CertificateEncodingException e) {
            handleException("Error getting certificate", e);
            return null;
        } catch (SignatureException e2) {
            handleException("Error while signing the SAML Request message", e2);
            return null;
        } catch (SSOHostObjectException e3) {
            handleException("Error while signing the SAML Request message", e3);
            return null;
        } catch (MarshallingException e4) {
            handleException("Error while marshalling auth request", e4);
            return null;
        }
    }

    private static void handleException(String str, Throwable th) throws SSOHostObjectException {
        log.error(str);
        throw new SSOHostObjectException(str, th);
    }
}
