package com.suncode.sso.authenticator;

import com.google.gson.Gson;
import com.suncode.plugin.framework.Plugin;
import com.suncode.plugin.pluginconfigurationmanager.configuration.definition.file.service.ConfigurationFileService;
import com.suncode.pwfl.administration.configuration.SystemProperties;
import com.suncode.pwfl.security.AuthenticationButton;
import com.suncode.pwfl.security.AuthenticationResult;
import com.suncode.pwfl.security.Authenticator;
import com.suncode.pwfl.security.SSORedirectType;
import com.suncode.pwfl.security.saml.SamlDecoder;
import com.suncode.pwfl.translation.Translator;
import com.suncode.pwfl.translation.Translators;
import com.suncode.sso.authenticator.configuration.ConfigurationDto;
import com.suncode.sso.authenticator.configuration.saml.SamlRequestGenerator;
import com.suncode.sso.authenticator.exception.SsoConfigurationMissingException;
import com.suncode.sso.authenticator.exception.UnsupportedAuthenticationSolutionException;
import java.io.IOException;
import java.io.Reader;
import java.io.StringReader;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/suncode/sso/authenticator/SsoAuthenticator.class */
public class SsoAuthenticator implements Authenticator {
    private static final String PROVIDER_SSO_URL = "SingleSignOnURL";
    public static final String CONFIG_FILE_ID = "SSO Config";
    public static final String ENTITY_DESCRIPTOR_FILE_ID = "Entity Descriptor";
    private final Gson gson = new Gson();
    private ConfigurationDto configuration;

    @Autowired
    private Plugin plugin;

    @Autowired
    private SamlRequestGenerator samlRequestGenerator;

    @Autowired
    private ConfigurationFileService fileConfigurationService;
    private static final Logger log = LoggerFactory.getLogger(SsoAuthenticator.class);
    private static final Translator translator = Translators.get(SsoAuthenticator.class);

    @PostConstruct
    private void init() throws IOException {
        this.configuration = (ConfigurationDto) this.gson.fromJson(IOUtils.toString(this.fileConfigurationService.readFile(this.plugin.getKey(), CONFIG_FILE_ID), Charset.defaultCharset()), ConfigurationDto.class);
    }

    public String getName() {
        validateSooConfiguration();
        return this.configuration.getSolution().name();
    }

    public AuthenticationResult authenticate(HttpServletRequest httpServletRequest) {
        try {
            return new AuthenticationResult(true, extractUserName(httpServletRequest));
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            return new AuthenticationResult(false, (String) null);
        }
    }

    public AuthenticationButton authenticationButtonDefinition() {
        String string = SystemProperties.getString(PROVIDER_SSO_URL);
        if (StringUtils.isBlank(string)) {
            log.error("SingleSignOnURL system parameter in Authentication.SSO category can not be empty");
            return generateErrorButton();
        }
        try {
            return AuthenticationButton.builder().name(translator.getMessage("sso.authenticator.buttonName", new Object[]{getName()})).redirectType(SSORedirectType.POST).url(string).postParameters(generatePostParameters()).styles(buttonStyles()).build();
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            return generateErrorButton();
        }
    }

    private AuthenticationButton generateErrorButton() {
        return AuthenticationButton.builder().name(translator.getMessage("sso.authenticator.buttonNameError")).styles(buttonErrorStyles()).build();
    }

    private Map<String, String> generatePostParameters() {
        validateSooConfiguration();
        if (this.configuration.getSolution().isSamlSolution()) {
            return Collections.singletonMap("SAMLRequest", this.samlRequestGenerator.generateSamlRequest(this.configuration.getSolution(), this.configuration.getSamlConfig()));
        }
        throw new UnsupportedAuthenticationSolutionException(this.configuration.getSolution());
    }

    private String extractUserName(HttpServletRequest httpServletRequest) throws Exception {
        validateSooConfiguration();
        if (this.configuration.getSolution().isSamlSolution()) {
            return SamlDecoder.decodeUserId(httpServletRequest.getParameter("SAMLResponse"), getCertificateReader());
        }
        throw new UnsupportedAuthenticationSolutionException(this.configuration.getSolution());
    }

    private void validateSooConfiguration() {
        if (this.configuration.getSolution() == null) {
            throw new SsoConfigurationMissingException();
        }
    }

    private Reader getCertificateReader() throws IOException {
        return new StringReader(IOUtils.toString(this.fileConfigurationService.readFile(this.plugin.getKey(), ENTITY_DESCRIPTOR_FILE_ID), StandardCharsets.UTF_8));
    }

    private Map<String, String> buttonStyles() {
        HashMap hashMap = new HashMap();
        hashMap.put("color", "white");
        hashMap.put("background", "linear-gradient(#007dc1,#0073b2)");
        hashMap.put("border-color", "#004b75");
        return hashMap;
    }

    private Map<String, String> buttonErrorStyles() {
        HashMap hashMap = new HashMap();
        hashMap.put("color", "white");
        hashMap.put("background", "linear-gradient(#EB6262,#EF7272)");
        hashMap.put("border-color", "#FF2D2D");
        return hashMap;
    }
}
