package org.jasig.cas.web.view;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;
import org.jasig.cas.authentication.Authentication;
import org.jasig.cas.authentication.SamlAuthenticationMetaDataPopulator;
import org.jasig.cas.authentication.principal.RememberMeCredentials;
import org.jasig.cas.authentication.principal.SamlService;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.validation.Assertion;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAttribute;
import org.opensaml.SAMLAttributeStatement;
import org.opensaml.SAMLAudienceRestrictionCondition;
import org.opensaml.SAMLAuthenticationStatement;
import org.opensaml.SAMLException;
import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLResponse;
import org.opensaml.SAMLSubject;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-3.4.11.jar:org/jasig/cas/web/view/Saml10SuccessResponseView.class */
public class Saml10SuccessResponseView extends AbstractCasView {
    private static final String NAMESPACE = "http://www.ja-sig.org/products/cas/";
    private static final String DEFAULT_ENCODING = "UTF-8";
    private static final String REMEMBER_ME_ATTRIBUTE_NAME = "longTermAuthenticationRequestTokenUsed";

    @NotNull
    private String issuer;
    private long issueLength = 30000;

    @NotNull
    private String encoding = "UTF-8";

    @NotNull
    private String rememberMeAttributeName = REMEMBER_ME_ATTRIBUTE_NAME;

    @Override // org.springframework.web.servlet.view.AbstractView
    protected void renderMergedOutputModel(Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        try {
            Assertion assertionFrom = getAssertionFrom(map);
            Authentication authentication = assertionFrom.getChainedAuthentications().get(0);
            Date date = new Date();
            String str = (String) authentication.getAttributes().get(SamlAuthenticationMetaDataPopulator.ATTRIBUTE_AUTHENTICATION_METHOD);
            Service service = assertionFrom.getService();
            SAMLResponse sAMLResponse = new SAMLResponse(null, service.getId(), new ArrayList(), null);
            boolean z = authentication.getAttributes().get(RememberMeCredentials.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME) == Boolean.TRUE && !assertionFrom.isFromNewLogin();
            sAMLResponse.setIssueInstant(date);
            if (service instanceof SamlService) {
                SamlService samlService = (SamlService) service;
                if (samlService.getRequestID() != null) {
                    sAMLResponse.setInResponseTo(samlService.getRequestID());
                }
            }
            SAMLAssertion sAMLAssertion = new SAMLAssertion();
            sAMLAssertion.setIssueInstant(date);
            sAMLAssertion.setIssuer(this.issuer);
            sAMLAssertion.setNotBefore(date);
            sAMLAssertion.setNotOnOrAfter(new Date(date.getTime() + this.issueLength));
            SAMLAudienceRestrictionCondition sAMLAudienceRestrictionCondition = new SAMLAudienceRestrictionCondition();
            sAMLAudienceRestrictionCondition.addAudience(service.getId());
            SAMLAuthenticationStatement sAMLAuthenticationStatement = new SAMLAuthenticationStatement();
            sAMLAuthenticationStatement.setAuthInstant(authentication.getAuthenticatedDate());
            sAMLAuthenticationStatement.setAuthMethod(str != null ? str : SAMLAuthenticationStatement.AuthenticationMethod_Unspecified);
            sAMLAuthenticationStatement.setSubject(getSamlSubject(authentication));
            if (!authentication.getPrincipal().getAttributes().isEmpty() || z) {
                SAMLAttributeStatement sAMLAttributeStatement = new SAMLAttributeStatement();
                sAMLAttributeStatement.setSubject(getSamlSubject(authentication));
                sAMLAssertion.addStatement(sAMLAttributeStatement);
                for (Map.Entry<String, Object> entry : authentication.getPrincipal().getAttributes().entrySet()) {
                    SAMLAttribute sAMLAttribute = new SAMLAttribute();
                    sAMLAttribute.setName(entry.getKey());
                    sAMLAttribute.setNamespace(NAMESPACE);
                    if (entry.getValue() instanceof Collection) {
                        Collection collection = (Collection) entry.getValue();
                        if (!collection.isEmpty()) {
                            sAMLAttribute.setValues(collection);
                        }
                    } else {
                        sAMLAttribute.addValue(entry.getValue());
                    }
                    sAMLAttributeStatement.addAttribute(sAMLAttribute);
                }
                if (z) {
                    SAMLAttribute sAMLAttribute2 = new SAMLAttribute();
                    sAMLAttribute2.setName(this.rememberMeAttributeName);
                    sAMLAttribute2.setNamespace(NAMESPACE);
                    sAMLAttribute2.addValue(true);
                    sAMLAttributeStatement.addAttribute(sAMLAttribute2);
                }
            }
            sAMLAssertion.addStatement(sAMLAuthenticationStatement);
            sAMLAssertion.addCondition(sAMLAudienceRestrictionCondition);
            sAMLResponse.addAssertion(sAMLAssertion);
            String sAMLResponse2 = sAMLResponse.toString();
            httpServletResponse.setContentType("text/xml; charset=" + this.encoding);
            httpServletResponse.getWriter().print("<?xml version=\"1.0\" encoding=\"" + this.encoding + "\"?>");
            httpServletResponse.getWriter().print("<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\"><SOAP-ENV:Header/><SOAP-ENV:Body>");
            httpServletResponse.getWriter().print(sAMLResponse2);
            httpServletResponse.getWriter().print("</SOAP-ENV:Body></SOAP-ENV:Envelope>");
            httpServletResponse.flushBuffer();
        } catch (Exception e) {
            this.log.error(e.getMessage(), (Throwable) e);
            throw e;
        }
    }

    protected SAMLSubject getSamlSubject(Authentication authentication) throws SAMLException {
        SAMLSubject sAMLSubject = new SAMLSubject();
        sAMLSubject.addConfirmationMethod(SAMLSubject.CONF_ARTIFACT);
        SAMLNameIdentifier sAMLNameIdentifier = new SAMLNameIdentifier();
        sAMLNameIdentifier.setName(authentication.getPrincipal().getId());
        sAMLSubject.setNameIdentifier(sAMLNameIdentifier);
        return sAMLSubject;
    }

    public void setIssueLength(long j) {
        this.issueLength = j;
    }

    public void setIssuer(String str) {
        this.issuer = str;
    }

    public void setEncoding(String str) {
        this.encoding = str;
    }

    public void setRememberMeAttributeName(String str) {
        this.rememberMeAttributeName = str;
    }
}
