package com.tibco.bw.auth.saml2.idpimpl;

import com.tibco.bw.auth.saml2.IdpAuthHandler;
import com.tibco.bw.auth.saml2.IdpConstants;
import com.tibco.bw.auth.saml2.IdpEnum;
import com.tibco.bw.auth.saml2.SAMLException;
import java.io.IOException;
import java.net.Authenticator;
import java.net.PasswordAuthentication;
import java.net.Proxy;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.SSLSocketFactory;
import javax.xml.bind.DatatypeConverter;
import org.apache.velocity.runtime.resource.loader.StringResourceLoader;
import org.jsoup.Connection;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Element;

/* loaded from: input_file:com/tibco/bw/auth/saml2/idpimpl/GenericIdpAuthHandler.class */
public class GenericIdpAuthHandler implements IdpAuthHandler {
    private SSLSocketFactory sSLSocketFactory = null;

    @Override // com.tibco.bw.auth.saml2.IdpAuthHandler
    public String generateSAMLAssertion(IdpEnum.Idp idp, String str, String str2, String str3, boolean z, boolean z2, Proxy proxy, final String str4, final String str5, SSLSocketFactory sSLSocketFactory) throws IOException, SAMLException {
        this.sSLSocketFactory = sSLSocketFactory;
        if (z2 && str4 != null && str5 != null) {
            Authenticator.setDefault(new Authenticator() { // from class: com.tibco.bw.auth.saml2.idpimpl.GenericIdpAuthHandler.1
                @Override // java.net.Authenticator
                protected PasswordAuthentication getPasswordAuthentication() {
                    return new PasswordAuthentication(str4, str5.toCharArray());
                }
            });
        }
        Connection.Response loginForm = getLoginForm(str, z2, proxy);
        String invokeSAMLRequest = invokeSAMLRequest(getFormActionUrl(idp, str, loginForm), loginForm.cookies(), preparePayload(idp, str2, str3), z2, proxy);
        return !z ? invokeSAMLRequest : new String(DatatypeConverter.parseBase64Binary(invokeSAMLRequest), StringResourceLoader.REPOSITORY_ENCODING_DEFAULT);
    }

    private Connection.Response getLoginForm(String str, boolean z, Proxy proxy) throws IOException {
        Connection.Response response = null;
        if (!z && this.sSLSocketFactory == null) {
            response = Jsoup.connect(str).followRedirects(true).method(Connection.Method.GET).execute();
        } else if (z && this.sSLSocketFactory == null) {
            response = Jsoup.connect(str).followRedirects(true).method(Connection.Method.GET).proxy(proxy).execute();
        } else if (!z && this.sSLSocketFactory != null) {
            response = Jsoup.connect(str).followRedirects(true).method(Connection.Method.GET).sslSocketFactory(this.sSLSocketFactory).execute();
        } else if (z && this.sSLSocketFactory != null) {
            response = Jsoup.connect(str).followRedirects(true).method(Connection.Method.GET).proxy(proxy).sslSocketFactory(this.sSLSocketFactory).execute();
        }
        return response;
    }

    private Map<String, String> preparePayload(IdpEnum.Idp idp, String str, String str2) {
        HashMap hashMap = new HashMap();
        if (idp == IdpEnum.Idp.PingFederate) {
            hashMap.put(IdpConstants.PING_USERNAME, str);
            hashMap.put(IdpConstants.PING_PASSWORD, str2);
        } else if (idp == IdpEnum.Idp.Shibboleth) {
            hashMap.put(IdpConstants.SHIBBOLETH_USERNAME, str);
            hashMap.put(IdpConstants.SHIBBOLETH_PASSWORD, str2);
        } else if (idp == IdpEnum.Idp.ADFS) {
            hashMap.put(IdpConstants.ADFS_USERNAME, str);
            hashMap.put(IdpConstants.ADFS_PASSWORD, str2);
            hashMap.put(IdpConstants.ADFS_AUTH_METHOD, "FormsAuthentication");
        }
        return hashMap;
    }

    private String getFormActionUrl(IdpEnum.Idp idp, String str, Connection.Response response) throws IOException {
        if (idp != IdpEnum.Idp.PingFederate && idp != IdpEnum.Idp.Shibboleth && idp == IdpEnum.Idp.ADFS) {
            return str;
        }
        return str;
    }

    private String invokeSAMLRequest(String str, Map<String, String> map, Map<String, String> map2, boolean z, Proxy proxy) throws IOException, SAMLException {
        Connection.Response response = null;
        if (!z && this.sSLSocketFactory == null) {
            response = Jsoup.connect(str).method(Connection.Method.POST).data(map2).cookies(map).execute();
        } else if (z && this.sSLSocketFactory == null) {
            response = Jsoup.connect(str).method(Connection.Method.POST).data(map2).cookies(map).proxy(proxy).execute();
        } else if (!z && this.sSLSocketFactory != null) {
            response = Jsoup.connect(str).method(Connection.Method.POST).data(map2).cookies(map).sslSocketFactory(this.sSLSocketFactory).execute();
        } else if (z && this.sSLSocketFactory != null) {
            response = Jsoup.connect(str).method(Connection.Method.POST).data(map2).cookies(map).proxy(proxy).sslSocketFactory(this.sSLSocketFactory).execute();
        }
        if (response.statusCode() == 200) {
            String str2 = null;
            Iterator<Element> it = response.parse().select("input").iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Element next = it.next();
                if (next.attr("name").equals("SAMLResponse")) {
                    str2 = next.val();
                    break;
                }
            }
            if (str2 != null) {
                return str2;
            }
        }
        throw new SAMLException("SAML assertion request failed.");
    }
}
