package com.evolveum.midpoint.authentication.impl.factory.module;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.impl.filter.saml.MidpointSaml2WebSsoAuthenticationRequestFilter;
import com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl;
import com.evolveum.midpoint.authentication.impl.module.authentication.RemoteModuleAuthenticationImpl;
import com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl;
import com.evolveum.midpoint.authentication.impl.module.configuration.SamlModuleWebSecurityConfiguration;
import com.evolveum.midpoint.authentication.impl.module.configurer.SamlModuleWebSecurityConfigurer;
import com.evolveum.midpoint.authentication.impl.provider.Saml2Provider;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractAuthenticationModuleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthenticationSequenceModuleType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.Saml2AuthenticationModuleType;
import jakarta.servlet.Filter;
import jakarta.servlet.ServletRequest;
import java.util.ArrayList;
import java.util.Iterator;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.10-M4.jar:com/evolveum/midpoint/authentication/impl/factory/module/Saml2ModuleFactory.class */
public class Saml2ModuleFactory extends RemoteModuleFactory<SamlModuleWebSecurityConfiguration, SamlModuleWebSecurityConfigurer, Saml2AuthenticationModuleType, ModuleAuthenticationImpl> {
    @Override // com.evolveum.midpoint.authentication.impl.factory.module.AbstractModuleFactory, com.evolveum.midpoint.authentication.api.ModuleFactory
    public boolean match(AbstractAuthenticationModuleType abstractAuthenticationModuleType, AuthenticationChannel authenticationChannel) {
        return abstractAuthenticationModuleType instanceof Saml2AuthenticationModuleType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.factory.module.AbstractModuleFactory
    public SamlModuleWebSecurityConfigurer createModuleConfigurer(Saml2AuthenticationModuleType saml2AuthenticationModuleType, String str, AuthenticationChannel authenticationChannel, ObjectPostProcessor objectPostProcessor, ServletRequest servletRequest) {
        return new SamlModuleWebSecurityConfigurer(saml2AuthenticationModuleType, str, authenticationChannel, objectPostProcessor, servletRequest, new Saml2Provider());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.factory.module.AbstractModuleFactory
    public void postProcessFilter(SecurityFilterChain securityFilterChain, SamlModuleWebSecurityConfigurer samlModuleWebSecurityConfigurer) {
        for (Filter filter : securityFilterChain.getFilters()) {
            if (filter instanceof MidpointSaml2WebSsoAuthenticationRequestFilter) {
                ((MidpointSaml2WebSsoAuthenticationRequestFilter) filter).getAuthenticationRequestResolver().setRequestMatcher(new AntPathRequestMatcher(samlModuleWebSecurityConfigurer.getPrefix() + "/authenticate/{registrationId}"));
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.authentication.impl.factory.module.AbstractModuleFactory
    public ModuleAuthenticationImpl createEmptyModuleAuthentication(Saml2AuthenticationModuleType saml2AuthenticationModuleType, SamlModuleWebSecurityConfiguration samlModuleWebSecurityConfiguration, AuthenticationSequenceModuleType authenticationSequenceModuleType, ServletRequest servletRequest) {
        Saml2ModuleAuthenticationImpl saml2ModuleAuthenticationImpl = new Saml2ModuleAuthenticationImpl(authenticationSequenceModuleType);
        ArrayList arrayList = new ArrayList();
        Iterator<RelyingPartyRegistration> it = samlModuleWebSecurityConfiguration.getRelyingPartyRegistrationRepository().iterator();
        while (it.hasNext()) {
            RelyingPartyRegistration next = it.next();
            arrayList.add(createIdentityProvider(RemoteModuleAuthenticationImpl.AUTHENTICATION_REQUEST_PROCESSING_URL_SUFFIX_WITH_REG_ID, next.getRegistrationId(), servletRequest, samlModuleWebSecurityConfiguration, samlModuleWebSecurityConfiguration.getAdditionalConfiguration().get(next.getRegistrationId()).getLinkText()));
        }
        saml2ModuleAuthenticationImpl.setProviders(arrayList);
        saml2ModuleAuthenticationImpl.setAdditionalConfiguration(samlModuleWebSecurityConfiguration.getAdditionalConfiguration());
        saml2ModuleAuthenticationImpl.setNameOfModule(samlModuleWebSecurityConfiguration.getModuleIdentifier());
        saml2ModuleAuthenticationImpl.setPrefix(samlModuleWebSecurityConfiguration.getPrefixOfModule());
        return saml2ModuleAuthenticationImpl;
    }
}
