package org.springframework.security.saml.provider.provisioning;

import java.util.Collections;
import java.util.LinkedList;
import org.springframework.security.saml.SamlMetadataCache;
import org.springframework.security.saml.SamlTransformer;
import org.springframework.security.saml.SamlValidator;
import org.springframework.security.saml.key.KeyType;
import org.springframework.security.saml.key.SimpleKey;
import org.springframework.security.saml.provider.config.SamlConfigurationRepository;
import org.springframework.security.saml.provider.identity.AssertionEnhancer;
import org.springframework.security.saml.provider.identity.HostedIdentityProviderService;
import org.springframework.security.saml.provider.identity.IdentityProviderService;
import org.springframework.security.saml.provider.identity.ResponseEnhancer;
import org.springframework.security.saml.provider.identity.config.LocalIdentityProviderConfiguration;
import org.springframework.security.saml.saml2.metadata.IdentityProviderMetadata;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-saml2-core-2.0.0.M30.jar:org/springframework/security/saml/provider/provisioning/HostBasedSamlIdentityProviderProvisioning.class */
public class HostBasedSamlIdentityProviderProvisioning extends AbstractHostbasedSamlProviderProvisioning implements SamlProviderProvisioning<IdentityProviderService> {
    private AssertionEnhancer assertionEnhancer;
    private ResponseEnhancer responseEnhancer;

    public HostBasedSamlIdentityProviderProvisioning(SamlConfigurationRepository samlConfigurationRepository, SamlTransformer samlTransformer, SamlValidator samlValidator, SamlMetadataCache samlMetadataCache, AssertionEnhancer assertionEnhancer, ResponseEnhancer responseEnhancer) {
        super(samlConfigurationRepository, samlTransformer, samlValidator, samlMetadataCache);
        this.assertionEnhancer = assertionEnhancer;
        this.responseEnhancer = responseEnhancer;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.springframework.security.saml.provider.provisioning.SamlProviderProvisioning
    public IdentityProviderService getHostedProvider() {
        return getHostedIdentityProvider(getConfigurationRepository().getServerConfiguration().getIdentityProvider());
    }

    @Override // org.springframework.security.saml.provider.provisioning.AbstractHostbasedSamlProviderProvisioning
    protected IdentityProviderService getHostedIdentityProvider(LocalIdentityProviderConfiguration localIdentityProviderConfiguration) {
        String basePath = localIdentityProviderConfiguration.getBasePath();
        LinkedList linkedList = new LinkedList();
        SimpleKey active = localIdentityProviderConfiguration.getKeys().getActive();
        linkedList.add(active);
        linkedList.add(active.clone(active.getName() + "-encryption", KeyType.ENCRYPTION));
        linkedList.addAll(localIdentityProviderConfiguration.getKeys().getStandBy());
        IdentityProviderMetadata identityProviderMetadata = identityProviderMetadata(basePath, localIdentityProviderConfiguration.isSignMetadata() ? active : null, linkedList, StringUtils.hasText(localIdentityProviderConfiguration.getPrefix()) ? localIdentityProviderConfiguration.getPrefix() : "saml/idp/", getAliasPath(localIdentityProviderConfiguration), localIdentityProviderConfiguration.getDefaultSigningAlgorithm(), localIdentityProviderConfiguration.getDefaultDigest());
        if (!localIdentityProviderConfiguration.getNameIds().isEmpty()) {
            identityProviderMetadata.getIdentityProvider().setNameIds(localIdentityProviderConfiguration.getNameIds());
        }
        if (!localIdentityProviderConfiguration.isSingleLogoutEnabled()) {
            identityProviderMetadata.getIdentityProvider().setSingleLogoutService(Collections.emptyList());
        }
        if (StringUtils.hasText(localIdentityProviderConfiguration.getEntityId())) {
            identityProviderMetadata.setEntityId(localIdentityProviderConfiguration.getEntityId());
        }
        if (StringUtils.hasText(localIdentityProviderConfiguration.getAlias())) {
            identityProviderMetadata.setEntityAlias(localIdentityProviderConfiguration.getAlias());
        }
        identityProviderMetadata.getIdentityProvider().setWantAuthnRequestsSigned(localIdentityProviderConfiguration.isWantRequestsSigned());
        return new HostedIdentityProviderService(localIdentityProviderConfiguration, identityProviderMetadata, getTransformer(), getValidator(), getCache(), this.assertionEnhancer, this.responseEnhancer);
    }
}
