package org.springframework.security.saml.provider.service;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.saml.SamlRequestMatcher;
import org.springframework.security.saml.provider.SamlFilter;
import org.springframework.security.saml.provider.config.ExternalProviderConfiguration;
import org.springframework.security.saml.provider.provisioning.SamlProviderProvisioning;
import org.springframework.security.saml.provider.service.config.LocalServiceProviderConfiguration;
import org.springframework.security.saml.util.StringUtils;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.util.UriComponentsBuilder;
import org.springframework.web.util.UriUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-saml2-core-2.0.0.M30.jar:org/springframework/security/saml/provider/service/SelectIdentityProviderFilter.class */
public class SelectIdentityProviderFilter extends SamlFilter<ServiceProviderService> {
    private static Log logger = LogFactory.getLog(SelectIdentityProviderFilter.class);
    private final RequestMatcher requestMatcher;
    private String selectTemplate;

    public SelectIdentityProviderFilter(SamlProviderProvisioning<ServiceProviderService> samlProviderProvisioning) {
        this(samlProviderProvisioning, new SamlRequestMatcher(samlProviderProvisioning, "select"));
    }

    public SelectIdentityProviderFilter(SamlProviderProvisioning<ServiceProviderService> samlProviderProvisioning, RequestMatcher requestMatcher) {
        super(samlProviderProvisioning);
        this.selectTemplate = "/templates/spi/select-provider.vm";
        this.requestMatcher = requestMatcher;
    }

    public String getSelectTemplate() {
        return this.selectTemplate;
    }

    public SelectIdentityProviderFilter setSelectTemplate(String str) {
        this.selectTemplate = str;
        return this;
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (!this.requestMatcher.matches(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        ServiceProviderService serviceProviderService = (ServiceProviderService) getProvisioning().getHostedProvider();
        LocalServiceProviderConfiguration configuration = serviceProviderService.getConfiguration();
        LinkedList linkedList = new LinkedList();
        configuration.getProviders().stream().forEach(externalIdentityProviderConfiguration -> {
            try {
                linkedList.add(new ModelProvider().setLinkText(externalIdentityProviderConfiguration.getLinktext()).setRedirect(getDiscoveryRedirect(serviceProviderService, httpServletRequest, externalIdentityProviderConfiguration)));
            } catch (Exception e) {
                logger.debug(String.format("Unable to retrieve metadata for provider:%s with message:", externalIdentityProviderConfiguration.getMetadata(), e.getMessage()));
            }
        });
        Map<String, Object> hashMap = new HashMap<>();
        hashMap.put("title", "Select an Identity Provider");
        hashMap.put("providers", linkedList);
        processHtml(httpServletRequest, httpServletResponse, this.selectTemplate, hashMap);
    }

    protected String getDiscoveryRedirect(ServiceProviderService serviceProviderService, HttpServletRequest httpServletRequest, ExternalProviderConfiguration externalProviderConfiguration) throws UnsupportedEncodingException {
        UriComponentsBuilder fromUriString = UriComponentsBuilder.fromUriString(serviceProviderService.getConfiguration().getBasePath());
        fromUriString.pathSegment(StringUtils.stripSlashes(serviceProviderService.getConfiguration().getPrefix()) + "/discovery");
        fromUriString.pathSegment("saml/sp/discovery");
        fromUriString.queryParam("idp", UriUtils.encode(serviceProviderService.getRemoteProvider(externalProviderConfiguration).getEntityId(), StandardCharsets.UTF_8.toString()));
        return fromUriString.build().toUriString();
    }
}
