package com.evolveum.midpoint.web.page.login;

import com.evolveum.midpoint.model.api.authentication.MidpointAuthentication;
import com.evolveum.midpoint.model.api.authentication.ModuleAuthentication;
import com.evolveum.midpoint.repo.api.RepositoryService;
import com.evolveum.midpoint.web.application.PageDescriptor;
import com.evolveum.midpoint.web.application.Url;
import com.evolveum.midpoint.web.component.form.MidpointForm;
import com.evolveum.midpoint.web.component.util.VisibleBehaviour;
import com.evolveum.midpoint.web.security.module.SamlModuleWebSecurityConfig;
import com.evolveum.midpoint.web.security.module.authentication.Saml2ModuleAuthentication;
import com.evolveum.midpoint.web.security.util.IdentityProvider;
import com.evolveum.midpoint.web.security.util.SecurityUtils;
import java.io.Serializable;
import java.lang.invoke.SerializedLambda;
import java.util.ArrayList;
import java.util.List;
import org.apache.wicket.AttributeModifier;
import org.apache.wicket.markup.html.link.ExternalLink;
import org.apache.wicket.markup.html.list.ListItem;
import org.apache.wicket.markup.html.list.ListView;
import org.apache.wicket.model.IModel;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.saml.SamlAuthentication;

@PageDescriptor(urls = {@Url(mountUrl = SamlModuleWebSecurityConfig.SAML_LOGIN_PATH, matchUrlForSecurity = SamlModuleWebSecurityConfig.SAML_LOGIN_PATH)}, permitAll = true, loginPage = true)
/* loaded from: input_file:WEB-INF/classes/com/evolveum/midpoint/web/page/login/PageSamlSelect.class */
public class PageSamlSelect extends AbstractPageLogin implements Serializable {
    private static final long serialVersionUID = 1;
    private static final String ID_PROVIDERS = "providers";
    private static final String ID_PROVIDER = "provider";
    private static final String ID_LOGOUT_FORM = "logoutForm";
    private static final String ID_CSRF_FIELD = "csrfField";

    @Override // com.evolveum.midpoint.web.page.login.AbstractPageLogin
    protected void initCustomLayer() {
        add(new ListView<IdentityProvider>(ID_PROVIDERS, getProviders()) { // from class: com.evolveum.midpoint.web.page.login.PageSamlSelect.1
            @Override // org.apache.wicket.markup.html.list.ListView
            protected void populateItem(ListItem<IdentityProvider> listItem) {
                listItem.add(new ExternalLink("provider", listItem.getModelObject().getRedirectLink(), listItem.getModelObject().getLinkText()));
            }
        });
        MidpointForm midpointForm = new MidpointForm(ID_LOGOUT_FORM);
        ModuleAuthentication processingModule = SecurityUtils.getProcessingModule(false);
        midpointForm.add(new VisibleBehaviour(() -> {
            return Boolean.valueOf(existSamlAuthentication(processingModule));
        }));
        midpointForm.add(AttributeModifier.replace("action", (IModel<?>) () -> {
            return existSamlAuthentication(processingModule) ? SecurityUtils.getPathForLogoutWithContextPath(getRequest().getContextPath(), processingModule) : "";
        }));
        add(midpointForm);
        midpointForm.add(SecurityUtils.createHiddenInputForCsrf(ID_CSRF_FIELD));
    }

    private boolean existSamlAuthentication(ModuleAuthentication moduleAuthentication) {
        return (moduleAuthentication instanceof Saml2ModuleAuthentication) && ((moduleAuthentication.getAuthentication() instanceof SamlAuthentication) || ((moduleAuthentication.getAuthentication() instanceof AnonymousAuthenticationToken) && (moduleAuthentication.getAuthentication().getDetails() instanceof SamlAuthentication)));
    }

    private List<IdentityProvider> getProviders() {
        ArrayList arrayList = new ArrayList();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof MidpointAuthentication)) {
            error(getString("web.security.flexAuth.unsupported.auth.type"));
            return arrayList;
        }
        ModuleAuthentication processingModuleAuthentication = ((MidpointAuthentication) authentication).getProcessingModuleAuthentication();
        if (!(processingModuleAuthentication instanceof Saml2ModuleAuthentication)) {
            error(getString("PageSamlSelect.unsupported.authentication.type"));
            return arrayList;
        }
        List<IdentityProvider> providers = ((Saml2ModuleAuthentication) processingModuleAuthentication).getProviders();
        if (providers.isEmpty()) {
            error(getString("PageSamlSelect.empty.providers"));
        }
        return providers;
    }

    @Override // com.evolveum.midpoint.web.page.login.AbstractPageLogin
    protected void confirmUserPrincipal() {
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1131573415:
                if (implMethodName.equals("lambda$initCustomLayer$f176de4d$1")) {
                    z = true;
                    break;
                }
                break;
            case -527719687:
                if (implMethodName.equals("lambda$initCustomLayer$fdbd1271$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("com/evolveum/midpoint/web/component/util/SerializableSupplier") && serializedLambda.getFunctionalInterfaceMethodName().equals("get") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/web/page/login/PageSamlSelect") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/model/api/authentication/ModuleAuthentication;)Ljava/lang/Boolean;")) {
                    PageSamlSelect pageSamlSelect = (PageSamlSelect) serializedLambda.getCapturedArg(0);
                    ModuleAuthentication moduleAuthentication = (ModuleAuthentication) serializedLambda.getCapturedArg(1);
                    return () -> {
                        return Boolean.valueOf(existSamlAuthentication(moduleAuthentication));
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/wicket/model/IModel") && serializedLambda.getFunctionalInterfaceMethodName().equals(RepositoryService.OP_GET_OBJECT) && serializedLambda.getFunctionalInterfaceMethodSignature().equals("()Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/evolveum/midpoint/web/page/login/PageSamlSelect") && serializedLambda.getImplMethodSignature().equals("(Lcom/evolveum/midpoint/model/api/authentication/ModuleAuthentication;)Ljava/lang/String;")) {
                    PageSamlSelect pageSamlSelect2 = (PageSamlSelect) serializedLambda.getCapturedArg(0);
                    ModuleAuthentication moduleAuthentication2 = (ModuleAuthentication) serializedLambda.getCapturedArg(1);
                    return () -> {
                        return existSamlAuthentication(moduleAuthentication2) ? SecurityUtils.getPathForLogoutWithContextPath(getRequest().getContextPath(), moduleAuthentication2) : "";
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
