package org.springframework.security.saml2.provider.service.web;

import java.util.HashMap;
import java.util.function.Function;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.oauth2.client.web.server.DefaultServerOAuth2AuthorizationRequestResolver;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:WEB-INF/lib/spring-security-saml2-service-provider-5.6.0.jar:org/springframework/security/saml2/provider/service/web/DefaultRelyingPartyRegistrationResolver.class */
public final class DefaultRelyingPartyRegistrationResolver implements Converter<HttpServletRequest, RelyingPartyRegistration>, RelyingPartyRegistrationResolver {
    private static final char PATH_DELIMITER = '/';
    private final RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
    private Log logger = LogFactory.getLog(getClass());
    private final RequestMatcher registrationRequestMatcher = new AntPathRequestMatcher("/**/{registrationId}");

    public DefaultRelyingPartyRegistrationResolver(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
        Assert.notNull(relyingPartyRegistrationRepository, "relyingPartyRegistrationRepository cannot be null");
        this.relyingPartyRegistrationRepository = relyingPartyRegistrationRepository;
    }

    @Override // org.springframework.core.convert.converter.Converter
    public RelyingPartyRegistration convert(HttpServletRequest httpServletRequest) {
        return resolve(httpServletRequest, null);
    }

    @Override // org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver
    public RelyingPartyRegistration resolve(HttpServletRequest httpServletRequest, String str) {
        if (str == null) {
            if (this.logger.isTraceEnabled()) {
                this.logger.trace("Attempting to resolve from " + this.registrationRequestMatcher + " since registrationId is null");
            }
            str = this.registrationRequestMatcher.matcher(httpServletRequest).getVariables().get(DefaultServerOAuth2AuthorizationRequestResolver.DEFAULT_REGISTRATION_ID_URI_VARIABLE_NAME);
        }
        if (str == null) {
            if (!this.logger.isTraceEnabled()) {
                return null;
            }
            this.logger.trace("Returning null registration since registrationId is null");
            return null;
        }
        RelyingPartyRegistration findByRegistrationId = this.relyingPartyRegistrationRepository.findByRegistrationId(str);
        if (findByRegistrationId == null) {
            return null;
        }
        Function<String, String> templateResolver = templateResolver(getApplicationUri(httpServletRequest), findByRegistrationId);
        String apply = templateResolver.apply(findByRegistrationId.getEntityId());
        String apply2 = templateResolver.apply(findByRegistrationId.getAssertionConsumerServiceLocation());
        return RelyingPartyRegistration.withRelyingPartyRegistration(findByRegistrationId).entityId(apply).assertionConsumerServiceLocation(apply2).singleLogoutServiceLocation(templateResolver.apply(findByRegistrationId.getSingleLogoutServiceLocation())).singleLogoutServiceResponseLocation(templateResolver.apply(findByRegistrationId.getSingleLogoutServiceResponseLocation())).build();
    }

    private Function<String, String> templateResolver(String str, RelyingPartyRegistration relyingPartyRegistration) {
        return str2 -> {
            return resolveUrlTemplate(str2, str, relyingPartyRegistration);
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String resolveUrlTemplate(String str, String str2, RelyingPartyRegistration relyingPartyRegistration) {
        if (str == null) {
            return null;
        }
        String entityId = relyingPartyRegistration.getAssertingPartyDetails().getEntityId();
        String registrationId = relyingPartyRegistration.getRegistrationId();
        HashMap hashMap = new HashMap();
        UriComponents build = UriComponentsBuilder.fromHttpUrl(str2).replaceQuery((String) null).fragment((String) null).build();
        String scheme = build.getScheme();
        hashMap.put("baseScheme", scheme != null ? scheme : "");
        String host = build.getHost();
        hashMap.put("baseHost", host != null ? host : "");
        int port = build.getPort();
        hashMap.put("basePort", port == -1 ? "" : ":" + port);
        String path = build.getPath();
        if (StringUtils.hasLength(path) && path.charAt(0) != '/') {
            path = '/' + path;
        }
        hashMap.put("basePath", path != null ? path : "");
        hashMap.put("baseUrl", build.toUriString());
        hashMap.put("entityId", StringUtils.hasText(entityId) ? entityId : "");
        hashMap.put(DefaultServerOAuth2AuthorizationRequestResolver.DEFAULT_REGISTRATION_ID_URI_VARIABLE_NAME, StringUtils.hasText(registrationId) ? registrationId : "");
        return UriComponentsBuilder.fromUriString(str).buildAndExpand(hashMap).toUriString();
    }

    private static String getApplicationUri(HttpServletRequest httpServletRequest) {
        return UriComponentsBuilder.fromHttpUrl(UrlUtils.buildFullRequestUrl(httpServletRequest)).replacePath(httpServletRequest.getContextPath()).replaceQuery((String) null).fragment((String) null).build().toUriString();
    }
}
