package at.gv.egovernment.moa.id.protocols.pvp2x.validation;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor;
import at.gv.egiz.eaaf.modules.pvp2.exception.NameIDFormatNotSupportedException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes;
import at.gv.egovernment.moa.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.NameIDPolicy;
import org.opensaml.saml2.metadata.AttributeConsumingService;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.springframework.stereotype.Service;

@Service("MOAAuthnRequestValidator")
/* loaded from: input_file:at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.class */
public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
    /* JADX WARN: Type inference failed for: r0v19, types: [at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException, java.lang.Throwable] */
    public void process(HttpServletRequest httpServletRequest, IRequest iRequest, AuthnRequest authnRequest, SPSSODescriptor sPSSODescriptor) throws AuthnRequestValidatorException {
        NameIDPolicy nameIDPolicy = authnRequest.getNameIDPolicy();
        if (nameIDPolicy != null) {
            String format = nameIDPolicy.getFormat();
            if (format == null) {
                Logger.trace("Find NameIDPolicy, but NameIDFormat is 'null'");
            } else if (!"urn:oasis:names:tc:SAML:2.0:nameid-format:transient".equals(format) && !"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent".equals(format) && !"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified".equals(format)) {
                throw new NameIDFormatNotSupportedException(format);
            }
        } else {
            Logger.trace("AuthnRequest includes no 'NameIDPolicy'");
        }
        AttributeConsumingService attributeConsumingService = null;
        Integer attributeConsumingServiceIndex = authnRequest.getAttributeConsumingServiceIndex();
        int i = 0;
        if (attributeConsumingServiceIndex != null) {
            i = attributeConsumingServiceIndex.intValue();
        }
        if (sPSSODescriptor.getAttributeConsumingServices() != null && sPSSODescriptor.getAttributeConsumingServices().size() > 0) {
            attributeConsumingService = (AttributeConsumingService) sPSSODescriptor.getAttributeConsumingServices().get(i);
        }
        String parameter = httpServletRequest.getParameter("useMandate");
        if (parameter == null || !parameter.equals("true") || attributeConsumingService == null || CheckMandateAttributes.canHandleMandate(attributeConsumingService)) {
            return;
        }
        ?? mandateAttributesNotHandleAbleException = new MandateAttributesNotHandleAbleException();
        throw new AuthnRequestValidatorException(mandateAttributesNotHandleAbleException.getErrorId(), mandateAttributesNotHandleAbleException.getParams(), iRequest, (Throwable) mandateAttributesNotHandleAbleException);
    }
}
