package at.gv.egovernment.moa.id.protocols.saml1;

import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DateTimeUtils;
import com.google.common.net.MediaType;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringWriter;
import java.util.Calendar;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

@Controller
/* loaded from: input_file:at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.class */
public class GetAuthenticationDataService extends AbstractController implements Constants {

    @Autowired
    private SAML1AuthenticationServer saml1AuthServer;
    private static final String PARAM_WSDL = "wsdl";
    private static final String PARAM_XSD = "xsd";
    private static final String TEMPLATE_PLAIN_INFO = "plain_info.vm";
    private static final String TEMPLATE_WSDL = "wsdl/MOA-ID-1.x.vm";
    private static final String TEMPLATE_XSD = "wsdl/MOA-SPSS-1.2.vm";
    private static final String TEMPLATE_SOAP_ERROR = "soap_error.vm";
    private static final String TEMPLATE_SOAP_SUCCESS = "soap_success.vm";
    private static final String SERVICE_ENDPOINT = "/services/GetAuthenticationData";
    private static final String CONTEXT_ENDPOINT = "endpoint";
    private static final String CONTEXT_ERROR = "error";
    private static final String CONTEXT_SOAP_RESPONSEID = "responseID";
    private static final String CONTEXT_SOAP_REQUESTEID = "requestID";
    private static final String CONTEXT_SOAP_ISSUEINSTANT = "issueInstant";
    private static final String CONTEXT_SOAP_ERRORMESSAGE = "errorMsg";
    private static final String CONTEXT_SOAP_STATUSCODE = "statusCode";
    private static final String CONTEXT_SOAP_ASSERTION = "assertion";

    @RequestMapping(value = {SERVICE_ENDPOINT, "/services"}, method = {RequestMethod.POST})
    public void getAuthenticationData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        InputStream inputStream = null;
        VelocityContext velocityContext = new VelocityContext();
        try {
            try {
                try {
                    inputStream = httpServletRequest.getInputStream();
                    String serializeNode = DOMUtils.serializeNode(processRequest(DOMUtils.parseXmlNonValidating(inputStream)), true);
                    httpServletResponse.setContentType(MediaType.XML_UTF_8.toString());
                    velocityContext.put(CONTEXT_SOAP_ASSERTION, serializeNode);
                    evaluateTemplate(velocityContext, httpServletResponse, TEMPLATE_SOAP_SUCCESS);
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (Exception e) {
                        }
                    }
                } catch (Throwable th) {
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (Exception e2) {
                            throw th;
                        }
                    }
                    throw th;
                }
            } catch (SAML1AssertionResponseBuildException e3) {
                Logger.error("SAML1 GetAuthenticationData response build failed..", e3);
                httpServletResponse.setContentType(MediaType.XML_UTF_8.toString());
                velocityContext.put(CONTEXT_SOAP_ISSUEINSTANT, e3.getIssueInstant());
                velocityContext.put(CONTEXT_SOAP_REQUESTEID, e3.getRequestID());
                velocityContext.put(CONTEXT_SOAP_RESPONSEID, e3.getResponseID());
                velocityContext.put(CONTEXT_SOAP_STATUSCODE, "samlp:Responder");
                velocityContext.put(CONTEXT_SOAP_ERRORMESSAGE, e3.getMessage());
                evaluateTemplate(velocityContext, httpServletResponse, TEMPLATE_SOAP_ERROR);
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Exception e4) {
                    }
                }
            }
        } catch (IOException | ParserConfigurationException | TransformerException | SAXException e5) {
            Logger.error("SAML1 GetAuthenticationData receive a non-valid request.", e5);
            httpServletResponse.setContentType(MediaType.XML_UTF_8.toString());
            velocityContext.put(CONTEXT_SOAP_ISSUEINSTANT, DateTimeUtils.buildDateTimeUTC(Calendar.getInstance()));
            velocityContext.put(CONTEXT_SOAP_RESPONSEID, Random.nextRandom());
            velocityContext.put(CONTEXT_SOAP_STATUSCODE, "samlp:Requester");
            velocityContext.put(CONTEXT_SOAP_ERRORMESSAGE, e5.getMessage());
            evaluateTemplate(velocityContext, httpServletResponse, TEMPLATE_SOAP_ERROR);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception e6) {
                }
            }
        }
    }

    @RequestMapping(value = {SERVICE_ENDPOINT}, method = {RequestMethod.GET})
    public void getAuthenticationDataWSDL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String parameter = httpServletRequest.getParameter(PARAM_WSDL);
        String parameter2 = httpServletRequest.getParameter(PARAM_XSD);
        String str = HTTPUtils.extractAuthURLFromRequest(httpServletRequest) + SERVICE_ENDPOINT;
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put(CONTEXT_ENDPOINT, str);
        if (parameter != null) {
            httpServletResponse.setContentType(MediaType.XML_UTF_8.toString());
            evaluateTemplate(velocityContext, httpServletResponse, TEMPLATE_WSDL);
        } else if (parameter2 != null) {
            httpServletResponse.setContentType(MediaType.XML_UTF_8.toString());
            evaluateTemplate(velocityContext, httpServletResponse, TEMPLATE_XSD);
        } else {
            httpServletResponse.setContentType(MediaType.XML_UTF_8.toString());
            evaluateTemplate(velocityContext, httpServletResponse, TEMPLATE_PLAIN_INFO);
        }
    }

    private Element processRequest(Element element) throws ParserConfigurationException, IOException, SAXException, TransformerException, SAML1AssertionResponseBuildException {
        String str;
        String str2 = "";
        String str3 = null;
        String str4 = null;
        String str5 = null;
        String str6 = "";
        NodeList elementsByTagNameNS = element.getElementsByTagNameNS(element.getNamespaceURI(), "Body");
        if (elementsByTagNameNS.getLength() != 1) {
            elementsByTagNameNS = element.getElementsByTagNameNS(element.getNamespaceURI(), "body");
            if (elementsByTagNameNS.getLength() != 1) {
                throw new SAXException("No unique 'soap-env:Body' element.");
            }
        }
        Element element2 = null;
        Node firstChild = elementsByTagNameNS.item(0).getFirstChild();
        while (true) {
            Node node = firstChild;
            if (node == null) {
                break;
            }
            if (node instanceof Element) {
                element2 = (Element) node;
                break;
            }
            firstChild = node.getNextSibling();
        }
        if (element2 == null) {
            throw new SAXException("Every child of 'soap-env:Body' element has a wrong type.");
        }
        DOMUtils.validateElement(element2, "http://reference.e-government.gv.at/namespace/moa/20020822# /resources/schemas/MOA-SPSS-2.0.0.xsd http://reference.e-government.gv.at/namespace/moaconfig/20021122# /resources/schemas/MOA-SPSS-config-2.0.0.xsd http://www.buergerkarte.at/namespaces/moaconfig# /resources/schemas/MOA-ID-Configuration-1.5.2.xsd http://www.buergerkarte.at/namespaces/securitylayer/20020225# /resources/schemas/Core.20020225.xsd http://www.buergerkarte.at/namespaces/securitylayer/20020831# /resources/schemas/Core.20020831.xsd http://www.buergerkarte.at/namespaces/securitylayer/1.2# /resources/schemas/Core-1.2.xsd http://www.w3.org/2001/04/xmldsig-more# /resources/schemas/ECDSAKeyValue.xsd http://reference.e-government.gv.at/namespace/persondata/20020228# /resources/schemas/PersonData_20_en_moaWID.xsd urn:oasis:names:tc:SAML:1.0:assertion /resources/schemas/cs-sstc-schema-assertion-01.xsd urn:oasis:names:tc:SAML:1.0:protocol /resources/schemas/cs-sstc-schema-protocol-01.xsd http://www.w3.org/XML/1998/namespace /resources/schemas/xml.xsd http://www.w3.org/2001/XMLSchema-instance /resources/schemas/XMLSchema-instance.xsd http://www.w3.org/2000/09/xmldsig# /resources/schemas/xmldsig-core-schema.xsd http://www.w3.org/2002/06/xmldsig-filter2 /resources/schemas/xmldsig-filter2.xsd http://www.w3.org/2001/10/xml-exc-c14n# /resources/schemas/exclusive-canonicalization.xsd http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814 /resources/schemas/MOAIdentities.xsd http://uri.etsi.org/01903/v1.1.1# /resources/schemas/XAdES-1.1.1.xsd http://uri.etsi.org/01903/v1.2.2# /resources/schemas/XAdES-1.2.2.xsd http://uri.etsi.org/01903/v1.3.2# /resources/schemas/XAdES01903v132-201601.xsd http://uri.etsi.org/01903/v1.4.1# /resources/schemas/XAdES01903v141-201601.xsd http://uri.etsi.org/02231/v2# /resources/schemas/ts_119612v010201_xsd.xsd http://uri.etsi.org/TrstSvc/SvcInfoExt/eSigDir-1999-93-EC-TrustedList/# /resources/schemas/ts_119612v010201_sie_xsd.xsd http://uri.etsi.org/02231/v2/additionaltypes# /resources/schemas/ts_ts_119612v010201_additionaltypes_xsd.xsd urn:oasis:names:tc:SAML:2.0:assertion /resources/schemas/saml-schema-assertion-2.0.xsd urn:oasis:names:tc:SAML:2.0:protocol /resources/schemas/saml-schema-protocol-2.0.xsd urn:eu:stork:names:tc:STORK:1.0:assertion /resources/schemas/stork-schema-assertion-1.0.xsd urn:eu:stork:names:tc:STORK:1.0:protocol /resources/schemas/stork-schema-protocol-1.0.xsd urn:oasis:names:tc:SAML:2.0:metadata /resources/schemas/saml-schema-metadata-2.0.xsd http://www.w3.org/2001/04/xmlenc# /resources/schemas/xenc-schema.xsd http://eidas.europa.eu/saml-extensions /resources/schemas/eIDAS_saml_extensions.xsd urn:oasis:names:tc:SAML:metadata:attribute /resources/schemas/sstc-metadata-attr.xsd", (String) null);
        try {
            NodeList selectNodeList = XPathUtils.selectNodeList(element2, "samlp:AssertionArtifact");
            if (selectNodeList.getLength() == 0) {
                str = "samlp:Requester";
                str4 = "1202";
            } else if (selectNodeList.getLength() > 1) {
                str = "samlp:Requester";
                str3 = "samlp:TooManyResponses";
                str4 = "1203";
            } else {
                Element element3 = (Element) selectNodeList.item(0);
                str2 = element2.getAttribute("RequestID");
                String text = DOMUtils.getText(element3);
                try {
                    try {
                        str6 = this.saml1AuthServer.getSaml1AuthenticationData(text);
                        str = "samlp:Success";
                        str4 = "1200";
                    } catch (AuthenticationException e) {
                        str = "samlp:Requester";
                        str3 = "samlp:ResourceNotRecognized";
                        str5 = e.toString();
                    }
                } catch (ClassCastException e2) {
                    try {
                        MOAIDException errorResponse = this.saml1AuthServer.getErrorResponse(text);
                        str = "samlp:Responder";
                        if (errorResponse instanceof MOAIDException) {
                            str4 = errorResponse.getMessageId();
                            str5 = StringEscapeUtils.escapeXml(errorResponse.getMessage());
                        } else {
                            str5 = StringEscapeUtils.escapeXml(errorResponse.getMessage());
                        }
                        str3 = this.statusMessager.getResponseErrorCode(errorResponse);
                    } catch (Exception e3) {
                        str = "samlp:Requester";
                        str3 = "samlp:ResourceNotRecognized";
                        str5 = e2.toString();
                    }
                }
            }
        } catch (Throwable th) {
            str = "samlp:Requester";
            str4 = "1204";
        }
        String nextRandom = Random.nextRandom();
        String buildDateTimeUTC = DateTimeUtils.buildDateTimeUTC(Calendar.getInstance());
        if (str5 == null) {
            try {
                str5 = MOAIDMessageProvider.getInstance().getMessage(str4, (Object[]) null);
            } catch (Throwable th2) {
                throw new SAML1AssertionResponseBuildException(nextRandom, buildDateTimeUTC, str2, "1299", th2.getMessage(), th2);
            }
        }
        return new SAMLResponseBuilder().build(nextRandom, str2, buildDateTimeUTC, str, str3, str5, str6);
    }

    private void evaluateTemplate(VelocityContext velocityContext, HttpServletResponse httpServletResponse, String str) throws IOException {
        InputStream inputStream = null;
        try {
            try {
                inputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
                VelocityEngine classPathVelocityEngine = VelocityProvider.getClassPathVelocityEngine();
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                StringWriter stringWriter = new StringWriter();
                classPathVelocityEngine.evaluate(velocityContext, stringWriter, "SAML1 GetAuthenticationData", bufferedReader);
                byte[] bytes = stringWriter.toString().getBytes("UTF-8");
                httpServletResponse.setContentLength(bytes.length);
                httpServletResponse.getOutputStream().write(bytes);
                if (inputStream != null) {
                    inputStream.close();
                }
            } catch (Exception e) {
                Logger.error("SAML1 GetAuthenticationData has an error:", e);
                throw new IOException(e);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                inputStream.close();
            }
            throw th;
        }
    }
}
