package org.springframework.security.config.annotation.web.configurers.saml2;

import de.ingrid.ibus.comm.processor.UdkMetaclassPreProcessor;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import java.util.function.Predicate;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.opensaml.core.Version;
import org.springframework.context.ApplicationContext;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.config.annotation.web.configurers.LogoutConfigurer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal;
import org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutRequestValidator;
import org.springframework.security.saml2.provider.service.authentication.logout.OpenSamlLogoutResponseValidator;
import org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutRequestValidator;
import org.springframework.security.saml2.provider.service.authentication.logout.Saml2LogoutResponseValidator;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
import org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver;
import org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.HttpSessionLogoutRequestRepository;
import org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml3LogoutRequestResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml3LogoutResponseResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutRequestResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.OpenSaml4LogoutResponseResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter;
import org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestRepository;
import org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseFilter;
import org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver;
import org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2RelyingPartyInitiatedLogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;
import org.springframework.security.web.csrf.CsrfFilter;
import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
import org.springframework.security.web.util.matcher.AndRequestMatcher;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;

/* loaded from: input_file:ingrid-ibus-7.1.0/lib/spring-security-config-5.7.11.jar:org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.class */
public final class Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>> extends AbstractHttpConfigurer<Saml2LogoutConfigurer<H>, H> {
    private ApplicationContext context;
    private RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
    private String logoutUrl = "/logout";
    private List<LogoutHandler> logoutHandlers = new ArrayList();
    private LogoutSuccessHandler logoutSuccessHandler;
    private Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutRequestConfigurer;
    private Saml2LogoutConfigurer<H>.LogoutResponseConfigurer logoutResponseConfigurer;

    /* loaded from: input_file:ingrid-ibus-7.1.0/lib/spring-security-config-5.7.11.jar:org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer$LogoutRequestConfigurer.class */
    public final class LogoutRequestConfigurer {
        private Saml2LogoutRequestValidator logoutRequestValidator;
        private Saml2LogoutRequestResolver logoutRequestResolver;
        private String logoutUrl = "/logout/saml2/slo";
        private Saml2LogoutRequestRepository logoutRequestRepository = new HttpSessionLogoutRequestRepository();

        LogoutRequestConfigurer() {
        }

        public Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutUrl(String str) {
            this.logoutUrl = str;
            return this;
        }

        public Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutRequestValidator(Saml2LogoutRequestValidator saml2LogoutRequestValidator) {
            this.logoutRequestValidator = saml2LogoutRequestValidator;
            return this;
        }

        public Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutRequestResolver(Saml2LogoutRequestResolver saml2LogoutRequestResolver) {
            this.logoutRequestResolver = saml2LogoutRequestResolver;
            return this;
        }

        public Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutRequestRepository(Saml2LogoutRequestRepository saml2LogoutRequestRepository) {
            this.logoutRequestRepository = saml2LogoutRequestRepository;
            return this;
        }

        public Saml2LogoutConfigurer<H> and() {
            return Saml2LogoutConfigurer.this;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public Saml2LogoutRequestValidator logoutRequestValidator() {
            return this.logoutRequestValidator == null ? new OpenSamlLogoutRequestValidator() : this.logoutRequestValidator;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public Saml2LogoutRequestResolver logoutRequestResolver(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
            return this.logoutRequestResolver != null ? this.logoutRequestResolver : Saml2LogoutConfigurer.this.version().startsWith(UdkMetaclassPreProcessor.UDK_METACLASS_PROJECT) ? new OpenSaml4LogoutRequestResolver(relyingPartyRegistrationResolver) : new OpenSaml3LogoutRequestResolver(relyingPartyRegistrationResolver);
        }
    }

    /* loaded from: input_file:ingrid-ibus-7.1.0/lib/spring-security-config-5.7.11.jar:org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer$LogoutResponseConfigurer.class */
    public final class LogoutResponseConfigurer {
        private String logoutUrl = "/logout/saml2/slo";
        private Saml2LogoutResponseValidator logoutResponseValidator;
        private Saml2LogoutResponseResolver logoutResponseResolver;

        LogoutResponseConfigurer() {
        }

        public Saml2LogoutConfigurer<H>.LogoutResponseConfigurer logoutUrl(String str) {
            this.logoutUrl = str;
            return this;
        }

        public Saml2LogoutConfigurer<H>.LogoutResponseConfigurer logoutResponseValidator(Saml2LogoutResponseValidator saml2LogoutResponseValidator) {
            this.logoutResponseValidator = saml2LogoutResponseValidator;
            return this;
        }

        public Saml2LogoutConfigurer<H>.LogoutResponseConfigurer logoutResponseResolver(Saml2LogoutResponseResolver saml2LogoutResponseResolver) {
            this.logoutResponseResolver = saml2LogoutResponseResolver;
            return this;
        }

        public Saml2LogoutConfigurer<H> and() {
            return Saml2LogoutConfigurer.this;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public Saml2LogoutResponseValidator logoutResponseValidator() {
            return this.logoutResponseValidator == null ? new OpenSamlLogoutResponseValidator() : this.logoutResponseValidator;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public Saml2LogoutResponseResolver logoutResponseResolver(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
            return this.logoutResponseResolver == null ? Saml2LogoutConfigurer.this.version().startsWith(UdkMetaclassPreProcessor.UDK_METACLASS_PROJECT) ? new OpenSaml4LogoutResponseResolver(relyingPartyRegistrationResolver) : new OpenSaml3LogoutResponseResolver(relyingPartyRegistrationResolver) : this.logoutResponseResolver;
        }
    }

    /* loaded from: input_file:ingrid-ibus-7.1.0/lib/spring-security-config-5.7.11.jar:org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer$NoopLogoutHandler.class */
    private static class NoopLogoutHandler implements LogoutHandler {
        private NoopLogoutHandler() {
        }

        @Override // org.springframework.security.web.authentication.logout.LogoutHandler
        public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ingrid-ibus-7.1.0/lib/spring-security-config-5.7.11.jar:org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer$ParameterRequestMatcher.class */
    public static class ParameterRequestMatcher implements RequestMatcher {
        Predicate<String> test = (v0) -> {
            return Objects.nonNull(v0);
        };
        String name;

        ParameterRequestMatcher(String str) {
            this.name = str;
        }

        @Override // org.springframework.security.web.util.matcher.RequestMatcher
        public boolean matches(HttpServletRequest httpServletRequest) {
            return this.test.test(httpServletRequest.getParameter(this.name));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ingrid-ibus-7.1.0/lib/spring-security-config-5.7.11.jar:org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer$Saml2RequestMatcher.class */
    public static class Saml2RequestMatcher implements RequestMatcher {
        private Saml2RequestMatcher() {
        }

        @Override // org.springframework.security.web.util.matcher.RequestMatcher
        public boolean matches(HttpServletRequest httpServletRequest) {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication == null) {
                return false;
            }
            return authentication.getPrincipal() instanceof Saml2AuthenticatedPrincipal;
        }
    }

    public Saml2LogoutConfigurer(ApplicationContext applicationContext) {
        this.context = applicationContext;
        this.logoutHandlers.add(new SecurityContextLogoutHandler());
        this.logoutHandlers.add(new LogoutSuccessEventPublishingLogoutHandler());
        SimpleUrlLogoutSuccessHandler simpleUrlLogoutSuccessHandler = new SimpleUrlLogoutSuccessHandler();
        simpleUrlLogoutSuccessHandler.setDefaultTargetUrl(RedirectServerLogoutSuccessHandler.DEFAULT_LOGOUT_SUCCESS_URL);
        this.logoutSuccessHandler = simpleUrlLogoutSuccessHandler;
        this.logoutRequestConfigurer = new LogoutRequestConfigurer();
        this.logoutResponseConfigurer = new LogoutResponseConfigurer();
    }

    public Saml2LogoutConfigurer<H> logoutUrl(String str) {
        this.logoutUrl = str;
        return this;
    }

    public Saml2LogoutConfigurer<H> relyingPartyRegistrationRepository(RelyingPartyRegistrationRepository relyingPartyRegistrationRepository) {
        this.relyingPartyRegistrationRepository = relyingPartyRegistrationRepository;
        return this;
    }

    public Saml2LogoutConfigurer<H>.LogoutRequestConfigurer logoutRequest() {
        return this.logoutRequestConfigurer;
    }

    public Saml2LogoutConfigurer<H> logoutRequest(Customizer<Saml2LogoutConfigurer<H>.LogoutRequestConfigurer> customizer) {
        customizer.customize(this.logoutRequestConfigurer);
        return this;
    }

    public Saml2LogoutConfigurer<H>.LogoutResponseConfigurer logoutResponse() {
        return this.logoutResponseConfigurer;
    }

    public Saml2LogoutConfigurer<H> logoutResponse(Customizer<Saml2LogoutConfigurer<H>.LogoutResponseConfigurer> customizer) {
        customizer.customize(this.logoutResponseConfigurer);
        return this;
    }

    @Override // org.springframework.security.config.annotation.SecurityConfigurerAdapter, org.springframework.security.config.annotation.SecurityConfigurer
    public void configure(H h) throws Exception {
        LogoutConfigurer logoutConfigurer = (LogoutConfigurer) h.getConfigurer(LogoutConfigurer.class);
        if (logoutConfigurer != null) {
            this.logoutHandlers = logoutConfigurer.getLogoutHandlers();
            this.logoutSuccessHandler = logoutConfigurer.getLogoutSuccessHandler();
        }
        RelyingPartyRegistrationResolver relyingPartyRegistrationResolver = relyingPartyRegistrationResolver(h);
        h.addFilterBefore(createLogoutRequestProcessingFilter(relyingPartyRegistrationResolver), CsrfFilter.class);
        h.addFilterBefore(createLogoutResponseProcessingFilter(relyingPartyRegistrationResolver), CsrfFilter.class);
        h.addFilterBefore(createRelyingPartyLogoutFilter(relyingPartyRegistrationResolver), LogoutFilter.class);
    }

    private RelyingPartyRegistrationResolver relyingPartyRegistrationResolver(H h) {
        return new DefaultRelyingPartyRegistrationResolver(getRelyingPartyRegistrationRepository(h));
    }

    private RelyingPartyRegistrationRepository getRelyingPartyRegistrationRepository(H h) {
        if (this.relyingPartyRegistrationRepository != null) {
            return this.relyingPartyRegistrationRepository;
        }
        Saml2LoginConfigurer saml2LoginConfigurer = (Saml2LoginConfigurer) h.getConfigurer(Saml2LoginConfigurer.class);
        if (saml2LoginConfigurer != null) {
            this.relyingPartyRegistrationRepository = saml2LoginConfigurer.relyingPartyRegistrationRepository((Saml2LoginConfigurer) h);
        } else {
            this.relyingPartyRegistrationRepository = (RelyingPartyRegistrationRepository) getBeanOrNull(RelyingPartyRegistrationRepository.class);
        }
        return this.relyingPartyRegistrationRepository;
    }

    private Saml2LogoutRequestFilter createLogoutRequestProcessingFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
        LogoutHandler[] logoutHandlerArr = (LogoutHandler[]) this.logoutHandlers.toArray(new LogoutHandler[0]);
        Saml2LogoutRequestFilter saml2LogoutRequestFilter = new Saml2LogoutRequestFilter(relyingPartyRegistrationResolver, this.logoutRequestConfigurer.logoutRequestValidator(), createSaml2LogoutResponseResolver(relyingPartyRegistrationResolver), logoutHandlerArr);
        saml2LogoutRequestFilter.setLogoutRequestMatcher(createLogoutRequestMatcher());
        return (Saml2LogoutRequestFilter) postProcess(saml2LogoutRequestFilter);
    }

    private Saml2LogoutResponseFilter createLogoutResponseProcessingFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
        Saml2LogoutResponseFilter saml2LogoutResponseFilter = new Saml2LogoutResponseFilter(relyingPartyRegistrationResolver, this.logoutResponseConfigurer.logoutResponseValidator(), this.logoutSuccessHandler);
        saml2LogoutResponseFilter.setLogoutRequestMatcher(createLogoutResponseMatcher());
        saml2LogoutResponseFilter.setLogoutRequestRepository(((LogoutRequestConfigurer) this.logoutRequestConfigurer).logoutRequestRepository);
        return (Saml2LogoutResponseFilter) postProcess(saml2LogoutResponseFilter);
    }

    private LogoutFilter createRelyingPartyLogoutFilter(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
        LogoutFilter logoutFilter = new LogoutFilter((LogoutSuccessHandler) createSaml2LogoutRequestSuccessHandler(relyingPartyRegistrationResolver), (LogoutHandler[]) this.logoutHandlers.toArray(new LogoutHandler[0]));
        logoutFilter.setLogoutRequestMatcher(createLogoutMatcher());
        return (LogoutFilter) postProcess(logoutFilter);
    }

    private RequestMatcher createLogoutMatcher() {
        return new AndRequestMatcher(new AntPathRequestMatcher(this.logoutUrl, "POST"), new Saml2RequestMatcher());
    }

    private RequestMatcher createLogoutRequestMatcher() {
        return new AndRequestMatcher(new AntPathRequestMatcher(((LogoutRequestConfigurer) this.logoutRequestConfigurer).logoutUrl), new ParameterRequestMatcher("SAMLRequest"));
    }

    private RequestMatcher createLogoutResponseMatcher() {
        return new AndRequestMatcher(new AntPathRequestMatcher(((LogoutResponseConfigurer) this.logoutResponseConfigurer).logoutUrl), new ParameterRequestMatcher("SAMLResponse"));
    }

    private Saml2RelyingPartyInitiatedLogoutSuccessHandler createSaml2LogoutRequestSuccessHandler(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
        return new Saml2RelyingPartyInitiatedLogoutSuccessHandler(this.logoutRequestConfigurer.logoutRequestResolver(relyingPartyRegistrationResolver));
    }

    private Saml2LogoutResponseResolver createSaml2LogoutResponseResolver(RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
        return this.logoutResponseConfigurer.logoutResponseResolver(relyingPartyRegistrationResolver);
    }

    private <C> C getBeanOrNull(Class<C> cls) {
        if (this.context == null || this.context.getBeanNamesForType((Class<?>) cls).length == 0) {
            return null;
        }
        return (C) this.context.getBean(cls);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String version() {
        String version = Version.getVersion();
        return version != null ? version : Version.getVersion();
    }
}
