package org.apache.cxf.rs.security.saml.sso;

import java.io.ByteArrayInputStream;
import java.io.InputStreamReader;
import java.util.zip.DataFormatException;
import javax.ws.rs.Encoded;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.apache.cxf.common.util.Base64Exception;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.rs.security.saml.DeflateEncoderDecoder;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.saml.ext.OpenSAMLUtil;

@Path("sso")
/* loaded from: input_file:org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.class */
public class RequestAssertionConsumerService {
    private static final String SAML_RESPONSE = "SAMLResponse";
    private static final String RELAY_STATE = "RelayState";
    private boolean useDeflateEncoding = true;

    @POST
    @Produces({"application/x-www-form-urlencoded"})
    public Response processSamlResponse(@FormParam("RelayState") @Encoded String str, @FormParam("SAMLResponse") @Encoded String str2) {
        org.opensaml.saml2.core.Response readSAMLResponse = readSAMLResponse(str2);
        validateSamlResponse(readSAMLResponse);
        return Response.seeOther(UriBuilder.fromPath(readSAMLResponse.getInResponseTo()).build(new Object[0])).build();
    }

    @GET
    public Response getSamlResponse(@Encoded @QueryParam("RelayState") String str, @Encoded @QueryParam("SAMLResponse") String str2) {
        return processSamlResponse(str, str2);
    }

    private org.opensaml.saml2.core.Response readSAMLResponse(String str) {
        if (StringUtils.isEmpty(str)) {
            throw new WebApplicationException(400);
        }
        try {
            byte[] decode = Base64Utility.decode(str);
            try {
                try {
                    org.opensaml.saml2.core.Response fromDom = OpenSAMLUtil.fromDom(DOMUtils.readXml(new InputStreamReader(useDeflateEncoding() ? new DeflateEncoderDecoder().inflateToken(decode) : new ByteArrayInputStream(decode), "UTF-8")).getDocumentElement());
                    if (fromDom instanceof org.opensaml.saml2.core.Response) {
                        return fromDom;
                    }
                    throw new WebApplicationException(400);
                } catch (WSSecurityException e) {
                    throw new WebApplicationException(400);
                }
            } catch (Exception e2) {
                throw new WebApplicationException(400);
            }
        } catch (Base64Exception e3) {
            throw new WebApplicationException(400);
        } catch (DataFormatException e4) {
            throw new WebApplicationException(400);
        }
    }

    protected void validateSamlResponse(org.opensaml.saml2.core.Response response) {
    }

    public void setUseDeflateEncoding(boolean z) {
        this.useDeflateEncoding = z;
    }

    public boolean useDeflateEncoding() {
        return this.useDeflateEncoding;
    }
}
