package edu.kit.scc.dei.ecplean;

import java.io.IOException;
import java.net.URI;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathException;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.classic.methods.HttpPost;
import org.apache.hc.client5.http.cookie.BasicCookieStore;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.ParseException;
import org.apache.hc.core5.http.io.entity.EntityUtils;
import org.apache.hc.core5.http.io.entity.StringEntity;
import org.apache.hc.core5.http.protocol.HttpContext;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:edu/kit/scc/dei/ecplean/ECPAuthenticator.class */
public class ECPAuthenticator extends ECPAuthenticatorBase {
    public ECPAuthenticator(CloseableHttpClient closeableHttpClient, String str, String str2, URI uri, URI uri2) {
        super(closeableHttpClient);
        this.authInfo = new ECPAuthenticationInfo(str, str2, uri, uri2);
    }

    public ECPAuthenticator(String str, String str2, URI uri, URI uri2) {
        this.authInfo = new ECPAuthenticationInfo(str, str2, uri, uri2);
    }

    public CloseableHttpResponse authenticate() throws ECPAuthenticationException {
        logger.info("Starting authentication");
        logger.info("Contacting SP " + this.authInfo.getSpUrl());
        this.authInfo.setAuthState(ECPAuthState.INITIAL_PAOS_SP);
        setChanged();
        notifyObservers(this.authInfo);
        logger.info("Sending initial SP Request");
        HttpGet httpGet = new HttpGet(this.authInfo.getSpUrl().toString());
        httpGet.setHeader("Accept", "text/html, application/vnd.paos+xml");
        httpGet.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\"");
        HttpClientContext create = HttpClientContext.create();
        create.setCookieStore(new BasicCookieStore());
        try {
            String entityUtils = EntityUtils.toString(this.client.execute((ClassicHttpRequest) httpGet, (HttpContext) create).getEntity());
            httpGet.reset();
            try {
                Document buildDocumentFromString = buildDocumentFromString(entityUtils);
                try {
                    String str = (String) queryDocument(buildDocumentFromString, "//ecp:RelayState", XPathConstants.STRING);
                    logger.info("Got relayState: " + str);
                    try {
                        String str2 = (String) queryDocument(buildDocumentFromString, "/S:Envelope/S:Header/paos:Request/@responseConsumerURL", XPathConstants.STRING);
                        logger.info("Got responseConsumerUrl: " + str2);
                        buildDocumentFromString.getDocumentElement().removeChild(buildDocumentFromString.getDocumentElement().getFirstChild());
                        try {
                            Document authenticateIdP = authenticateIdP(buildDocumentFromString);
                            String statusCode = getStatusCode(authenticateIdP);
                            if (statusCode == null) {
                                throw new ECPAuthenticationException("IdP returned no status code!!!x");
                            }
                            if (!statusCode.endsWith(":Success") && !statusCode.endsWith(":success")) {
                                throw new ECPAuthenticationException("IdP Returned StatusCode " + statusCode);
                            }
                            try {
                                String str3 = (String) queryDocument(authenticateIdP, "/S:Envelope/S:Header/ecp:Response/@AssertionConsumerServiceURL", XPathConstants.STRING);
                                logger.info("Got assertionConsumerUrl: " + str3);
                                if (!str3.equals(str2)) {
                                    throw new ECPAuthenticationException("Assertion- and ResponseConsumerURL don't match");
                                }
                                authenticateIdP.getDocumentElement().getFirstChild().getFirstChild().setTextContent(str);
                                logger.info("Sending Assertion to SP");
                                HttpPost httpPost = new HttpPost(str3);
                                httpPost.setHeader("Content-Type", "application/vnd.paos+xml");
                                try {
                                    httpPost.setEntity(new StringEntity(documentToString(authenticateIdP)));
                                    logger.info("Asserting resulted in " + this.client.execute((ClassicHttpRequest) httpPost, (HttpContext) create).getReasonPhrase());
                                    try {
                                        httpPost.reset();
                                    } catch (Exception e) {
                                    }
                                    logger.info("Requesting original URL");
                                    try {
                                        return this.client.execute((ClassicHttpRequest) new HttpGet(this.authInfo.getSpUrl().toString()), (HttpContext) create);
                                    } catch (IOException e2) {
                                        logger.debug("Could not request original URL");
                                        throw new ECPAuthenticationException(e2);
                                    }
                                } catch (IOException | TransformerException e3) {
                                    logger.debug("Could not post assertion back to SP");
                                    throw new ECPAuthenticationException(e3);
                                }
                            } catch (Exception e4) {
                                logger.debug("Could not find assertion consumer url in answer from IdP");
                                throw new ECPAuthenticationException(e4);
                            }
                        } catch (ECPAuthenticationException e5) {
                            logger.debug("Original SP response:\n" + entityUtils);
                            try {
                                logger.debug("Sent to IdP:\n" + documentToString(buildDocumentFromString));
                            } catch (TransformerException e6) {
                                logger.debug("Barf", (Throwable) e6);
                            }
                            throw e5;
                        }
                    } catch (XPathException e7) {
                        logger.debug("Could not find response consumer url in PAOS answer from SP");
                        throw new ECPAuthenticationException(e7);
                    }
                } catch (XPathException e8) {
                    logger.debug("Could not find relay state in PAOS answer from SP");
                    throw new ECPAuthenticationException(e8);
                }
            } catch (IOException | ParserConfigurationException | SAXException e9) {
                logger.debug("Parsing SP Response failed");
                throw new ECPAuthenticationException(e9);
            }
        } catch (IOException | ParseException e10) {
            logger.debug("Initial SP Request failed");
            throw new ECPAuthenticationException(e10);
        }
    }

    private String getStatusCode(Document document) {
        Node namedItem;
        String str = null;
        try {
            NodeList nodeList = (NodeList) queryDocument(document, "//*", XPathConstants.NODESET);
            if (nodeList == null) {
                return null;
            }
            for (int i = 0; i < nodeList.getLength(); i++) {
                Node item = nodeList.item(i);
                if (item.getLocalName().endsWith("StatusCode") && item.hasAttributes() && (namedItem = item.getAttributes().getNamedItem("Value")) != null && (str == null || str.endsWith(":Responder"))) {
                    str = namedItem.getNodeValue();
                }
            }
            return str;
        } catch (XPathException e) {
            return null;
        }
    }
}
