package dk.itst.oiosaml.sp.model;

import dk.itst.oiosaml.common.OIOSAMLConstants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.PublicKey;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.zip.Deflater;
import java.util.zip.DeflaterOutputStream;
import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
import org.opensaml.saml2.core.RequestAbstractType;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.util.Base64;
import org.opensaml.xml.util.XMLHelper;
import org.opensaml.xml.validation.ValidationException;

/* loaded from: input_file:dk/itst/oiosaml/sp/model/OIORequest.class */
public abstract class OIORequest extends OIOSamlObject {
    private final RequestAbstractType request;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:dk/itst/oiosaml/sp/model/OIORequest$Encoder.class */
    public class Encoder extends HTTPRedirectDeflateEncoder {
        /* JADX INFO: Access modifiers changed from: protected */
        public Encoder() {
        }

        public String buildRedirectURL(Credential credential, String str) throws MessageEncodingException {
            BasicSAMLMessageContext basicSAMLMessageContext = new BasicSAMLMessageContext();
            basicSAMLMessageContext.setOutboundSAMLMessage(OIORequest.this.request);
            basicSAMLMessageContext.setRelayState(str);
            basicSAMLMessageContext.setOutboundSAMLMessageSigningCredential(credential);
            String nodeToString = XMLHelper.nodeToString(marshallMessage(OIORequest.this.request));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(byteArrayOutputStream, new Deflater(8, true));
            try {
                deflaterOutputStream.write(nodeToString.getBytes(OIOSAMLConstants.UTF_8));
                deflaterOutputStream.finish();
                return super.buildRedirectURL(basicSAMLMessageContext, OIORequest.this.request.getDestination(), Base64.encodeBytes(byteArrayOutputStream.toByteArray(), 8));
            } catch (IOException e) {
                throw new RuntimeException("Unable to deflate message", e);
            }
        }
    }

    public OIORequest(RequestAbstractType requestAbstractType) {
        super(requestAbstractType);
        this.request = requestAbstractType;
    }

    public boolean isDestinationOK(String str) {
        if (this.request.getDestination() == null) {
            return true;
        }
        return this.request.getDestination() != null && this.request.getDestination().equals(str);
    }

    public boolean isIssuerOK(String str) {
        return (this.request.getIssuer() == null || this.request.getIssuer().getValue() == null || !this.request.getIssuer().getValue().equals(str)) ? false : true;
    }

    protected final void validateRequest(String str, String str2, PublicKey publicKey, List<String> list) {
        validateRequest(str, str2, Collections.singletonList(publicKey), list);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void validateRequest(String str, String str2, Collection<PublicKey> collection, List<String> list) {
        try {
            this.request.validate(true);
        } catch (ValidationException e) {
            list.add(e.getMessage());
        }
        if (!isDestinationOK(str2)) {
            list.add("Wrong destination. Expected " + str2 + " but was " + this.request.getDestination());
        }
        if (!isIssuerOK(str)) {
            list.add("Wring issuer. Expected " + str + " but was " + this.request.getIssuer());
        }
        if (hasSignature()) {
            boolean z = false;
            Iterator<PublicKey> it = collection.iterator();
            while (it.hasNext()) {
                if (verifySignature(it.next())) {
                    z = true;
                }
            }
            if (z) {
                return;
            }
            list.add("Invalid signature in SAMLObject");
        }
    }

    public String getID() {
        return this.request.getID();
    }

    public String getIssuer() {
        if (this.request.getIssuer() != null) {
            return this.request.getIssuer().getValue();
        }
        return null;
    }

    public String getDestination() {
        return this.request.getDestination();
    }
}
