package org.cloudfoundry.identity.uaa.provider.saml;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.saml.SAMLDiscovery;
import org.springframework.security.saml.SAMLEntryPoint;
import org.springframework.security.saml.context.SAMLContextProvider;
import org.springframework.security.saml.metadata.ExtendedMetadata;
import org.springframework.security.saml.metadata.MetadataManager;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.7.0.jar:org/cloudfoundry/identity/uaa/provider/saml/LoginSamlDiscovery.class */
public class LoginSamlDiscovery extends SAMLDiscovery {
    private static final Log logger = LogFactory.getLog(LoginSamlDiscovery.class);
    private MetadataManager metadata;

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.7.0.jar:org/cloudfoundry/identity/uaa/provider/saml/LoginSamlDiscovery$UnableToFindSamlIDPException.class */
    public static class UnableToFindSamlIDPException extends RuntimeException {
        public UnableToFindSamlIDPException(String str) {
            super(str);
        }

        public UnableToFindSamlIDPException(String str, Throwable th) {
            super(str, th);
        }
    }

    @Override // org.springframework.security.saml.SAMLDiscovery
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            super.doFilter(servletRequest, servletResponse, filterChain);
        } catch (UnableToFindSamlIDPException e) {
            logger.warn(e);
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(((HttpServletRequest) servletRequest).getContextPath() + "/login?error=idp_not_found"));
        }
    }

    @Override // org.springframework.security.saml.SAMLDiscovery
    protected String getPassiveIDP(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(SAMLDiscovery.RETURN_ID_PARAM);
        String parameter2 = httpServletRequest.getParameter(parameter == null ? SAMLEntryPoint.IDP_PARAMETER : parameter);
        if (parameter2 != null) {
            for (String str : this.metadata.getIDPEntityNames()) {
                try {
                    ExtendedMetadata extendedMetadata = this.metadata.getExtendedMetadata(str);
                    if (extendedMetadata != null && parameter2.equals(extendedMetadata.getAlias())) {
                        return str;
                    }
                } catch (MetadataProviderException e) {
                    throw new UnableToFindSamlIDPException("Unable to read extended metadata for alias[" + parameter2 + "] IDP[" + str + "]", e);
                }
            }
        }
        throw new UnableToFindSamlIDPException("Unable to locate IDP provider for alias:" + parameter2);
    }

    @Override // org.springframework.security.saml.SAMLDiscovery
    @Autowired
    public void setMetadata(MetadataManager metadataManager) {
        super.setMetadata(metadataManager);
        this.metadata = metadataManager;
    }

    @Override // org.springframework.security.saml.SAMLDiscovery
    @Autowired(required = false)
    public void setSamlEntryPoint(SAMLEntryPoint sAMLEntryPoint) {
        super.setSamlEntryPoint(sAMLEntryPoint);
    }

    @Override // org.springframework.security.saml.SAMLDiscovery
    @Autowired
    public void setContextProvider(SAMLContextProvider sAMLContextProvider) {
        super.setContextProvider(sAMLContextProvider);
    }
}
