package org.cloudfoundry.identity.uaa.provider.saml;

import org.cloudfoundry.identity.uaa.provider.SamlIdentityProviderDefinition;
import org.cloudfoundry.identity.uaa.util.UaaUrlUtils;
import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
import org.joda.time.DateTime;
import org.opensaml.common.SAMLVersion;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.Status;
import org.opensaml.saml2.core.StatusCode;
import org.opensaml.saml2.core.StatusMessage;
import org.opensaml.saml2.core.impl.IssuerBuilder;
import org.opensaml.saml2.core.impl.ResponseBuilder;
import org.opensaml.saml2.core.impl.StatusBuilder;
import org.opensaml.saml2.core.impl.StatusCodeBuilder;
import org.opensaml.saml2.core.impl.StatusMessageBuilder;
import org.springframework.security.saml.SAMLDiscovery;
import org.springframework.security.saml.SAMLEntryPoint;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.23.0.jar:org/cloudfoundry/identity/uaa/provider/saml/SamlRedirectUtils.class */
public class SamlRedirectUtils {
    public static String getIdpRedirectUrl(SamlIdentityProviderDefinition samlIdentityProviderDefinition, String str) {
        UriComponentsBuilder fromPath = UriComponentsBuilder.fromPath("saml/discovery");
        fromPath.queryParam(SAMLDiscovery.RETURN_ID_PARAM, SAMLEntryPoint.IDP_PARAMETER);
        fromPath.queryParam("entityID", getZonifiedEntityId(str));
        fromPath.queryParam(SAMLEntryPoint.IDP_PARAMETER, samlIdentityProviderDefinition.getIdpEntityAlias());
        fromPath.queryParam(SAMLDiscovery.PASSIVE_PARAM, "true");
        return fromPath.build().toUriString();
    }

    public static String getZonifiedEntityId(String str) {
        try {
            if (!IdentityZoneHolder.isUaa()) {
                String entityID = IdentityZoneHolder.get().getConfig().getSamlConfig().getEntityID();
                if (entityID != null) {
                    return entityID;
                }
            }
        } catch (Exception e) {
        }
        return UaaUrlUtils.isUrl(str) ? UaaUrlUtils.addSubdomainToUrl(str) : UaaUrlUtils.getSubdomain() + str;
    }

    public static Response wrapAssertionIntoResponse(Assertion assertion, String str) {
        Response mo5359buildObject = new ResponseBuilder().mo5359buildObject();
        Issuer mo5359buildObject2 = new IssuerBuilder().mo5359buildObject();
        mo5359buildObject2.setValue(str);
        mo5359buildObject.setIssuer(mo5359buildObject2);
        mo5359buildObject.setID("id-" + System.currentTimeMillis());
        Status mo5359buildObject3 = new StatusBuilder().mo5359buildObject();
        StatusCode mo5359buildObject4 = new StatusCodeBuilder().mo5359buildObject();
        mo5359buildObject4.setValue(StatusCode.SUCCESS_URI);
        mo5359buildObject3.setStatusCode(mo5359buildObject4);
        StatusMessage mo5359buildObject5 = new StatusMessageBuilder().mo5359buildObject();
        mo5359buildObject5.setMessage(null);
        mo5359buildObject3.setStatusMessage(mo5359buildObject5);
        mo5359buildObject.setStatus(mo5359buildObject3);
        mo5359buildObject.setVersion(SAMLVersion.VERSION_20);
        mo5359buildObject.setIssueInstant(new DateTime());
        mo5359buildObject.getAssertions().add(assertion);
        return mo5359buildObject;
    }
}
