package org.apereo.cas.support.saml.mdui.web.flow;

import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.support.saml.mdui.MetadataResolverAdapter;
import org.apereo.cas.support.saml.mdui.MetadataUIUtils;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/support/saml/mdui/web/flow/SamlMetadataUIParserAction.class */
public class SamlMetadataUIParserAction extends AbstractAction {
    private static final Logger LOGGER = LoggerFactory.getLogger(SamlMetadataUIParserAction.class);
    private final String entityIdParameterName;
    private final MetadataResolverAdapter metadataAdapter;
    private final ServicesManager servicesManager;
    private final ServiceFactory<WebApplicationService> serviceFactory;

    public SamlMetadataUIParserAction(String str, MetadataResolverAdapter metadataResolverAdapter, ServiceFactory<WebApplicationService> serviceFactory, ServicesManager servicesManager) {
        this.entityIdParameterName = str;
        this.metadataAdapter = metadataResolverAdapter;
        this.serviceFactory = serviceFactory;
        this.servicesManager = servicesManager;
    }

    public Event doExecute(RequestContext requestContext) throws Exception {
        String entityIdFromRequest = getEntityIdFromRequest(requestContext);
        if (StringUtils.isBlank(entityIdFromRequest)) {
            LOGGER.debug("No entity id found for parameter [{}]", this.entityIdParameterName);
            return success();
        }
        LOGGER.debug("Located entity id [{}] from request", entityIdFromRequest);
        if (MetadataUIUtils.isMetadataFoundForEntityId(this.metadataAdapter, entityIdFromRequest)) {
            LOGGER.debug("Metadata is found for entity [{}]", entityIdFromRequest);
            RegisteredService registeredServiceFromRequest = getRegisteredServiceFromRequest(requestContext);
            LOGGER.debug("Registered service definition linked to [{}] is found as [{}]", entityIdFromRequest, registeredServiceFromRequest);
            verifyRegisteredService(requestContext, registeredServiceFromRequest);
            loadSamlMetadataIntoRequestContext(requestContext, entityIdFromRequest, registeredServiceFromRequest);
        } else {
            LOGGER.debug("Metadata is not found for entity [{}] and CAS service registry is consulted for the entity definition", entityIdFromRequest);
            RegisteredService registeredServiceFromRequest2 = getRegisteredServiceFromRequest(requestContext, entityIdFromRequest);
            LOGGER.debug("Registered service definition linked to [{}] is found as [{}]", entityIdFromRequest, registeredServiceFromRequest2);
            verifyRegisteredService(requestContext, registeredServiceFromRequest2);
            loadSamlMetadataIntoRequestContext(requestContext, entityIdFromRequest, registeredServiceFromRequest2);
        }
        return success();
    }

    protected void loadSamlMetadataIntoRequestContext(RequestContext requestContext, String str, RegisteredService registeredService) {
        WebUtils.putServiceUserInterfaceMetadata(requestContext, MetadataUIUtils.locateMetadataUserInterfaceForEntityId(this.metadataAdapter, str, registeredService, WebUtils.getHttpServletRequest(requestContext)));
    }

    protected void verifyRegisteredService(RequestContext requestContext, RegisteredService registeredService) {
        if (registeredService == null || !registeredService.getAccessStrategy().isServiceAccessAllowed()) {
            LOGGER.debug("Service [{}] is not recognized/allowed by the CAS service registry", registeredService);
            if (registeredService != null) {
                WebUtils.putUnauthorizedRedirectUrlIntoFlowScope(requestContext, registeredService.getAccessStrategy().getUnauthorizedRedirectUrl());
            }
            throw new UnauthorizedServiceException("screen.service.error.message", "");
        }
    }

    protected RegisteredService getRegisteredServiceFromRequest(RequestContext requestContext, String str) {
        WebApplicationService service = WebUtils.getService(requestContext);
        RegisteredService findServiceBy = this.servicesManager.findServiceBy(this.serviceFactory.createService(str));
        if (findServiceBy == null) {
            LOGGER.debug("Entity id [{}] not found in the registry. Fallback onto [{}]", str, service);
            findServiceBy = this.servicesManager.findServiceBy(service);
        }
        LOGGER.debug("Located service definition [{}]", findServiceBy);
        return findServiceBy;
    }

    protected RegisteredService getRegisteredServiceFromRequest(RequestContext requestContext) {
        return this.servicesManager.findServiceBy(WebUtils.getService(requestContext));
    }

    protected String getEntityIdFromRequest(RequestContext requestContext) {
        return WebUtils.getHttpServletRequest(requestContext).getParameter(this.entityIdParameterName);
    }
}
