package eu.dariah.de.dariahsp.profiles;

import eu.dariah.de.dariahsp.config.BaseSecurityConfig;
import eu.dariah.de.dariahsp.model.ExtendedUserProfile;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Optional;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.core.profile.creator.ProfileCreator;
import org.pac4j.saml.credentials.authenticator.SAML2Authenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/dariahsp-core-4.1.2-SNAPSHOT.jar:eu/dariah/de/dariahsp/profiles/SamlProfileCreator.class */
public class SamlProfileCreator extends BaseProfileCreator implements ProfileCreator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SamlProfileCreator.class);
    public static final String EXTERNAL_ROLES_MAPPED_NAME = "externalRoles";
    public static final String ID_MAPPED_NAME = "id";
    public static final String ISSUER_ID_NAME = "issuerId";
    private final BaseSecurityConfig securityConfig;

    public SamlProfileCreator(BaseSecurityConfig baseSecurityConfig, String str) {
        super(str);
        this.securityConfig = baseSecurityConfig;
    }

    @Override // org.pac4j.core.profile.creator.ProfileCreator
    public Optional<UserProfile> create(Credentials credentials, WebContext webContext, SessionStore sessionStore) {
        if (credentials.getUserProfile() == null) {
            return Optional.empty();
        }
        ExtendedUserProfile extendedUserProfile = new ExtendedUserProfile(credentials.getUserProfile());
        assignExternalRoles(extendedUserProfile);
        setIdPersistenceInfo(extendedUserProfile);
        setIssuerId(extendedUserProfile);
        mapAndAssignRoles(extendedUserProfile);
        return Optional.ofNullable(extendedUserProfile);
    }

    private void setIdPersistenceInfo(ExtendedUserProfile extendedUserProfile) {
        boolean z = true;
        try {
            if (extendedUserProfile.containsAuthenicationAttribute(SAML2Authenticator.SAML_NAME_ID_FORMAT)) {
                z = ((String) extendedUserProfile.getAuthenticationAttribute(SAML2Authenticator.SAML_NAME_ID_FORMAT, String.class)).equals("urn:oasis:names:tc:SAML:2.0:nameid-format:transient");
            }
        } catch (Exception e) {
            log.error("Failed to detect and process nameId format", (Throwable) e);
        }
        if (extendedUserProfile.containsAttribute("id")) {
            List list = (List) extendedUserProfile.getAttribute("id", List.class);
            if (!list.isEmpty()) {
                extendedUserProfile.setId(list.get(0).toString());
                z = false;
            }
        }
        extendedUserProfile.setTransientId(z);
    }

    private void setIssuerId(ExtendedUserProfile extendedUserProfile) {
        try {
            Object authenticationAttribute = extendedUserProfile.getAuthenticationAttribute("issuerId");
            if (authenticationAttribute != null) {
                extendedUserProfile.setIssuerId(authenticationAttribute.toString());
            }
        } catch (Exception e) {
            log.warn("Unable to issuerId of the profile", (Throwable) e);
        }
    }

    private void assignExternalRoles(ExtendedUserProfile extendedUserProfile) {
        try {
            List<String> list = (List) extendedUserProfile.getAttribute(EXTERNAL_ROLES_MAPPED_NAME);
            if (list == null || list.isEmpty()) {
                return;
            }
            if (extendedUserProfile.getExternalRoles() != null) {
                for (String str : list) {
                    if (!extendedUserProfile.getExternalRoles().contains(str)) {
                        extendedUserProfile.getExternalRoles().add(str);
                    }
                }
            } else {
                extendedUserProfile.setExternalRoles(new LinkedHashSet(list));
            }
        } catch (Exception e) {
            log.warn("Unable to map memberOf attribute to external roles of the profile", (Throwable) e);
        }
    }

    public BaseSecurityConfig getSecurityConfig() {
        return this.securityConfig;
    }

    @Override // eu.dariah.de.dariahsp.profiles.BaseProfileCreator
    public String toString() {
        return "SamlProfileCreator(securityConfig=" + getSecurityConfig() + ")";
    }

    @Override // eu.dariah.de.dariahsp.profiles.BaseProfileCreator
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof SamlProfileCreator)) {
            return false;
        }
        SamlProfileCreator samlProfileCreator = (SamlProfileCreator) obj;
        if (!samlProfileCreator.canEqual(this)) {
            return false;
        }
        BaseSecurityConfig securityConfig = getSecurityConfig();
        BaseSecurityConfig securityConfig2 = samlProfileCreator.getSecurityConfig();
        return securityConfig == null ? securityConfig2 == null : securityConfig.equals(securityConfig2);
    }

    @Override // eu.dariah.de.dariahsp.profiles.BaseProfileCreator
    protected boolean canEqual(Object obj) {
        return obj instanceof SamlProfileCreator;
    }

    @Override // eu.dariah.de.dariahsp.profiles.BaseProfileCreator
    public int hashCode() {
        BaseSecurityConfig securityConfig = getSecurityConfig();
        return (1 * 59) + (securityConfig == null ? 43 : securityConfig.hashCode());
    }
}
