package pl.edu.icm.unity.saml.idp.processor;

import eu.unicore.samly2.SAMLConstants;
import eu.unicore.samly2.exceptions.SAMLRequesterException;
import eu.unicore.samly2.exceptions.SAMLResponderException;
import eu.unicore.samly2.exceptions.SAMLServerException;
import org.apache.xmlbeans.XmlObject;
import pl.edu.icm.unity.base.attribute.IllegalAttributeTypeException;
import pl.edu.icm.unity.base.attribute.IllegalAttributeValueException;
import pl.edu.icm.unity.base.identity.IllegalIdentityValueException;
import pl.edu.icm.unity.engine.api.authn.AuthenticationException;
import pl.edu.icm.unity.engine.api.translation.ExecutionFailException;
import pl.edu.icm.unity.saml.idp.SAMLIdPConfiguration;
import pl.edu.icm.unity.saml.idp.ctx.SAMLContext;
import xmlbeans.org.oasis.saml2.assertion.NameIDType;
import xmlbeans.org.oasis.saml2.protocol.RequestAbstractType;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/processor/StatusResponseProcessor.class */
public abstract class StatusResponseProcessor<T extends XmlObject, C extends RequestAbstractType> {
    protected SAMLContext<T, C> context;
    protected SAMLIdPConfiguration samlConfiguration;

    public StatusResponseProcessor(SAMLContext<T, C> sAMLContext) {
        this.context = sAMLContext;
        this.samlConfiguration = sAMLContext.getSamlConfiguration();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SAMLContext<T, C> getContext() {
        return this.context;
    }

    protected SAMLIdPConfiguration getSamlConfiguration() {
        return this.samlConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public NameIDType getResponseIssuer() {
        NameIDType newInstance = NameIDType.Factory.newInstance();
        newInstance.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:entity");
        newInstance.setStringValue(this.samlConfiguration.issuerURI);
        return newInstance;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean doSignResponse() {
        if (this.samlConfiguration.isSignRespAlways()) {
            return true;
        }
        if (this.samlConfiguration.isSignRespNever()) {
            return false;
        }
        C request = this.context.getRequest();
        return (request.getSignature() == null || request.getSignature().isNil()) ? false : true;
    }

    public SAMLServerException convert2SAMLError(Exception exc, String str, boolean z) {
        SAMLConstants.Status status;
        SAMLConstants.SubStatus subStatus = null;
        String str2 = null;
        if (str != null) {
            str2 = str;
        }
        if (str == null && z) {
            str2 = exc.getMessage() != null ? exc.getMessage() : exc.getClass().getSimpleName();
        }
        if (exc instanceof IllegalIdentityValueException) {
            status = SAMLConstants.Status.STATUS_REQUESTER;
            subStatus = SAMLConstants.SubStatus.STATUS2_UNKNOWN_PRINCIPAL;
        } else if (exc instanceof AuthenticationException) {
            status = SAMLConstants.Status.STATUS_REQUESTER;
            subStatus = SAMLConstants.SubStatus.STATUS2_AUTHN_FAILED;
        } else if ((exc instanceof IllegalAttributeTypeException) || (exc instanceof IllegalAttributeValueException)) {
            status = SAMLConstants.Status.STATUS_REQUESTER;
            subStatus = SAMLConstants.SubStatus.STATUS2_INVALID_ATTR;
        } else if (exc instanceof SecurityException) {
            status = SAMLConstants.Status.STATUS_REQUESTER;
            subStatus = SAMLConstants.SubStatus.STATUS2_REQUEST_DENIED;
        } else if (exc instanceof ExecutionFailException) {
            status = SAMLConstants.Status.STATUS_REQUESTER;
            subStatus = SAMLConstants.SubStatus.STATUS2_REQUEST_DENIED;
        } else {
            status = SAMLConstants.Status.STATUS_RESPONDER;
        }
        return status == SAMLConstants.Status.STATUS_REQUESTER ? new SAMLRequesterException(subStatus, str2) : new SAMLResponderException(subStatus, str2);
    }
}
