package org.apache.syncope.core.logic;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import org.apache.syncope.common.lib.to.EntityTO;
import org.pac4j.saml.config.SAML2Configuration;
import org.pac4j.saml.metadata.keystore.BaseSAML2KeystoreGenerator;
import org.springframework.core.io.FileUrlResource;
import org.springframework.core.io.Resource;
import org.springframework.core.io.support.ResourcePatternResolver;

/* loaded from: input_file:org/apache/syncope/core/logic/AbstractSAML2SP4UILogic.class */
abstract class AbstractSAML2SP4UILogic extends AbstractTransactionalLogic<EntityTO> {
    protected final SAML2SP4UIProperties props;
    protected final ResourcePatternResolver resourceResolver;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSAML2SP4UILogic(SAML2SP4UIProperties sAML2SP4UIProperties, ResourcePatternResolver resourcePatternResolver) {
        this.props = sAML2SP4UIProperties;
        this.resourceResolver = resourcePatternResolver;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SAML2Configuration newSAML2Configuration() {
        final SAML2Configuration sAML2Configuration = new SAML2Configuration(this.resourceResolver.getResource(this.props.getKeystore()), this.props.getKeystoreAlias(), this.props.getKeystoreType(), this.props.getKeystoreStorepass(), this.props.getKeystoreKeypass(), (Resource) null);
        if (sAML2Configuration.getKeystoreResource() instanceof FileUrlResource) {
            sAML2Configuration.setKeystoreGenerator(new BaseSAML2KeystoreGenerator(this, sAML2Configuration) { // from class: org.apache.syncope.core.logic.AbstractSAML2SP4UILogic.1
                protected void store(KeyStore keyStore, X509Certificate x509Certificate, PrivateKey privateKey) {
                }

                public InputStream retrieve() throws Exception {
                    return sAML2Configuration.getKeystoreResource().getInputStream();
                }
            });
        }
        sAML2Configuration.setWantsAssertionsSigned(true);
        sAML2Configuration.setAuthnRequestSigned(true);
        sAML2Configuration.setSpLogoutRequestSigned(true);
        sAML2Configuration.setMaximumAuthenticationLifetime(this.props.getMaximumAuthenticationLifetime());
        sAML2Configuration.setAcceptedSkew(this.props.getAcceptedSkew());
        return sAML2Configuration;
    }
}
