package org.opensaml.saml.common.profile.impl;

import com.google.common.base.Function;
import com.google.common.base.Functions;
import java.util.Iterator;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.opensaml.messaging.context.navigate.ChildContextLookup;
import org.opensaml.profile.action.AbstractProfileAction;
import org.opensaml.profile.action.ActionSupport;
import org.opensaml.profile.context.ProfileRequestContext;
import org.opensaml.profile.context.navigate.InboundMessageContextLookup;
import org.opensaml.profile.context.navigate.OutboundMessageContextLookup;
import org.opensaml.saml.common.messaging.context.ChannelBindingsContext;
import org.opensaml.saml.common.profile.SAMLEventIds;
import org.opensaml.saml.ext.saml2cb.ChannelBindings;
import org.opensaml.soap.messaging.context.SOAP11Context;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:lib/opensaml-saml-impl-3.3.0.jar:org/opensaml/saml/common/profile/impl/VerifyChannelBindings.class */
public class VerifyChannelBindings extends AbstractProfileAction {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) VerifyChannelBindings.class);

    @Nonnull
    private Function<ProfileRequestContext, ChannelBindingsContext> channelBindingsLookupStrategy1 = Functions.compose(new ChildContextLookup(ChannelBindingsContext.class), new InboundMessageContextLookup());

    @Nonnull
    private Function<ProfileRequestContext, ChannelBindingsContext> channelBindingsLookupStrategy2 = Functions.compose(new ChildContextLookup(ChannelBindingsContext.class), Functions.compose(new ChildContextLookup(SOAP11Context.class), new InboundMessageContextLookup()));

    @Nonnull
    private Function<ProfileRequestContext, ChannelBindingsContext> channelBindingsCreationStrategy = Functions.compose(new ChildContextLookup(ChannelBindingsContext.class, true), new OutboundMessageContextLookup());

    @Nullable
    private ChannelBindingsContext channelBindingsContext1;

    @Nullable
    private ChannelBindingsContext channelBindingsContext2;

    public void setChannelBindingsLookupStrategy1(@Nonnull Function<ProfileRequestContext, ChannelBindingsContext> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.channelBindingsLookupStrategy1 = (Function) Constraint.isNotNull(function, "First ChannelBindingsContext lookup strategy cannot be null");
    }

    public void setChannelBindingsLookupStrategy2(@Nonnull Function<ProfileRequestContext, ChannelBindingsContext> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.channelBindingsLookupStrategy2 = (Function) Constraint.isNotNull(function, "Second ChannelBindingsContext lookup strategy cannot be null");
    }

    public void setChannelBindingsCreationStrategy(@Nonnull Function<ProfileRequestContext, ChannelBindingsContext> function) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        this.channelBindingsCreationStrategy = (Function) Constraint.isNotNull(function, "ChannelBindingsContext creation strategy cannot be null");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.profile.action.AbstractProfileAction
    public boolean doPreExecute(@Nonnull ProfileRequestContext profileRequestContext) {
        if (!super.doPreExecute(profileRequestContext)) {
            return false;
        }
        this.channelBindingsContext1 = (ChannelBindingsContext) this.channelBindingsLookupStrategy1.apply(profileRequestContext);
        this.channelBindingsContext2 = (ChannelBindingsContext) this.channelBindingsLookupStrategy2.apply(profileRequestContext);
        if (this.channelBindingsContext1 != null && this.channelBindingsContext1.getChannelBindings().isEmpty()) {
            this.channelBindingsContext1 = null;
        }
        if (this.channelBindingsContext2 != null && this.channelBindingsContext2.getChannelBindings().isEmpty()) {
            this.channelBindingsContext2 = null;
        }
        if (this.channelBindingsContext1 != null || this.channelBindingsContext2 != null) {
            return true;
        }
        this.log.debug("{} No channel bindings found to verify, nothing to do", getLogPrefix());
        return false;
    }

    @Override // org.opensaml.profile.action.AbstractProfileAction
    protected void doExecute(@Nonnull ProfileRequestContext profileRequestContext) {
        if (this.channelBindingsContext1 == null || this.channelBindingsContext2 == null) {
            this.log.warn("{} Unable to verify channel bindings sent for comparison", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, SAMLEventIds.CHANNEL_BINDINGS_ERROR);
            return;
        }
        ChannelBindings channelBindings = null;
        for (ChannelBindings channelBindings2 : this.channelBindingsContext1.getChannelBindings()) {
            Iterator<ChannelBindings> it = this.channelBindingsContext2.getChannelBindings().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                ChannelBindings next = it.next();
                if (Objects.equals(channelBindings2.getType(), next.getType()) && Objects.equals(StringSupport.trimOrNull(channelBindings2.getValue()), StringSupport.trimOrNull(next.getValue()))) {
                    channelBindings = channelBindings2;
                    break;
                }
            }
            if (channelBindings != null) {
                break;
            }
        }
        if (channelBindings == null) {
            this.log.warn("{} Unable to verify channel bindings sent for comparison", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, SAMLEventIds.CHANNEL_BINDINGS_ERROR);
            return;
        }
        this.log.debug("{} Saving matched channel bindings for later use", getLogPrefix());
        ChannelBindingsContext channelBindingsContext = (ChannelBindingsContext) this.channelBindingsCreationStrategy.apply(profileRequestContext);
        if (channelBindingsContext != null) {
            channelBindingsContext.getChannelBindings().add(channelBindings);
        } else {
            this.log.error("{} Unable to create ChannelBindingContext to store result", getLogPrefix());
            ActionSupport.buildEvent(profileRequestContext, SAMLEventIds.CHANNEL_BINDINGS_ERROR);
        }
    }
}
