package fr.in2p3.lavoisier.authenticator.SAML2;

import fr.in2p3.lavoisier.authenticator.action.RedirectAction;
import fr.in2p3.lavoisier.interfaces.authenticator.Action;
import fr.in2p3.lavoisier.interfaces.authenticator.Authenticator;
import fr.in2p3.lavoisier.interfaces.authenticator.SessionStorable;
import fr.in2p3.lavoisier.interfaces.authenticator.impl.DefaultAuthenticatedUser;
import fr.in2p3.lavoisier.interfaces.usage.Configuration;
import fr.in2p3.lavoisier.interfaces.usage.Parameter;
import java.io.IOException;
import java.security.Principal;
import javax.security.auth.login.LoginException;
import javax.xml.parsers.ParserConfigurationException;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.io.UnmarshallingException;
import org.xml.sax.SAXException;

/* loaded from: input_file:fr/in2p3/lavoisier/authenticator/SAML2/SAML2Authenticator.class */
public class SAML2Authenticator extends Authenticator<SAML2ResponsibilityHandler, SAML2AuthenticatorInput, DefaultAuthenticatedUser> implements SessionStorable {
    public static final Parameter<String> P_SERVER = Parameter.string("server", "The URL of the SAML2 Identity Provider");
    private String m_server;

    public SAML2Authenticator() {
        super(SAML2ResponsibilityHandler.class, SAML2AuthenticatorInput.class, DefaultAuthenticatedUser.class);
    }

    public String getDescription() {
        return "This adaptor authenticates user with SAML v2";
    }

    public Parameter[] getUsage() {
        return new Parameter[]{P_SERVER};
    }

    public void init(String str, Configuration configuration) throws Exception {
        this.m_server = (String) P_SERVER.getValue(configuration);
    }

    public Action getPreAction(SAML2AuthenticatorInput sAML2AuthenticatorInput) throws LoginException {
        if (sAML2AuthenticatorInput.getResponse() != null) {
            return null;
        }
        try {
            return new RedirectAction(this.m_server + "/SAML2/SSO/Redirect?SAMLRequest=" + SAML2Builder.buildAuthnRequest(sAML2AuthenticatorInput.getServiceProviderURL()) + "&RelayState=" + sAML2AuthenticatorInput.getServiceURL().toString());
        } catch (IOException e) {
            throw new LoginException("Cannot build SAML2 AuthnRequest: " + e.getMessage());
        } catch (MarshallingException e2) {
            throw new LoginException("Cannot build SAML2 AuthnRequest: " + e2.getMessage());
        }
    }

    public Principal getPrincipal(SAML2AuthenticatorInput sAML2AuthenticatorInput) throws LoginException {
        try {
            return SAML2Builder.getPrincipalFromAuthnResponse(sAML2AuthenticatorInput.getResponse());
        } catch (IOException e) {
            throw new LoginException("Cannot process SAML2 AuthnResponse: " + e.getMessage());
        } catch (ParserConfigurationException e2) {
            throw new LoginException("Cannot process SAML2 AuthnResponse: " + e2.getMessage());
        } catch (SAXException e3) {
            throw new LoginException("Cannot process SAML2 AuthnResponse: " + e3.getMessage());
        } catch (UnmarshallingException e4) {
            throw new LoginException("Cannot process SAML2 AuthnResponse: " + e4.getMessage());
        }
    }
}
