package coldfusion.saml;

import coldfusion.runtime.ApplicationException;
import coldfusion.saml.util.Utils;
import coldfusion.util.KeystoreUtils;
import coldfusion.util.RB;
import com.onelogin.saml2.settings.Saml2Settings;
import com.onelogin.saml2.settings.SettingsBuilder;
import java.io.File;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.LinkedHashMap;

/* loaded from: input_file:coldfusion/saml/SpConfiguration.class */
public class SpConfiguration implements Cloneable {
    public static final String SP_ENTITYID_PROPERTY_KEY = "onelogin.saml2.sp.entityid";
    public static final String SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.sp.assertion_consumer_service.url";
    public static final String SP_ASSERTION_CONSUMER_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.sp.assertion_consumer_service.binding";
    public static final String SP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY = "onelogin.saml2.sp.single_logout_service.url";
    public static final String SP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY = "onelogin.saml2.sp.single_logout_service.binding";
    public static final String SP_NAMEIDFORMAT_PROPERTY_KEY = "onelogin.saml2.sp.nameidformat";
    public static final String SP_X509CERT_PROPERTY_KEY = "onelogin.saml2.sp.x509cert";
    public static final String SP_PRIVATEKEY_PROPERTY_KEY = "onelogin.saml2.sp.privatekey";
    public static final String SECURITY_AUTHREQUEST_SIGNED = "onelogin.saml2.security.authnrequest_signed";
    public static final String SECURITY_LOGOUTREQUEST_SIGNED = "onelogin.saml2.security.logoutrequest_signed";
    public static final String SECURITY_LOGOUTRESPONSE_SIGNED = "onelogin.saml2.security.logoutresponse_signed";
    public static final String SECURITY_WANT_ASSERTIONS_SIGNED = "onelogin.saml2.security.want_assertions_signed";
    public static final String SECURITY_SIGN_METADATA = "onelogin.saml2.security.sign_metadata";
    public static final String STORE_REDIS = "redis";
    public static final String STORE_CACHE = "cache";
    private String entityId;
    private String description;
    private String acsUrl;
    private String acsBinding;
    private String sloUrl;
    private String sloBinding;
    private boolean signRequests;
    private boolean wantAssertionsSigned;
    private boolean logoutResponseSigned;
    private boolean allowIdpInitiatedSso;
    private String signKeystorePath;
    private String signKeystorePassword;
    private String signKeystoreAlias;
    private String stateStore;
    private boolean signMetadata;
    private boolean isGenerated;
    private boolean strict;

    /* loaded from: input_file:coldfusion/saml/SpConfiguration$KeystoreException.class */
    public static class KeystoreException extends ApplicationException {
        public String exceptionMessage;

        public KeystoreException(String str) {
            this.exceptionMessage = "";
            this.exceptionMessage = str;
        }
    }

    public SpConfiguration() {
        this.signRequests = false;
        this.wantAssertionsSigned = false;
        this.logoutResponseSigned = false;
        this.allowIdpInitiatedSso = false;
        this.isGenerated = false;
        this.strict = true;
    }

    public SpConfiguration(String str, String str2, String str3, String str4, String str5, String str6, boolean z, boolean z2, boolean z3, String str7, String str8, String str9, String str10, boolean z4) {
        this.signRequests = false;
        this.wantAssertionsSigned = false;
        this.logoutResponseSigned = false;
        this.allowIdpInitiatedSso = false;
        this.isGenerated = false;
        this.strict = true;
        this.entityId = str;
        this.description = str2;
        this.acsUrl = str3;
        this.acsBinding = str4;
        this.sloUrl = str5;
        this.sloBinding = str6;
        this.signRequests = z;
        this.wantAssertionsSigned = z2;
        this.logoutResponseSigned = z3;
        this.signKeystorePath = str7;
        this.signKeystorePassword = str8;
        this.signKeystoreAlias = str9;
        this.signMetadata = z4;
        this.stateStore = str10;
    }

    public String getEntityId() {
        return this.entityId;
    }

    public void setEntityId(String str) {
        this.entityId = str;
    }

    public String getDescription() {
        return this.description;
    }

    public void setDescription(String str) {
        this.description = str;
    }

    public String getAcsUrl() {
        return this.acsUrl;
    }

    public void setAcsUrl(String str) {
        this.acsUrl = str;
    }

    public String getAcsBinding() {
        return this.acsBinding;
    }

    public void setAcsBinding(String str) {
        this.acsBinding = str;
    }

    public String getSloUrl() {
        return this.sloUrl;
    }

    public void setSloUrl(String str) {
        this.sloUrl = str;
    }

    public String getSloBinding() {
        return this.sloBinding;
    }

    public void setSloBinding(String str) {
        this.sloBinding = str;
    }

    public boolean isSignRequests() {
        return this.signRequests;
    }

    public void setSignRequests(boolean z) {
        this.signRequests = z;
    }

    public boolean isWantAssertionsSigned() {
        return this.wantAssertionsSigned;
    }

    public void setWantAssertionsSigned(boolean z) {
        this.wantAssertionsSigned = z;
    }

    public boolean isLogoutResponseSigned() {
        return this.logoutResponseSigned;
    }

    public void setLogoutResponseSigned(boolean z) {
        this.logoutResponseSigned = z;
    }

    public String getSignKeystorePath() {
        return this.signKeystorePath;
    }

    public void setSignKeystorePath(String str) {
        this.signKeystorePath = str;
    }

    public String getSignKeystorePassword() {
        return this.signKeystorePassword;
    }

    public void setSignKeystorePassword(String str) {
        this.signKeystorePassword = str;
    }

    public String getSignKeystoreAlias() {
        return this.signKeystoreAlias;
    }

    public void setSignKeystoreAlias(String str) {
        this.signKeystoreAlias = str;
    }

    public boolean isSignMetadata() {
        return this.signMetadata;
    }

    public void setSignMetadata(boolean z) {
        this.signMetadata = z;
    }

    public boolean isGenerated() {
        return this.isGenerated;
    }

    public void setGenerated(boolean z) {
        this.isGenerated = z;
    }

    public String getStateStore() {
        return this.stateStore;
    }

    public void setStateStore(String str) {
        this.stateStore = str;
    }

    public boolean isStrict() {
        return this.strict;
    }

    public void setStrict(boolean z) {
        this.strict = z;
    }

    public boolean isAllowIdpInitiatedSso() {
        return this.allowIdpInitiatedSso;
    }

    public void setAllowIdpInitiatedSso(boolean z) {
        this.allowIdpInitiatedSso = z;
    }

    public static Saml2Settings spConfigToSamlSettings(SpConfiguration spConfiguration) {
        String keyAlias;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        if (!Utils.isEmpty(spConfiguration.getEntityId())) {
            linkedHashMap.put(SP_ENTITYID_PROPERTY_KEY, spConfiguration.getEntityId());
        }
        if (!Utils.isEmpty(spConfiguration.getAcsUrl())) {
            linkedHashMap.put(SP_ASSERTION_CONSUMER_SERVICE_URL_PROPERTY_KEY, spConfiguration.getAcsUrl());
        }
        if (!Utils.isEmpty(spConfiguration.getAcsBinding())) {
            linkedHashMap.put(SP_ASSERTION_CONSUMER_SERVICE_BINDING_PROPERTY_KEY, SamlBindings.valueOf(spConfiguration.getAcsBinding().toUpperCase()).toString());
        }
        if (!Utils.isEmpty(spConfiguration.getSloUrl())) {
            linkedHashMap.put(SP_SINGLE_LOGOUT_SERVICE_URL_PROPERTY_KEY, spConfiguration.getSloUrl());
        }
        if (!Utils.isEmpty(spConfiguration.getSloBinding())) {
            linkedHashMap.put(SP_SINGLE_LOGOUT_SERVICE_BINDING_PROPERTY_KEY, SamlBindings.valueOf(spConfiguration.getSloBinding().toUpperCase()).toString());
        }
        if (spConfiguration.isSignRequests()) {
            linkedHashMap.put(SECURITY_AUTHREQUEST_SIGNED, Boolean.valueOf(spConfiguration.isSignRequests()));
            linkedHashMap.put(SECURITY_LOGOUTREQUEST_SIGNED, Boolean.valueOf(spConfiguration.isSignRequests()));
        }
        if (spConfiguration.isWantAssertionsSigned()) {
            linkedHashMap.put(SECURITY_WANT_ASSERTIONS_SIGNED, Boolean.valueOf(spConfiguration.isWantAssertionsSigned()));
        }
        if (spConfiguration.isLogoutResponseSigned()) {
            linkedHashMap.put(SECURITY_LOGOUTRESPONSE_SIGNED, Boolean.valueOf(spConfiguration.isLogoutResponseSigned()));
        }
        if (spConfiguration.isSignMetadata()) {
            linkedHashMap.put(SECURITY_SIGN_METADATA, Boolean.valueOf(spConfiguration.isSignMetadata()));
        }
        if (!Utils.isEmpty(spConfiguration.getSignKeystorePath())) {
            if (spConfiguration.getSignKeystorePath().trim().length() == 0 || !new File(spConfiguration.getSignKeystorePath()).exists()) {
                throw new KeystoreException(RB.getString(SpConfiguration.class, "KeystoreNotFound", spConfiguration.getSignKeystorePath()));
            }
            KeystoreUtils.addBCProvider();
            KeyStore keyStore = KeystoreUtils.getKeyStore(spConfiguration.getSignKeystorePath(), spConfiguration.getSignKeystorePassword());
            KeystoreUtils.removeBCProvider();
            if (spConfiguration.getSignKeystoreAlias() == null || spConfiguration.getSignKeystoreAlias().trim().length() == 0) {
                try {
                    keyAlias = KeystoreUtils.getKeyAlias(keyStore);
                } catch (KeyStoreException e) {
                    throw new KeystoreException(RB.getString(SpConfiguration.class, "AliasNotFound"));
                }
            } else {
                keyAlias = spConfiguration.getSignKeystoreAlias();
            }
            try {
                Certificate[] certificateChain = keyStore.getCertificateChain(keyAlias);
                if (certificateChain == null || certificateChain.length == 0) {
                    throw new KeystoreException(RB.getString(SpConfiguration.class, "NoCertificate"));
                }
                try {
                    linkedHashMap.put(SP_PRIVATEKEY_PROPERTY_KEY, (PrivateKey) keyStore.getKey(keyAlias, spConfiguration.getSignKeystorePassword().toCharArray()));
                    linkedHashMap.put(SP_X509CERT_PROPERTY_KEY, (X509Certificate) certificateChain[0]);
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e2) {
                    throw new KeystoreException(RB.getString(SpConfiguration.class, "KeyRetrieveError"));
                }
            } catch (KeyStoreException e3) {
                throw new KeystoreException(RB.getString(SpConfiguration.class, "CertificateError"));
            }
        }
        return new SettingsBuilder().fromValues(linkedHashMap).build();
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public SpConfiguration m9clone() throws CloneNotSupportedException {
        return (SpConfiguration) super.clone();
    }
}
