package org.opensaml.saml.saml2.binding.decoding.impl;

import com.google.common.base.Strings;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import net.shibboleth.utilities.java.support.annotation.constraint.NotEmpty;
import net.shibboleth.utilities.java.support.codec.Base64Support;
import org.opensaml.messaging.context.MessageContext;
import org.opensaml.messaging.decoder.MessageDecodingException;
import org.opensaml.messaging.decoder.servlet.BaseHttpServletRequestXMLMessageDecoder;
import org.opensaml.saml.common.SAMLObject;
import org.opensaml.saml.common.binding.BindingDescriptor;
import org.opensaml.saml.common.binding.SAMLBindingSupport;
import org.opensaml.saml.common.binding.decoding.SAMLMessageDecoder;
import org.opensaml.saml.common.messaging.context.SAMLBindingContext;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.ecp.RelayState;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:addressbookconnector-2.13.1-jar-with-dependencies.jar:org/opensaml/saml/saml2/binding/decoding/impl/HTTPPostDecoder.class */
public class HTTPPostDecoder extends BaseHttpServletRequestXMLMessageDecoder<SAMLObject> implements SAMLMessageDecoder {

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(HTTPPostDecoder.class);

    @Nullable
    private BindingDescriptor bindingDescriptor;

    @Override // org.opensaml.saml.common.binding.decoding.SAMLMessageDecoder
    @NotEmpty
    @Nonnull
    public String getBindingURI() {
        return SAMLConstants.SAML2_POST_BINDING_URI;
    }

    @Nullable
    public BindingDescriptor getBindingDescriptor() {
        return this.bindingDescriptor;
    }

    public void setBindingDescriptor(@Nullable BindingDescriptor bindingDescriptor) {
        this.bindingDescriptor = bindingDescriptor;
    }

    @Override // org.opensaml.messaging.decoder.AbstractMessageDecoder
    protected void doDecode() throws MessageDecodingException {
        MessageContext<SAMLObject> messageContext = new MessageContext<>();
        HttpServletRequest httpServletRequest = getHttpServletRequest();
        if (!"POST".equalsIgnoreCase(httpServletRequest.getMethod())) {
            throw new MessageDecodingException("This message decoder only supports the HTTP POST method");
        }
        String parameter = httpServletRequest.getParameter(RelayState.DEFAULT_ELEMENT_LOCAL_NAME);
        this.log.debug("Decoded SAML relay state of: {}", parameter);
        SAMLBindingSupport.setRelayState(messageContext, parameter);
        messageContext.setMessage((SAMLObject) unmarshallMessage(getBase64DecodedMessage(httpServletRequest)));
        this.log.debug("Decoded SAML message");
        populateBindingContext(messageContext);
        setMessageContext(messageContext);
    }

    protected InputStream getBase64DecodedMessage(HttpServletRequest httpServletRequest) throws MessageDecodingException {
        this.log.debug("Getting Base64 encoded message from request");
        String parameter = httpServletRequest.getParameter("SAMLRequest");
        if (Strings.isNullOrEmpty(parameter)) {
            parameter = httpServletRequest.getParameter("SAMLResponse");
        }
        if (Strings.isNullOrEmpty(parameter)) {
            this.log.error("Request did not contain either a SAMLRequest or SAMLResponse paramter.  Invalid request for SAML 2 HTTP POST binding.");
            throw new MessageDecodingException("No SAML message present in request");
        }
        this.log.trace("Base64 decoding SAML message:\n{}", parameter);
        byte[] decode = Base64Support.decode(parameter);
        if (decode == null) {
            this.log.error("Unable to Base64 decode SAML message");
            throw new MessageDecodingException("Unable to Base64 decode SAML message");
        }
        this.log.trace("Decoded SAML message:\n{}", new String(decode));
        return new ByteArrayInputStream(decode);
    }

    protected void populateBindingContext(MessageContext<SAMLObject> messageContext) {
        SAMLBindingContext sAMLBindingContext = (SAMLBindingContext) messageContext.getSubcontext(SAMLBindingContext.class, true);
        sAMLBindingContext.setBindingUri(getBindingURI());
        sAMLBindingContext.setBindingDescriptor(this.bindingDescriptor);
        sAMLBindingContext.setHasBindingSignature(false);
        sAMLBindingContext.setIntendedDestinationEndpointURIRequired(SAMLBindingSupport.isMessageSigned(messageContext));
    }
}
