package com.cloudseal.client.spring;

import com.cloudseal.client.saml2.IdentifierGenerator;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.util.Assert;

/* loaded from: input_file:com/cloudseal/client/spring/CloudsealEntryPoint.class */
public class CloudsealEntryPoint implements AuthenticationEntryPoint, InitializingBean {
    public static final String AUTH_REQUEST_ID = "cloudseal_entry_point_auth_request_id";
    public static final String AUDIENCE = "cloudseal_entry_point_audience";
    private CloudsealManager cloudsealManager;
    private IdentifierGenerator identityGenerator;

    public CloudsealEntryPoint() {
        this.identityGenerator = new IdentifierGenerator();
    }

    CloudsealEntryPoint(IdentifierGenerator identifierGenerator) {
        this.identityGenerator = identifierGenerator;
    }

    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        String generateIdentifier = this.identityGenerator.generateIdentifier();
        String buildSpIssuer = buildSpIssuer(httpServletRequest);
        String buildAcsUrl = buildAcsUrl(httpServletRequest);
        try {
            String str = getSsoUrl() + "?" + this.cloudsealManager.generateSamlAuthRequest(buildSpIssuer, buildAcsUrl, buildAcsUrl, generateIdentifier);
            httpServletRequest.getSession().setAttribute(AUTH_REQUEST_ID, generateIdentifier);
            httpServletRequest.getSession().setAttribute(AUDIENCE, buildSpIssuer);
            httpServletResponse.sendRedirect(str);
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    protected String getSsoUrl() {
        return this.cloudsealManager.getSsoUrl();
    }

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.cloudsealManager, "cloudsealManager must be specified");
    }

    public void setCloudsealManager(CloudsealManager cloudsealManager) {
        this.cloudsealManager = cloudsealManager;
    }

    String buildAcsUrl(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        if (httpServletRequest.isSecure()) {
            sb.append("https://");
        } else {
            sb.append("http://");
        }
        sb.append(httpServletRequest.getHeader("Host"));
        sb.append(httpServletRequest.getContextPath());
        sb.append("/");
        sb.append("cloudseal_acs");
        return sb.toString();
    }

    String buildSpIssuer(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder("http://");
        String header = httpServletRequest.getHeader("Host");
        if (header == null || header.length() < 1) {
            header = "www.mycompany.com";
        }
        sb.append(header);
        sb.append("/saml/sp");
        return sb.toString();
    }
}
