package pl.edu.icm.unity.saml.idp.web;

import com.google.common.base.Strings;
import com.vaadin.server.Sizeable;
import com.vaadin.ui.Alignment;
import com.vaadin.ui.CheckBox;
import com.vaadin.ui.Component;
import com.vaadin.ui.CustomComponent;
import com.vaadin.ui.VerticalLayout;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.PreferencesManagement;
import pl.edu.icm.unity.engine.api.attributes.AttributeTypeSupport;
import pl.edu.icm.unity.engine.api.identity.IdentityTypeSupport;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.saml.idp.SamlIdpProperties;
import pl.edu.icm.unity.saml.idp.ctx.SAMLAuthnContext;
import pl.edu.icm.unity.saml.idp.preferences.SamlPreferences;
import pl.edu.icm.unity.types.basic.Attribute;
import pl.edu.icm.unity.types.basic.AttributeType;
import pl.edu.icm.unity.types.basic.DynamicAttribute;
import pl.edu.icm.unity.types.basic.IdentityParam;
import pl.edu.icm.unity.webui.authn.StandardWebAuthenticationProcessor;
import pl.edu.icm.unity.webui.common.Label100;
import pl.edu.icm.unity.webui.common.attributes.AttributeHandlerRegistry;
import pl.edu.icm.unity.webui.common.file.ImageAccessService;
import pl.edu.icm.unity.webui.common.safehtml.HtmlTag;
import pl.edu.icm.unity.webui.common.safehtml.SafePanel;
import pl.edu.icm.unity.webui.idpcommon.ExposedSelectableAttributesComponent;
import pl.edu.icm.unity.webui.idpcommon.IdPButtonsBar;
import pl.edu.icm.unity.webui.idpcommon.IdentitySelectorComponent;
import pl.edu.icm.unity.webui.idpcommon.SPInfoComponent;
import pl.edu.icm.unity.webui.idpcommon.SelectableAttributesComponent;
import xmlbeans.org.oasis.saml2.assertion.NameIDType;
import xmlbeans.org.oasis.saml2.protocol.AuthnRequestType;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlConsentScreen.class */
public class SamlConsentScreen extends CustomComponent {
    private static final Logger log = Log.getLogger("unity.server.saml", SamlConsentScreen.class);
    protected final MessageSource msg;
    protected final AttributeHandlerRegistry handlersRegistry;
    protected final IdentityTypeSupport identityTypeSupport;
    protected final PreferencesManagement preferencesMan;
    protected final StandardWebAuthenticationProcessor authnProcessor;
    protected final AttributeTypeSupport aTypeSupport;
    protected final ImageAccessService imageAccessService;
    protected final List<IdentityParam> validIdentities;
    protected final Collection<DynamicAttribute> attributes;
    protected final Map<String, AttributeType> attributeTypes;
    protected final Runnable declineHandler;
    protected final ConfirmationConsumer acceptHandler;
    protected IdentitySelectorComponent idSelector;
    protected SelectableAttributesComponent attrsPresenter;
    protected SamlResponseHandler samlResponseHandler;
    protected CheckBox rememberCB;

    /* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlConsentScreen$ConfirmationConsumer.class */
    public interface ConfirmationConsumer {
        void onAccepted(IdentityParam identityParam, Collection<Attribute> collection);
    }

    public SamlConsentScreen(MessageSource messageSource, ImageAccessService imageAccessService, AttributeHandlerRegistry attributeHandlerRegistry, PreferencesManagement preferencesManagement, StandardWebAuthenticationProcessor standardWebAuthenticationProcessor, IdentityTypeSupport identityTypeSupport, AttributeTypeSupport attributeTypeSupport, List<IdentityParam> list, Collection<DynamicAttribute> collection, Map<String, AttributeType> map, Runnable runnable, ConfirmationConsumer confirmationConsumer) {
        this.msg = messageSource;
        this.imageAccessService = imageAccessService;
        this.handlersRegistry = attributeHandlerRegistry;
        this.preferencesMan = preferencesManagement;
        this.authnProcessor = standardWebAuthenticationProcessor;
        this.identityTypeSupport = identityTypeSupport;
        this.aTypeSupport = attributeTypeSupport;
        this.validIdentities = list;
        this.attributes = collection;
        this.attributeTypes = map;
        this.declineHandler = runnable;
        this.acceptHandler = confirmationConsumer;
        initUI();
    }

    protected void initUI() {
        SAMLAuthnContext context = SAMLContextSupport.getContext();
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.setMargin(false);
        verticalLayout.setSpacing(false);
        VerticalLayout verticalLayout2 = new VerticalLayout();
        verticalLayout2.addStyleName("u-consentMainColumn");
        verticalLayout.addComponent(verticalLayout2);
        verticalLayout.setComponentAlignment(verticalLayout2, Alignment.TOP_CENTER);
        createInfoPart(context, verticalLayout2);
        verticalLayout2.addComponent(createExposedDataPart(context));
        createRememberMeCheckbox(verticalLayout2);
        createButtonsPart(context, verticalLayout2);
        setCompositionRoot(verticalLayout);
        loadPreferences(context);
    }

    private void createInfoPart(SAMLAuthnContext sAMLAuthnContext, VerticalLayout verticalLayout) {
        AuthnRequestType authnRequestType = (AuthnRequestType) sAMLAuthnContext.getRequest();
        String stringValue = authnRequestType.getIssuer().getStringValue();
        String returnAddressForRequester = sAMLAuthnContext.getSamlConfiguration().getReturnAddressForRequester(authnRequestType);
        String displayedNameForRequester = sAMLAuthnContext.getSamlConfiguration().getDisplayedNameForRequester(authnRequestType.getIssuer());
        verticalLayout.addComponents(new Component[]{new SPInfoComponent(this.msg, sAMLAuthnContext.getSamlConfiguration().getLogoForRequesterOrNull(authnRequestType.getIssuer(), this.msg, this.imageAccessService), Strings.isNullOrEmpty(displayedNameForRequester) ? stringValue : displayedNameForRequester, returnAddressForRequester)});
    }

    protected Component createExposedDataPart(SAMLAuthnContext sAMLAuthnContext) {
        SafePanel safePanel = new SafePanel();
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.setWidth(100.0f, Sizeable.Unit.PERCENTAGE);
        safePanel.setContent(verticalLayout);
        this.idSelector = new IdentitySelectorComponent(this.msg, this.identityTypeSupport, this.validIdentities);
        verticalLayout.addComponents(new Component[]{new Label100(this.msg.getMessage("SamlIdPWebUI.allowForSignInInfo", new Object[0])), new Label100(this.msg.getMessage("SamlIdPWebUI.allowForReadingUserProfile", new Object[0]))});
        if (this.validIdentities.size() > 1) {
            verticalLayout.addComponent(this.idSelector);
        }
        verticalLayout.addComponent(HtmlTag.br());
        boolean booleanValue = sAMLAuthnContext.getSamlConfiguration().getBooleanValue(SamlIdpProperties.USER_EDIT_CONSENT).booleanValue();
        Optional ofNullable = Optional.ofNullable(this.validIdentities.size() == 1 ? this.validIdentities.get(0) : null);
        this.attrsPresenter = booleanValue ? new ExposedSelectableAttributesComponent(this.msg, this.identityTypeSupport, this.handlersRegistry, this.attributeTypes, this.aTypeSupport, this.attributes, ofNullable) : new ROExposedAttributesComponent(this.msg, this.identityTypeSupport, this.attributes, this.handlersRegistry, ofNullable);
        verticalLayout.addComponent(this.attrsPresenter);
        return safePanel;
    }

    protected void createRememberMeCheckbox(VerticalLayout verticalLayout) {
        this.rememberCB = new CheckBox(this.msg.getMessage("SamlIdPWebUI.rememberSettings", new Object[0]));
        this.rememberCB.setWidth(100.0f, Sizeable.Unit.PERCENTAGE);
        verticalLayout.addComponent(this.rememberCB);
    }

    private void createButtonsPart(SAMLAuthnContext sAMLAuthnContext, VerticalLayout verticalLayout) {
        IdPButtonsBar idPButtonsBar = new IdPButtonsBar(this.msg, this.authnProcessor, action -> {
            if (IdPButtonsBar.Action.ACCEPT == action) {
                confirm(sAMLAuthnContext);
            } else if (IdPButtonsBar.Action.DENY == action) {
                decline();
            }
        });
        verticalLayout.addComponent(idPButtonsBar);
        verticalLayout.setComponentAlignment(idPButtonsBar, Alignment.BOTTOM_RIGHT);
    }

    protected void loadPreferences(SAMLAuthnContext sAMLAuthnContext) {
        try {
            updateUIFromPreferences(SamlPreferences.getPreferences(this.preferencesMan).getSPSettings(((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer()), sAMLAuthnContext);
        } catch (Exception e) {
            log.error("Engine problem when processing stored preferences", e);
            this.samlResponseHandler.handleExceptionNotThrowing(e, true);
        }
    }

    protected void updateUIFromPreferences(SamlPreferences.SPSettings sPSettings, SAMLAuthnContext sAMLAuthnContext) throws EngineException {
        if (sPSettings == null) {
            return;
        }
        this.attrsPresenter.setInitialState(sPSettings.getHiddenAttribtues());
        this.idSelector.setSelected(sPSettings.getSelectedIdentity());
        if (sPSettings.isDoNotAsk()) {
            setCompositionRoot(new VerticalLayout());
            if (sPSettings.isDefaultAccept()) {
                confirm(sAMLAuthnContext);
            } else {
                decline();
            }
        }
    }

    protected void updatePreferencesFromUI(SamlPreferences samlPreferences, SAMLAuthnContext sAMLAuthnContext, boolean z) throws EngineException {
        if (this.rememberCB.getValue().booleanValue()) {
            NameIDType issuer = ((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer();
            SamlPreferences.SPSettings sPSettings = samlPreferences.getSPSettings(issuer);
            sPSettings.setDefaultAccept(z);
            sPSettings.setDoNotAsk(true);
            sPSettings.setHiddenAttribtues(this.attrsPresenter.getHiddenAttributes());
            String selectedIdentityForPreferences = this.idSelector.getSelectedIdentityForPreferences();
            if (selectedIdentityForPreferences != null) {
                sPSettings.setSelectedIdentity(selectedIdentityForPreferences);
            }
            samlPreferences.setSPSettings(issuer, sPSettings);
        }
    }

    protected void storePreferences(boolean z) {
        try {
            SAMLAuthnContext context = SAMLContextSupport.getContext();
            SamlPreferences preferences = SamlPreferences.getPreferences(this.preferencesMan);
            updatePreferencesFromUI(preferences, context, z);
            SamlPreferences.savePreferences(this.preferencesMan, preferences);
        } catch (EngineException e) {
            log.error("Unable to store user's preferences", e);
        }
    }

    protected void decline() {
        storePreferences(false);
        this.declineHandler.run();
    }

    protected void confirm(SAMLAuthnContext sAMLAuthnContext) {
        storePreferences(true);
        this.acceptHandler.onAccepted(this.idSelector.getSelectedIdentity(), getExposedAttributes());
    }

    protected Collection<Attribute> getExposedAttributes() {
        return this.attrsPresenter.getUserFilteredAttributes();
    }
}
