package pl.edu.icm.unity.saml;

import eu.unicore.samly2.SAMLBindings;
import eu.unicore.util.configuration.PropertyMD;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.engine.api.config.UnityPropertiesHelper;
import pl.edu.icm.unity.saml.sp.SAMLSPProperties;

/* loaded from: input_file:pl/edu/icm/unity/saml/SamlProperties.class */
public abstract class SamlProperties extends UnityPropertiesHelper {
    public static final String P = "unity.saml.";
    public static final String PUBLISH_METADATA = "publishMetadata";
    public static final String SIGN_METADATA = "signMetadata";
    public static final String METADATA_SOURCE = "metadataSource";
    public static final String METADATA_URL = "url";
    public static final String METADATA_HTTPS_TRUSTSTORE = "httpsTruststore";
    public static final String METADATA_REFRESH = "refreshInterval";
    public static final String METADATA_SIGNATURE = "signaturVerification";
    public static final String METADATA_ISSUER_CERT = "signatureVerificationCertificate";
    public static final String REDIRECT_LOGOUT_URL = "redirectLogoutEndpoint";
    public static final String POST_LOGOUT_URL = "postLogoutEndpoint";
    public static final String REDIRECT_LOGOUT_RET_URL = "redirectLogoutResponseEndpoint";
    public static final String POST_LOGOUT_RET_URL = "postLogoutResponseEndpoint";
    public static final String SOAP_LOGOUT_URL = "soapLogoutEndpoint";
    public static final String IDENTITY_MAPPING_PFX = "identityMapping.";
    public static final String IDENTITY_LOCAL = "localIdentity";
    public static final String IDENTITY_SAML = "samlIdentity";
    public static final int DEFAULT_METADATA_REFRESH = 3600;
    public static final PropertyMD.DocumentationCategory samlMetaCat = new PropertyMD.DocumentationCategory("SAML metadata settings", "6");
    public static final PropertyMD.DocumentationCategory remoteMeta = new PropertyMD.DocumentationCategory("Configuration read from trusted SAML metadata", "02");

    /* loaded from: input_file:pl/edu/icm/unity/saml/SamlProperties$Binding.class */
    public enum Binding {
        HTTP_REDIRECT,
        HTTP_POST,
        SOAP;

        public static Binding of(SAMLBindings sAMLBindings) {
            return valueOf(sAMLBindings.name());
        }
    }

    public static Map<String, PropertyMD> getDefaults(String str, String str2) {
        HashMap hashMap = new HashMap();
        hashMap.put(PUBLISH_METADATA, new PropertyMD("true").setCategory(samlMetaCat).setDescription("Controls whether the SAML Metadata should be published."));
        hashMap.put(SIGN_METADATA, new PropertyMD("false").setCategory(samlMetaCat).setDescription("Controls whether the SAML Metadata should be automatically signed before publishing it. If a publication of a custom matadata from file is confiured which is already signed, do not turn this option on, as then metadata will be signed twice."));
        hashMap.put(METADATA_SOURCE, new PropertyMD().setPath().setCategory(samlMetaCat).setDescription("If undefined then metadata is automatically generated. If this option is defined, then it should contain a file path, to a file with custom metadata document. This document will be published as-is, however it will be checked first for correctness."));
        hashMap.put(str, new PropertyMD().setCategory(remoteMeta).setStructuredList(false).setDescription(str2));
        hashMap.put(METADATA_URL, new PropertyMD().setCategory(remoteMeta).setMandatory().setStructuredListEntry(str).setDescription("URL with the metadata location. Can be local or HTTP(s) URL. In case of HTTPS the server's certificate will be checked against the main Unity server's truststore only if httpsTruststore is set."));
        hashMap.put(METADATA_REFRESH, new PropertyMD(String.valueOf(DEFAULT_METADATA_REFRESH)).setCategory(remoteMeta).setStructuredListEntry(str).setDescription("How often the metadata should be reloaded."));
        hashMap.put(METADATA_HTTPS_TRUSTSTORE, new PropertyMD().setCategory(remoteMeta).setStructuredListEntry(str).setDescription("If set then the given truststore will be used for HTTPS connection validation during metadata fetching. Otherwise the default Java trustststore will be used."));
        hashMap.put(METADATA_SIGNATURE, new PropertyMD(SAMLSPProperties.MetadataSignatureValidation.ignore).setCategory(remoteMeta).setStructuredListEntry(str).setDescription("Controls whether metadata signatures should be checked. If checking is turned on then the validation certificate must be set."));
        hashMap.put(METADATA_ISSUER_CERT, new PropertyMD().setCategory(remoteMeta).setStructuredListEntry(str).setDescription("Name of certificate to check metadata signature. Used only if signatures checking is turned on."));
        return hashMap;
    }

    public SamlProperties(String str, Properties properties, Map<String, PropertyMD> map, Logger logger) {
        super(str, properties, map, logger);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SamlProperties(SamlProperties samlProperties) {
        super(samlProperties);
    }

    public synchronized Properties getProperties() {
        Properties properties = new Properties();
        properties.putAll(this.properties);
        return properties;
    }

    @Override // 
    /* renamed from: clone, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public abstract SamlProperties mo5clone();

    public abstract Properties getSourceProperties();

    public List<SAMLEndpointDefinition> getLogoutEndpointsFromStructuredList(String str) {
        String value = getValue(str + POST_LOGOUT_URL);
        String value2 = getValue(str + REDIRECT_LOGOUT_URL);
        String value3 = getValue(str + POST_LOGOUT_RET_URL);
        String value4 = getValue(str + REDIRECT_LOGOUT_RET_URL);
        String value5 = getValue(str + SOAP_LOGOUT_URL);
        if (StringUtils.isBlank(value4)) {
            value4 = value2;
        }
        if (StringUtils.isBlank(value3)) {
            value3 = value;
        }
        ArrayList arrayList = new ArrayList(3);
        if (!StringUtils.isBlank(value)) {
            arrayList.add(new SAMLEndpointDefinition(Binding.HTTP_POST, value, value3));
        }
        if (!StringUtils.isBlank(value2)) {
            arrayList.add(new SAMLEndpointDefinition(Binding.HTTP_REDIRECT, value2, value4));
        }
        if (!StringUtils.isBlank(value5)) {
            arrayList.add(new SAMLEndpointDefinition(Binding.SOAP, value5, value5));
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set<String> getCertificateNames(String str, String str2, String str3) {
        HashSet hashSet = new HashSet();
        if (isSet(str + str2)) {
            hashSet.add(getValue(str + str2));
        }
        hashSet.addAll(getListOfValues(str + str3));
        return hashSet;
    }
}
