package pl.edu.icm.unity.saml.idp.web;

import com.google.common.base.Strings;
import com.vaadin.flow.component.Component;
import com.vaadin.flow.component.HtmlComponent;
import com.vaadin.flow.component.checkbox.Checkbox;
import com.vaadin.flow.component.html.Div;
import com.vaadin.flow.component.html.Span;
import com.vaadin.flow.component.orderedlayout.FlexComponent;
import com.vaadin.flow.component.orderedlayout.VerticalLayout;
import io.imunity.vaadin.endpoint.common.WebLogoutHandler;
import io.imunity.vaadin.endpoint.common.consent_utils.ExposedSelectableAttributesComponent;
import io.imunity.vaadin.endpoint.common.consent_utils.IdPButtonsBar;
import io.imunity.vaadin.endpoint.common.consent_utils.IdentitySelectorComponent;
import io.imunity.vaadin.endpoint.common.consent_utils.SPInfoComponent;
import io.imunity.vaadin.endpoint.common.consent_utils.SelectableAttributesComponent;
import io.imunity.vaadin.endpoint.common.forms.VaadinLogoImageLoader;
import io.imunity.vaadin.endpoint.common.plugins.attributes.AttributeHandlerRegistry;
import java.time.Instant;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.attribute.Attribute;
import pl.edu.icm.unity.base.attribute.AttributeType;
import pl.edu.icm.unity.base.exceptions.EngineException;
import pl.edu.icm.unity.base.identity.IdentityParam;
import pl.edu.icm.unity.base.message.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.PreferencesManagement;
import pl.edu.icm.unity.engine.api.attributes.AttributeTypeSupport;
import pl.edu.icm.unity.engine.api.attributes.DynamicAttribute;
import pl.edu.icm.unity.engine.api.identity.IdentityTypeSupport;
import pl.edu.icm.unity.saml.idp.ctx.SAMLAuthnContext;
import pl.edu.icm.unity.saml.idp.preferences.SamlPreferences;
import xmlbeans.org.oasis.saml2.assertion.NameIDType;
import xmlbeans.org.oasis.saml2.protocol.AuthnRequestType;

/* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlConsentScreen.class */
class SamlConsentScreen extends VerticalLayout {
    private static final Logger log = Log.getLogger("unity.server.saml", SamlConsentScreen.class);
    protected final MessageSource msg;
    protected final AttributeHandlerRegistry handlersRegistry;
    protected final IdentityTypeSupport identityTypeSupport;
    protected final PreferencesManagement preferencesMan;
    protected final WebLogoutHandler authnProcessor;
    protected final AttributeTypeSupport aTypeSupport;
    protected final VaadinLogoImageLoader imageAccessService;
    protected final List<IdentityParam> validIdentities;
    protected final Collection<DynamicAttribute> attributes;
    protected final Map<String, AttributeType> attributeTypes;
    protected final Runnable declineHandler;
    protected final ConfirmationConsumer acceptHandler;
    protected IdentitySelectorComponent idSelector;
    protected SelectableAttributesComponent attrsPresenter;
    protected SamlResponseHandler samlResponseHandler;
    protected Checkbox rememberCB;

    /* loaded from: input_file:pl/edu/icm/unity/saml/idp/web/SamlConsentScreen$ConfirmationConsumer.class */
    public interface ConfirmationConsumer {
        void onAccepted(IdentityParam identityParam, Collection<Attribute> collection);
    }

    public SamlConsentScreen(MessageSource messageSource, VaadinLogoImageLoader vaadinLogoImageLoader, AttributeHandlerRegistry attributeHandlerRegistry, PreferencesManagement preferencesManagement, WebLogoutHandler webLogoutHandler, IdentityTypeSupport identityTypeSupport, AttributeTypeSupport attributeTypeSupport, List<IdentityParam> list, Collection<DynamicAttribute> collection, Map<String, AttributeType> map, Runnable runnable, ConfirmationConsumer confirmationConsumer) {
        this.msg = messageSource;
        this.imageAccessService = vaadinLogoImageLoader;
        this.handlersRegistry = attributeHandlerRegistry;
        this.preferencesMan = preferencesManagement;
        this.authnProcessor = webLogoutHandler;
        this.identityTypeSupport = identityTypeSupport;
        this.aTypeSupport = attributeTypeSupport;
        this.validIdentities = list;
        this.attributes = collection;
        this.attributeTypes = map;
        this.declineHandler = runnable;
        this.acceptHandler = confirmationConsumer;
        initUI();
    }

    protected void initUI() {
        SAMLAuthnContext vaadinContext = SamlSessionService.getVaadinContext();
        VerticalLayout verticalLayout = new VerticalLayout();
        verticalLayout.addClassName("u-consentMainColumn");
        createInfoPart(vaadinContext, verticalLayout);
        verticalLayout.add(new Component[]{createExposedDataPart(vaadinContext)});
        createRememberMeCheckbox(verticalLayout);
        createButtonsPart(vaadinContext, verticalLayout);
        add(new Component[]{verticalLayout});
        setAlignItems(FlexComponent.Alignment.CENTER);
        loadPreferences(vaadinContext);
    }

    private void createInfoPart(SAMLAuthnContext sAMLAuthnContext, VerticalLayout verticalLayout) {
        AuthnRequestType authnRequestType = (AuthnRequestType) sAMLAuthnContext.getRequest();
        String stringValue = authnRequestType.getIssuer().getStringValue();
        String returnAddressForRequester = sAMLAuthnContext.getSamlConfiguration().getReturnAddressForRequester(authnRequestType);
        String displayedNameForRequester = sAMLAuthnContext.getSamlConfiguration().getDisplayedNameForRequester(authnRequestType.getIssuer(), this.msg);
        verticalLayout.add(new Component[]{new SPInfoComponent(this.msg, sAMLAuthnContext.getSamlConfiguration().getLogoForRequesterOrNull(authnRequestType.getIssuer(), this.msg, this.imageAccessService).orElse(null), Strings.isNullOrEmpty(displayedNameForRequester) ? stringValue : displayedNameForRequester, returnAddressForRequester)});
    }

    protected Component createExposedDataPart(SAMLAuthnContext sAMLAuthnContext) {
        Div div = new Div();
        div.setClassName("u-consent-screen");
        Component verticalLayout = new VerticalLayout();
        verticalLayout.setWidthFull();
        div.add(new Component[]{verticalLayout});
        this.idSelector = new IdentitySelectorComponent(this.msg, this.identityTypeSupport, this.validIdentities);
        verticalLayout.add(new Component[]{new Span(this.msg.getMessage("SamlIdPWebUI.allowForSignInInfo", new Object[0])), new Span(this.msg.getMessage("SamlIdPWebUI.allowForReadingUserProfile", new Object[0]))});
        if (this.validIdentities.size() > 1) {
            verticalLayout.add(new Component[]{this.idSelector});
        }
        verticalLayout.add(new Component[]{new HtmlComponent("br")});
        boolean z = sAMLAuthnContext.getSamlConfiguration().userCanEditConsent;
        Optional ofNullable = Optional.ofNullable(this.validIdentities.size() == 1 ? this.validIdentities.get(0) : null);
        this.attrsPresenter = z ? new ExposedSelectableAttributesComponent(this.msg, this.identityTypeSupport, this.handlersRegistry, this.aTypeSupport, this.attributes, ofNullable) : new ROExposedAttributesComponent(this.msg, this.identityTypeSupport, this.attributes, this.handlersRegistry, ofNullable);
        verticalLayout.add(new Component[]{(Component) this.attrsPresenter});
        return div;
    }

    protected void createRememberMeCheckbox(VerticalLayout verticalLayout) {
        this.rememberCB = new Checkbox(this.msg.getMessage("SamlIdPWebUI.rememberSettings", new Object[0]));
        this.rememberCB.addClassName("u-consent-screen-checkbox");
        verticalLayout.add(new Component[]{this.rememberCB});
    }

    private void createButtonsPart(SAMLAuthnContext sAMLAuthnContext, VerticalLayout verticalLayout) {
        Component idPButtonsBar = new IdPButtonsBar(this.msg, this.authnProcessor, SamlAuthVaadinEndpoint.SAML_CONSENT_DECIDER_SERVLET_PATH, action -> {
            if (IdPButtonsBar.Action.ACCEPT == action) {
                confirm();
            } else if (IdPButtonsBar.Action.DENY == action) {
                decline();
            }
        });
        verticalLayout.add(new Component[]{idPButtonsBar});
        verticalLayout.setAlignItems(FlexComponent.Alignment.CENTER);
        idPButtonsBar.setClassName("u-consent-screen-buttons");
    }

    protected void loadPreferences(SAMLAuthnContext sAMLAuthnContext) {
        try {
            updateUIFromPreferences(SamlPreferences.getPreferences(this.preferencesMan).getSPSettings(((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer()), sAMLAuthnContext);
        } catch (Exception e) {
            log.error("Engine problem when processing stored preferences", e);
            this.samlResponseHandler.handleExceptionNotThrowing(e, true);
        }
    }

    protected void updateUIFromPreferences(SamlPreferences.SPSettings sPSettings, SAMLAuthnContext sAMLAuthnContext) {
        if (sPSettings == null) {
            return;
        }
        this.attrsPresenter.setInitialState(sPSettings.getHiddenAttribtues());
        this.idSelector.setSelected(sPSettings.getSelectedIdentity());
        if (sPSettings.isDoNotAsk()) {
            if (sPSettings.isDefaultAccept()) {
                confirm();
            } else {
                decline();
            }
        }
    }

    protected void updatePreferencesFromUI(SamlPreferences samlPreferences, SAMLAuthnContext sAMLAuthnContext, boolean z) throws EngineException {
        if (((Boolean) this.rememberCB.getValue()).booleanValue()) {
            NameIDType issuer = ((AuthnRequestType) sAMLAuthnContext.getRequest()).getIssuer();
            SamlPreferences.SPSettings sPSettings = samlPreferences.getSPSettings(issuer);
            sPSettings.setDefaultAccept(z);
            sPSettings.setDoNotAsk(true);
            sPSettings.setHiddenAttribtues(this.attrsPresenter.getHiddenAttributes());
            String selectedIdentityForPreferences = this.idSelector.getSelectedIdentityForPreferences();
            if (selectedIdentityForPreferences != null) {
                sPSettings.setSelectedIdentity(selectedIdentityForPreferences);
            }
            sPSettings.setTimestamp(Instant.now());
            samlPreferences.setSPSettings(issuer, sPSettings);
        }
    }

    protected void storePreferences(boolean z) {
        try {
            SAMLAuthnContext vaadinContext = SamlSessionService.getVaadinContext();
            SamlPreferences preferences = SamlPreferences.getPreferences(this.preferencesMan);
            updatePreferencesFromUI(preferences, vaadinContext, z);
            SamlPreferences.savePreferences(this.preferencesMan, preferences);
        } catch (EngineException e) {
            log.error("Unable to store user's preferences", e);
        }
    }

    protected void decline() {
        storePreferences(false);
        this.declineHandler.run();
    }

    protected void confirm() {
        storePreferences(true);
        this.acceptHandler.onAccepted(this.idSelector.getSelectedIdentity(), getExposedAttributes());
    }

    protected Collection<Attribute> getExposedAttributes() {
        return this.attrsPresenter.getUserFilteredAttributes();
    }
}
