package org.apache.nifi.web.security.saml2.service.web;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import org.apache.nifi.web.security.cookie.ApplicationCookieName;
import org.apache.nifi.web.security.cookie.ApplicationCookieService;
import org.apache.nifi.web.security.cookie.StandardApplicationCookieService;
import org.apache.nifi.web.servlet.shared.RequestUriBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cache.Cache;
import org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest;
import org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository;

/* loaded from: input_file:org/apache/nifi/web/security/saml2/service/web/StandardSaml2AuthenticationRequestRepository.class */
public class StandardSaml2AuthenticationRequestRepository implements Saml2AuthenticationRequestRepository<AbstractSaml2AuthenticationRequest> {
    private static final Logger logger = LoggerFactory.getLogger(StandardSaml2AuthenticationRequestRepository.class);
    private static final ApplicationCookieService applicationCookieService = new StandardApplicationCookieService();
    private final Cache cache;

    public StandardSaml2AuthenticationRequestRepository(Cache cache) {
        this.cache = (Cache) Objects.requireNonNull(cache, "Cache required");
    }

    public AbstractSaml2AuthenticationRequest loadAuthenticationRequest(HttpServletRequest httpServletRequest) {
        AbstractSaml2AuthenticationRequest abstractSaml2AuthenticationRequest;
        Optional<String> cookieValue = applicationCookieService.getCookieValue(httpServletRequest, ApplicationCookieName.SAML_REQUEST_IDENTIFIER);
        if (cookieValue.isPresent()) {
            String str = cookieValue.get();
            abstractSaml2AuthenticationRequest = (AbstractSaml2AuthenticationRequest) this.cache.get(str, AbstractSaml2AuthenticationRequest.class);
            if (abstractSaml2AuthenticationRequest == null) {
                logger.warn("SAML Authentication Request [{}] not found", str);
            }
        } else {
            logger.warn("SAML Authentication Request Identifier cookie not found");
            abstractSaml2AuthenticationRequest = null;
        }
        return abstractSaml2AuthenticationRequest;
    }

    public void saveAuthenticationRequest(AbstractSaml2AuthenticationRequest abstractSaml2AuthenticationRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (abstractSaml2AuthenticationRequest == null) {
            removeAuthenticationRequest(httpServletRequest, httpServletResponse);
            return;
        }
        String uuid = UUID.randomUUID().toString();
        this.cache.put(uuid, abstractSaml2AuthenticationRequest);
        applicationCookieService.addCookie(RequestUriBuilder.fromHttpServletRequest(httpServletRequest).build(), httpServletResponse, ApplicationCookieName.SAML_REQUEST_IDENTIFIER, uuid);
        logger.debug("SAML Authentication Request [{}] saved", uuid);
    }

    public AbstractSaml2AuthenticationRequest removeAuthenticationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        AbstractSaml2AuthenticationRequest loadAuthenticationRequest = loadAuthenticationRequest(httpServletRequest);
        if (loadAuthenticationRequest == null) {
            logger.warn("SAML Authentication Request not found");
        } else {
            applicationCookieService.removeCookie(RequestUriBuilder.fromHttpServletRequest(httpServletRequest).build(), httpServletResponse, ApplicationCookieName.SAML_REQUEST_IDENTIFIER);
            Optional<String> cookieValue = applicationCookieService.getCookieValue(httpServletRequest, ApplicationCookieName.SAML_REQUEST_IDENTIFIER);
            Cache cache = this.cache;
            Objects.requireNonNull(cache);
            cookieValue.ifPresent((v1) -> {
                r1.evict(v1);
            });
        }
        return loadAuthenticationRequest;
    }
}
