package edu.internet2.middleware.shibboleth.utils;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.log4j.Logger;
import org.apache.log4j.MDC;
import org.opensaml.SAMLConfig;
import org.opensaml.SAMLException;
import org.opensaml.SAMLIdentifier;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/SAML1_0to1_1ConversionFilter.class */
public class SAML1_0to1_1ConversionFilter implements Filter {
    private static Logger log;
    private SAMLIdentifier idgen = SAMLConfig.instance().getDefaultIDProvider();
    static Class class$0;

    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/SAML1_0to1_1ConversionFilter$ConversionRequestWrapper.class */
    private class ConversionRequestWrapper extends HttpServletRequestWrapper {
        private ServletInputStream stream;
        private boolean accessed;
        private String method;
        private String originalRequestId;
        private int newLength;
        final SAML1_0to1_1ConversionFilter this$0;

        ConversionRequestWrapper(SAML1_0to1_1ConversionFilter sAML1_0to1_1ConversionFilter, HttpServletRequest httpServletRequest, String str) throws IOException {
            super(httpServletRequest);
            this.this$0 = sAML1_0to1_1ConversionFilter;
            this.accessed = false;
            if (Pattern.compile("<(.+:)?Signature").matcher(str).find()) {
                SAML1_0to1_1ConversionFilter.log.error("Unable to convert SAML request from 1.0 to 1.1.");
                throw new IOException("Unable to auto-convert SAML messages containing digital signatures.");
            }
            Matcher matcher = Pattern.compile("<(.+:)?Request[^>]+(MinorVersion=['\"]0['\"])").matcher(str);
            if (matcher.find()) {
                StringBuffer stringBuffer = new StringBuffer();
                int start = matcher.start(2);
                int end = matcher.end(2);
                stringBuffer.append(str.subSequence(0, start));
                stringBuffer.append("MinorVersion=\"1\"");
                stringBuffer.append(str.substring(end));
                str = stringBuffer.toString();
            }
            Matcher matcher2 = Pattern.compile("<(.+:)?Request[^>]+RequestID=['\"]([^'\"]+)['\"]").matcher(str);
            if (matcher2.find()) {
                StringBuffer stringBuffer2 = new StringBuffer();
                this.originalRequestId = matcher2.group(2);
                int start2 = matcher2.start(2);
                int end2 = matcher2.end(2);
                stringBuffer2.append(str.subSequence(0, start2));
                try {
                    stringBuffer2.append(sAML1_0to1_1ConversionFilter.idgen.getIdentifier());
                    stringBuffer2.append(str.substring(end2));
                    str = stringBuffer2.toString();
                } catch (SAMLException e) {
                    throw new IOException("Unable to obtain a new SAML message ID from provider");
                }
            }
            this.newLength = str.length();
            this.stream = new ModifiedInputStream(sAML1_0to1_1ConversionFilter, new ByteArrayInputStream(str.getBytes()));
        }

        public ServletInputStream getInputStream() throws IOException {
            if (this.accessed) {
                throw new IllegalStateException(new StringBuffer(String.valueOf(this.method)).append(" has already been called for this request").toString());
            }
            this.accessed = true;
            this.method = "getInputStream()";
            return this.stream;
        }

        public BufferedReader getReader() throws IOException {
            if (this.accessed) {
                throw new IllegalStateException(new StringBuffer(String.valueOf(this.method)).append(" has already been called for this request").toString());
            }
            this.accessed = true;
            this.method = "getReader()";
            return new BufferedReader(new InputStreamReader(this.stream));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getOriginalRequestId() {
            return this.originalRequestId;
        }

        public int getContentLength() {
            return this.newLength;
        }
    }

    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/SAML1_0to1_1ConversionFilter$ConversionResponseWrapper.class */
    private class ConversionResponseWrapper extends HttpServletResponseWrapper {
        private ByteArrayOutputStream output;
        private boolean localFlush;
        private String originalRequestId;
        final SAML1_0to1_1ConversionFilter this$0;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/SAML1_0to1_1ConversionFilter$ConversionResponseWrapper$ModifiableOutputStream.class */
        public class ModifiableOutputStream extends ServletOutputStream {
            private DataOutputStream stream;
            final ConversionResponseWrapper this$1;

            public ModifiableOutputStream(ConversionResponseWrapper conversionResponseWrapper, OutputStream outputStream) {
                this.this$1 = conversionResponseWrapper;
                this.stream = new DataOutputStream(outputStream);
            }

            public void write(int i) throws IOException {
                this.stream.write(i);
            }

            public void write(byte[] bArr) throws IOException {
                this.stream.write(bArr);
            }

            public void write(byte[] bArr, int i, int i2) throws IOException {
                this.stream.write(bArr, i, i2);
            }
        }

        ConversionResponseWrapper(SAML1_0to1_1ConversionFilter sAML1_0to1_1ConversionFilter, HttpServletResponse httpServletResponse, String str) {
            super(httpServletResponse);
            this.this$0 = sAML1_0to1_1ConversionFilter;
            this.output = new ByteArrayOutputStream();
            this.localFlush = false;
            this.originalRequestId = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void localFlush() throws IOException {
            String byteArrayOutputStream = this.output.toString();
            if (Pattern.compile("<(.+:)?Signature").matcher(byteArrayOutputStream).find()) {
                SAML1_0to1_1ConversionFilter.log.error("Unable to convert SAML request from 1.0 to 1.1.");
                throw new IOException("Unable to auto-convert SAML messages containing digital signatures.");
            }
            Matcher matcher = Pattern.compile("<(.+:)?Response[^>]+(MinorVersion=['\"]1['\"])").matcher(byteArrayOutputStream);
            if (matcher.find()) {
                StringBuffer stringBuffer = new StringBuffer();
                int start = matcher.start(2);
                int end = matcher.end(2);
                stringBuffer.append(byteArrayOutputStream.subSequence(0, start));
                stringBuffer.append("MinorVersion=\"0\"");
                stringBuffer.append(byteArrayOutputStream.substring(end));
                byteArrayOutputStream = stringBuffer.toString();
            }
            Matcher matcher2 = Pattern.compile("<(.+:)?Assertion[^>]+(MinorVersion=['\"]1['\"])").matcher(byteArrayOutputStream);
            StringBuffer stringBuffer2 = new StringBuffer();
            int i = 0;
            while (matcher2.find()) {
                stringBuffer2.append(byteArrayOutputStream.subSequence(i, matcher2.start(2)));
                i = matcher2.end(2);
                stringBuffer2.append("MinorVersion=\"0\"");
            }
            if (stringBuffer2.length() > 0) {
                stringBuffer2.append(byteArrayOutputStream.substring(i));
                byteArrayOutputStream = stringBuffer2.toString();
            }
            Matcher matcher3 = Pattern.compile("<(.+:)?Response[^>]+InResponseTo=['\"]([^\"]+)['\"]").matcher(byteArrayOutputStream);
            if (matcher3.find()) {
                StringBuffer stringBuffer3 = new StringBuffer();
                int start2 = matcher3.start(2);
                int end2 = matcher3.end(2);
                stringBuffer3.append(byteArrayOutputStream.subSequence(0, start2));
                stringBuffer3.append(this.originalRequestId);
                stringBuffer3.append(byteArrayOutputStream.substring(end2));
                byteArrayOutputStream = stringBuffer3.toString();
            }
            Matcher matcher4 = Pattern.compile("<(.+:)?ConfirmationMethod>(urn:oasis:names:tc:SAML:1.0:cm:artifact)</(.+:)?ConfirmationMethod>").matcher(byteArrayOutputStream);
            StringBuffer stringBuffer4 = new StringBuffer();
            int i2 = 0;
            while (matcher4.find()) {
                stringBuffer4.append(byteArrayOutputStream.subSequence(i2, matcher4.start(2)));
                i2 = matcher4.end(2);
                stringBuffer4.append("urn:oasis:names:tc:SAML:1.0:cm:artifact-01");
            }
            if (stringBuffer4.length() > 0) {
                stringBuffer4.append(byteArrayOutputStream.substring(i2));
                byteArrayOutputStream = stringBuffer4.toString();
            }
            super.getOutputStream().write(byteArrayOutputStream.getBytes());
            this.output.reset();
        }

        public ServletOutputStream getOutputStream() {
            return new ModifiableOutputStream(this, this.output);
        }

        public PrintWriter getWriter() {
            return new PrintWriter((OutputStream) getOutputStream(), true);
        }

        public void reset() {
            super.reset();
            this.output.reset();
        }

        public void resetBuffer() {
            this.output.reset();
        }

        public void flushBuffer() throws IOException {
            localFlush();
            super.flushBuffer();
        }
    }

    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/SAML1_0to1_1ConversionFilter$ModifiedInputStream.class */
    private class ModifiedInputStream extends ServletInputStream {
        private ByteArrayInputStream stream;
        final SAML1_0to1_1ConversionFilter this$0;

        ModifiedInputStream(SAML1_0to1_1ConversionFilter sAML1_0to1_1ConversionFilter, ByteArrayInputStream byteArrayInputStream) {
            this.this$0 = sAML1_0to1_1ConversionFilter;
            this.stream = byteArrayInputStream;
        }

        public int readLine(byte[] bArr, int i, int i2) throws IOException {
            if (i2 <= 0) {
                return 0;
            }
            int i3 = 0;
            do {
                int read = this.stream.read();
                if (read != -1) {
                    int i4 = i;
                    i++;
                    bArr[i4] = (byte) read;
                    i3++;
                    if (read == 10) {
                        break;
                    }
                } else {
                    break;
                }
            } while (i3 != i2);
            if (i3 > 0) {
                return i3;
            }
            return -1;
        }

        public int available() throws IOException {
            return this.stream.available();
        }

        public void close() throws IOException {
            this.stream.close();
        }

        public synchronized void mark(int i) {
            this.stream.mark(i);
        }

        public boolean markSupported() {
            return this.stream.markSupported();
        }

        public int read(byte[] bArr, int i, int i2) throws IOException {
            return this.stream.read(bArr, i, i2);
        }

        public int read(byte[] bArr) throws IOException {
            return this.stream.read(bArr);
        }

        public synchronized void reset() throws IOException {
            this.stream.reset();
        }

        public long skip(long j) throws IOException {
            return this.stream.skip(j);
        }

        public int read() throws IOException {
            return this.stream.read();
        }
    }

    /* loaded from: input_file:edu/internet2/middleware/shibboleth/utils/SAML1_0to1_1ConversionFilter$NoConversionRequestWrapper.class */
    private class NoConversionRequestWrapper extends HttpServletRequestWrapper {
        private ServletInputStream stream;
        private boolean accessed;
        private String method;
        final SAML1_0to1_1ConversionFilter this$0;

        NoConversionRequestWrapper(SAML1_0to1_1ConversionFilter sAML1_0to1_1ConversionFilter, HttpServletRequest httpServletRequest, String str) {
            super(httpServletRequest);
            this.this$0 = sAML1_0to1_1ConversionFilter;
            this.accessed = false;
            this.stream = new ModifiedInputStream(sAML1_0to1_1ConversionFilter, new ByteArrayInputStream(str.getBytes()));
        }

        public ServletInputStream getInputStream() throws IOException {
            if (this.accessed) {
                throw new IllegalStateException(new StringBuffer(String.valueOf(this.method)).append(" has already been called for this request").toString());
            }
            this.accessed = true;
            this.method = "getInputStream()";
            return this.stream;
        }

        public BufferedReader getReader() throws IOException {
            if (this.accessed) {
                throw new IllegalStateException(new StringBuffer(String.valueOf(this.method)).append(" has already been called for this request").toString());
            }
            this.accessed = true;
            this.method = "getReader()";
            return new BufferedReader(new InputStreamReader(this.stream));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("edu.internet2.middleware.shibboleth.utils.SAML1_0to1_1ConversionFilter");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        log = Logger.getLogger(cls.getName());
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        MDC.put("serviceId", "[SAML Conversion Filter]");
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            log.error("Only HTTP(s) requests are supported by the ClientCertTrustFilter.");
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!httpServletRequest.getMethod().equals("POST")) {
            log.debug("Skipping SAML conversion because request method is not (POST).");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
        log.debug("Added SAML conversion wrapper to request.");
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader reader = servletRequest.getReader();
        String readLine = reader.readLine();
        while (true) {
            String str = readLine;
            if (str == null) {
                break;
            }
            stringBuffer.append(str);
            readLine = reader.readLine();
        }
        reader.reset();
        String stringBuffer2 = stringBuffer.toString();
        if (!isSAML1_0(stringBuffer2)) {
            log.debug("Skipping SAML conversion because the input does not contain a SAML 1.0 request.");
            filterChain.doFilter(new NoConversionRequestWrapper(this, httpServletRequest, stringBuffer2), httpServletResponse);
        } else {
            ConversionRequestWrapper conversionRequestWrapper = new ConversionRequestWrapper(this, httpServletRequest, stringBuffer2);
            ConversionResponseWrapper conversionResponseWrapper = new ConversionResponseWrapper(this, httpServletResponse, conversionRequestWrapper.getOriginalRequestId());
            filterChain.doFilter(conversionRequestWrapper, conversionResponseWrapper);
            conversionResponseWrapper.localFlush();
        }
    }

    private boolean isSAML1_0(String str) {
        return Pattern.compile("<(.+:)?Request[^>]+(MinorVersion=['\"]0['\"])").matcher(str).find() && Pattern.compile("<(.+:)?Request[^>]+(MajorVersion=['\"]1['\"])").matcher(str).find();
    }

    public void destroy() {
    }
}
