package com.appiancorp.security.auth.saml;

import com.appiancorp.security.auth.saml.decrypter.DecrypterSupplier;
import com.appiancorp.security.auth.saml.decrypter.SamlAssertionDecrypter;
import com.appiancorp.suite.cfg.SamlConfiguration;
import com.google.common.collect.ImmutableMap;
import java.util.function.Supplier;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.messaging.decoder.servlet.HttpServletRequestMessageDecoder;
import org.opensaml.messaging.encoder.servlet.HttpServletResponseMessageEncoder;
import org.opensaml.saml.common.binding.security.impl.EndpointURLSchemeSecurityHandler;
import org.opensaml.saml.common.binding.security.impl.SAMLOutboundProtocolMessageSigningHandler;
import org.opensaml.security.credential.CredentialResolver;
import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.context.annotation.Lazy;

@Configuration
@Import({SamlEncoderDecoderSpringConfig.class, SamlSharedSpringConfig.class})
/* loaded from: input_file:com/appiancorp/security/auth/saml/SamlBindingSpringConfig.class */
public class SamlBindingSpringConfig {
    @Bean
    @Lazy
    public ImmutableMap<String, Supplier<HttpServletResponseMessageEncoder>> messageEncoderMap(Supplier<HttpServletResponseMessageEncoder> supplier, Supplier<HttpServletResponseMessageEncoder> supplier2) {
        return ImmutableMap.builder().put("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect", supplier).put("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", supplier2).build();
    }

    @Bean
    @Lazy
    public MessageEncoderResolver messageEncoderResolver(SamlConfiguration samlConfiguration, ImmutableMap<String, Supplier<HttpServletResponseMessageEncoder>> immutableMap) {
        return new MessageEncoderResolver(samlConfiguration, immutableMap);
    }

    @Bean
    @Lazy
    public ImmutableMap<String, Supplier<HttpServletRequestMessageDecoder>> messageDecoderMap(Supplier<HttpServletRequestMessageDecoder> supplier, Supplier<HttpServletRequestMessageDecoder> supplier2) {
        return ImmutableMap.builder().put("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect", supplier).put("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST", supplier2).build();
    }

    @Bean
    @Lazy
    public MessageDecoderResolver messageDecoderResolver(ImmutableMap<String, Supplier<HttpServletRequestMessageDecoder>> immutableMap) {
        return new MessageDecoderResolver(immutableMap);
    }

    @Bean
    @Lazy
    public SAMLOutboundProtocolMessageSigningHandler samlOutboundProtocolMessageSigningHandler() throws ComponentInitializationException {
        SAMLOutboundProtocolMessageSigningHandler sAMLOutboundProtocolMessageSigningHandler = new SAMLOutboundProtocolMessageSigningHandler();
        sAMLOutboundProtocolMessageSigningHandler.initialize();
        return sAMLOutboundProtocolMessageSigningHandler;
    }

    @Bean
    public KeyInfoCredentialResolver keyInfoCredentialResolver() {
        return DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver();
    }

    @Bean
    @Lazy
    public CredentialResolver metadataCredentialResolver(SamlConfiguration samlConfiguration, KeyInfoCredentialResolver keyInfoCredentialResolver) {
        return new AppianMetadataCredentialResolver(samlConfiguration, keyInfoCredentialResolver);
    }

    @Bean
    @Lazy
    public SamlAssertionDecrypter samlAssertionDecrypter(DecrypterSupplier decrypterSupplier) {
        return new SamlAssertionDecrypter(decrypterSupplier);
    }

    @Bean
    @Lazy
    public DecrypterSupplier decrypterSupplier(SamlConfiguration samlConfiguration) {
        return new DecrypterSupplier(samlConfiguration);
    }

    @Bean
    @Lazy
    public SamlMessageSenderAdapter samlMessageSenderAdapter(SAMLOutboundProtocolMessageSigningHandler sAMLOutboundProtocolMessageSigningHandler, SamlConfiguration samlConfiguration, MessageEncoderResolver messageEncoderResolver, SigningParametersGenerator signingParametersGenerator) {
        return new SamlMessageSenderAdapter(sAMLOutboundProtocolMessageSigningHandler, samlConfiguration, messageEncoderResolver, signingParametersGenerator, new EndpointURLSchemeSecurityHandler());
    }

    @Bean
    public SamlMessageRetrieverAdapter samlMessageRetrieverAdapter(MessageDecoderResolver messageDecoderResolver, SamlAssertionDecrypter samlAssertionDecrypter) {
        return new SamlMessageRetrieverAdapter(messageDecoderResolver, samlAssertionDecrypter);
    }
}
