package org.springframework.security.saml.metadata;

import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import javax.xml.namespace.QName;
import org.opensaml.Configuration;
import org.opensaml.common.SAMLObject;
import org.opensaml.common.SAMLObjectBuilder;
import org.opensaml.common.SAMLRuntimeException;
import org.opensaml.common.SignableSAMLObject;
import org.opensaml.common.binding.artifact.BasicSAMLArtifactMap;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.common.Extensions;
import org.opensaml.saml2.common.impl.ExtensionsBuilder;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.metadata.AssertionConsumerService;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.KeyDescriptor;
import org.opensaml.saml2.metadata.NameIDFormat;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.saml2.metadata.SingleLogoutService;
import org.opensaml.samlext.idpdisco.DiscoveryResponse;
import org.opensaml.util.URLBuilder;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.xml.XMLObjectBuilderFactory;
import org.opensaml.xml.io.Marshaller;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.credential.UsageType;
import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
import org.opensaml.xml.signature.KeyInfo;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureException;
import org.opensaml.xml.signature.Signer;
import org.opensaml.xml.util.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.saml.SAMLDiscovery;
import org.springframework.security.saml.SAMLEntryPoint;
import org.springframework.security.saml.SAMLLogoutProcessingFilter;
import org.springframework.security.saml.SAMLProcessingFilter;
import org.springframework.security.saml.SAMLWebSSOHoKProcessingFilter;
import org.springframework.security.saml.key.KeyManager;

/* loaded from: input_file:WEB-INF/lib/spring-security-saml2-core-1.0.0.RC2.jar:org/springframework/security/saml/metadata/MetadataGenerator.class */
public class MetadataGenerator {
    private String entityId;
    private String entityBaseURL;
    private String entityAlias;
    private static TreeMap<String, String> aliases = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
    private String customDiscoveryURL;
    private String customDiscoveryResponseURL;
    private boolean includeDiscoveryExtension;
    private ExtendedMetadata extendedMetadata;
    public static final Collection<String> defaultNameID;
    protected KeyManager keyManager;
    protected SAMLProcessingFilter samlWebSSOFilter;
    protected SAMLWebSSOHoKProcessingFilter samlWebSSOHoKFilter;
    protected SAMLLogoutProcessingFilter samlLogoutProcessingFilter;
    protected SAMLEntryPoint samlEntryPoint;
    protected SAMLDiscovery samlDiscovery;
    protected static final Logger log;
    private boolean requestSigned = true;
    private boolean wantAssertionSigned = true;
    private boolean signMetadata = true;
    private String signingKey = null;
    private String encryptionKey = null;
    private String tlsKey = null;
    private int assertionConsumerIndex = 0;
    private Collection<String> bindingsSSO = Arrays.asList(BasicSAMLArtifactMap.DEFAULT_STORAGE_PARTITION, "post", "paos");
    private Collection<String> bindingsHoKSSO = Arrays.asList(BasicSAMLArtifactMap.DEFAULT_STORAGE_PARTITION, "post");
    private Collection<String> bindingsSLO = Arrays.asList("post", "redirect");
    private boolean includeDiscovery = true;
    private Collection<String> nameID = null;
    protected XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

    public EntityDescriptor generateMetadata() {
        if (this.signingKey == null) {
            this.signingKey = this.keyManager.getDefaultCredentialName();
        }
        if (this.encryptionKey == null) {
            this.encryptionKey = this.keyManager.getDefaultCredentialName();
        }
        if (this.tlsKey == null) {
            this.tlsKey = null;
        }
        boolean isRequestSigned = isRequestSigned();
        boolean isWantAssertionSigned = isWantAssertionSigned();
        boolean isSignMetadata = isSignMetadata();
        Collection<String> nameID = getNameID();
        String entityId = getEntityId();
        String entityBaseURL = getEntityBaseURL();
        String entityAlias = getEntityAlias();
        if (entityId == null || entityBaseURL == null) {
            throw new RuntimeException("Required attributes weren't set");
        }
        EntityDescriptor entityDescriptor = (EntityDescriptor) ((SAMLObjectBuilder) this.builderFactory.getBuilder(EntityDescriptor.DEFAULT_ELEMENT_NAME)).mo4017buildObject();
        entityDescriptor.setID(entityId);
        entityDescriptor.setEntityID(entityId);
        entityDescriptor.getRoleDescriptors().add(buildSPSSODescriptor(entityBaseURL, entityAlias, isRequestSigned, isWantAssertionSigned, nameID));
        try {
            if (isSignMetadata) {
                signSAMLObject(entityDescriptor, this.keyManager.getCredential(this.signingKey));
            } else {
                marshallSAMLObject(entityDescriptor);
            }
            return entityDescriptor;
        } catch (MessageEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    protected KeyInfo getServerKeyInfo(String str) {
        Credential credential = this.keyManager.getCredential(str);
        if (credential == null) {
            throw new RuntimeException("Key for alias " + str + " not found");
        }
        if (credential.getPrivateKey() == null) {
            throw new RuntimeException("Key with alias " + str + " doesn't have a private key");
        }
        return generateKeyInfoForCredential(credential);
    }

    public ExtendedMetadata generateExtendedMetadata() {
        ExtendedMetadata m4560clone = this.extendedMetadata != null ? this.extendedMetadata.m4560clone() : new ExtendedMetadata();
        String entityBaseURL = getEntityBaseURL();
        String entityAlias = getEntityAlias();
        m4560clone.setIdpDiscoveryEnabled(isIncludeDiscovery());
        if (isIncludeDiscovery()) {
            m4560clone.setIdpDiscoveryURL(getDiscoveryURL(entityBaseURL, entityAlias));
            m4560clone.setIdpDiscoveryResponseURL(getDiscoveryResponseURL(entityBaseURL, entityAlias));
        } else {
            m4560clone.setIdpDiscoveryURL(null);
            m4560clone.setIdpDiscoveryResponseURL(null);
        }
        m4560clone.setEncryptionKey(this.encryptionKey);
        m4560clone.setSigningKey(this.signingKey);
        m4560clone.setAlias(entityAlias);
        m4560clone.setTlsKey(this.tlsKey);
        m4560clone.setLocal(true);
        return m4560clone;
    }

    protected KeyInfo generateKeyInfoForCredential(Credential credential) {
        try {
            NamedKeyInfoGeneratorManager keyInfoGeneratorManager = Configuration.getGlobalSecurityConfiguration().getKeyInfoGeneratorManager();
            SecurityHelper.getKeyInfoGenerator(credential, null, getKeyInfoGeneratorName());
            return keyInfoGeneratorManager.getDefaultManager().getFactory(credential).newInstance().generate(credential);
        } catch (SecurityException e) {
            log.error("Can't obtain key from the keystore or generate key info: " + this.encryptionKey, (Throwable) e);
            throw new SAMLRuntimeException("Can't obtain key from keystore or generate key info", e);
        }
    }

    protected SPSSODescriptor buildSPSSODescriptor(String str, String str2, boolean z, boolean z2, Collection<String> collection) {
        SPSSODescriptor sPSSODescriptor = (SPSSODescriptor) ((SAMLObjectBuilder) this.builderFactory.getBuilder(SPSSODescriptor.DEFAULT_ELEMENT_NAME)).mo4017buildObject();
        sPSSODescriptor.setAuthnRequestsSigned(Boolean.valueOf(z));
        sPSSODescriptor.setWantAssertionsSigned(Boolean.valueOf(z2));
        sPSSODescriptor.addSupportedProtocol("urn:oasis:names:tc:SAML:2.0:protocol");
        sPSSODescriptor.getNameIDFormats().addAll(getNameIDFormat(collection));
        int i = 0;
        Collection<String> mapAliases = mapAliases(getBindingsSSO());
        Collection<String> mapAliases2 = mapAliases(getBindingsSLO());
        Collection<String> mapAliases3 = mapAliases(getBindingsHoKSSO());
        for (String str3 : mapAliases) {
            if (str3.equals(SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
                List<AssertionConsumerService> assertionConsumerServices = sPSSODescriptor.getAssertionConsumerServices();
                boolean z3 = this.assertionConsumerIndex == i;
                int i2 = i;
                i++;
                assertionConsumerServices.add(getAssertionConsumerService(str, str2, z3, i2, getSAMLWebSSOProcessingFilterPath(), SAMLConstants.SAML2_ARTIFACT_BINDING_URI));
            }
            if (str3.equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
                List<AssertionConsumerService> assertionConsumerServices2 = sPSSODescriptor.getAssertionConsumerServices();
                boolean z4 = this.assertionConsumerIndex == i;
                int i3 = i;
                i++;
                assertionConsumerServices2.add(getAssertionConsumerService(str, str2, z4, i3, getSAMLWebSSOProcessingFilterPath(), SAMLConstants.SAML2_POST_BINDING_URI));
            }
            if (str3.equals(SAMLConstants.SAML2_PAOS_BINDING_URI)) {
                List<AssertionConsumerService> assertionConsumerServices3 = sPSSODescriptor.getAssertionConsumerServices();
                boolean z5 = this.assertionConsumerIndex == i;
                int i4 = i;
                i++;
                assertionConsumerServices3.add(getAssertionConsumerService(str, str2, z5, i4, getSAMLWebSSOProcessingFilterPath(), SAMLConstants.SAML2_PAOS_BINDING_URI));
            }
        }
        for (String str4 : mapAliases3) {
            if (str4.equals(SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
                List<AssertionConsumerService> assertionConsumerServices4 = sPSSODescriptor.getAssertionConsumerServices();
                boolean z6 = this.assertionConsumerIndex == i;
                int i5 = i;
                i++;
                assertionConsumerServices4.add(getHoKAssertionConsumerService(str, str2, z6, i5, getSAMLWebSSOHoKProcessingFilterPath(), SAMLConstants.SAML2_ARTIFACT_BINDING_URI));
            }
            if (str4.equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
                List<AssertionConsumerService> assertionConsumerServices5 = sPSSODescriptor.getAssertionConsumerServices();
                boolean z7 = this.assertionConsumerIndex == i;
                int i6 = i;
                i++;
                assertionConsumerServices5.add(getHoKAssertionConsumerService(str, str2, z7, i6, getSAMLWebSSOHoKProcessingFilterPath(), SAMLConstants.SAML2_POST_BINDING_URI));
            }
        }
        for (String str5 : mapAliases2) {
            if (str5.equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
                sPSSODescriptor.getSingleLogoutServices().add(getSingleLogoutService(str, str2, SAMLConstants.SAML2_POST_BINDING_URI));
            }
            if (str5.equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
                sPSSODescriptor.getSingleLogoutServices().add(getSingleLogoutService(str, str2, SAMLConstants.SAML2_REDIRECT_BINDING_URI));
            }
            if (str5.equals(SAMLConstants.SAML2_SOAP11_BINDING_URI)) {
                sPSSODescriptor.getSingleLogoutServices().add(getSingleLogoutService(str, str2, SAMLConstants.SAML2_SOAP11_BINDING_URI));
            }
        }
        Extensions buildExtensions = buildExtensions(str, str2);
        if (buildExtensions != null) {
            sPSSODescriptor.setExtensions(buildExtensions);
        }
        if (this.signingKey != null) {
            sPSSODescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.SIGNING, getServerKeyInfo(this.signingKey)));
        }
        if (this.encryptionKey != null) {
            sPSSODescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.ENCRYPTION, getServerKeyInfo(this.encryptionKey)));
        }
        if (this.tlsKey != null && !this.tlsKey.equals(this.encryptionKey) && !this.tlsKey.equals(this.signingKey)) {
            sPSSODescriptor.getKeyDescriptors().add(getKeyDescriptor(UsageType.UNSPECIFIED, getServerKeyInfo(this.tlsKey)));
        }
        return sPSSODescriptor;
    }

    protected Collection<String> mapAliases(Collection<String> collection) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (String str : collection) {
            String str2 = aliases.get(str);
            if (str2 != null) {
                linkedHashSet.add(str2);
            } else {
                log.warn("Unsupported value " + str + " found");
            }
        }
        return linkedHashSet;
    }

    protected Extensions buildExtensions(String str, String str2) {
        boolean z = false;
        Extensions mo4017buildObject = new ExtensionsBuilder().mo4017buildObject();
        if (isIncludeDiscoveryExtension()) {
            mo4017buildObject.getUnknownXMLObjects().add(getDiscoveryService(str, str2));
            z = true;
        }
        if (z) {
            return mo4017buildObject;
        }
        return null;
    }

    protected KeyDescriptor getKeyDescriptor(UsageType usageType, KeyInfo keyInfo) {
        KeyDescriptor keyDescriptor = (KeyDescriptor) ((SAMLObjectBuilder) Configuration.getBuilderFactory().getBuilder(KeyDescriptor.DEFAULT_ELEMENT_NAME)).mo4017buildObject();
        keyDescriptor.setUse(usageType);
        keyDescriptor.setKeyInfo(keyInfo);
        return keyDescriptor;
    }

    protected Collection<NameIDFormat> getNameIDFormat(Collection<String> collection) {
        Collection<String> mapAliases = mapAliases(collection);
        LinkedList linkedList = new LinkedList();
        SAMLObjectBuilder sAMLObjectBuilder = (SAMLObjectBuilder) this.builderFactory.getBuilder(NameIDFormat.DEFAULT_ELEMENT_NAME);
        for (String str : mapAliases) {
            if (str.equals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress")) {
                NameIDFormat nameIDFormat = (NameIDFormat) sAMLObjectBuilder.mo4017buildObject();
                nameIDFormat.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");
                linkedList.add(nameIDFormat);
            }
            if (str.equals("urn:oasis:names:tc:SAML:2.0:nameid-format:transient")) {
                NameIDFormat nameIDFormat2 = (NameIDFormat) sAMLObjectBuilder.mo4017buildObject();
                nameIDFormat2.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:transient");
                linkedList.add(nameIDFormat2);
            }
            if (str.equals("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent")) {
                NameIDFormat nameIDFormat3 = (NameIDFormat) sAMLObjectBuilder.mo4017buildObject();
                nameIDFormat3.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
                linkedList.add(nameIDFormat3);
            }
            if (str.equals("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified")) {
                NameIDFormat nameIDFormat4 = (NameIDFormat) sAMLObjectBuilder.mo4017buildObject();
                nameIDFormat4.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
                linkedList.add(nameIDFormat4);
            }
            if (str.equals("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName")) {
                NameIDFormat nameIDFormat5 = (NameIDFormat) sAMLObjectBuilder.mo4017buildObject();
                nameIDFormat5.setFormat("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName");
                linkedList.add(nameIDFormat5);
            }
        }
        return linkedList;
    }

    protected AssertionConsumerService getAssertionConsumerService(String str, String str2, boolean z, int i, String str3, String str4) {
        AssertionConsumerService assertionConsumerService = (AssertionConsumerService) ((SAMLObjectBuilder) this.builderFactory.getBuilder(AssertionConsumerService.DEFAULT_ELEMENT_NAME)).mo4017buildObject();
        assertionConsumerService.setLocation(getServerURL(str, str2, str3));
        assertionConsumerService.setBinding(str4);
        if (z) {
            assertionConsumerService.setIsDefault((Boolean) true);
        }
        assertionConsumerService.setIndex(Integer.valueOf(i));
        return assertionConsumerService;
    }

    protected AssertionConsumerService getHoKAssertionConsumerService(String str, String str2, boolean z, int i, String str3, String str4) {
        AssertionConsumerService assertionConsumerService = getAssertionConsumerService(str, str2, z, i, str3, org.springframework.security.saml.SAMLConstants.SAML2_HOK_WEBSSO_PROFILE_URI);
        assertionConsumerService.getUnknownAttributes().put(new QName(org.springframework.security.saml.SAMLConstants.SAML2_HOK_WEBSSO_PROFILE_URI, AuthnRequest.PROTOCOL_BINDING_ATTRIB_NAME, "hoksso"), str4);
        return assertionConsumerService;
    }

    protected DiscoveryResponse getDiscoveryService(String str, String str2) {
        DiscoveryResponse discoveryResponse = (DiscoveryResponse) ((SAMLObjectBuilder) this.builderFactory.getBuilder(DiscoveryResponse.DEFAULT_ELEMENT_NAME)).buildObject(DiscoveryResponse.DEFAULT_ELEMENT_NAME);
        discoveryResponse.setBinding(DiscoveryResponse.IDP_DISCO_NS);
        discoveryResponse.setLocation(getDiscoveryResponseURL(str, str2));
        return discoveryResponse;
    }

    protected SingleLogoutService getSingleLogoutService(String str, String str2, String str3) {
        SingleLogoutService singleLogoutService = (SingleLogoutService) ((SAMLObjectBuilder) this.builderFactory.getBuilder(SingleLogoutService.DEFAULT_ELEMENT_NAME)).mo4017buildObject();
        singleLogoutService.setLocation(getServerURL(str, str2, getSAMLLogoutFilterPath()));
        singleLogoutService.setBinding(str3);
        return singleLogoutService;
    }

    private String getServerURL(String str, String str2, String str3) {
        return getServerURL(str, str2, str3, null);
    }

    private String getServerURL(String str, String str2, String str3, Map<String, String> map) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(str);
        if (!str3.startsWith("/")) {
            stringBuffer.append("/");
        }
        stringBuffer.append(str3);
        if (!str3.endsWith("/")) {
            stringBuffer.append("/");
        }
        if (str2 != null) {
            stringBuffer.append("alias/");
            stringBuffer.append(str2);
        }
        String stringBuffer2 = stringBuffer.toString();
        if (map == null || map.size() == 0) {
            return stringBuffer2;
        }
        URLBuilder uRLBuilder = new URLBuilder(stringBuffer2);
        for (Map.Entry<String, String> entry : map.entrySet()) {
            uRLBuilder.getQueryParams().add(new Pair<>(entry.getKey(), entry.getValue()));
        }
        return uRLBuilder.buildURL();
    }

    private String getSAMLWebSSOProcessingFilterPath() {
        return this.samlWebSSOFilter != null ? this.samlWebSSOFilter.getFilterProcessesUrl() : SAMLProcessingFilter.FILTER_URL;
    }

    private String getSAMLWebSSOHoKProcessingFilterPath() {
        return this.samlWebSSOHoKFilter != null ? this.samlWebSSOHoKFilter.getFilterProcessesUrl() : SAMLWebSSOHoKProcessingFilter.WEBSSO_HOK_URL;
    }

    private String getSAMLEntryPointPath() {
        return this.samlEntryPoint != null ? this.samlEntryPoint.getFilterProcessesUrl() : SAMLEntryPoint.FILTER_URL;
    }

    private String getSAMLDiscoveryPath() {
        return this.samlDiscovery != null ? this.samlDiscovery.getFilterProcessesUrl() : SAMLDiscovery.FILTER_URL;
    }

    private String getSAMLLogoutFilterPath() {
        return this.samlLogoutProcessingFilter != null ? this.samlLogoutProcessingFilter.getFilterProcessesUrl() : SAMLLogoutProcessingFilter.FILTER_URL;
    }

    @Autowired(required = false)
    @Qualifier("samlWebSSOProcessingFilter")
    public void setSamlWebSSOFilter(SAMLProcessingFilter sAMLProcessingFilter) {
        this.samlWebSSOFilter = sAMLProcessingFilter;
    }

    @Autowired(required = false)
    @Qualifier("samlWebSSOHoKProcessingFilter")
    public void setSamlWebSSOHoKFilter(SAMLWebSSOHoKProcessingFilter sAMLWebSSOHoKProcessingFilter) {
        this.samlWebSSOHoKFilter = sAMLWebSSOHoKProcessingFilter;
    }

    @Autowired(required = false)
    public void setSamlLogoutProcessingFilter(SAMLLogoutProcessingFilter sAMLLogoutProcessingFilter) {
        this.samlLogoutProcessingFilter = sAMLLogoutProcessingFilter;
    }

    @Autowired(required = false)
    public void setSamlEntryPoint(SAMLEntryPoint sAMLEntryPoint) {
        this.samlEntryPoint = sAMLEntryPoint;
    }

    protected void signSAMLObject(SAMLObject sAMLObject, Credential credential) throws MessageEncodingException {
        if (!(sAMLObject instanceof SignableSAMLObject) || credential == null) {
            return;
        }
        SignableSAMLObject signableSAMLObject = (SignableSAMLObject) sAMLObject;
        Signature signature = (Signature) Configuration.getBuilderFactory().getBuilder(Signature.DEFAULT_ELEMENT_NAME).buildObject(Signature.DEFAULT_ELEMENT_NAME);
        signature.setSigningCredential(credential);
        try {
            SecurityHelper.prepareSignatureParams(signature, credential, null, getKeyInfoGeneratorName());
            signableSAMLObject.setSignature(signature);
            marshallSAMLObject(signableSAMLObject);
            try {
                Signer.signObject(signature);
            } catch (SignatureException e) {
                log.error("Unable to sign protocol message", (Throwable) e);
                throw new MessageEncodingException("Unable to sign protocol message", e);
            }
        } catch (SecurityException e2) {
            throw new MessageEncodingException("Error preparing signature for signing", e2);
        }
    }

    private void marshallSAMLObject(SAMLObject sAMLObject) throws MessageEncodingException {
        try {
            Marshaller marshaller = Configuration.getMarshallerFactory().getMarshaller(sAMLObject);
            if (marshaller == null) {
                throw new MessageEncodingException("No marshaller registered for " + sAMLObject.getElementQName() + ", unable to marshall in preperation for signing");
            }
            marshaller.marshall(sAMLObject);
        } catch (MarshallingException e) {
            log.error("Unable to marshall protocol message in preparation for signing", (Throwable) e);
            throw new MessageEncodingException("Unable to marshall protocol message in preparation for signing", e);
        }
    }

    protected String getKeyInfoGeneratorName() {
        return org.springframework.security.saml.SAMLConstants.SAML_METADATA_KEY_INFO_GENERATOR;
    }

    public boolean isRequestSigned() {
        return this.requestSigned;
    }

    public void setRequestSigned(boolean z) {
        this.requestSigned = z;
    }

    public boolean isWantAssertionSigned() {
        return this.wantAssertionSigned;
    }

    public void setWantAssertionSigned(boolean z) {
        this.wantAssertionSigned = z;
    }

    public boolean isSignMetadata() {
        return this.signMetadata;
    }

    public void setSignMetadata(boolean z) {
        this.signMetadata = z;
    }

    public Collection<String> getNameID() {
        return this.nameID == null ? defaultNameID : this.nameID;
    }

    public void setNameID(Collection<String> collection) {
        this.nameID = collection;
    }

    public String getEntityBaseURL() {
        return this.entityBaseURL;
    }

    public String getEntityAlias() {
        return this.entityAlias;
    }

    public void setEntityAlias(String str) {
        this.entityAlias = str;
    }

    public void setEntityBaseURL(String str) {
        this.entityBaseURL = str;
    }

    @Autowired
    public void setKeyManager(KeyManager keyManager) {
        this.keyManager = keyManager;
    }

    public void setSigningKey(String str) {
        this.signingKey = str;
    }

    public void setEncryptionKey(String str) {
        this.encryptionKey = str;
    }

    public void setEntityId(String str) {
        this.entityId = str;
    }

    public String getEntityId() {
        return this.entityId;
    }

    public String getTlsKey() {
        return this.tlsKey;
    }

    public void setTlsKey(String str) {
        this.tlsKey = str;
    }

    public Collection<String> getBindingsSSO() {
        return this.bindingsSSO;
    }

    public void setBindingsSSO(Collection<String> collection) {
        if (collection == null) {
            this.bindingsSSO = Collections.emptyList();
        } else {
            this.bindingsSSO = collection;
        }
    }

    public Collection<String> getBindingsSLO() {
        return this.bindingsSLO;
    }

    public void setBindingsSLO(Collection<String> collection) {
        if (collection == null) {
            this.bindingsSLO = Collections.emptyList();
        } else {
            this.bindingsSLO = collection;
        }
    }

    public Collection<String> getBindingsHoKSSO() {
        return this.bindingsHoKSSO;
    }

    public void setBindingsHoKSSO(Collection<String> collection) {
        if (collection == null) {
            this.bindingsHoKSSO = Collections.emptyList();
        } else {
            this.bindingsHoKSSO = collection;
        }
    }

    public boolean isIncludeDiscoveryExtension() {
        return this.includeDiscoveryExtension;
    }

    public void setIncludeDiscoveryExtension(boolean z) {
        this.includeDiscoveryExtension = z;
    }

    public void setIncludeDiscovery(boolean z) {
        this.includeDiscovery = z;
    }

    public boolean isIncludeDiscovery() {
        return this.includeDiscovery;
    }

    public int getAssertionConsumerIndex() {
        return this.assertionConsumerIndex;
    }

    public void setAssertionConsumerIndex(int i) {
        this.assertionConsumerIndex = i;
    }

    public void setCustomDiscoveryURL(String str) {
        this.customDiscoveryURL = str;
    }

    public String getCustomDiscoveryURL() {
        return this.customDiscoveryURL;
    }

    public void setCustomDiscoveryResponseURL(String str) {
        this.customDiscoveryResponseURL = str;
    }

    public String getCustomDiscoveryResponseURL() {
        return this.customDiscoveryResponseURL;
    }

    private String getDiscoveryURL(String str, String str2) {
        return (this.customDiscoveryURL == null || this.customDiscoveryURL.length() <= 0) ? getServerURL(str, str2, getSAMLDiscoveryPath()) : this.customDiscoveryURL;
    }

    private String getDiscoveryResponseURL(String str, String str2) {
        if (this.customDiscoveryResponseURL != null && this.customDiscoveryResponseURL.length() > 0) {
            return this.customDiscoveryResponseURL;
        }
        HashMap hashMap = new HashMap();
        hashMap.put(SAMLEntryPoint.DISCOVERY_RESPONSE_PARAMETER, "true");
        return getServerURL(str, str2, getSAMLEntryPointPath(), hashMap);
    }

    public ExtendedMetadata getExtendedMetadata() {
        return this.extendedMetadata;
    }

    public void setExtendedMetadata(ExtendedMetadata extendedMetadata) {
        this.extendedMetadata = extendedMetadata;
    }

    static {
        aliases.put(SAMLConstants.SAML2_POST_BINDING_URI, SAMLConstants.SAML2_POST_BINDING_URI);
        aliases.put("post", SAMLConstants.SAML2_POST_BINDING_URI);
        aliases.put("http-post", SAMLConstants.SAML2_POST_BINDING_URI);
        aliases.put(SAMLConstants.SAML2_PAOS_BINDING_URI, SAMLConstants.SAML2_PAOS_BINDING_URI);
        aliases.put("paos", SAMLConstants.SAML2_PAOS_BINDING_URI);
        aliases.put(SAMLConstants.SAML2_ARTIFACT_BINDING_URI, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
        aliases.put(BasicSAMLArtifactMap.DEFAULT_STORAGE_PARTITION, SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
        aliases.put("http-artifact", SAMLConstants.SAML2_ARTIFACT_BINDING_URI);
        aliases.put(SAMLConstants.SAML2_REDIRECT_BINDING_URI, SAMLConstants.SAML2_REDIRECT_BINDING_URI);
        aliases.put("redirect", SAMLConstants.SAML2_REDIRECT_BINDING_URI);
        aliases.put("http-redirect", SAMLConstants.SAML2_REDIRECT_BINDING_URI);
        aliases.put(SAMLConstants.SAML2_SOAP11_BINDING_URI, SAMLConstants.SAML2_SOAP11_BINDING_URI);
        aliases.put("soap", SAMLConstants.SAML2_SOAP11_BINDING_URI);
        aliases.put("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");
        aliases.put("email", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");
        aliases.put("urn:oasis:names:tc:SAML:2.0:nameid-format:transient", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient");
        aliases.put("transient", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient");
        aliases.put("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        aliases.put("persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
        aliases.put("urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
        aliases.put("unspecified", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified");
        aliases.put("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName", "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName");
        aliases.put("x509_subject", "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName");
        defaultNameID = Arrays.asList("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName");
        log = LoggerFactory.getLogger(MetadataGenerator.class);
    }
}
