package com.bea.security.saml2.artifact.impl;

import com.bea.common.security.utils.CSSPlatformProxy;
import com.bea.security.saml2.binding.BindingHandlerException;
import com.bea.security.saml2.config.SAML2ConfigSpi;
import com.bea.security.saml2.providers.registry.IndexedEndpoint;
import com.bea.security.saml2.providers.registry.WebSSOPartner;
import com.bea.security.saml2.util.SAML2Utils;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.SocketTimeoutException;
import java.net.URL;

/* loaded from: input_file:com/bea/security/saml2/artifact/impl/ArtifactResolverWLSImpl.class */
public class ArtifactResolverWLSImpl extends AbstractArtifactResolver {
    public ArtifactResolverWLSImpl(SAML2ConfigSpi sAML2ConfigSpi) {
        super(sAML2ConfigSpi);
    }

    @Override // com.bea.security.saml2.artifact.impl.AbstractArtifactResolver
    public HttpURLConnection openConnection(WebSSOPartner webSSOPartner, IndexedEndpoint indexedEndpoint) throws BindingHandlerException {
        HttpURLConnection httpURLConnection;
        if (this.logdebug) {
            this.log.debug("open connection to send samlp:ArtifactResolve. partner id:" + webSSOPartner.getEntityID() + ", endpoint url:" + indexedEndpoint.getLocation());
        }
        try {
            URL url = new URL(indexedEndpoint.getLocation());
            if (url.getProtocol().toLowerCase().startsWith("https")) {
                if (this.logdebug) {
                    this.log.debug("remote ARS need secure http connection.");
                }
                httpURLConnection = CSSPlatformProxy.getInstance().getHttpsURLConnection(url);
                if (this.sslClientKey != null && this.sslClientCert != null && this.sslClientCert.length > 0) {
                    if (this.logdebug) {
                        this.log.debug("have certs and key, loading SSL identity.");
                    }
                    CSSPlatformProxy.getInstance().loadLocalIdentity(httpURLConnection, this.sslClientCert, this.sslClientKey);
                }
            } else {
                httpURLConnection = CSSPlatformProxy.getInstance().getHttpURLConnection(url);
            }
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setAllowUserInteraction(false);
            httpURLConnection.setInstanceFollowRedirects(false);
            httpURLConnection.setRequestMethod("POST");
            httpURLConnection.setRequestProperty("Content-Type", "text/xml; charset=UTF-8");
            String basicAuthn = getBasicAuthn(webSSOPartner);
            if (basicAuthn != null && !basicAuthn.equals("")) {
                httpURLConnection.setRequestProperty("Authorization", "Basic " + SAML2Utils.base64Encode(basicAuthn.getBytes("UTF-8")));
            }
            this.log.debug("connect to remote ARS.");
            httpURLConnection.connect();
            return httpURLConnection;
        } catch (UnsupportedEncodingException e) {
            if (this.logdebug) {
                this.log.debug("can't get BASE64 encoded basic authentication:UnsupportedEncoding:UTF-8.");
            }
            throw new BindingHandlerException(e.getMessage(), 500);
        } catch (MalformedURLException e2) {
            if (this.logdebug) {
                this.log.debug("can't open connection:MalformedURL:" + indexedEndpoint.getLocation());
            }
            throw new BindingHandlerException(e2.getMessage(), 500);
        } catch (SocketTimeoutException e3) {
            if (this.logdebug) {
                this.log.debug("can't connect to remote server.", e3);
            }
            throw new BindingHandlerException(e3.getMessage(), 500);
        } catch (IOException e4) {
            if (this.logdebug) {
                this.log.debug("can't open connection.");
            }
            throw new BindingHandlerException(e4.getMessage(), 500);
        }
    }
}
