package edu.internet2.middleware.shibboleth.idp.config.profile.authn;

import edu.internet2.middleware.shibboleth.idp.config.profile.ProfileHandlerNamespaceHandler;
import edu.internet2.middleware.shibboleth.idp.util.IPRange;
import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
import org.opensaml.xml.util.DatatypeHelper;
import org.opensaml.xml.util.LazyList;
import org.opensaml.xml.util.XMLHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.w3c.dom.Element;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/idp/config/profile/authn/IPAddressLoginHandlerBeanDefinitionParser.class */
public class IPAddressLoginHandlerBeanDefinitionParser extends AbstractLoginHandlerBeanDefinitionParser {
    public static final QName SCHEMA_TYPE = new QName(ProfileHandlerNamespaceHandler.NAMESPACE, "IPAddress");
    private final Logger log = LoggerFactory.getLogger(IPAddressLoginHandlerBeanDefinitionParser.class);

    protected Class getBeanClass(Element element) {
        return IPAddressLoginHandlerFactoryBean.class;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // edu.internet2.middleware.shibboleth.idp.config.profile.authn.AbstractLoginHandlerBeanDefinitionParser
    public void doParse(Element element, BeanDefinitionBuilder beanDefinitionBuilder) {
        super.doParse(element, beanDefinitionBuilder);
        String safeTrimOrNullString = DatatypeHelper.safeTrimOrNullString(element.getAttributeNS(null, "username"));
        if (safeTrimOrNullString == null) {
            this.log.error("No username specified.");
            throw new BeanCreationException("No username specified.");
        }
        this.log.debug("authenticated username: {}", safeTrimOrNullString);
        beanDefinitionBuilder.addPropertyValue("authenticatedUser", safeTrimOrNullString);
        List<IPRange> iPRanges = getIPRanges(element);
        this.log.debug("registered IP ranges: {}", Integer.valueOf(iPRanges.size()));
        beanDefinitionBuilder.addPropertyValue("ipRanges", iPRanges);
        boolean booleanValue = XMLHelper.getAttributeValueAsBoolean(element.getAttributeNodeNS(null, "defaultDeny")).booleanValue();
        this.log.debug("default deny: {}", Boolean.valueOf(booleanValue));
        beanDefinitionBuilder.addPropertyValue("ipInRangeIsAuthenticated", Boolean.valueOf(booleanValue));
    }

    protected List<IPRange> getIPRanges(Element element) {
        List childElementsByTagNameNS = XMLHelper.getChildElementsByTagNameNS(element, ProfileHandlerNamespaceHandler.NAMESPACE, "IPEntry");
        if (childElementsByTagNameNS == null || childElementsByTagNameNS.isEmpty()) {
            this.log.error("At least one IPEntry must be specified.");
            throw new BeanCreationException("At least one IPEntry must be specified.");
        }
        LazyList lazyList = new LazyList();
        Iterator it = childElementsByTagNameNS.iterator();
        while (it.hasNext()) {
            lazyList.add(IPRange.parseCIDRBlock(((Element) it.next()).getTextContent()));
        }
        return lazyList;
    }
}
