package org.josso.gateway.signon;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.josso.Lookup;
import org.josso.auth.Credential;
import org.josso.auth.exceptions.AuthenticationFailureException;
import org.josso.gateway.SSOContext;
import org.josso.gateway.SSOGateway;
import org.josso.gateway.SSOWebConfiguration;
import org.josso.gateway.assertion.AuthenticationAssertion;
import org.josso.gateway.session.SSOSession;
import org.josso.gateway.session.exceptions.NoSuchSessionException;

/* loaded from: input_file:org/josso/gateway/signon/LoginAction.class */
public abstract class LoginAction extends SignonBaseAction {
    public static final String JOSSO_CMD_LOGIN = "login";
    private static final Log logger = LogFactory.getLog(LoginAction.class);

    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return canRelay(httpServletRequest) ? relay(actionMapping, actionForm, httpServletRequest, httpServletResponse) : getSSOCmd(httpServletRequest) == null ? askForLogin(actionMapping, actionForm, httpServletRequest, httpServletResponse) : login(actionMapping, actionForm, httpServletRequest, httpServletResponse);
    }

    protected ActionForward askForLogin(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        storeSsoParameters(httpServletRequest);
        return actionMapping.findForward("login-page");
    }

    protected ActionForward login(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            SSOContext newSSOContext = getNewSSOContext(httpServletRequest);
            Credential[] credentials = getCredentials(httpServletRequest);
            SSOGateway sSOGateway = getSSOGateway();
            try {
                storeSsoParameters(httpServletRequest);
                SSOWebConfiguration lookupSSOWebConfiguration = Lookup.getInstance().lookupSSOWebConfiguration();
                HttpSession session = httpServletRequest.getSession();
                AuthenticationAssertion assertIdentity = sSOGateway.assertIdentity(credentials, newSSOContext.getScheme(), newSSOContext);
                SSOSession sSOSession = assertIdentity.getSSOSession();
                httpServletResponse.addCookie(newJossoCookie(httpServletRequest.getContextPath(), sSOSession.getId()));
                if (logger.isDebugEnabled()) {
                    logger.debug("[login()], authentication successfull.");
                }
                String str = (String) session.getAttribute(Constants.KEY_JOSSO_BACK_TO);
                if (str == null) {
                    logger.debug("[login()], No 'BACK TO' URL found in session, using configured URL : " + lookupSSOWebConfiguration.getLoginBackToURL());
                    str = lookupSSOWebConfiguration.getLoginBackToURL();
                }
                if (str == null) {
                    logger.warn("No 'BACK TO' URL received or configured ... using default forward rule !");
                    String username = sSOSession.getUsername();
                    ActionErrors actionErrors = new ActionErrors();
                    actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.login.success", username));
                    actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.info.session", sSOSession.getId()));
                    saveErrors(httpServletRequest, actionErrors);
                    return actionMapping.findForward("login-result");
                }
                String str2 = str + (str.indexOf("?") >= 0 ? "&" : "?") + "josso_assertion_id=" + assertIdentity.getId();
                session.setAttribute(Constants.KEY_JOSSO_BACK_TO, str2);
                session.removeAttribute(Constants.KEY_JOSSO_BACK_TO);
                session.removeAttribute(Constants.KEY_JOSSO_ON_ERROR);
                if (logger.isDebugEnabled()) {
                    logger.debug("[login()], Redirecting user to : " + str2);
                }
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str2));
                return null;
            } catch (AuthenticationFailureException e) {
                if (logger.isDebugEnabled()) {
                    logger.debug(e.getMessage(), e);
                }
                String str3 = (String) httpServletRequest.getSession(true).getAttribute(Constants.KEY_JOSSO_ON_ERROR);
                if (str3 == null) {
                    ActionErrors actionErrors2 = new ActionErrors();
                    actionErrors2.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.login.failed"));
                    saveErrors(httpServletRequest, actionErrors2);
                    return actionMapping.findForward("login-page");
                }
                String str4 = (str3 + (str3.indexOf("?") >= 0 ? "&" : "?josso_error_type=" + e.getErrorType())) + "&josso_username=" + sSOGateway.getPrincipalName(newSSOContext.getScheme(), credentials);
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str4));
                if (!logger.isDebugEnabled()) {
                    return null;
                }
                logger.debug("[login()], authentication failure. Redirecting user to : " + str4);
                return null;
            }
        } catch (Exception e2) {
            logger.error(e2.getMessage(), e2);
            ActionErrors actionErrors3 = new ActionErrors();
            actionErrors3.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.error", e2.getMessage() != null ? e2.getMessage() : e2.toString()));
            saveErrors(httpServletRequest, actionErrors3);
            return actionMapping.findForward("error");
        }
    }

    protected ActionForward relay(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            SSOGateway sSOGateway = getSSOGateway();
            storeSsoParameters(httpServletRequest);
            SSOWebConfiguration lookupSSOWebConfiguration = Lookup.getInstance().lookupSSOWebConfiguration();
            HttpSession session = httpServletRequest.getSession();
            String jossoSessionId = getJossoSessionId(httpServletRequest);
            SSOSession findSession = sSOGateway.findSession(jossoSessionId);
            AuthenticationAssertion assertIdentity = sSOGateway.assertIdentity(jossoSessionId);
            if (logger.isDebugEnabled()) {
                logger.debug("[relay()], authentication successfull.");
            }
            String str = (String) session.getAttribute(Constants.KEY_JOSSO_BACK_TO);
            if (str == null) {
                logger.debug("[relay()], No 'BACK TO' URL found in session, using configured URL : " + lookupSSOWebConfiguration.getLoginBackToURL());
                str = lookupSSOWebConfiguration.getLoginBackToURL();
            }
            if (str == null) {
                logger.warn("No 'BACK TO' URL received or configured ... using default forward rule !");
                String username = findSession.getUsername();
                ActionErrors actionErrors = new ActionErrors();
                actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.login.success", username));
                actionErrors.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.info.session", findSession.getId()));
                saveErrors(httpServletRequest, actionErrors);
                return actionMapping.findForward("login-result");
            }
            String str2 = str + (str.indexOf("?") >= 0 ? "&" : "?") + "josso_assertion_id=" + assertIdentity.getId();
            session.setAttribute(Constants.KEY_JOSSO_BACK_TO, str2);
            session.removeAttribute(Constants.KEY_JOSSO_BACK_TO);
            session.removeAttribute(Constants.KEY_JOSSO_ON_ERROR);
            if (logger.isDebugEnabled()) {
                logger.debug("[relay()], Redirecting user to : " + str2);
            }
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str2));
            return null;
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
            ActionErrors actionErrors2 = new ActionErrors();
            actionErrors2.add("org.apache.struts.action.GLOBAL_ERROR", new ActionError("sso.error", e.getMessage() != null ? e.getMessage() : e.toString()));
            saveErrors(httpServletRequest, actionErrors2);
            return actionMapping.findForward("error");
        }
    }

    protected boolean canRelay(HttpServletRequest httpServletRequest) {
        boolean z = false;
        try {
            String jossoSessionId = getJossoSessionId(httpServletRequest);
            if (jossoSessionId != null) {
                if (Lookup.getInstance().lookupSecurityDomain().getSessionManager().getSession(jossoSessionId) != null) {
                    z = true;
                }
            }
        } catch (NoSuchSessionException e) {
            if (logger.isDebugEnabled()) {
                logger.debug(e.getMessage(), e);
            }
        } catch (Exception e2) {
            logger.error(e2.getMessage(), e2);
        }
        return z;
    }

    protected void storeSsoParameters(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(true);
        String parameter = httpServletRequest.getParameter(Constants.PARAM_JOSSO_BACK_TO);
        if (parameter != null && !"".equals(parameter)) {
            session.setAttribute(Constants.KEY_JOSSO_BACK_TO, parameter);
            if (logger.isDebugEnabled()) {
                logger.debug("[askForLogin()] Storing back-to url in session : " + parameter);
            }
        }
        String parameter2 = httpServletRequest.getParameter(Constants.PARAM_JOSSO_ON_ERROR);
        if (parameter2 == null || "".equals(parameter2)) {
            return;
        }
        session.setAttribute(Constants.KEY_JOSSO_ON_ERROR, parameter2);
        if (logger.isDebugEnabled()) {
            logger.debug("[askForLogin()] Storing on-error url in session : " + parameter2);
        }
    }

    protected String getBackTo(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(Constants.KEY_JOSSO_BACK_TO);
    }

    protected String getOnError(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(Constants.KEY_JOSSO_ON_ERROR);
    }
}
