package edu.internet2.middleware.shibboleth.wayf;

import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
import edu.internet2.middleware.shibboleth.wayf.IdPSite;
import edu.internet2.middleware.shibboleth.wayf.plugins.Plugin;
import edu.internet2.middleware.shibboleth.wayf.plugins.PluginContext;
import edu.internet2.middleware.shibboleth.wayf.plugins.WayfRequestHandled;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.TreeSet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.opensaml.saml2.common.Extensions;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.RoleDescriptor;
import org.opensaml.saml2.metadata.SPSSODescriptor;
import org.opensaml.samlext.idpdisco.DiscoveryResponse;
import org.opensaml.xml.XMLObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/wayf/DiscoveryServiceHandler.class */
public class DiscoveryServiceHandler {
    private static final String SHIRE_PARAM_NAME = "shire";
    private static final String TARGET_PARAM_NAME = "target";
    private static final String TIME_PARAM_NAME = "time";
    private static final String PROVIDERID_PARAM_NAME = "providerId";
    private static final String PROVIDERID_OBJECT_PARAM_NAME = "providerObject";
    private static final String ENTITYID_PARAM_NAME = "entityID";
    private static final String RETURN_PARAM_NAME = "return";
    private static final String RETURN_ATTRIBUTE_NAME = "returnX";
    private static final String RETURN_INDEX_NAME = "returnIndex";
    private static final String RETURNID_PARAM_NAME = "returnIDParam";
    private static final String RETURNID_DEFAULT_VALUE = "entityID";
    private static final String ISPASSIVE_PARAM_NAME = "isPassive";
    private static final String POLICY_PARAM_NAME = "policy";
    private static final String KNOWN_POLICY_NAME = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discoveryprotocol:single";
    private static final Logger LOG = LoggerFactory.getLogger(DiscoveryServiceHandler.class.getName());
    private final String location;
    private final boolean isDefault;
    private final HandlerConfig config;
    private final List<IdPSiteSet> siteSets;
    private final List<Plugin> plugins;

    /* JADX INFO: Access modifiers changed from: protected */
    public DiscoveryServiceHandler(Element element, Hashtable<String, IdPSiteSet> hashtable, Hashtable<String, Plugin> hashtable2, HandlerConfig handlerConfig) throws ShibbolethConfigurationException {
        this.siteSets = new ArrayList(hashtable.size());
        this.plugins = new ArrayList(hashtable2.size());
        this.config = new HandlerConfig(element, handlerConfig);
        this.location = element.getAttribute("location");
        if (this.location == null || this.location.equals("")) {
            LOG.error("DiscoveryService must have a location specified");
            throw new ShibbolethConfigurationException("DiscoveryService must have a location specified");
        }
        String attribute = element.getAttribute("default");
        if (attribute == null || attribute.equals("")) {
            this.isDefault = false;
        } else {
            this.isDefault = Boolean.valueOf(attribute).booleanValue();
        }
        NodeList elementsByTagName = element.getElementsByTagName("Federation");
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            String attribute2 = ((Element) elementsByTagName.item(i)).getAttribute("identifier");
            IdPSiteSet idPSiteSet = hashtable.get(attribute2);
            if (idPSiteSet == null) {
                LOG.error("Handler " + this.location + ": could not find metadata for <Federation> with identifier " + attribute2 + ".");
                throw new ShibbolethConfigurationException("Handler " + this.location + ": could not find metadata for  <Federation> identifier " + attribute2 + ".");
            }
            this.siteSets.add(idPSiteSet);
        }
        if (this.siteSets.size() == 0) {
            this.siteSets.addAll(hashtable.values());
        }
        NodeList elementsByTagName2 = element.getElementsByTagName("PluginInstance");
        for (int i2 = 0; i2 < elementsByTagName2.getLength(); i2++) {
            String attribute3 = ((Element) elementsByTagName2.item(i2)).getAttribute("identifier");
            Plugin plugin = hashtable2.get(attribute3);
            if (plugin == null) {
                LOG.error("Handler " + this.location + ": could not find plugin for identifier " + attribute3);
                throw new ShibbolethConfigurationException("Handler " + this.location + ": could not find plugin for identifier " + attribute3);
            }
            this.plugins.add(plugin);
        }
        for (IdPSiteSet idPSiteSet2 : this.siteSets) {
            Iterator<Plugin> it = this.plugins.iterator();
            while (it.hasNext()) {
                idPSiteSet2.addPlugin(it.next());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getLocation() {
        return this.location;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isDefault() {
        return this.isDefault;
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter(POLICY_PARAM_NAME);
        if (null != parameter && !KNOWN_POLICY_NAME.equals(parameter)) {
            LOG.error("Unknown policy " + parameter);
            handleError(httpServletRequest, httpServletResponse, "Unknown policy " + parameter);
            return;
        }
        String parameter2 = httpServletRequest.getParameter("action");
        if (parameter2 == null || parameter2.equals("")) {
            parameter2 = "lookup";
        }
        try {
            if (parameter2.equals("search")) {
                String parameter3 = httpServletRequest.getParameter("string");
                if (parameter3 != null && parameter3.equals("")) {
                    parameter3 = null;
                }
                handleLookup(httpServletRequest, httpServletResponse, parameter3);
            } else if (parameter2.equals("selection")) {
                handleSelection(httpServletRequest, httpServletResponse);
            } else {
                handleLookup(httpServletRequest, httpServletResponse, null);
            }
        } catch (WayfException e) {
            LOG.error("Error processing DS request:", e);
            handleError(httpServletRequest, httpServletResponse, e.getLocalizedMessage());
        } catch (WayfRequestHandled e2) {
        }
    }

    private void handleSelection(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws WayfRequestHandled, WayfException {
        String parameter = httpServletRequest.getParameter("origin");
        LOG.debug("Processing handle selection: " + parameter);
        String sPId = getSPId(httpServletRequest);
        if (parameter == null || parameter.equals("")) {
            handleLookup(httpServletRequest, httpServletResponse, null);
            return;
        }
        if (getValue(httpServletRequest, SHIRE_PARAM_NAME) == null) {
            setupReturnAddress(sPId, httpServletRequest);
        }
        IdPSite idPSite = null;
        for (Plugin plugin : this.plugins) {
            for (IdPSiteSet idPSiteSet : this.siteSets) {
                plugin.selected(httpServletRequest, httpServletResponse, idPSiteSet.paramFor(plugin), parameter);
                if (idPSite == null && idPSiteSet.containsIdP(parameter)) {
                    idPSite = idPSiteSet.getSite(parameter);
                }
            }
        }
        if (idPSite == null) {
            handleLookup(httpServletRequest, httpServletResponse, null);
        } else {
            forwardRequest(httpServletRequest, httpServletResponse, idPSite);
        }
    }

    private void setupReturnAddress(String str, HttpServletRequest httpServletRequest) throws WayfException {
        Extensions extensions;
        HashSet<XMLObject> hashSet = new HashSet();
        String str2 = null;
        boolean z = false;
        for (IdPSiteSet idPSiteSet : this.siteSets) {
            if (idPSiteSet.containsSP(str)) {
                z = true;
                for (RoleDescriptor roleDescriptor : idPSiteSet.getEntity(str).getRoleDescriptors()) {
                    if ((roleDescriptor instanceof SPSSODescriptor) && (extensions = roleDescriptor.getExtensions()) != null) {
                        hashSet.addAll(extensions.getOrderedChildren());
                    }
                }
            }
        }
        if (!z) {
            LOG.error("Could not locate SP " + str + " in metadata");
        }
        DiscoveryResponse[] discoveryResponseArr = new DiscoveryResponse[hashSet.size()];
        int i = 0;
        for (XMLObject xMLObject : hashSet) {
            if (xMLObject instanceof DiscoveryResponse) {
                DiscoveryResponse discoveryResponse = (DiscoveryResponse) xMLObject;
                int i2 = i;
                i++;
                discoveryResponseArr[i2] = discoveryResponse;
                if (discoveryResponse.isDefault().booleanValue() || null == str2) {
                    str2 = discoveryResponse.getLocation();
                }
            }
        }
        String parameter = httpServletRequest.getParameter(RETURN_PARAM_NAME);
        if (parameter == null || parameter.length() == 0) {
            parameter = getValue(httpServletRequest, RETURN_ATTRIBUTE_NAME);
        }
        String parameter2 = httpServletRequest.getParameter(RETURN_INDEX_NAME);
        if (parameter != null && parameter.length() != 0) {
            String str3 = parameter;
            int indexOf = str3.indexOf(63);
            boolean z2 = false;
            if (indexOf >= 0) {
                str3 = str3.substring(0, indexOf);
            }
            try {
                URL url = new URL(str3);
                int length = discoveryResponseArr.length;
                int i3 = 0;
                while (true) {
                    if (i3 >= length) {
                        break;
                    }
                    if (equalsURL(discoveryResponseArr[i3], url)) {
                        z2 = true;
                        break;
                    }
                    i3++;
                }
                if (!z2) {
                    throw new WayfException("Couldn't find endpoint " + str3 + " in metadata");
                }
            } catch (MalformedURLException e) {
                throw new WayfException("Couldn't parse provided return name " + str3, e);
            }
        } else if (parameter2 == null || parameter2.length() == 0) {
            parameter = str2;
        } else {
            try {
                int parseInt = Integer.parseInt(parameter2);
                boolean z3 = false;
                int length2 = discoveryResponseArr.length;
                int i4 = 0;
                while (true) {
                    if (i4 >= length2) {
                        break;
                    }
                    DiscoveryResponse discoveryResponse2 = discoveryResponseArr[i4];
                    if (parseInt == discoveryResponse2.getIndex().intValue()) {
                        z3 = true;
                        parameter = discoveryResponse2.getLocation();
                        break;
                    }
                    i4++;
                }
                if (!z3) {
                    throw new WayfException("Couldn't not find endpoint " + parameter2 + "in metadata");
                }
            } catch (NumberFormatException e2) {
                throw new WayfException("Couldn't convert " + parameter2 + " into an index");
            }
        }
        httpServletRequest.setAttribute(RETURN_ATTRIBUTE_NAME, parameter);
    }

    private static boolean equalsURL(DiscoveryResponse discoveryResponse, URL url) {
        if (null == discoveryResponse) {
            return false;
        }
        try {
            return url.equals(new URL(discoveryResponse.getLocation()));
        } catch (MalformedURLException e) {
            LOG.warn("Found invalid discovery end point : " + discoveryResponse.getLocation(), e);
            return false;
        }
    }

    private void handleLookup(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws WayfException, WayfRequestHandled {
        String value = getValue(httpServletRequest, SHIRE_PARAM_NAME);
        String sPId = getSPId(httpServletRequest);
        EntityDescriptor entityDescriptor = null;
        boolean z = value == null;
        boolean z2 = z && "true".equalsIgnoreCase(getValue(httpServletRequest, ISPASSIVE_PARAM_NAME));
        Collection<IdPSite> collection = null;
        ArrayList arrayList = this.config.getProvideListOfLists() ? new ArrayList(this.siteSets.size()) : null;
        IdPSite.Compare compare = new IdPSite.Compare(httpServletRequest);
        Collection<IdPSite> treeSet = this.config.getProvideList() ? new TreeSet<>(compare) : null;
        if (str != null && !str.equals("")) {
            collection = new TreeSet<>(compare);
        }
        LOG.debug("Processing Idp Lookup for : " + sPId);
        PluginContext[] pluginContextArr = new PluginContext[this.plugins.size()];
        ArrayList arrayList2 = new ArrayList();
        if (z) {
            setupReturnAddress(sPId, httpServletRequest);
        }
        try {
            for (IdPSiteSet idPSiteSet : this.siteSets) {
                if (idPSiteSet.containsSP(sPId) || !this.config.getLookupSp()) {
                    if (null == entityDescriptor) {
                        entityDescriptor = idPSiteSet.getEntity(sPId);
                    }
                    Collection<? extends IdPSite> treeSet2 = collection != null ? new TreeSet<>(compare) : null;
                    Map<String, IdPSite> idPSites = idPSiteSet.getIdPSites(str, this.config, treeSet2);
                    for (int i = 0; i < this.plugins.size(); i++) {
                        Plugin plugin = this.plugins.get(i);
                        if (collection == null) {
                            pluginContextArr[i] = plugin.lookup(httpServletRequest, httpServletResponse, idPSiteSet.paramFor(plugin), idPSites, pluginContextArr[i], arrayList2);
                        } else {
                            pluginContextArr[i] = plugin.search(httpServletRequest, httpServletResponse, idPSiteSet.paramFor(plugin), str, idPSites, pluginContextArr[i], collection, arrayList2);
                        }
                    }
                    if (null != idPSites && !idPSites.isEmpty()) {
                        Collection<? extends IdPSite> treeSet3 = new TreeSet<>(compare);
                        if (null != idPSites) {
                            treeSet3.addAll(idPSites.values());
                        }
                        if (arrayList != null) {
                            arrayList.add(new IdPSiteSetEntry(idPSiteSet, treeSet3));
                        }
                        if (treeSet != null) {
                            treeSet.addAll(treeSet3);
                        }
                        if (collection != null) {
                            collection.addAll(treeSet2);
                        }
                    }
                }
            }
            if (z2) {
                if (0 != arrayList2.size()) {
                    forwardRequest(httpServletRequest, httpServletResponse, (IdPSite) arrayList2.get(0));
                    return;
                } else {
                    forwardRequest(httpServletRequest, httpServletResponse, null);
                    return;
                }
            }
            if (z) {
                String str2 = (String) httpServletRequest.getAttribute(RETURN_ATTRIBUTE_NAME);
                if (null == str2 || 0 == str2.length()) {
                    throw new WayfException("Parameter return not supplied");
                }
                String value2 = getValue(httpServletRequest, RETURNID_PARAM_NAME);
                if (null == value2 || 0 == value2.length()) {
                    value2 = "entityID";
                }
                httpServletRequest.setAttribute(RETURN_ATTRIBUTE_NAME, str2);
                httpServletRequest.setAttribute(RETURNID_PARAM_NAME, value2);
                httpServletRequest.setAttribute("entityID", sPId);
            } else {
                String value3 = getValue(httpServletRequest, TARGET_PARAM_NAME);
                if (null == value3 || 0 == value3.length()) {
                    throw new WayfException("Could not extract target from provided parameters");
                }
                httpServletRequest.setAttribute(SHIRE_PARAM_NAME, value);
                httpServletRequest.setAttribute(TARGET_PARAM_NAME, value3);
                httpServletRequest.setAttribute(PROVIDERID_PARAM_NAME, sPId);
                httpServletRequest.setAttribute(TIME_PARAM_NAME, new Long(new Date().getTime() / 1000).toString());
            }
            setDisplayLanguage(treeSet, httpServletRequest);
            httpServletRequest.setAttribute("sites", treeSet);
            if (null != arrayList) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    setDisplayLanguage(((IdPSiteSetEntry) it.next()).getSites(), httpServletRequest);
                }
            }
            httpServletRequest.setAttribute(PROVIDERID_OBJECT_PARAM_NAME, entityDescriptor);
            httpServletRequest.setAttribute("siteLists", arrayList);
            httpServletRequest.setAttribute("requestURL", httpServletRequest.getRequestURI().toString());
            if (collection != null) {
                if (collection.size() != 0) {
                    setDisplayLanguage(collection, httpServletRequest);
                    httpServletRequest.setAttribute("searchresults", collection);
                } else {
                    httpServletRequest.setAttribute("searchResultsEmpty", "true");
                }
            }
            if (arrayList2.size() > 0) {
                setDisplayLanguage(arrayList2, httpServletRequest);
                httpServletRequest.setAttribute("cookieList", arrayList2);
            }
            LOG.debug("Displaying WAYF selection page.");
            httpServletRequest.getRequestDispatcher(this.config.getJspFile()).forward(httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            LOG.error("Problem displaying WAYF UI.\n" + e.getMessage());
            throw new WayfException("Problem displaying WAYF UI", e);
        } catch (ServletException e2) {
            LOG.error("Problem displaying WAYF UI.\n" + e2.getMessage());
            throw new WayfException("Problem displaying WAYF UI", e2);
        }
    }

    private void setDisplayLanguage(Collection<IdPSite> collection, HttpServletRequest httpServletRequest) {
        if (null == collection) {
            return;
        }
        Locale locale = httpServletRequest.getLocale();
        if (null == locale) {
            Locale.getDefault();
        }
        String language = locale.getLanguage();
        Iterator<IdPSite> it = collection.iterator();
        while (it.hasNext()) {
            it.next().setDisplayLanguage(language);
        }
    }

    public static void forwardRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IdPSite idPSite) throws WayfException {
        String str;
        String value = getValue(httpServletRequest, SHIRE_PARAM_NAME);
        String sPId = getSPId(httpServletRequest);
        if (!(value == null)) {
            String addressForWAYF = idPSite.getAddressForWAYF();
            if (addressForWAYF == null) {
                String str2 = "Error finding to IdP: " + idPSite.getDisplayName(httpServletRequest);
                LOG.error(str2);
                throw new WayfException(str2);
            }
            String value2 = getValue(httpServletRequest, TARGET_PARAM_NAME);
            if (null == value2 || 0 == value2.length()) {
                throw new WayfException("Could not extract target from provided parameters");
            }
            LOG.info("Redirecting to selected Handle Service: " + addressForWAYF);
            try {
                StringBuffer stringBuffer = new StringBuffer(addressForWAYF + "?" + TARGET_PARAM_NAME + "=");
                stringBuffer.append(URLEncoder.encode(value2, "UTF-8"));
                stringBuffer.append("&shire=");
                stringBuffer.append(URLEncoder.encode(value, "UTF-8"));
                stringBuffer.append("&providerId=");
                stringBuffer.append(URLEncoder.encode(sPId, "UTF-8"));
                stringBuffer.append("&time=");
                stringBuffer.append(new Long(new Date().getTime() / 1000).toString());
                httpServletResponse.sendRedirect(stringBuffer.toString());
                return;
            } catch (IOException e) {
                throw new WayfException("Error forwarding to IdP: \n" + e.getMessage());
            }
        }
        String str3 = (String) httpServletRequest.getAttribute(RETURN_ATTRIBUTE_NAME);
        if (null == str3 || 0 == str3.length()) {
            throw new WayfException("Could not find return parameter");
        }
        try {
            String decode = URLDecoder.decode(str3, "UTF-8");
            if (idPSite != null) {
                StringBuffer stringBuffer2 = new StringBuffer(decode);
                String value3 = getValue(httpServletRequest, RETURNID_PARAM_NAME);
                if (null == value3 || 0 == value3.length()) {
                    value3 = "entityID";
                }
                if (decode.indexOf(63) >= 0) {
                    stringBuffer2.append("&" + value3 + "=");
                } else {
                    stringBuffer2.append("?" + value3 + "=");
                }
                stringBuffer2.append(idPSite.getName());
                str = stringBuffer2.toString();
            } else {
                str = decode;
            }
            LOG.debug("Dispatching to " + str);
            try {
                httpServletResponse.sendRedirect(str);
            } catch (IOException e2) {
                throw new WayfException("Error forwarding back to Sp: \n" + e2.getMessage());
            }
        } catch (UnsupportedEncodingException e3) {
            throw new WayfException("Did not understand parameter ", e3);
        }
    }

    private void handleError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        LOG.debug("Displaying WAYF error page.");
        httpServletRequest.setAttribute("errorText", str);
        httpServletRequest.setAttribute("requestURL", httpServletRequest.getRequestURI().toString());
        try {
            httpServletRequest.getRequestDispatcher(this.config.getErrorJspFile()).forward(httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            LOG.error("Problem trying to display WAYF error page: " + e.toString());
        } catch (ServletException e2) {
            LOG.error("Problem trying to display WAYF error page: " + e2.toString());
        }
    }

    private static String getValue(HttpServletRequest httpServletRequest, String str) {
        String parameter = httpServletRequest.getParameter(str);
        return parameter != null ? parameter : (String) httpServletRequest.getAttribute(str);
    }

    private static String getSPId(HttpServletRequest httpServletRequest) throws WayfException {
        String parameter = httpServletRequest.getParameter("entityID");
        if (parameter != null && parameter.length() != 0) {
            return parameter;
        }
        String str = (String) httpServletRequest.getAttribute("entityID");
        if (str != null && str.length() != 0) {
            return str;
        }
        String parameter2 = httpServletRequest.getParameter(PROVIDERID_PARAM_NAME);
        if (parameter2 != null && parameter2.length() != 0) {
            return parameter2;
        }
        String str2 = (String) httpServletRequest.getAttribute(PROVIDERID_PARAM_NAME);
        if (str2 == null || str2.length() == 0) {
            throw new WayfException("Could not locate SP identifier in parameters");
        }
        return str2;
    }
}
