package org.picketlink.identity.federation.bindings.wildfly.sp;

import io.undertow.server.HandlerWrapper;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.handlers.ServletRequestContext;
import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.PicketLinkLoggerFactory;
import org.picketlink.common.util.StringUtil;
import org.picketlink.config.federation.IdentityURLProviderType;
import org.picketlink.config.federation.SPType;
import org.picketlink.identity.federation.web.config.IdentityURLConfigurationProvider;
import org.picketlink.identity.federation.web.config.PropertiesIdentityURLProvider;

/* loaded from: input_file:org/picketlink/identity/federation/bindings/wildfly/sp/IdentityURLProviderHandler.class */
public class IdentityURLProviderHandler implements HttpHandler {
    protected static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
    public static final String ACCOUNT_CHOOSER_COOKIE_NAME = "picketlink.account.name";
    public static final String ACCOUNT_PARAMETER = "idp";
    public static final String AUTHENTICATING = "AUTHENTICATING";
    public static final String STATE = "STATE";
    private final HttpHandler next;
    private final SPType spType;
    private final IdentityURLConfigurationProvider identityURLConfigurationProvider;
    private final Map<String, String> idpMap = new ConcurrentHashMap();

    public static final HandlerWrapper wrapper(final SPType sPType, final ServletContext servletContext) {
        return new HandlerWrapper() { // from class: org.picketlink.identity.federation.bindings.wildfly.sp.IdentityURLProviderHandler.1
            public HttpHandler wrap(HttpHandler httpHandler) {
                return new IdentityURLProviderHandler(sPType, servletContext, httpHandler);
            }
        };
    }

    public IdentityURLProviderHandler(SPType sPType, ServletContext servletContext, HttpHandler httpHandler) {
        this.spType = sPType;
        this.next = httpHandler;
        IdentityURLProviderType identityURLProvider = sPType.getIdentityURLProvider();
        if (identityURLProvider == null) {
            throw logger.nullArgumentError("IdentityURL Provider");
        }
        try {
            String type = identityURLProvider.getType();
            type = type == null ? PropertiesIdentityURLProvider.class.getName() : type;
            Class<?> loadClass = SecurityActions.loadClass(getClass(), type);
            if (loadClass == null) {
                throw logger.classNotLoadedError(type);
            }
            this.identityURLConfigurationProvider = (IdentityURLConfigurationProvider) loadClass.newInstance();
            this.identityURLConfigurationProvider.setServletContext(servletContext);
            this.idpMap.putAll(this.identityURLConfigurationProvider.getIDPMap());
        } catch (Exception e) {
            throw new RuntimeException("Could not create Identity URL provider [" + getClass().getName() + "].", e);
        }
    }

    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequestContext.getServletRequest();
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletRequestContext.getServletResponse();
        HttpSession session = httpServletRequest.getSession();
        if (this.idpMap.isEmpty()) {
            this.idpMap.putAll(this.identityURLConfigurationProvider.getIDPMap());
        }
        String str = (String) session.getAttribute("STATE");
        String parameter = httpServletRequest.getParameter("idp");
        String cookieValue = cookieValue(httpServletRequest);
        if (cookieValue != null || "AUTHENTICATING".equals(str)) {
            if (parameter != null) {
                httpServletRequest.setAttribute("picketlink.desired.idp", this.idpMap.get(parameter));
            }
            if (!"AUTHENTICATING".equals(str) || httpServletRequest.getParameter("SAMLResponse") != null) {
                proceedToAuthentication(httpServerExchange, cookieValue);
                return;
            } else {
                session.removeAttribute("STATE");
                redirectToChosenPage(httpServletRequest, httpServletResponse);
                return;
            }
        }
        if (parameter == null) {
            redirectToChosenPage(httpServletRequest, httpServletResponse);
            httpServerExchange.endExchange();
            return;
        }
        String str2 = this.idpMap.get(parameter);
        if (str2 == null) {
            logger.configurationFileMissing(":IDP Mapping");
            throw new ServletException();
        }
        httpServletRequest.setAttribute("picketlink.desired.idp", str2);
        session.setAttribute("STATE", "AUTHENTICATING");
        proceedToAuthentication(httpServerExchange, parameter);
    }

    protected String cookieValue(HttpServletRequest httpServletRequest) {
        String value;
        String str;
        String value2;
        String str2;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            String domain = cookie.getDomain();
            if (domain == null || !domain.equalsIgnoreCase(getIdentityURLProvider().getDomain())) {
                if ("picketlink.account.name".equals(name) && (str = this.idpMap.get((value = cookie.getValue()))) != null) {
                    httpServletRequest.setAttribute("picketlink.desired.idp", str);
                    return value;
                }
            } else if ("picketlink.account.name".equals(name) && (str2 = this.idpMap.get((value2 = cookie.getValue()))) != null) {
                httpServletRequest.setAttribute("picketlink.desired.idp", str2);
                return value2;
            }
        }
        return null;
    }

    protected void redirectToChosenPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String page = getIdentityURLProvider().getPage();
        if (page == null) {
            page = "/accountChooser.html";
        }
        RequestDispatcher requestDispatcher = httpServletRequest.getServletContext().getRequestDispatcher(page);
        if (requestDispatcher != null) {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        }
    }

    protected void proceedToAuthentication(HttpServerExchange httpServerExchange, String str) throws Exception {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        HttpServletRequest servletRequest = servletRequestContext.getServletRequest();
        HttpServletResponse servletResponse = servletRequestContext.getServletResponse();
        HttpSession session = servletRequest.getSession(true);
        String str2 = session != null ? (String) session.getAttribute("STATE") : null;
        try {
            this.next.handleRequest(httpServerExchange);
            if (servletRequest.getUserPrincipal() == null || !StringUtil.isNotNull(str2)) {
                return;
            }
            session.removeAttribute("STATE");
            String contextPath = servletRequest.getServletContext().getContextPath();
            if (str == null) {
                str = servletRequest.getParameter("idp");
            }
            Cookie cookie = new Cookie("picketlink.account.name", str);
            cookie.setPath(contextPath);
            IdentityURLProviderType identityURLProvider = getIdentityURLProvider();
            cookie.setMaxAge(identityURLProvider.getExpiration());
            String domain = identityURLProvider.getDomain();
            if (domain != null) {
                cookie.setDomain(domain);
            }
            servletResponse.addCookie(cookie);
        } catch (Throwable th) {
            if (servletRequest.getUserPrincipal() != null && StringUtil.isNotNull(str2)) {
                session.removeAttribute("STATE");
                String contextPath2 = servletRequest.getServletContext().getContextPath();
                if (str == null) {
                    str = servletRequest.getParameter("idp");
                }
                Cookie cookie2 = new Cookie("picketlink.account.name", str);
                cookie2.setPath(contextPath2);
                IdentityURLProviderType identityURLProvider2 = getIdentityURLProvider();
                cookie2.setMaxAge(identityURLProvider2.getExpiration());
                String domain2 = identityURLProvider2.getDomain();
                if (domain2 != null) {
                    cookie2.setDomain(domain2);
                }
                servletResponse.addCookie(cookie2);
            }
            throw th;
        }
    }

    private IdentityURLProviderType getIdentityURLProvider() {
        return this.spType.getIdentityURLProvider();
    }
}
