package org.picketlink.social.facebook;

import java.io.IOException;
import java.lang.reflect.Method;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.log4j.Logger;

/* loaded from: input_file:org/picketlink/social/facebook/FacebookAuthenticator.class */
public class FacebookAuthenticator extends FormAuthenticator {
    protected static Logger log = Logger.getLogger(FacebookAuthenticator.class);
    protected String returnURL;
    protected String clientID;
    protected String clientSecret;
    protected FacebookProcessor processor;
    protected boolean trace = log.isTraceEnabled();
    protected String scope = "email";
    protected List<String> roles = new ArrayList();
    protected boolean saveRestoreRequest = true;
    private Method theSuperRegisterMethod = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/picketlink/social/facebook/FacebookAuthenticator$STATES.class */
    public enum STATES {
        AUTH,
        AUTHZ,
        FINISH;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static STATES[] valuesCustom() {
            STATES[] valuesCustom = values();
            int length = valuesCustom.length;
            STATES[] statesArr = new STATES[length];
            System.arraycopy(valuesCustom, 0, statesArr, 0, length);
            return statesArr;
        }
    }

    public void setReturnURL(String str) {
        this.returnURL = getSystemPropertyAsString(str);
    }

    public void setClientID(String str) {
        this.clientID = str;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public void setRoleString(String str) {
        if (str == null) {
            throw new RuntimeException("Role String is null in configuration");
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreElements()) {
            this.roles.add(stringTokenizer.nextToken());
        }
    }

    public void setSaveRestoreRequest(boolean z) {
        this.saveRestoreRequest = z;
    }

    public void start() throws LifecycleException {
        if (this.clientID == null) {
            throw new LifecycleException("clientID is not provided");
        }
        if (this.clientSecret == null) {
            throw new LifecycleException("clientSecret is not provided");
        }
        if (this.returnURL == null) {
            throw new LifecycleException("returnURL is not provided");
        }
        super.start();
    }

    public boolean authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, LoginConfig loginConfig) throws IOException {
        if (!(httpServletRequest instanceof Request)) {
            throw new IOException("Not of type Catalina request");
        }
        if (httpServletResponse instanceof Response) {
            return authenticate((Request) httpServletRequest, (Response) httpServletResponse, loginConfig);
        }
        throw new IOException("Not of type Catalina response");
    }

    public boolean authenticate(Request request, HttpServletResponse httpServletResponse, LoginConfig loginConfig) throws IOException {
        if (httpServletResponse instanceof Response) {
            return authenticate(request, (Response) httpServletResponse, loginConfig);
        }
        throw new RuntimeException("Wrong type of response:" + httpServletResponse);
    }

    public boolean authenticate(Request request, Response response, LoginConfig loginConfig) throws IOException {
        if (this.trace) {
            log.trace("authenticate");
        }
        if (this.processor == null) {
            this.processor = new FacebookProcessor(this.clientID, this.clientSecret, this.scope, this.returnURL, this.roles);
        }
        String str = (String) request.getSession().getAttribute("STATE");
        if (this.trace) {
            log.trace("state=" + str);
        }
        if (STATES.FINISH.name().equals(str)) {
            return true;
        }
        if (str == null || str.isEmpty()) {
            if (this.saveRestoreRequest) {
                saveRequest(request, request.getSessionInternal());
            }
            return this.processor.initialInteraction(request, response);
        }
        if (str.equals(STATES.AUTH.name())) {
            return this.processor.handleAuthStage(request, response);
        }
        if (!str.equals(STATES.AUTHZ.name())) {
            return false;
        }
        Principal principal = this.processor.getPrincipal(request, response, this.context.getRealm());
        if (principal == null) {
            log.error("Principal was null. Maybe login modules need to be configured properly.");
            response.sendError(403);
            return false;
        }
        String name = principal.getName();
        request.getSessionInternal().setNote("org.apache.catalina.session.USERNAME", name);
        request.getSessionInternal().setNote("org.apache.catalina.session.PASSWORD", "");
        request.setUserPrincipal(principal);
        if (this.saveRestoreRequest) {
            restoreRequest(request, request.getSessionInternal());
        }
        registerWithAuthenticatorBase(request, response, principal, name);
        request.getSession().setAttribute("STATE", STATES.FINISH.name());
        return true;
    }

    protected void registerWithAuthenticatorBase(Request request, Response response, Principal principal, String str) {
        try {
            register(request, response, principal, "FORM", str, "");
        } catch (NoSuchMethodError e) {
            if (this.theSuperRegisterMethod == null) {
                this.theSuperRegisterMethod = SecurityActions.getMethod(getClass().getSuperclass(), "register", new Class[]{Request.class, HttpServletResponse.class, Principal.class, String.class, String.class, String.class});
            }
            if (this.theSuperRegisterMethod != null) {
                try {
                    this.theSuperRegisterMethod.invoke(this, request, response.getResponse(), principal, "FORM", str, FacebookProcessor.EMPTY_PASSWORD);
                } catch (Exception e2) {
                    log.error("Unable to register:", e2);
                }
            }
        }
    }

    protected String getSystemPropertyAsString(String str) {
        if (str == null) {
            throw new IllegalArgumentException("str is null");
        }
        if (str.contains("${")) {
            Matcher matcher = Pattern.compile("\\$\\{([^}]+)}").matcher(str);
            StringBuffer stringBuffer = new StringBuffer();
            while (matcher.find()) {
                String group = matcher.group(1);
                String str2 = "";
                if (group.contains("::")) {
                    int indexOf = group.indexOf("::");
                    str2 = group.substring(indexOf + 2);
                    group = group.substring(0, indexOf);
                }
                String systemProperty = SecurityActions.getSystemProperty(group, str2);
                if (systemProperty.isEmpty()) {
                    throw new IllegalArgumentException(String.valueOf(matcher.group(1)) + " is missing in system properties");
                }
                matcher.appendReplacement(stringBuffer, systemProperty);
            }
            matcher.appendTail(stringBuffer);
            str = stringBuffer.toString();
        }
        return str;
    }
}
