package org.picketlink.identity.federation.bindings.tomcat.sp;

import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import org.apache.catalina.Context;
import org.apache.catalina.Lifecycle;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.LifecycleListener;
import org.apache.catalina.Session;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.valves.ValveBase;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.PicketLinkLoggerFactory;
import org.picketlink.common.util.StringUtil;
import org.picketlink.identity.federation.bindings.tomcat.sp.plugins.PropertiesAccountMapProvider;
import org.picketlink.identity.federation.web.constants.GeneralConstants;

/* loaded from: input_file:eap7/api-jars/picketlink-wildfly8-2.5.5.SP1.jar:org/picketlink/identity/federation/bindings/tomcat/sp/AbstractAccountChooserValve.class */
public abstract class AbstractAccountChooserValve extends ValveBase implements Lifecycle {
    protected static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
    public static final String ACCOUNT_CHOOSER_COOKIE_NAME = "picketlink.account.name";
    public static final String ACCOUNT_PARAMETER = "idp";
    public static final String AUTHENTICATING = "AUTHENTICATING";
    public static final String STATE = "STATE";
    protected String domainName;
    protected AccountIDPMapProvider accountIDPMapProvider;
    protected String accountChooserPage = "/accountChooser.html";
    protected ConcurrentHashMap<String, String> idpMap = new ConcurrentHashMap<>();
    private String accountIDPMapProviderName = PropertiesAccountMapProvider.class.getName();
    protected int cookieExpiry = -1;
    protected LifecycleSupport lifecycle = new LifecycleSupport(this);

    /* loaded from: input_file:eap7/api-jars/picketlink-wildfly8-2.5.5.SP1.jar:org/picketlink/identity/federation/bindings/tomcat/sp/AbstractAccountChooserValve$AccountIDPMapProvider.class */
    public interface AccountIDPMapProvider {
        void setServletContext(ServletContext servletContext);

        void setClassLoader(ClassLoader classLoader);

        Map<String, String> getIDPMap() throws IOException;
    }

    @Override // org.apache.catalina.Lifecycle
    public void start() throws LifecycleException {
        try {
            Class<?> loadClass = SecurityActions.loadClass(getClass(), this.accountIDPMapProviderName);
            if (loadClass == null) {
                throw logger.classNotLoadedError(this.accountIDPMapProviderName);
            }
            this.accountIDPMapProvider = (AccountIDPMapProvider) loadClass.newInstance();
            this.accountIDPMapProvider.setServletContext(((Context) getContainer()).getServletContext());
            this.idpMap.putAll(this.accountIDPMapProvider.getIDPMap());
        } catch (Exception e) {
            throw new LifecycleException("Could not start " + getClass().getName() + ".", e);
        }
    }

    @Override // org.apache.catalina.Lifecycle
    public void stop() throws LifecycleException {
    }

    @Override // org.apache.catalina.Lifecycle
    public void removeLifecycleListener(LifecycleListener lifecycleListener) {
        this.lifecycle.removeLifecycleListener(lifecycleListener);
    }

    @Override // org.apache.catalina.Lifecycle
    public LifecycleListener[] findLifecycleListeners() {
        return this.lifecycle.findLifecycleListeners();
    }

    @Override // org.apache.catalina.Lifecycle
    public void addLifecycleListener(LifecycleListener lifecycleListener) {
        this.lifecycle.addLifecycleListener(lifecycleListener);
    }

    public void setDomainName(String str) {
        this.domainName = str;
    }

    public void setCookieExpiry(String str) {
        try {
            this.cookieExpiry = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            logger.processingError(e);
        }
    }

    public void setAccountIDPMapProvider(String str) {
        this.accountIDPMapProviderName = str;
    }

    public void setAccountChooserPage(String str) {
        this.accountChooserPage = str;
    }

    @Override // org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public void invoke(Request request, Response response) throws IOException, ServletException {
        Session sessionInternal = request.getSessionInternal();
        if (this.idpMap.isEmpty()) {
            this.idpMap.putAll(this.accountIDPMapProvider.getIDPMap());
        }
        String str = (String) sessionInternal.getNote("STATE");
        String parameter = request.getParameter("idp");
        String cookieValue = cookieValue(request);
        if (cookieValue != null || "AUTHENTICATING".equals(str)) {
            if (parameter != null) {
                request.setAttribute(GeneralConstants.DESIRED_IDP, this.idpMap.get(parameter));
            }
            if (!"AUTHENTICATING".equals(str) || request.getParameter("SAMLResponse") != null) {
                proceedToAuthentication(request, response, cookieValue);
                return;
            } else {
                sessionInternal.removeNote("STATE");
                redirectToChosenPage(this.accountChooserPage, request, response);
                return;
            }
        }
        if (parameter == null) {
            redirectToChosenPage(this.accountChooserPage, request, response);
            return;
        }
        String str2 = this.idpMap.get(parameter);
        if (str2 == null) {
            logger.configurationFileMissing(":IDP Mapping");
            throw new ServletException();
        }
        request.setAttribute(GeneralConstants.DESIRED_IDP, str2);
        sessionInternal.setNote("STATE", "AUTHENTICATING");
        proceedToAuthentication(request, response, parameter);
    }

    protected void proceedToAuthentication(Request request, Response response, String str) throws IOException, ServletException {
        Session sessionInternal = request.getSessionInternal(false);
        try {
            getNext().invoke(request, response);
            String str2 = sessionInternal != null ? (String) sessionInternal.getNote("STATE") : null;
            if (request.getUserPrincipal() == null || !StringUtil.isNotNull(str2)) {
                return;
            }
            sessionInternal.removeNote("STATE");
            String path = ((Context) getContainer()).getPath();
            if (str == null) {
                str = request.getParameter("idp");
            }
            Cookie cookie = new Cookie("picketlink.account.name", str);
            cookie.setPath(path);
            cookie.setMaxAge(this.cookieExpiry);
            if (this.domainName != null) {
                cookie.setDomain(this.domainName);
            }
            response.addCookie(cookie);
        } catch (Throwable th) {
            String str3 = sessionInternal != null ? (String) sessionInternal.getNote("STATE") : null;
            if (request.getUserPrincipal() != null && StringUtil.isNotNull(str3)) {
                sessionInternal.removeNote("STATE");
                String path2 = ((Context) getContainer()).getPath();
                if (str == null) {
                    str = request.getParameter("idp");
                }
                Cookie cookie2 = new Cookie("picketlink.account.name", str);
                cookie2.setPath(path2);
                cookie2.setMaxAge(this.cookieExpiry);
                if (this.domainName != null) {
                    cookie2.setDomain(this.domainName);
                }
                response.addCookie(cookie2);
            }
            throw th;
        }
    }

    protected void redirectToChosenPage(String str, Request request, Response response) throws ServletException, IOException {
        RequestDispatcher requestDispatcher = ((Context) getContainer()).getServletContext().getRequestDispatcher(str);
        if (requestDispatcher != null) {
            requestDispatcher.forward(request.getRequest(), response);
        }
    }

    protected String cookieValue(Request request) {
        String value;
        String str;
        String value2;
        String str2;
        Cookie[] cookies = request.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            String domain = cookie.getDomain();
            if (domain == null || !domain.equalsIgnoreCase(this.domainName)) {
                if ("picketlink.account.name".equals(name) && (str = this.idpMap.get((value = cookie.getValue()))) != null) {
                    request.setAttribute(GeneralConstants.DESIRED_IDP, str);
                    return value;
                }
            } else if ("picketlink.account.name".equals(name) && (str2 = this.idpMap.get((value2 = cookie.getValue()))) != null) {
                request.setAttribute(GeneralConstants.DESIRED_IDP, str2);
                return value2;
            }
        }
        return null;
    }

    protected abstract void saveRequest(Request request, Session session) throws IOException;

    protected abstract boolean restoreRequest(Request request, Session session) throws IOException;
}
