package org.jboss.seam.security.external.openid;

import java.io.IOException;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.httpclient.methods.multipart.StringPart;
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.OpenIdRequestedAttributeImpl;
import org.jboss.seam.security.external.ResponseHandler;
import org.jboss.seam.security.external.dialogues.DialogueBean;
import org.jboss.seam.security.external.dialogues.api.DialogueManager;
import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
import org.openid4java.message.AssociationRequest;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.DirectError;
import org.openid4java.message.Message;
import org.openid4java.message.MessageException;
import org.openid4java.message.ParameterList;
import org.openid4java.message.VerifyRequest;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.openid4java.server.ServerManager;

/* loaded from: input_file:WEB-INF/lib/seam-security-external-3.0.0.Beta1.jar:org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.class */
public class OpenIdProviderAuthenticationService {

    @Inject
    private Instance<OpenIdProviderRequest> openIdProviderRequest;

    @Inject
    private Instance<ServerManager> openIdServerManager;

    @Inject
    private Instance<OpenIdProviderSpi> openIdProviderSpi;

    @Inject
    private ResponseHandler responseHandler;

    @Inject
    private DialogueManager dialogueManager;

    @Inject
    private Instance<DialogueBean> dialogue;

    @Inject
    private Instance<OpenIdProviderBean> opBean;

    public void handleIncomingMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws InvalidRequestException {
        ParameterList parameterList = new ParameterList(httpServletRequest.getParameterMap());
        String parameterValue = parameterList.getParameterValue("openid.mode");
        if (AssociationRequest.MODE_ASSOC.equals(parameterValue)) {
            writeMessageToResponse(((ServerManager) this.openIdServerManager.get()).associationResponse(parameterList), httpServletResponse);
            return;
        }
        if (!AuthRequest.MODE_SETUP.equals(parameterValue) && !AuthRequest.MODE_IMMEDIATE.equals(parameterValue)) {
            if (VerifyRequest.MODE_CHKAUTH.equals(parameterValue)) {
                writeMessageToResponse(((ServerManager) this.openIdServerManager.get()).verify(parameterList), httpServletResponse);
                return;
            } else {
                writeMessageToResponse(DirectError.createDirectError("Unknown request"), httpServletResponse);
                return;
            }
        }
        this.dialogueManager.beginDialogue();
        String parameterValue2 = parameterList.getParameterValue("openid.claimed_id");
        String parameterValue3 = parameterList.getParameterValue("openid.identity");
        ((OpenIdProviderRequest) this.openIdProviderRequest.get()).setParameterList(parameterList);
        ((OpenIdProviderRequest) this.openIdProviderRequest.get()).setClaimedIdentifier(parameterValue2);
        Object obj = null;
        try {
            AuthRequest createAuthRequest = AuthRequest.createAuthRequest(parameterList, ((ServerManager) this.openIdServerManager.get()).getRealmVerifier());
            if (createAuthRequest.hasExtension(AxMessage.OPENID_NS_AX)) {
                obj = createAuthRequest.getExtension(AxMessage.OPENID_NS_AX);
            }
            if (obj instanceof FetchRequest) {
                FetchRequest fetchRequest = (FetchRequest) obj;
                LinkedList linkedList = new LinkedList();
                handleAttributeRequests(fetchRequest, linkedList, false);
                handleAttributeRequests(fetchRequest, linkedList, true);
                ((OpenIdProviderRequest) this.openIdProviderRequest.get()).setRequestedAttributes(linkedList);
                ((OpenIdProviderRequest) this.openIdProviderRequest.get()).setFetchRequest(fetchRequest);
            }
            if (parameterValue2 == null || parameterValue3 == null) {
                writeMessageToResponse(DirectError.createDirectError("Invalid request; claimed_id or identity attribute is missing"), httpServletResponse);
            } else {
                boolean equals = AuthRequest.MODE_IMMEDIATE.equals(parameterValue);
                String parameterValue4 = parameterList.getParameterValue("openid.realm");
                if (parameterValue4 == null) {
                    parameterValue4 = parameterList.getParameterValue("openid.return_to");
                }
                if (parameterValue3.equals(AuthRequest.SELECT_ID)) {
                    ((OpenIdProviderSpi) this.openIdProviderSpi.get()).authenticate(parameterValue4, null, equals, this.responseHandler.createResponseHolder(httpServletResponse));
                } else {
                    ((OpenIdProviderSpi) this.openIdProviderSpi.get()).authenticate(parameterValue4, ((OpenIdProviderBean) this.opBean.get()).getUserNameFromOpLocalIdentifier(parameterValue3), equals, this.responseHandler.createResponseHolder(httpServletResponse));
                }
            }
            this.dialogueManager.detachDialogue();
        } catch (MessageException e) {
            throw new RuntimeException(e);
        }
    }

    private void handleAttributeRequests(FetchRequest fetchRequest, List<OpenIdRequestedAttribute> list, boolean z) {
        for (Map.Entry entry : fetchRequest.getAttributes(z).entrySet()) {
            OpenIdRequestedAttributeImpl openIdRequestedAttributeImpl = new OpenIdRequestedAttributeImpl();
            openIdRequestedAttributeImpl.setAlias((String) entry.getKey());
            openIdRequestedAttributeImpl.setTypeUri((String) entry.getValue());
            openIdRequestedAttributeImpl.setRequired(z);
            openIdRequestedAttributeImpl.setCount(Integer.valueOf(fetchRequest.getCount((String) entry.getKey())));
            list.add(openIdRequestedAttributeImpl);
        }
    }

    public void sendAuthenticationResponse(boolean z, Map<String, List<String>> map, HttpServletResponse httpServletResponse) {
        ParameterList parameterList = ((OpenIdProviderRequest) this.openIdProviderRequest.get()).getParameterList();
        String opLocalIdentifierForUserName = ((OpenIdProviderBean) this.opBean.get()).getOpLocalIdentifierForUserName(((OpenIdProviderRequest) this.openIdProviderRequest.get()).getUserName());
        String claimedIdentifier = ((OpenIdProviderRequest) this.openIdProviderRequest.get()).getClaimedIdentifier();
        if (claimedIdentifier.equals(AuthRequest.SELECT_ID)) {
            claimedIdentifier = opLocalIdentifierForUserName;
        }
        Message authResponse = ((ServerManager) this.openIdServerManager.get()).authResponse(parameterList, opLocalIdentifierForUserName, claimedIdentifier, z);
        if (httpServletResponse instanceof DirectError) {
            writeMessageToResponse(authResponse, httpServletResponse);
        } else {
            if (((OpenIdProviderRequest) this.openIdProviderRequest.get()).getRequestedAttributes() != null) {
                try {
                    authResponse.addExtension(FetchResponse.createFetchResponse(((OpenIdProviderRequest) this.openIdProviderRequest.get()).getFetchRequest(), map));
                } catch (MessageException e) {
                    throw new RuntimeException(e);
                }
            }
            this.responseHandler.sendHttpRedirectToUserAgent(authResponse.getDestinationUrl(true), httpServletResponse);
        }
        ((DialogueBean) this.dialogue.get()).setFinished(true);
    }

    private void writeMessageToResponse(Message message, HttpServletResponse httpServletResponse) {
        try {
            this.responseHandler.getWriter(StringPart.DEFAULT_CONTENT_TYPE, httpServletResponse).append((CharSequence) message.keyValueFormEncoding());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }
}
