package org.jboss.seam.security.external.openid;

import java.net.URL;
import java.util.List;
import java.util.Map;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.OpenIdPrincipalImpl;
import org.jboss.seam.security.external.ResponseHandler;
import org.jboss.seam.security.external.dialogues.DialogueBean;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
import org.jboss.seam.security.external.openid.api.OpenIdPrincipal;
import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
import org.jboss.seam.solder.logging.Logger;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.FetchRequest;

@ApplicationScoped
/* loaded from: input_file:org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.class */
public class OpenIdRpAuthenticationService {

    @Inject
    private OpenIdRequest openIdRequest;

    @Inject
    private ConsumerManager openIdConsumerManager;

    @Inject
    private Instance<OpenIdRelyingPartySpi> openIdRelyingPartySpi;

    @Inject
    private Instance<OpenIdRpBeanApi> relyingPartyBean;

    @Inject
    private ResponseHandler responseHandler;

    @Inject
    private Logger log;

    @Inject
    HttpSession session;

    @Inject
    private Instance<DialogueBean> dialogue;

    public void handleIncomingMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws InvalidRequestException {
        processIncomingMessage(new ParameterList(httpServletRequest.getParameterMap()), httpServletRequest.getQueryString(), httpServletResponse);
    }

    public void processIncomingMessage(ParameterList parameterList, String str, HttpServletResponse httpServletResponse) {
        try {
            DiscoveryInformation discoveryInformation = this.openIdRequest.getDiscoveryInformation();
            if (discoveryInformation == null) {
                throw new IllegalStateException("No discovery information found in OpenID request");
            }
            StringBuffer stringBuffer = new StringBuffer(((OpenIdRpBeanApi) this.relyingPartyBean.get()).getServiceURL(OpenIdService.OPEN_ID_SERVICE));
            if (str != null && str.length() > 0) {
                stringBuffer.append("?").append(str);
            }
            VerificationResult verify = this.openIdConsumerManager.verify(stringBuffer.toString(), parameterList, discoveryInformation);
            Identifier verifiedId = verify.getVerifiedId();
            if (verifiedId != null) {
                AuthSuccess authResponse = verify.getAuthResponse();
                Map<String, List<String>> map = null;
                if (authResponse.hasExtension("http://openid.net/srv/ax/1.0")) {
                    map = authResponse.getExtension("http://openid.net/srv/ax/1.0").getAttributes();
                }
                ((OpenIdRelyingPartySpi) this.openIdRelyingPartySpi.get()).loginSucceeded(createPrincipal(verifiedId.getIdentifier(), discoveryInformation.getOPEndpoint(), map), this.responseHandler.createResponseHolder(httpServletResponse));
            } else {
                ((OpenIdRelyingPartySpi) this.openIdRelyingPartySpi.get()).loginFailed(verify.getStatusMsg(), this.responseHandler.createResponseHolder(httpServletResponse));
            }
            ((DialogueBean) this.dialogue.get()).setFinished(true);
        } catch (OpenIDException e) {
            this.responseHandler.sendError(400, e.getMessage(), httpServletResponse);
        }
    }

    @Dialogued(join = true)
    public void sendAuthRequest(String str, List<OpenIdRequestedAttribute> list, HttpServletResponse httpServletResponse) {
        try {
            DiscoveryInformation associate = this.openIdConsumerManager.associate(this.openIdConsumerManager.discover(str));
            this.openIdRequest.setDiscoveryInformation(associate);
            AuthRequest authenticate = this.openIdConsumerManager.authenticate(associate, ((OpenIdRpBeanApi) this.relyingPartyBean.get()).getServiceURL(OpenIdService.OPEN_ID_SERVICE) + "?dialogueId=" + ((DialogueBean) this.dialogue.get()).getId(), ((OpenIdRpBeanApi) this.relyingPartyBean.get()).getRealm());
            if (list != null && list.size() > 0) {
                FetchRequest createFetchRequest = FetchRequest.createFetchRequest();
                for (OpenIdRequestedAttribute openIdRequestedAttribute : list) {
                    createFetchRequest.addAttribute(openIdRequestedAttribute.getAlias(), openIdRequestedAttribute.getTypeUri(), openIdRequestedAttribute.isRequired());
                }
                authenticate.addExtension(createFetchRequest);
            }
            this.responseHandler.sendHttpRedirectToUserAgent(authenticate.getDestinationUrl(true), httpServletResponse);
        } catch (OpenIDException e) {
            this.log.warn("Authentication failed", e);
            ((OpenIdRelyingPartySpi) this.openIdRelyingPartySpi.get()).loginFailed(e.getMessage(), this.responseHandler.createResponseHolder(httpServletResponse));
        }
    }

    private OpenIdPrincipal createPrincipal(String str, URL url, Map<String, List<String>> map) {
        return new OpenIdPrincipalImpl(str, url, map);
    }
}
