package org.picketlink.identity.seam.federation;

import java.io.IOException;
import java.net.URL;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jboss.seam.annotations.AutoCreate;
import org.jboss.seam.annotations.Import;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Name;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.ax.FetchResponse;
import org.picketlink.identity.seam.federation.configuration.ServiceProvider;

@Import({"org.picketlink.identity.seam.federation"})
@Name("org.picketlink.identity.seam.federation.openIdSingleLoginReceiver")
@AutoCreate
/* loaded from: input_file:WEB-INF/lib/picketlink-seam-1.0.3.CR4.jar:org/picketlink/identity/seam/federation/OpenIdSingleLoginReceiver.class */
public class OpenIdSingleLoginReceiver {

    @In
    private OpenIdRequest openIdRequest;

    @In
    private ConsumerManager openIdConsumerManager;

    @In
    private InternalAuthenticator internalAuthenticator;

    @In
    private ServiceProvider serviceProvider;

    public void handleIncomingMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws InvalidRequestException {
        boolean z;
        try {
            ParameterList parameterList = new ParameterList(httpServletRequest.getParameterMap());
            DiscoveryInformation discoveryInformation = this.openIdRequest.getDiscoveryInformation();
            StringBuffer requestURL = httpServletRequest.getRequestURL();
            String queryString = httpServletRequest.getQueryString();
            if (queryString != null && queryString.length() > 0) {
                requestURL.append("?").append(httpServletRequest.getQueryString());
            }
            VerificationResult verify = this.openIdConsumerManager.verify(requestURL.toString(), parameterList, discoveryInformation);
            Identifier verifiedId = verify.getVerifiedId();
            if (verifiedId != null) {
                AuthSuccess authSuccess = (AuthSuccess) verify.getAuthResponse();
                Map map = null;
                if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
                    map = ((FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX)).getAttributes();
                }
                z = this.internalAuthenticator.authenticate(createPrincipal(verifiedId.getIdentifier(), discoveryInformation.getOPEndpoint(), map), httpServletRequest);
            } else {
                z = false;
            }
            if (z) {
                httpServletResponse.sendRedirect(this.openIdRequest.getReturnUrl());
            } else {
                httpServletResponse.sendRedirect(this.serviceProvider.getFailedAuthenticationUrl());
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (OpenIDException e2) {
            throw new RuntimeException(e2);
        }
    }

    private OpenIdPrincipal createPrincipal(String str, URL url, Map<String, String> map) {
        return new OpenIdPrincipal(str, url, map);
    }
}
