package org.jboss.identity.federation.web.servlets;

import java.io.IOException;
import java.security.Principal;
import javax.security.auth.login.LoginException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.jboss.identity.federation.web.handlers.DefaultLoginHandler;
import org.jboss.identity.federation.web.interfaces.ILoginHandler;

/* loaded from: input_file:WEB-INF/lib/jboss-identity-web-1.0.0.beta2.jar:org/jboss/identity/federation/web/servlets/IDPLoginServlet.class */
public class IDPLoginServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private transient ServletContext context;
    private String USERNAME_FIELD = "JBID_USERNAME";
    private String PASS_FIELD = "JBID_PASSWORD";
    private transient ILoginHandler loginHandler = null;

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpSession session = httpServletRequest.getSession();
        if (((Principal) session.getAttribute("jboss_identity.principal")) != null) {
            saveRequest(httpServletRequest, session);
            redirectToIDP(httpServletRequest, httpServletResponse);
            return;
        }
        final String parameter = httpServletRequest.getParameter(this.USERNAME_FIELD);
        String parameter2 = httpServletRequest.getParameter(this.PASS_FIELD);
        if (parameter == null || parameter2 == null) {
            String parameter3 = httpServletRequest.getParameter("SAMLRequest");
            if (parameter3 == null || "".equals(parameter3)) {
                httpServletResponse.sendError(400);
            }
            log("No username or password found. Redirecting to login page");
            saveRequest(httpServletRequest, session);
            if (httpServletResponse.isCommitted()) {
                throw new RuntimeException("Response is committed. Cannot forward to login page.");
            }
            redirectToLoginPage(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            if (!this.loginHandler.authenticate(parameter, parameter2)) {
                httpServletResponse.sendError(403);
            } else {
                session.setAttribute("jboss_identity.principal", new Principal() { // from class: org.jboss.identity.federation.web.servlets.IDPLoginServlet.1
                    @Override // java.security.Principal
                    public String getName() {
                        return parameter;
                    }
                });
                redirectToIDP(httpServletRequest, httpServletResponse);
            }
        } catch (LoginException e) {
            log("Exception logging in :", e);
            httpServletResponse.sendError(403);
        }
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        this.context = servletConfig.getServletContext();
        String initParameter = servletConfig.getInitParameter("USERNAME_FIELD");
        if (initParameter != null && initParameter.length() > 0) {
            this.USERNAME_FIELD = initParameter;
        }
        String initParameter2 = servletConfig.getInitParameter("PASSWORD_FIELD");
        if (initParameter2 != null && initParameter2.length() > 0) {
            this.PASS_FIELD = initParameter2;
        }
        String initParameter3 = servletConfig.getInitParameter("loginClass");
        if (initParameter3 == null || initParameter3.length() == 0) {
            initParameter3 = DefaultLoginHandler.class.getName();
        }
        try {
            this.loginHandler = (ILoginHandler) SecurityActions.getContextClassLoader().loadClass(initParameter3).newInstance();
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    private void saveRequest(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        httpSession.setAttribute("SAMLRequest", httpServletRequest.getParameter("SAMLRequest"));
        String parameter = httpServletRequest.getParameter("RelayState");
        if (parameter != null && !"".equals(parameter)) {
            httpSession.setAttribute("RelayState", parameter);
        }
        httpSession.setAttribute("Referer", httpServletRequest.getHeader("Referer"));
    }

    private void redirectToIDP(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        RequestDispatcher requestDispatcher = this.context.getRequestDispatcher("/IDPServlet");
        if (requestDispatcher == null) {
            log("Cannot dispatch to the IDP Servlet");
        } else {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        }
    }

    private void redirectToLoginPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        RequestDispatcher requestDispatcher = this.context.getRequestDispatcher("/jsp/login.jsp");
        if (requestDispatcher == null) {
            log("Cannot find the login page");
        } else {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        }
    }
}
