package nl.gezondheidsmeter.SSO;

import java.io.IOException;
import java.security.Principal;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Calendar;
import java.util.Collections;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import nl.knowledgeplaza.SiamClient.SiamClient;
import nl.knowledgeplaza.SiamClient.SiamContext;
import nl.knowledgeplaza.SiamClient.Utils.QueryString;
import nl.knowledgeplaza.securityfilter.SSO.SSOHandler;
import nl.knowledgeplaza.securityfilter.SecurityFilter;
import nl.knowledgeplaza.securityfilter.SecurityFilterPrincipal;
import nl.knowledgeplaza.util.Base64;
import nl.knowledgeplaza.util.CalendarUtil;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.JdbcUtil;
import nl.knowledgeplaza.util.Log4jUtil;
import nl.knowledgeplaza.util.pool.JdbcConnectionPoolFactoryServletUtils;
import nl.knowledgeplaza.util.pool.ObjectPool;
import org.apache.log4j.Logger;

/* loaded from: input_file:nl/gezondheidsmeter/SSO/SiamGezondheidsmeter.class */
public class SiamGezondheidsmeter extends SSOHandler {
    private static final long serialVersionUID = 1;
    public static final String SOURCECODE_VERSION = "$Revision: 1.3 $";
    private static Logger log4j = Log4jUtil.createLogger();
    static final String SIAM_CONTEXT = "SIAM_CONTEXT";
    static final String SIAM_USER = "SIAM_USER";
    static final String SIAM_TIMESTAMP = "SIAM_TIMESTAMP";
    static final String GZM_SIGNUP = "GZM_SIGNUP";
    static final String GZM_AUTH_CODE = "GZM_AUTH_CODE";
    static final String GZM_SSO_ROLE = "GZM_SSO_ROLE";
    static final String GZM_STORED_PRINCIPAL = "GZM_STORED_PRINCIPAL";
    static final long MINUTE5INMILISEC = 300000;
    private String iSharedSecret = null;
    private String iASelectServer = null;
    private String iAppId = null;
    private String iAppUrl = null;
    private String iProtocol = null;
    private String iHost = null;
    private int iPort = 0;
    private String iPath = null;
    private String iOnUnkownUser = null;
    private String iOnSignUp = null;
    private String iJdbcPoolName = null;
    private Map iConnectionToPool = Collections.synchronizedMap(new HashMap());

    public void setConfig(Map map) {
        super.setConfig(map);
        this.iSharedSecret = (String) map.get("SharedSecret");
        this.iASelectServer = (String) map.get("aSelectServer");
        this.iAppId = (String) map.get("ApplicationID");
        this.iAppUrl = (String) map.get("ApllicationURL");
        this.iProtocol = (String) map.get("Protocol");
        this.iHost = (String) map.get("Host");
        try {
            this.iPort = Integer.parseInt((String) map.get("Port"));
        } catch (NumberFormatException e) {
            log4j.error(ExceptionUtil.getStacktrace(e));
        }
        this.iPath = (String) map.get("Path");
        this.iJdbcPoolName = (String) map.get("JdbcPoolName");
        this.iOnUnkownUser = (String) map.get("OnUnkownUser");
        this.iOnSignUp = (String) map.get("OnSignUp");
        if (log4j.isDebugEnabled()) {
            log4j.debug("SharedSecret=" + this.iJdbcPoolName);
            log4j.debug("aSelectServer=" + this.iASelectServer);
            log4j.debug("ApplicationID=" + this.iAppId);
            log4j.debug("ApllicationURL=" + this.iAppUrl);
            log4j.debug("Protocol=" + this.iProtocol);
            log4j.debug("Host=" + this.iHost);
            log4j.debug("Port=" + this.iPort);
            log4j.debug("Path=" + this.iPath);
            log4j.debug("JdbcPoolName=" + this.iJdbcPoolName);
            log4j.debug("OnUnkownUser=" + this.iOnUnkownUser);
            log4j.debug("OnSignUp=" + this.iOnSignUp);
        }
    }

    public void announce(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        SiamContext siamContext = new SiamContext();
        getConfig();
        HttpSession session = httpServletRequest.getSession();
        if (httpServletRequest.getParameter("authcode") != null) {
            String parameter = httpServletRequest.getParameter("authcode");
            session.setAttribute(GZM_SIGNUP, "true");
            session.setAttribute(GZM_AUTH_CODE, parameter);
            log4j.info("Got sign-up code: " + parameter);
        } else {
            session.setAttribute(GZM_SIGNUP, "false");
        }
        siamContext.setSiamServerProtocol(this.iProtocol);
        siamContext.setSiamServerHost(this.iHost);
        siamContext.setSiamServerPort(this.iPort);
        siamContext.setSiamServerPath(this.iPath);
        siamContext.setSiamSharedSecret(this.iSharedSecret);
        siamContext.setASelectServer(this.iASelectServer);
        siamContext.setAppUrl(this.iAppUrl);
        siamContext.setAppId(this.iAppId);
        if (log4j.isDebugEnabled()) {
            log4j.debug("Announcing SSO to SIAM server");
        }
        String announce = SiamClient.announce(siamContext);
        if (log4j.isDebugEnabled()) {
            log4j.debug("Announce returned RID: " + siamContext.getRID());
            log4j.debug("Redirecting user to:" + announce);
        }
        session.setAttribute(SIAM_CONTEXT, siamContext);
        try {
            httpServletResponse.sendRedirect(announce);
        } catch (IOException e) {
            log4j.error("Could not redirect user to SSO login", e);
            throw new ServletException("Could not redirect user to SSO login", e);
        }
    }

    public Principal verify(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute(SIAM_CONTEXT) == null) {
            log4j.error("Verify Single Sign On without Siam Context.");
            throw new ServletException("Verify Single Sign On without Siam Context.");
        }
        SiamContext siamContext = (SiamContext) session.getAttribute(SIAM_CONTEXT);
        if (httpServletRequest.getParameter("aselect_credentials") == null) {
            log4j.error("Verify Single Sign On got no credentials from siam.");
            throw new ServletException("Verify Single Sign On  got no credentials from siam.");
        }
        siamContext.setCredentials(httpServletRequest.getParameter("aselect_credentials"));
        String verify = SiamClient.verify(siamContext);
        updateTimestamp(session);
        return authenticate(httpServletRequest, httpServletResponse, verify);
    }

    public Principal handleUnknownPrincipal(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        String str = (String) httpServletRequest.getSession().getAttribute(GZM_SIGNUP);
        try {
            httpServletRequest.getSession().setAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON, "BSN not found");
            if (str.equals("true")) {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Forwarding to OnSignUp:" + this.iOnSignUp);
                }
                httpServletRequest.getRequestDispatcher(this.iOnSignUp).forward(httpServletRequest, httpServletResponse);
            } else {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Forwarding to OnUnkownUser:" + this.iOnUnkownUser);
                }
                httpServletRequest.getRequestDispatcher(this.iOnUnkownUser).forward(httpServletRequest, httpServletResponse);
            }
            return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
        } catch (IOException e) {
            throw new ServletException(e);
        }
    }

    public void logout(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute(SIAM_CONTEXT) == null) {
            log4j.error("Logout Single Sign On without Siam Context.");
            throw new ServletException("Logout Single Sign On without Siam Context.");
        }
        SiamClient.logout((SiamContext) session.getAttribute(SIAM_CONTEXT));
    }

    public void updateTimeout(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute(SIAM_CONTEXT) == null) {
            log4j.warn("Update Timeout Single Sign On without Siam Context.");
            return;
        }
        SiamContext siamContext = (SiamContext) session.getAttribute(SIAM_CONTEXT);
        Calendar timestamp = getTimestamp(session);
        long timeInMillis = new GregorianCalendar().getTimeInMillis() - timestamp.getTimeInMillis();
        if (timestamp == null || timeInMillis < MINUTE5INMILISEC) {
            return;
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("Updating time out");
        }
        SiamClient.resetTimeout(siamContext);
        updateTimestamp(session);
    }

    private Principal authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException {
        HttpSession session = httpServletRequest.getSession();
        String str2 = null;
        if (session.getAttribute(SIAM_CONTEXT) == null) {
            log4j.error("Authenticate Single Sign On without Siam Context.");
            throw new ServletException("Authenticate Single Sign On without Siam Context.");
        }
        SiamContext siamContext = (SiamContext) session.getAttribute(SIAM_CONTEXT);
        String authSpLevel = siamContext.getAuthSpLevel();
        log4j.info("AuthSpLevel:" + authSpLevel);
        if (authSpLevel.equals("10")) {
            str2 = "Patient";
        } else if (authSpLevel.equals("30")) {
            str2 = "Zorgverlener";
            str = new QueryString(Base64.decodeString(siamContext.getAttributes())).getParameter("pki_subject_serialnumber");
        }
        session.setAttribute(SIAM_USER, str);
        if (str2 != null) {
            session.setAttribute(GZM_SSO_ROLE, str2);
        }
        try {
            try {
                Connection connection = getConnection(httpServletRequest);
                if (connection == null) {
                    throw new ServletException("No JDBC Connection");
                }
                if (log4j.isDebugEnabled()) {
                    log4j.debug("SELECT prs_init \tFROM prs_persoon p\tWHERE p.prs_zorg_sofi_nr = ?\tAND p.ref_prs_type=?");
                }
                PreparedStatement prepareStatement = connection.prepareStatement("SELECT prs_init \tFROM prs_persoon p\tWHERE p.prs_zorg_sofi_nr = ?\tAND p.ref_prs_type=?");
                prepareStatement.setString(1, str);
                prepareStatement.setString(2, str2);
                ResultSet executeQuery = prepareStatement.executeQuery();
                if (!executeQuery.next()) {
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Authenticating BSN'" + str + "', BSN not found");
                    }
                    JdbcUtil.close(executeQuery);
                    JdbcUtil.close(prepareStatement);
                    releaseConnection(httpServletRequest, connection);
                    return null;
                }
                Principal securityFilterPrincipal = new SecurityFilterPrincipal(executeQuery.getString(1), (String) null);
                if (((String) session.getAttribute(GZM_SIGNUP)).equals("true")) {
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("Forwarding to OnSignUp:" + this.iOnSignUp);
                    }
                    httpServletRequest.getRequestDispatcher(this.iOnSignUp).forward(httpServletRequest, httpServletResponse);
                    session.setAttribute(GZM_STORED_PRINCIPAL, securityFilterPrincipal);
                    securityFilterPrincipal = SecurityFilter.AUTHENTICATION_IN_PROGRESS;
                }
                JdbcUtil.close(executeQuery);
                JdbcUtil.close(prepareStatement);
                releaseConnection(httpServletRequest, connection);
                return securityFilterPrincipal;
            } catch (IOException e) {
                throw new ServletException("Could not redirect", e);
            } catch (SQLException e2) {
                throw new ServletException("Could not get JDBC Connection", e2);
            }
        } catch (Throwable th) {
            JdbcUtil.close((ResultSet) null);
            JdbcUtil.close((PreparedStatement) null);
            releaseConnection(httpServletRequest, null);
            throw th;
        }
    }

    private Connection getConnection(HttpServletRequest httpServletRequest) throws ServletException, SQLException {
        Connection connection = null;
        if (this.iJdbcPoolName != null) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Using JdbcPool " + this.iJdbcPoolName);
            }
            ObjectPool connectionPool = JdbcConnectionPoolFactoryServletUtils.getConnectionPool(httpServletRequest.getSession().getServletContext(), this.iJdbcPoolName);
            connection = (Connection) connectionPool.borrowObject();
            this.iConnectionToPool.put(connection, connectionPool);
        }
        return connection;
    }

    private void releaseConnection(HttpServletRequest httpServletRequest, Connection connection) {
        if (this.iConnectionToPool.containsKey(connection)) {
            try {
                ((ObjectPool) this.iConnectionToPool.get(connection)).returnObject(connection);
                this.iConnectionToPool.remove(connection);
            } catch (Throwable th) {
                this.iConnectionToPool.remove(connection);
                throw th;
            }
        }
    }

    public void updateTimestamp(HttpSession httpSession) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        if (log4j.isDebugEnabled()) {
            log4j.debug("Setting the timestamp: " + CalendarUtil.quickFormatCalendar(gregorianCalendar));
        }
        httpSession.setAttribute(SIAM_TIMESTAMP, gregorianCalendar);
    }

    public Calendar getTimestamp(HttpSession httpSession) {
        Calendar calendar = null;
        if (httpSession.getAttribute(SIAM_TIMESTAMP) != null) {
            calendar = (Calendar) httpSession.getAttribute(SIAM_TIMESTAMP);
        }
        return calendar;
    }
}
