package nl.knowledgeplaza.securityfilter;

import com.ctc.wstx.cfg.XmlConsts;
import java.security.InvalidParameterException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import nl.knowledgeplaza.securityfilter.SSO.SSOHandler;
import nl.knowledgeplaza.util.ConfigurationProperties;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.StringUtil;
import org.apache.log4j.Logger;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/KpSecurityFilter-1.32-20160721.093306-20.jar:nl/knowledgeplaza/securityfilter/SecurityInterfaceSSO.class
  input_file:WEB-INF/lib/KpSecurityFilter-1.32-20161003.100632-21.jar:nl/knowledgeplaza/securityfilter/SecurityInterfaceSSO.class
 */
/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.32-20170509.115754-22.jar:nl/knowledgeplaza/securityfilter/SecurityInterfaceSSO.class */
public class SecurityInterfaceSSO extends SecurityInterface {
    public static final String SOURCECODE_VERSION = "$Revision: 1.13 $";
    private Map<String, SSOHandler> iSSOHandlers = new HashMap();
    private boolean iRedirect = false;
    private Map<String, String> iHostMap = new HashMap();
    static Logger log4j = Logger.getLogger(SecurityInterfaceSSO.class.getName());
    private static String REQUEST_ID_SSO_CONFIG = "SSO_CONFIG";
    private static String REQUEST_ID_SSO_STATE = "SSO_STATE";
    private static String SSO_STATE_ACTIVE = "SSO_ACTIVE";
    private static String SSO_STATE_VERIFY = "SSO_VERIFY";
    private static String SSO_SAVEDREQUEST = "SSO_SAVEDREQUEST";

    public SecurityInterfaceSSO(ConfigurationProperties configurationProperties, SecurityFilter securityFilter) throws ServletException {
        loadTheSSOHandlerAndAddTheConfigToIt(getSSOHandlers(configurationProperties));
        Redirect(configurationProperties);
        populateHostMap(configurationProperties);
    }

    private void populateHostMap(ConfigurationProperties configurationProperties) {
        int i = 0;
        try {
            String str = configurationProperties.get2(this, "hostmap");
            if (str != null && str.length() > 0) {
                i = Integer.parseInt(str);
            }
        } catch (NumberFormatException e) {
            log4j.error(ExceptionUtil.getStacktrace(e));
        }
        for (int i2 = 1; i2 <= i; i2++) {
            this.iHostMap.put(configurationProperties.get2(this, "hostmap" + i2 + ".from"), configurationProperties.get2(this, "hostmap" + i2 + ".to"));
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("HostMap=" + this.iHostMap);
        }
    }

    private void Redirect(ConfigurationProperties configurationProperties) {
        this.iRedirect = StringUtil.equalsTrueInSomeForm(configurationProperties.get2(this, "Redirect"));
        if (log4j.isDebugEnabled()) {
            log4j.debug("Redirect=" + this.iRedirect);
        }
    }

    private void loadTheSSOHandlerAndAddTheConfigToIt(List<Object> list) throws ServletException {
        for (int i = 0; i < list.size(); i++) {
            Map<String, String> map = (Map) list.get(i);
            String str = map.get("configname");
            try {
                SSOHandler sSOHandler = (SSOHandler) getClass().getClassLoader().loadClass(map.get("handlerclass")).newInstance();
                sSOHandler.setConfig(map);
                this.iSSOHandlers.put(str, sSOHandler);
            } catch (ClassNotFoundException e) {
                throw new ServletException(e);
            } catch (IllegalAccessException e2) {
                throw new ServletException(e2);
            } catch (InstantiationException e3) {
                throw new ServletException(e3);
            }
        }
    }

    private List<Object> getSSOHandlers(ConfigurationProperties configurationProperties) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(configurationProperties.getGroupedCollection(getClass().getName() + ".sso").values());
        return arrayList;
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public Principal authenticate(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        HttpSession session = httpServletRequest.getSession();
        log4j.info("SecurityInterfaceSSO.authenticate called");
        String parameter = httpServletRequest.getParameter("ssoconfig");
        SSOHandler sSOHandler = getSSOHandler(parameter);
        boolean z = false;
        if (sSOHandler != null) {
            z = sSOHandler.shouldAuthenticate(httpServletRequest);
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("shouldAuthenticate: " + z);
        }
        if (parameter != null && z) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Doing announce");
            }
            Principal doAnnounce = doAnnounce(securityFilter, httpServletRequest, httpServletResponse, principal, session, parameter, sSOHandler);
            log4j.info("SecurityInterfaceSSO.authenticate returns principal: " + doAnnounce);
            return doAnnounce;
        }
        String str = (String) session.getAttribute(REQUEST_ID_SSO_STATE);
        if (str != null && SSO_STATE_VERIFY.equals(str)) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Doing verify");
            }
            Principal doVerify = doVerify(securityFilter, httpServletRequest, httpServletResponse, principal, session);
            log4j.info("SecurityInterfaceSSO.authenticate returns principal: " + doVerify);
            return doVerify;
        }
        if (str == null || !SSO_STATE_ACTIVE.equals(str) || !z) {
            log4j.info("SecurityInterfaceSSO.authenticate returns principal: null");
            return null;
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("Doing relogin");
        }
        Principal doRelogin = doRelogin(securityFilter, httpServletRequest, httpServletResponse, principal, session);
        log4j.info("SecurityInterfaceSSO.authenticate returns principal: " + doRelogin);
        return doRelogin;
    }

    private Principal doRelogin(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal, HttpSession httpSession) throws ServletException {
        if (log4j.isDebugEnabled()) {
            log4j.debug("SSO RELOGIN!");
        }
        String str = (String) httpSession.getAttribute(REQUEST_ID_SSO_CONFIG);
        SSOHandler sSOHandler = getSSOHandler(str);
        if (sSOHandler == null) {
            throw new InvalidParameterException("No SSO handler found for " + str);
        }
        sSOHandler.announce(securityFilter, httpServletRequest, httpServletResponse, principal);
        httpSession.setAttribute(REQUEST_ID_SSO_STATE, SSO_STATE_VERIFY);
        httpSession.setAttribute(REQUEST_ID_SSO_CONFIG, str);
        httpSession.setAttribute("ForceSessionStore", "true");
        return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
    }

    private Principal doVerify(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal, HttpSession httpSession) throws ServletException {
        SavedRequest savedRequest = (SavedRequest) httpSession.getAttribute(SSO_SAVEDREQUEST);
        if (savedRequest == null) {
            throw new ServletException("SecurityFilterLoginServlet didn't find a saved request");
        }
        String str = (String) httpSession.getAttribute(REQUEST_ID_SSO_CONFIG);
        SSOHandler sSOHandler = getSSOHandler(str);
        if (sSOHandler == null) {
            throw new InvalidParameterException("No SSO handler found for " + str);
        }
        Principal verify = sSOHandler.verify(securityFilter, httpServletRequest, httpServletResponse, principal);
        if (verify == null) {
            verify = sSOHandler.handleUnknownPrincipal(securityFilter, httpServletRequest, httpServletResponse, principal);
        }
        if (verify == null || verify == SecurityFilter.AUTHENTICATION_IN_PROGRESS) {
            return verify;
        }
        httpSession.setAttribute(REQUEST_ID_SSO_STATE, SSO_STATE_ACTIVE);
        SecurityFilter.storePrincipal(httpSession, verify);
        securityFilter.writeToAccesLog(httpServletRequest, verify.getName(), "login succeeded");
        SecurityFilter.updateTimestamp(httpSession);
        httpSession.setAttribute("ForceSessionStore", "true");
        if (this.iRedirect) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Redirecting to the orginal (prelogin) request...");
            }
            savedRequest.redirect(httpServletRequest, httpServletResponse);
        } else {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Sending the orginal (prelogin) request...");
            }
            savedRequest.repostRequest(httpServletResponse, this.iHostMap);
        }
        return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
    }

    private Principal doAnnounce(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal, HttpSession httpSession, String str, SSOHandler sSOHandler) throws ServletException {
        if (log4j.isDebugEnabled()) {
            log4j.debug("SSO LOGIN!");
        }
        SavedRequest savedRequest = new SavedRequest(httpServletRequest);
        savedRequest.addAdditionalParameter("ddservletSkipIpCheck", XmlConsts.XML_SA_YES);
        httpSession.setAttribute(SSO_SAVEDREQUEST, savedRequest);
        sSOHandler.announce(securityFilter, httpServletRequest, httpServletResponse, principal);
        httpSession.setAttribute(REQUEST_ID_SSO_STATE, SSO_STATE_VERIFY);
        httpSession.setAttribute(REQUEST_ID_SSO_CONFIG, str);
        httpSession.setAttribute("ForceSessionStore", "true");
        return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
    }

    private SSOHandler getSSOHandler(String str) {
        return this.iSSOHandlers.get(str);
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public void logout(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        SSOHandler sSOHandler = getSSOHandler((String) httpServletRequest.getSession().getAttribute(REQUEST_ID_SSO_CONFIG));
        if (sSOHandler != null) {
            sSOHandler.logout(securityFilter, httpServletRequest, httpServletResponse);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public void onRequest(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        SSOHandler sSOHandler = getSSOHandler((String) httpServletRequest.getSession().getAttribute(REQUEST_ID_SSO_CONFIG));
        if (sSOHandler != null) {
            sSOHandler.updateTimeout(securityFilter, httpServletRequest, httpServletResponse);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public boolean canHandleAuthication(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter("ssoconfig");
        if (parameter != null) {
            return getSSOHandler(parameter).canHandleAuthentication(securityFilter, httpServletRequest, httpServletResponse);
        }
        if (httpServletRequest.getParameter("aselect_credentials") != null) {
            return true;
        }
        if (httpServletRequest.getSession().getAttribute(REQUEST_ID_SSO_CONFIG) != null) {
            return getSSOHandler((String) httpServletRequest.getSession().getAttribute(REQUEST_ID_SSO_CONFIG)).canHandleAuthentication(securityFilter, httpServletRequest, httpServletResponse);
        }
        return false;
    }
}
