package nl.knowledgeplaza.securityfilter;

import com.ctc.wstx.cfg.XmlConsts;
import java.security.InvalidParameterException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import nl.knowledgeplaza.securityfilter.SSO.SSOHandler;
import nl.knowledgeplaza.util.ConfigurationProperties;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.StringUtil;
import org.apache.log4j.Logger;

/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.32-20111013.122740-12.jar:nl/knowledgeplaza/securityfilter/SecurityInterfaceSSO.class */
public class SecurityInterfaceSSO extends SecurityInterface {
    public static final String SOURCECODE_VERSION = "$Revision: 1.7 $";
    private boolean iRedirect;
    static Logger log4j = Logger.getLogger(SecurityInterfaceSSO.class.getName());
    private static String REQUEST_ID_SSO_CONFIG = "SSO_CONFIG";
    private static String REQUEST_ID_SSO_STATE = "SSO_STATE";
    private static String SSO_STATE_ACTIVE = "SSO_ACTIVE";
    private static String SSO_STATE_VERIFY = "SSO_VERIFY";
    private static String SSO_SAVEDREQUEST = "SSO_SAVEDREQUEST";
    private Map<String, SSOHandler> iSSOHandlers = new HashMap();
    private Map iHostMap = new HashMap();

    public SecurityInterfaceSSO(ConfigurationProperties configurationProperties, SecurityFilter securityFilter) throws ServletException {
        this.iRedirect = false;
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(configurationProperties.getGroupedCollection(getClass().getName() + ".sso").values());
        for (int i = 0; i < arrayList.size(); i++) {
            Map map = (Map) arrayList.get(i);
            String str = (String) map.get("configname");
            try {
                SSOHandler sSOHandler = (SSOHandler) getClass().getClassLoader().loadClass((String) map.get("handlerclass")).newInstance();
                sSOHandler.setConfig(map);
                this.iSSOHandlers.put(str, sSOHandler);
            } catch (ClassNotFoundException e) {
                throw new ServletException(e);
            } catch (IllegalAccessException e2) {
                throw new ServletException(e2);
            } catch (InstantiationException e3) {
                throw new ServletException(e3);
            }
        }
        this.iRedirect = StringUtil.equalsTrueInSomeForm(configurationProperties.get2(this, "Redirect"));
        if (log4j.isDebugEnabled()) {
            log4j.debug("Redirect=" + this.iRedirect);
        }
        int i2 = 0;
        try {
            String str2 = configurationProperties.get2(this, "hostmap");
            if (str2 != null && str2.length() > 0) {
                i2 = Integer.parseInt(str2);
            }
        } catch (NumberFormatException e4) {
            log4j.error(ExceptionUtil.getStacktrace(e4));
        }
        for (int i3 = 1; i3 <= i2; i3++) {
            this.iHostMap.put(configurationProperties.get2(this, "hostmap" + i3 + ".from"), configurationProperties.get2(this, "hostmap" + i3 + ".to"));
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("HostMap=" + this.iHostMap);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public Principal authenticate(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        HttpSession session = httpServletRequest.getSession();
        String parameter = httpServletRequest.getParameter("ssoconfig");
        if (parameter != null) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("SSO LOGIN!");
            }
            SSOHandler sSOHandler = getSSOHandler(parameter);
            if (sSOHandler == null) {
                throw new InvalidParameterException("No SSO handler found for " + parameter);
            }
            SavedRequest savedRequest = new SavedRequest(httpServletRequest);
            savedRequest.addAdditionalParameter("ddservletSkipIpCheck", XmlConsts.XML_SA_YES);
            session.setAttribute(SSO_SAVEDREQUEST, savedRequest);
            sSOHandler.announce(securityFilter, httpServletRequest, httpServletResponse, principal);
            session.setAttribute(REQUEST_ID_SSO_STATE, SSO_STATE_VERIFY);
            session.setAttribute(REQUEST_ID_SSO_CONFIG, parameter);
            return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
        }
        String str = (String) session.getAttribute(REQUEST_ID_SSO_STATE);
        if (str == null || !SSO_STATE_VERIFY.equals(str)) {
            if (str == null || !SSO_STATE_ACTIVE.equals(str)) {
                return null;
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("SSO RELOGIN!");
            }
            String str2 = (String) session.getAttribute(REQUEST_ID_SSO_CONFIG);
            SSOHandler sSOHandler2 = getSSOHandler(str2);
            if (sSOHandler2 == null) {
                throw new InvalidParameterException("No SSO handler found for " + str2);
            }
            sSOHandler2.announce(securityFilter, httpServletRequest, httpServletResponse, principal);
            session.setAttribute(REQUEST_ID_SSO_STATE, SSO_STATE_VERIFY);
            session.setAttribute(REQUEST_ID_SSO_CONFIG, str2);
            return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
        }
        session.removeAttribute(REQUEST_ID_SSO_STATE);
        SavedRequest savedRequest2 = (SavedRequest) session.getAttribute(SSO_SAVEDREQUEST);
        if (savedRequest2 == null) {
            throw new ServletException("SecurityFilterLoginServlet didn't find a saved request");
        }
        String str3 = (String) session.getAttribute(REQUEST_ID_SSO_CONFIG);
        SSOHandler sSOHandler3 = getSSOHandler(str3);
        if (sSOHandler3 == null) {
            throw new InvalidParameterException("No SSO handler found for " + str3);
        }
        Principal verify = sSOHandler3.verify(securityFilter, httpServletRequest, httpServletResponse, principal);
        if (verify == null) {
            verify = sSOHandler3.handleUnknownPrincipal(securityFilter, httpServletRequest, httpServletResponse, principal);
        }
        if (verify == null || verify == SecurityFilter.AUTHENTICATION_IN_PROGRESS) {
            return verify;
        }
        session.setAttribute(REQUEST_ID_SSO_STATE, SSO_STATE_ACTIVE);
        SecurityFilter.storePrincipal(session, verify);
        securityFilter.writeToAccesLog(httpServletRequest, verify.getName(), "login succeeded");
        SecurityFilter.updateTimestamp(session);
        if (this.iRedirect) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Redirecting to the orginal (prelogin) request...");
            }
            savedRequest2.redirect(httpServletRequest, httpServletResponse);
        } else {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Sending the orginal (prelogin) request...");
            }
            savedRequest2.repostRequest(httpServletResponse, this.iHostMap);
        }
        return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
    }

    private SSOHandler getSSOHandler(String str) {
        return this.iSSOHandlers.get(str);
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public void logout(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException {
        SSOHandler sSOHandler = getSSOHandler((String) httpServletRequest.getSession().getAttribute(REQUEST_ID_SSO_CONFIG));
        if (sSOHandler != null) {
            sSOHandler.logout(securityFilter, httpServletRequest, httpServletResponse);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public void onRequest(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SSOHandler sSOHandler = getSSOHandler((String) httpServletRequest.getSession().getAttribute(REQUEST_ID_SSO_CONFIG));
        if (sSOHandler != null) {
            sSOHandler.updateTimeout(securityFilter, httpServletRequest, httpServletResponse);
        }
    }
}
