package com.iplanet.services.cdc;

import com.iplanet.am.util.Debug;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.services.util.Base64;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.authentication.share.AuthXMLTags;
import com.sun.identity.authentication.util.ISAuthConstants;
import com.sun.identity.common.Constants;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.message.FSAssertion;
import com.sun.identity.federation.message.FSAuthenticationStatement;
import com.sun.identity.federation.message.FSAuthnResponse;
import com.sun.identity.federation.message.FSSubject;
import com.sun.identity.federation.message.common.AuthnContextStmt;
import com.sun.identity.federation.message.common.FSMsgException;
import com.sun.identity.federation.message.common.IDPProvidedNameIdentifier;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.saml.AssertionSSOTokenListener;
import com.sun.identity.saml.assertion.AssertionIDReference;
import com.sun.identity.saml.assertion.AudienceRestrictionCondition;
import com.sun.identity.saml.assertion.Conditions;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.assertion.SubjectConfirmation;
import com.sun.identity.saml.assertion.SubjectLocality;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.protocol.Status;
import com.sun.identity.saml.protocol.StatusCode;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.net.URLEncoder;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* JADX WARN: Classes with same name are omitted:
  input_file:117586-18/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_services.jar:com/iplanet/services/cdc/CDCServlet.class
 */
/* loaded from: input_file:117586-18/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/iplanet/services/cdc/CDCServlet.class */
public class CDCServlet extends HttpServlet {
    private static final char QUESTION_MARK = '?';
    private static final char AMPERSAND = '&';
    private static final char EQUAL_TO = '=';
    private static final String GOTO_PARAMETER = "goto";
    private static final String TARGET_PARAMETER = "TARGET";
    private static final String DEBUG_FILE_NAME = "amCDC";
    private static final String CDCURI = "/cdcservlet";
    private static final String AUTHURI = "/UI/Login";
    private static final String ssoCookieName = SystemProperties.get(Constants.AM_COOKIE_NAME);
    private static final ArrayList adviceParams = new ArrayList();
    private static Debug debug;
    private char authDelimiter;
    private String responseID;
    private String cdcURL = null;
    private String authURL = null;
    private boolean signed = false;

    public void init(ServletConfig servletConfig) throws ServletException {
        super/*javax.servlet.GenericServlet*/.init(servletConfig);
        debug = Debug.getInstance(DEBUG_FILE_NAME);
        if (debug.messageEnabled()) {
            debug.message("CDCServlet Initializing...");
        }
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGetPost(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGetPost(httpServletRequest, httpServletResponse);
    }

    private void doGetPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(FSServiceUtils.getBaseURL(httpServletRequest)).append(CDCURI);
        this.cdcURL = stringBuffer.toString();
        StringBuffer stringBuffer2 = new StringBuffer();
        stringBuffer2.append(FSServiceUtils.getBaseURL(httpServletRequest)).append("/UI/Login");
        this.authURL = stringBuffer2.toString();
        setAuthDelimiter();
        if (!canProceed()) {
            showError(httpServletResponse);
            return;
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("CDCServlet.doGetPost: Query String received :").append(httpServletRequest.getQueryString()).toString());
        }
        String parameter = httpServletRequest.getParameter("goto");
        String parameter2 = httpServletRequest.getParameter("TARGET");
        if (parameter == null || parameter.length() < 1) {
            if (parameter2 == null || parameter2.length() < 1) {
                debug.error("No GOTO or TARGET URL present in the Query !!");
                showError(httpServletResponse);
                return;
            } else {
                parameter = parameter2;
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("CDCServlet.doGetPost: targetURL = ").append(parameter).toString());
                }
            }
        } else if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("CDCServlet.doGetPost: gotoURL = ").append(parameter).toString());
        }
        SSOToken sSOToken = getSSOToken(httpServletRequest, httpServletResponse);
        if (sSOToken == null) {
            return;
        }
        String checkForPolicyAdvice = checkForPolicyAdvice(httpServletRequest, httpServletResponse);
        if (checkForPolicyAdvice != null && checkForPolicyAdvice.length() > 0) {
            redirectForAuthentication(httpServletRequest, httpServletResponse);
            return;
        }
        String sSOTokenID = sSOToken.getTokenID().toString();
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("Valid SSOToken found with token value: ").append(sSOTokenID).toString());
        }
        if (parameter.indexOf(63) < 0) {
        }
        try {
            String parameter3 = httpServletRequest.getParameter("ProviderID");
            String str = this.cdcURL;
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("Provider Id = ").append(str).toString());
            }
            String parameter4 = httpServletRequest.getParameter("RequestID");
            FSAssertion createAssertion = createAssertion(parameter3, str, sSOToken, parameter4);
            String parameter5 = httpServletRequest.getParameter("RelayState");
            sendAuthnResponse(httpServletRequest, httpServletResponse, createAuthnResponse(str, this.responseID, parameter4, new Status(new StatusCode("samlp:Success")), createAssertion, parameter5), parameter);
        } catch (FSMsgException e) {
            debug.error(new StringBuffer().append("CDCServlet.doGetPost:FSMsgException occured: ").append(e.getMessage()).toString());
            showError(httpServletResponse);
        } catch (FSException e2) {
            debug.error(new StringBuffer().append("CDCServlet.doGetPost:FSException occured: ").append(e2.getMessage()).toString());
            showError(httpServletResponse);
        } catch (SAMLException e3) {
            debug.error(new StringBuffer().append("CDCServlet.doGetPost:SAMLException occured: ").append(e3.getMessage()).toString());
            showError(httpServletResponse);
        }
    }

    private void setAuthDelimiter() {
        if (this.authURL == null || this.authURL.trim().length() < 1) {
            debug.error("Auth login URL not found :((");
        } else if (this.authURL.indexOf(63) < 0) {
            this.authDelimiter = '?';
        } else {
            this.authDelimiter = '&';
        }
    }

    private boolean canProceed() {
        return this.authURL != null && this.authURL.trim().length() >= 1 && ssoCookieName != null && ssoCookieName.trim().length() >= 1;
    }

    private String getParameterString(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer(100);
        new StringBuffer(128);
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String obj = parameterNames.nextElement().toString();
            if (!obj.equals("goto") && !adviceParams.contains(obj)) {
                String[] parameterValues = httpServletRequest.getParameterValues(obj);
                for (int i = 0; parameterValues != null && i < parameterValues.length; i++) {
                    stringBuffer.append('&').append(obj).append('=').append(URLEncoder.encode(parameterValues[i]));
                }
            }
        }
        return stringBuffer.toString().substring(1);
    }

    private String checkForPolicyAdvice(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        StringBuffer stringBuffer = new StringBuffer();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String obj = parameterNames.nextElement().toString();
            if (adviceParams.contains(obj)) {
                String[] parameterValues = httpServletRequest.getParameterValues(obj);
                if (stringBuffer.length() > 0) {
                    stringBuffer.append('&');
                }
                for (int i = 0; parameterValues != null && i < parameterValues.length; i++) {
                    stringBuffer.append(obj).append('=').append(parameterValues[i]);
                }
            }
        }
        if (stringBuffer.length() < 1) {
            return null;
        }
        return stringBuffer.toString();
    }

    private void redirectForAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        StringBuffer stringBuffer = new StringBuffer(100);
        StringBuffer stringBuffer2 = new StringBuffer(100);
        String parameterString = getParameterString(httpServletRequest);
        stringBuffer.append(this.authURL);
        stringBuffer.append(this.authDelimiter).append("goto").append('=');
        stringBuffer2.append(this.cdcURL).append('?');
        stringBuffer2.append("TARGET").append('=').append(URLEncoder.encode(httpServletRequest.getParameter("goto"))).append('&').append(parameterString);
        stringBuffer.append(URLEncoder.encode(stringBuffer2.toString()));
        String checkForPolicyAdvice = checkForPolicyAdvice(httpServletRequest, httpServletResponse);
        if (checkForPolicyAdvice != null && checkForPolicyAdvice.length() > 0) {
            stringBuffer.append('&').append(checkForPolicyAdvice(httpServletRequest, httpServletResponse));
        }
        if (debug.messageEnabled()) {
            debug.message(new StringBuffer().append("Redirecting for authentication to: ").append((Object) stringBuffer).toString());
        }
        httpServletResponse.sendRedirect(stringBuffer.toString());
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:8:0x004a
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private void showError(javax.servlet.http.HttpServletResponse r5) {
        /*
            r4 = this;
            r0 = 0
            r6 = r0
            r0 = r5
            javax.servlet.ServletOutputStream r0 = r0.getOutputStream()     // Catch: java.io.IOException -> L19 java.lang.Throwable -> L39
            r6 = r0
            r0 = r6
            java.lang.String r1 = "ERROR: An application error has occured."
            r0.println(r1)     // Catch: java.io.IOException -> L19 java.lang.Throwable -> L39
            r0 = r6
            r0.flush()     // Catch: java.io.IOException -> L19 java.lang.Throwable -> L39
            r0 = jsr -> L41
        L16:
            goto L4e
        L19:
            r7 = move-exception
            com.iplanet.am.util.Debug r0 = com.iplanet.services.cdc.CDCServlet.debug     // Catch: java.lang.Throwable -> L39
            java.lang.StringBuffer r1 = new java.lang.StringBuffer     // Catch: java.lang.Throwable -> L39
            r2 = r1
            r2.<init>()     // Catch: java.lang.Throwable -> L39
            java.lang.String r2 = "Could not show error message to the user "
            java.lang.StringBuffer r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L39
            r2 = r7
            java.lang.StringBuffer r1 = r1.append(r2)     // Catch: java.lang.Throwable -> L39
            java.lang.String r1 = r1.toString()     // Catch: java.lang.Throwable -> L39
            r0.error(r1)     // Catch: java.lang.Throwable -> L39
            r0 = jsr -> L41
        L36:
            goto L4e
        L39:
            r8 = move-exception
            r0 = jsr -> L41
        L3e:
            r1 = r8
            throw r1
        L41:
            r9 = r0
            r0 = r6
            r0.close()     // Catch: java.io.IOException -> L4a
            goto L4c
        L4a:
            r10 = move-exception
        L4c:
            ret r9
        L4e:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.iplanet.services.cdc.CDCServlet.showError(javax.servlet.http.HttpServletResponse):void");
    }

    private SSOToken getSSOToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            SSOTokenManager sSOTokenManager = SSOTokenManager.getInstance();
            SSOToken createSSOToken = sSOTokenManager.createSSOToken(httpServletRequest);
            if (createSSOToken == null) {
                if (debug.messageEnabled()) {
                    debug.message("SSOToken is null, redirecting forauthentication");
                }
                redirectForAuthentication(httpServletRequest, httpServletResponse);
                return null;
            }
            if (sSOTokenManager.isValidToken(createSSOToken)) {
                return createSSOToken;
            }
            if (debug.messageEnabled()) {
                debug.message("SSOToken is not valid, redirecting forauthentication");
            }
            redirectForAuthentication(httpServletRequest, httpServletResponse);
            return null;
        } catch (SSOException e) {
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("SSOException caught: ").append(e).toString());
            }
            redirectForAuthentication(httpServletRequest, httpServletResponse);
            return null;
        }
    }

    private FSAuthnResponse createAuthnResponse(String str, String str2, String str3, Status status, FSAssertion fSAssertion, String str4) throws SAMLException, FSMsgException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(fSAssertion);
        FSAuthnResponse fSAuthnResponse = new FSAuthnResponse(null, str3, status, arrayList, str4);
        fSAuthnResponse.setProviderId(str);
        return fSAuthnResponse;
    }

    private FSAssertion createAssertion(String str, String str2, SSOToken sSOToken, String str3) throws FSException, SAMLException {
        if (debug.messageEnabled()) {
            debug.message("FSAssertionManager.createFSAssertion(id): Called");
        }
        if (str == null || str2 == null || sSOToken == null || str3 == null) {
            if (debug.messageEnabled()) {
                debug.message("FSAssertionManager: null input for method createFSAssertionArtifact.");
            }
            throw new FSException(FSUtils.bundle.getString("nullInput"));
        }
        Date date = null;
        try {
            NameIdentifier nameIdentifier = new NameIdentifier(URLEncoder.encode(sSOToken.getTokenID().toString()), str2);
            String property = sSOToken.getProperty("authInstant");
            if (property != null) {
                try {
                    date = FSUtils.stringToDate(property);
                } catch (Exception e) {
                    if (debug.messageEnabled()) {
                        debug.message("FSAssertionManager.createFSAssertion(id): AuthInstant not foundin the Token");
                    }
                }
            } else {
                date = new Date();
            }
            String authType = sSOToken.getAuthType();
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("FSAssertionManager.createFSAssertion(id):AuthInstant = ").append(date).toString());
            }
            if (0 == 0 && debug.messageEnabled()) {
                debug.message("FSAssertionManager.createFSAssertion(id): AuthnContextStatement for the token is null Assertion will not contain any  AuthenticationStatement");
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("FSAssertionManager.createFSAssertion(id):AuthnContextStatement used for authenticating the user: ").append((String) null).toString());
            }
            sSOToken.getPrincipal().getName();
            if (str2 == null) {
                debug.error("FSAssertionManager.createAssertion(id): Alliance manager could not find local descriptor");
                throw new FSException("Alliance manager could not find local descriptor");
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("FSAssertionManager.createAssertion(id): Creating Authentication Assertion for user withopaqueHandle= ").append(nameIdentifier.getName()).append(" And SecurityDomain= ").append(str2).toString());
            }
            FSSubject fSSubject = new FSSubject(nameIdentifier, new SubjectConfirmation("urn:oasis:names:tc:SAML:1.0:cm:bearer"), new IDPProvidedNameIdentifier(nameIdentifier.getNameQualifier(), nameIdentifier.getName()));
            SubjectLocality subjectLocality = null;
            try {
                String str4 = SystemProperties.get("com.iplanet.am.server.host");
                subjectLocality = new SubjectLocality(InetAddress.getByName(str4).getHostAddress(), str4);
            } catch (UnknownHostException e2) {
                debug.error("CDCServlet:createAssertion: ", e2);
            }
            FSAuthenticationStatement fSAuthenticationStatement = new FSAuthenticationStatement(authType, date, fSSubject, subjectLocality, null, new AuthnContextStmt(null, null));
            Date date2 = new Date();
            long intValue = new Integer(60).intValue() * 1000;
            if (intValue < 60000) {
                intValue = 60000;
            }
            Date date3 = new Date(date2.getTime() + intValue);
            fSAuthenticationStatement.setReauthenticateOnOrAfter(date3);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CDCServlet.createAssertion(id): Authentication Statement: ").append(fSAuthenticationStatement.toXMLString()).toString());
            }
            Conditions conditions = new Conditions(date2, date3);
            if (str != null && !str.equals("")) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(str);
                conditions.addAudienceRestrictionCondition(new AudienceRestrictionCondition(arrayList));
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CDCServlet.createAssertion(id): Authentication Statement: ").append(fSAuthenticationStatement.toXMLString()).toString());
            }
            AssertionIDReference assertionIDReference = new AssertionIDReference();
            HashSet hashSet = new HashSet();
            hashSet.add(fSAuthenticationStatement);
            FSAssertion fSAssertion = new FSAssertion(assertionIDReference.getAssertionIDReference(), str2, date2, conditions, hashSet, str3);
            fSAssertion.setID(assertionIDReference.getAssertionIDReference());
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CDCServlet.createAssertion(id): Assertion created successfully: ").append(fSAssertion.toXMLString()).toString());
            }
            String assertionID = fSAssertion.getAssertionID();
            FSUtils.access("FSAssertionManager", new StringBuffer().append(FSUtils.bundle.getString("assertionCreated")).append(":").append(fSAssertion.toString()).toString());
            if (sSOToken != null) {
                try {
                    sSOToken.addSSOTokenListener(new AssertionSSOTokenListener(assertionID, null));
                } catch (SSOException e3) {
                    debug.error("CDCServlet.createAssertion(id): Couldn't add listener to token:", e3);
                }
            }
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CDCServlet.createAssertion(id): Returning Assertion: ").append(fSAssertion.toXMLString()).toString());
            }
            return fSAssertion;
        } catch (Exception e4) {
            debug.error("FSAssertionManager.createAssertion(id): exception retrieving info from the SSOToken: ", e4);
            throw new FSException("Alliance manager could not find local descriptor");
        }
    }

    private void sendAuthnResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FSAuthnResponse fSAuthnResponse, String str) {
        if (debug.messageEnabled()) {
            debug.message("CDCServlet.sendAuthnResponse: Called");
        }
        try {
            String xMLString = fSAuthnResponse.toXMLString(true, true);
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CDCServlet.sendAuthnResponse: Signed AuthnResponse: ").append(xMLString).toString());
            }
            String encode = Base64.encode(xMLString.getBytes());
            httpServletResponse.setContentType("text/html");
            httpServletResponse.setHeader("Pragma", "no-cache");
            PrintWriter writer = httpServletResponse.getWriter();
            writer.println("<HTML>");
            writer.println("<BODY Onload=\"document.Response.submit()\">");
            if (SystemProperties.get(Constants.SERVICES_CDC_WAIT_IMAGE_DISPLAY, "false").toLowerCase().trim().equals("true")) {
                StringBuffer stringBuffer = new StringBuffer();
                String str2 = SystemProperties.get(Constants.SERVICES_CDC_WAIT_IMAGE_NAME, "waitImage.gif");
                String str3 = SystemProperties.get(Constants.SERVICES_CDC_WAIT_IMAGE_WIDTH, "410");
                String str4 = SystemProperties.get(Constants.SERVICES_CDC_WAIT_IMAGE_HEIGHT, ISAuthConstants.DEFAULT_MAX_SESS_TIME);
                stringBuffer.append(FSServiceUtils.getBaseURL(httpServletRequest)).append(new StringBuffer().append("/login_images/").append(str2).toString());
                writer.println(new StringBuffer().append("<p>&nbsp;<center><img border=0 src=\"").append(stringBuffer.toString()).append("\" width=").append(str3).append(" height=").append(str4).append(" alt=\"Please wait while we log you in...\"></center>").toString());
                if (debug.messageEnabled()) {
                    debug.message(new StringBuffer().append("CDCServlet: Display waiting image ").append(str2).append(" of size ").append(str3).append("x").append(str4).toString());
                }
            }
            writer.println(new StringBuffer().append("<FORM NAME=\"Response\" METHOD=\"POST\" ACTION=\"").append(str).append("\">").toString());
            writer.println(new StringBuffer().append("<INPUT TYPE=\"HIDDEN\" NAME=\"LARES\" VALUE=\"").append(encode).append("\"/>").toString());
            writer.println("</FORM>");
            writer.println("</BODY></HTML>");
            writer.close();
            if (debug.messageEnabled()) {
                debug.message(new StringBuffer().append("CDCServlet:sendAuthnResponse: AuthnResponse sent successfully to: ").append(str).toString());
            }
        } catch (FSMsgException e) {
            debug.error(new StringBuffer().append("CDCServlet:sendAuthnResponse:").append(e.getMessage()).toString());
        } catch (IOException e2) {
            debug.error(new StringBuffer().append("CDCServlet:sendAuthnResponse:").append(e2.getMessage()).toString());
        }
    }

    static {
        adviceParams.add("module");
        adviceParams.add(IFSConstants.AUTH_LEVEL_KEY);
        adviceParams.add("role");
        adviceParams.add(AuthXMLTags.INDEX_TYPE_SVC_ATTR);
        adviceParams.add(AuthXMLTags.INDEX_TYPE_USER_ATTR);
        adviceParams.add("org");
    }
}
