package com.sun.identity.federation.services.fednsso;

import com.iplanet.am.console.base.model.AMQueryParameters;
import com.iplanet.am.util.AMURLEncDec;
import com.iplanet.dpro.session.share.SessionEncodeURL;
import com.sun.identity.federation.alliance.FSAllianceManagementException;
import com.sun.identity.federation.alliance.FSAllianceManager;
import com.sun.identity.federation.alliance.FSProviderDescriptor;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSRedirectException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.message.FSAuthnRequest;
import com.sun.identity.federation.services.FSSessionManager;
import com.sun.identity.federation.services.util.FSServiceUtils;
import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:119465-02/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/federation/services/fednsso/FSIDPFinderService.class */
public class FSIDPFinderService extends HttpServlet {
    private static Map requestCotSetMap = Collections.synchronizedMap(new HashMap());

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (httpServletRequest == null || httpServletResponse == null) {
            FSUtils.debug.error("FSIDPFinderService.doGet:: Null Input");
            return;
        }
        if (!FSServiceUtils.isLibertyEnabled()) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIDPFinderService.doGet:: Liberty is not enabled");
                return;
            }
            return;
        }
        FSUtils.debug.message("FSIDPFinderService.doGet::Init");
        String parameter = httpServletRequest.getParameter("ProviderID");
        String parameter2 = httpServletRequest.getParameter("RequestID");
        if (parameter == null || parameter2 == null) {
            FSUtils.debug.error("FSIDPFinderService.doGet:: Request is missingeither providerID or the request id");
            throw new ServletException("invalidRequest");
        }
        String str = null;
        try {
            str = getCommonDomainIDP(httpServletRequest, httpServletResponse, parameter, parameter2);
        } catch (FSRedirectException e) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIDPFinderService.doGet:Redirection has happened", e);
                return;
            }
        }
        if (str == null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIDPFinderService.doGet:: Preferred IDP from the common domain is null.");
            }
            str = getDefaultPreferredIDP(parameter2, parameter);
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message(new StringBuffer().append("FSIDPFinderService.doGet:IDP to be proxied:").append(str).toString());
        }
        FSAuthnRequest authnRequest = FSSessionManager.getInstance(parameter).getAuthnRequest(parameter2);
        try {
            FSProxyHandler fSProxyHandler = new FSProxyHandler(httpServletRequest, httpServletResponse);
            fSProxyHandler.setHostProviderId(parameter);
            fSProxyHandler.sendProxyAuthnRequest(authnRequest, str);
        } catch (FSException e2) {
            FSUtils.debug.error("FSIDPFinderService.doGet:: Failure in sending the proxy authentication request.", e2);
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    private String getCommonDomainIDP(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws FSRedirectException, IOException {
        String findPreferredIDP = FSUtils.findPreferredIDP(httpServletRequest);
        if (findPreferredIDP != null) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message(new StringBuffer().append("FSIDPFinderService.getCommonDomainIDP:Preferred IDP found from the common domain.").append(findPreferredIDP).toString());
            }
            if (requestCotSetMap.containsKey(str2)) {
                requestCotSetMap.remove(str2);
            }
            return findPreferredIDP;
        }
        FSAllianceManager allianceInstance = FSServiceUtils.getAllianceInstance();
        Set set = (Set) requestCotSetMap.get(str2);
        if (set == null) {
            try {
                FSProviderDescriptor provider = allianceInstance.getProvider(str);
                if (provider == null) {
                    FSUtils.debug.error("FSIDPFinderService.getCommonDomainIDP::Could not get provider descriptor.");
                    return null;
                }
                Set listOfCOTs = provider.getListOfCOTs();
                if (listOfCOTs != null) {
                    set = new HashSet();
                    set.addAll(listOfCOTs);
                }
            } catch (FSAllianceManagementException e) {
                FSUtils.debug.error("FSIDPFinderService.getCommonDomainIDP::Unable to retrieve circle of trusts", e);
                return null;
            }
        }
        if (set == null || set.isEmpty()) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSIDPFinderService.getCommonDomainIDP::No more Cots.");
            }
            if (!requestCotSetMap.containsKey(str2)) {
                return null;
            }
            requestCotSetMap.remove(str2);
            return null;
        }
        Iterator it = set.iterator();
        while (it.hasNext()) {
            String str3 = (String) it.next();
            it.remove();
            requestCotSetMap.put(str2, set);
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message(new StringBuffer().append("FSIDPFinderService.getCommonDomainIDP: Trying Cot: ").append(str3).toString());
            }
            String str4 = null;
            try {
                str4 = allianceInstance.getCircleOfTrust(str3).getReaderServiceURL();
            } catch (FSException e2) {
                FSUtils.debug.error("FSIDPFinderService.getCommonDomainIDP:Unable to retrieve reader service url.", e2);
            }
            if (str4 != null) {
                String baseURL = FSServiceUtils.getBaseURL(httpServletRequest);
                StringBuffer stringBuffer = new StringBuffer(300);
                stringBuffer.append(baseURL).append(IFSConstants.IDP_FINDER_URL).append("?").append("RequestID").append("=").append(AMURLEncDec.encode(str2)).append(SessionEncodeURL.AMPERSAND).append("ProviderID=").append(AMURLEncDec.encode(str));
                StringBuffer stringBuffer2 = new StringBuffer(300);
                stringBuffer2.append(str4).append("?").append("RelayState").append("=").append(AMURLEncDec.encode(stringBuffer.toString()));
                String stringBuffer3 = stringBuffer2.toString();
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message(new StringBuffer().append("FSIDPFinderService.getCommonDomainIDP:Redirection URL:").append(stringBuffer3).toString());
                }
                httpServletResponse.setHeader(AMQueryParameters.QUERY_PARAM_LOCATION, stringBuffer3);
                httpServletResponse.sendRedirect(stringBuffer3);
                throw new FSRedirectException(FSUtils.bundle.getString("Redirection Happened"));
            }
        }
        return null;
    }

    private String getDefaultPreferredIDP(String str, String str2) {
        FSUtils.debug.message("FSIDPFinderService.getDefaultPreferredIDP:Init");
        try {
            Set proxyIDPs = FSServiceUtils.getAllianceInstance().getProvider(FSSessionManager.getInstance(str2).getAuthnRequest(str).getProviderId()).getProxyIDPs();
            if (proxyIDPs != null && !proxyIDPs.isEmpty()) {
                return (String) proxyIDPs.iterator().next();
            }
            FSUtils.debug.error("FSIDPFinderService.getDefaultPreferredIDP:Preferred IDPs are null.");
            return null;
        } catch (FSException e) {
            FSUtils.debug.error("FSIDPFinderService.getDefaultPreferredIDP: Exception in retrieving the preferred IDP", e);
            return null;
        }
    }
}
