package com.sun.identity.federation.services.fednsso;

import com.iplanet.am.util.XMLUtils;
import com.iplanet.sso.SSOToken;
import com.sun.identity.federation.alliance.FSAllianceManager;
import com.sun.identity.federation.alliance.FSProviderDescriptor;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.message.FSAssertion;
import com.sun.identity.federation.message.FSAuthnRequest;
import com.sun.identity.federation.message.FSAuthnResponse;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.xmlsig.XMLSignatureManager;
import java.io.PrintWriter;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.w3c.dom.Document;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:120091-09/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/federation/services/fednsso/FSSSOWMLPostProfileHandler.class */
public class FSSSOWMLPostProfileHandler extends FSSSOAndFedHandler {
    protected FSSSOWMLPostProfileHandler() {
    }

    public FSSSOWMLPostProfileHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FSAuthnRequest fSAuthnRequest, FSProviderDescriptor fSProviderDescriptor, String str) {
        super(httpServletRequest, httpServletResponse, fSAuthnRequest, fSProviderDescriptor, str);
    }

    @Override // com.sun.identity.federation.services.fednsso.FSSSOAndFedHandler
    protected void sendAuthnResponse(FSAuthnResponse fSAuthnResponse) {
        FSUtils.debug.message("FSSSOWMLPostProfileHandler.sendAuthnResponse: Called");
        try {
            fSAuthnResponse.setProviderId(this.hostProviderId);
            Document dOMDocument = XMLUtils.toDOMDocument(fSAuthnResponse.toXMLString(true, true), FSUtils.debug);
            if (FSServiceUtils.isSigningOn()) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSSOWMLPostProfileHandler.sendAuthnResponse: start signing assertions");
                }
                List<FSAssertion> assertion = fSAuthnResponse.getAssertion();
                if (assertion != null) {
                    for (FSAssertion fSAssertion : assertion) {
                        String id = fSAssertion.getID();
                        FSUtils.debug.message(new StringBuffer().append("FSSSOWMLPostProfileHandler.sendAuthnResponse: id attr is").append(id).toString());
                        FSAllianceManager allianceInstance = FSServiceUtils.getAllianceInstance();
                        if (allianceInstance == null) {
                            FSUtils.debug.error("FSSSOWMLPostProfileHandler.doSingleSignOn: could not create alliance instance");
                            return;
                        }
                        String keyInfo = allianceInstance.getProvider(this.hostProviderId).getKeyInfo();
                        if (keyInfo == null) {
                            FSUtils.debug.error("SOAPReceiver.onMessage: couldn't obtain this site's cert alias.");
                            return;
                        }
                        FSUtils.debug.message(new StringBuffer().append("FSSSOWMLPostProfileHandler.sendAuthnResponse: Site's certAlias is ").append(keyInfo).toString());
                        XMLSignatureManager xMLSignatureManager = XMLSignatureManager.getInstance();
                        int minorVersion = fSAssertion.getMinorVersion();
                        if (minorVersion == 0) {
                            xMLSignatureManager.signXML(dOMDocument, keyInfo, SAMLUtils.bundle.getString("xmlsigalgorithm"), "id", id, false);
                        } else if (minorVersion == 2 || minorVersion == 1) {
                            xMLSignatureManager.signXML(dOMDocument, keyInfo, SAMLUtils.bundle.getString("xmlsigalgorithm"), "AssertionID", fSAssertion.getAssertionID(), false);
                        } else if (FSUtils.debug.messageEnabled()) {
                            FSUtils.debug.message("invalid minor version.");
                        }
                        FSUtils.debug.message("FSSSOWMLPostProfileHandler.sendAuthnResponse: SignatureManager finished signing ");
                    }
                }
            }
            String printDocument = FSServiceUtils.printDocument(dOMDocument);
            FSUtils.debug.message(new StringBuffer().append("FSSSOWMLPostProfileHandler.sendAuthnResponse: Signed AuthnResponse: ").append(printDocument).toString());
            String encode = new BASE64Encoder().encode(printDocument.getBytes());
            this.response.setContentType(IFSConstants.WML_HEADER_VALUE);
            this.response.setHeader("Pragma", "no-cache");
            this.response.setHeader("Cache-Control", "no-cache");
            PrintWriter writer = this.response.getWriter();
            writer.println("<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\" \"http://www.wapforum.org/DTD/wml_1.1.xml\">");
            writer.println("<wml>");
            writer.println("<card id=\"response\" title=\"IDP Response\">");
            writer.println("<onevent type=\"onenterforward\">");
            writer.println(new StringBuffer().append("<go method=\"post\" href=\"").append(this.spDescriptor.getAssertionConsumerServiceURL()).append("\">").toString());
            writer.println(new StringBuffer().append("<postfield name=\"LARES\" value=\"").append(encode).append("\"/>").toString());
            writer.println("</go>");
            writer.println("</onevent>");
            writer.println("<onevent type=\"onenterbackward\">");
            writer.println("<prev/>");
            writer.println("</onevent>");
            writer.println("</card>");
            writer.println("</wml>");
            writer.close();
            FSUtils.debug.message(new StringBuffer().append("FSSSOWMLPostProfileHandler:sendAuthnResponse: AuthnResponse sent successfully to: ").append(this.spDescriptor.getAssertionConsumerServiceURL()).toString());
        } catch (Exception e) {
            FSUtils.debug.message("FSSSOWMLPostProfileHandler:sendAuthnResponse: Failed to send AuthnResponse");
        }
    }

    @Override // com.sun.identity.federation.services.fednsso.FSSSOAndFedHandler
    protected boolean doSingleSignOn(SSOToken sSOToken, String str, NameIdentifier nameIdentifier, NameIdentifier nameIdentifier2) {
        sendAuthnResponse(createAuthnResponse(sSOToken, str, nameIdentifier, nameIdentifier2));
        return true;
    }
}
