package org.josso.servlet.agent;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.josso.agent.HttpSSOAgent;
import org.josso.agent.LocalSession;
import org.josso.agent.Lookup;
import org.josso.agent.SSOAgentRequest;
import org.josso.agent.SingleSignOnEntry;

/* loaded from: input_file:org/josso/servlet/agent/GenericServletSSOAgentFilter.class */
public class GenericServletSSOAgentFilter implements Filter {
    public static final String KEY_JOSSO_SAVED_REQUEST = "org.josso.servlet.agent.savedRequest";
    private static final String KEY_SESSION_MAP = "org.josso.servlet.agent.sessionMap";
    private HttpSSOAgent _agent;
    private static final Log log = LogFactory.getLog(GenericServletSSOAgentFilter.class);

    public void init(FilterConfig filterConfig) throws ServletException {
        filterConfig.getServletContext().setAttribute(KEY_SESSION_MAP, new HashMap());
        if (this._agent == null) {
            try {
                Lookup lookup = Lookup.getInstance();
                lookup.init("josso-agent-config.xml");
                this._agent = lookup.lookupSSOAgent();
                if (log.isDebugEnabled()) {
                    this._agent.setDebug(1);
                }
                this._agent.start();
            } catch (Exception e) {
                throw new ServletException("Error starting SSO Agent : " + e.getMessage(), e);
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (log.isDebugEnabled()) {
            log.debug("Processing : " + httpServletRequest.getContextPath());
        }
        try {
            String contextPath = httpServletRequest.getContextPath();
            String serverName = httpServletRequest.getServerName();
            if ("".equals(contextPath)) {
                contextPath = "/";
            }
            if (!this._agent.isPartnerApp(serverName, contextPath)) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                if (log.isDebugEnabled()) {
                    log.debug("Context is not a josso partner app : " + httpServletRequest.getContextPath());
                }
                if (log.isDebugEnabled()) {
                    log.debug("Processed : " + httpServletRequest.getContextPath());
                    return;
                }
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug("Checking if its a josso_login_request for '" + httpServletRequest.getRequestURI() + "'");
            }
            if (httpServletRequest.getRequestURI().endsWith("/josso_login/")) {
                if (log.isDebugEnabled()) {
                    log.debug("josso_login_request received for uri '" + httpServletRequest.getRequestURI() + "'");
                }
                String buildLoginUrl = this._agent.buildLoginUrl(httpServletRequest);
                if (log.isDebugEnabled()) {
                    log.debug("Redirecting to login url '" + buildLoginUrl + "'");
                }
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(buildLoginUrl));
                if (log.isDebugEnabled()) {
                    log.debug("Processed : " + httpServletRequest.getContextPath());
                    return;
                }
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug("Checking if its a josso_logout request for '" + httpServletRequest.getRequestURI() + "'");
            }
            if (httpServletRequest.getRequestURI().endsWith("/josso_logout/")) {
                if (log.isDebugEnabled()) {
                    log.debug("josso_logout request received for uri '" + httpServletRequest.getRequestURI() + "'");
                }
                String buildLogoutUrl = this._agent.buildLogoutUrl(httpServletRequest);
                if (log.isDebugEnabled()) {
                    log.debug("Redirecting to logout url '" + buildLogoutUrl + "'");
                }
                httpServletResponse.addCookie(this._agent.newJossoCookie(httpServletRequest.getContextPath(), "-"));
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(buildLogoutUrl));
                if (log.isDebugEnabled()) {
                    log.debug("Processed : " + httpServletRequest.getContextPath());
                    return;
                }
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug("Checking for SSO cookie");
            }
            Cookie cookie = null;
            Cookie[] cookies = httpServletRequest.getCookies();
            if (cookies == null) {
                cookies = new Cookie[0];
            }
            int i = 0;
            while (true) {
                if (i >= cookies.length) {
                    break;
                }
                if ("JOSSO_SESSIONID".equals(cookies[i].getName())) {
                    cookie = cookies[i];
                    break;
                }
                i++;
            }
            if (cookie == null) {
                if (log.isDebugEnabled()) {
                    log.debug("SSO cookie is not present, checking for outbound relaying");
                }
                if (!httpServletRequest.getRequestURI().endsWith("/josso_security_check") || httpServletRequest.getParameter("josso_assertion_id") == null) {
                    log.debug("SSO cookie not present and relaying was not requested, skipping");
                    filterChain.doFilter(httpServletRequest, httpServletResponse);
                    if (log.isDebugEnabled()) {
                        log.debug("Processed : " + httpServletRequest.getContextPath());
                        return;
                    }
                    return;
                }
            }
            String[] ignoredWebRources = this._agent.getPartnerAppConfig(serverName, contextPath).getIgnoredWebRources();
            if (ignoredWebRources != null && ignoredWebRources.length > 0) {
                log.warn("IGNORED WEB RESOURCES NOT SUPPORTED BY THIS AGENT ... ");
            }
            String value = cookie == null ? null : cookie.getValue();
            HttpSession session = httpServletRequest.getSession(true);
            if (log.isDebugEnabled()) {
                log.debug("Session is: " + session);
            }
            GenericServletLocalSession genericServletLocalSession = new GenericServletLocalSession(session);
            if (log.isDebugEnabled()) {
                log.debug("Executing agent...");
            }
            if (log.isDebugEnabled()) {
                log.debug("Checking if its a josso_security_check for '" + httpServletRequest.getRequestURI() + "'");
            }
            if (!httpServletRequest.getRequestURI().endsWith("/josso_security_check") || httpServletRequest.getParameter("josso_assertion_id") == null) {
                SingleSignOnEntry processRequest = this._agent.processRequest(doMakeSSOAgentRequest(1, value, genericServletLocalSession, null, httpServletRequest, httpServletResponse));
                if (log.isDebugEnabled()) {
                    log.debug("Executed agent.");
                }
                Map map = (Map) httpServletRequest.getSession().getServletContext().getAttribute(KEY_SESSION_MAP);
                if (map.get(genericServletLocalSession.getWrapped()) == null) {
                    map.put(session, genericServletLocalSession);
                }
                if (log.isDebugEnabled()) {
                    log.debug("Process request for '" + httpServletRequest.getRequestURI() + "'");
                }
                if (processRequest != null && log.isDebugEnabled()) {
                    log.debug("Principal '" + processRequest.principal + "' has already been authenticated");
                }
                httpServletRequest.setAttribute("org.josso.agent.gateway-login-url", this._agent.getGatewayLoginUrl());
                httpServletRequest.setAttribute("org.josso.agent.gateway-logout-url", this._agent.getGatewayLogoutUrl());
                httpServletRequest.setAttribute("org.josso.agent.ssoSessionid", value);
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                if (log.isDebugEnabled()) {
                    log.debug("Processed : " + httpServletRequest.getContextPath());
                    return;
                }
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug("josso_security_check received for uri '" + httpServletRequest.getRequestURI() + "' assertion id '" + httpServletRequest.getParameter("josso_assertion_id"));
            }
            String parameter = httpServletRequest.getParameter("josso_assertion_id");
            if (log.isDebugEnabled()) {
                log.debug("Outbound relaying requested for assertion id [" + parameter + "]");
            }
            SingleSignOnEntry processRequest2 = this._agent.processRequest((GenericServletSSOAgentRequest) doMakeSSOAgentRequest(2, null, genericServletLocalSession, parameter, httpServletRequest, httpServletResponse));
            if (log.isDebugEnabled()) {
                log.debug("Outbound relaying succesfull for assertion id [" + parameter + "]");
            }
            if (log.isDebugEnabled()) {
                log.debug("Assertion id [" + parameter + "] mapped to SSO session id [" + processRequest2.ssoId + "]");
            }
            httpServletResponse.addCookie(this._agent.newJossoCookie(httpServletRequest.getContextPath(), processRequest2.ssoId));
            String savedRequestURL = savedRequestURL(session);
            if (savedRequestURL == null) {
                savedRequestURL = httpServletRequest.getRequestURI().substring(0, httpServletRequest.getRequestURI().length() - "/josso_security_check".length());
                String singlePointOfAccess = this._agent.getSinglePointOfAccess();
                if (singlePointOfAccess != null) {
                    savedRequestURL = singlePointOfAccess + savedRequestURL;
                } else {
                    String header = httpServletRequest.getHeader("Josso-ReversE-Proxy");
                    if (header != null) {
                        savedRequestURL = header + savedRequestURL;
                    }
                }
                if (log.isDebugEnabled()) {
                    log.debug("No saved request found, using : '" + savedRequestURL + "'");
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("Redirecting to original '" + savedRequestURL + "'");
            }
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(savedRequestURL));
            if (log.isDebugEnabled()) {
                log.debug("Processed : " + httpServletRequest.getContextPath());
            }
        } catch (Throwable th) {
            if (log.isDebugEnabled()) {
                log.debug("Processed : " + httpServletRequest.getContextPath());
            }
            throw th;
        }
    }

    public void destroy() {
        if (this._agent != null) {
            this._agent.stop();
            this._agent = null;
        }
    }

    private String savedRequestURL(HttpSession httpSession) {
        return (String) httpSession.getAttribute("org.josso.servlet.agent.savedRequest");
    }

    protected SSOAgentRequest doMakeSSOAgentRequest(int i, String str, LocalSession localSession, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        GenericServletSSOAgentRequest genericServletSSOAgentRequest = new GenericServletSSOAgentRequest(i, str, localSession, str2);
        genericServletSSOAgentRequest.setRequest(httpServletRequest);
        genericServletSSOAgentRequest.setResponse(httpServletResponse);
        return genericServletSSOAgentRequest;
    }
}
