package org.josso.auth.scheme;

import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.util.Properties;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.josso.auth.Credential;
import org.josso.auth.CredentialProvider;
import org.josso.auth.SimplePrincipal;
import org.josso.auth.exceptions.SSOAuthenticationException;
import org.josso.auth.util.CipherUtil;

/* loaded from: input_file:WEB-INF/lib/josso-rememberme-authscheme-1.8.9.jar:org/josso/auth/scheme/RememberMeAuthScheme.class */
public class RememberMeAuthScheme extends AbstractAuthenticationScheme {
    public static final String USERNAME_CREDENTIAL_NAME = "username";
    public static final String REMEMBER_ME_TOKEN_CREDENTIAL_NAME = "remembermeToken";
    private static final Log logger = LogFactory.getLog(RememberMeAuthScheme.class);
    private String base64Key;

    public RememberMeAuthScheme() {
        setName("rememberme-authentication");
        Properties properties = new Properties();
        InputStream inputStream = null;
        try {
            try {
                InputStream resourceAsStream = getClass().getResourceAsStream("/josso-auth.properties");
                if (resourceAsStream == null) {
                    throw new IOException("Cannot find resource /josso-auth.properties.  Make sure this file is installed with JOSSO Gateway!");
                }
                properties.load(resourceAsStream);
                this.base64Key = properties.getProperty("josso.rememberme.authscheme.key");
                if (this.base64Key.equals("5FvzKCtKKjeqakdm4c89WA\\=\\=")) {
                    logger.warn("Please, replace josso-auth.properties key! Do not use the one provided with the Gateway Archetype!");
                }
                if (resourceAsStream != null) {
                    try {
                        resourceAsStream.close();
                    } catch (IOException e) {
                    }
                }
            } catch (IOException e2) {
                logger.error("Cannot load auth properties : " + e2.getMessage(), e2);
                if (0 != 0) {
                    try {
                        inputStream.close();
                    } catch (IOException e3) {
                    }
                }
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    @Override // org.josso.auth.scheme.AbstractAuthenticationScheme, org.josso.auth.scheme.AuthenticationScheme
    public String getName() {
        return this._name;
    }

    @Override // org.josso.auth.scheme.AbstractAuthenticationScheme
    protected CredentialProvider doMakeCredentialProvider() {
        return this;
    }

    @Override // org.josso.auth.scheme.AbstractAuthenticationScheme, org.josso.auth.CredentialProvider
    public Credential newCredential(String str, Object obj) {
        if (str.equalsIgnoreCase(REMEMBER_ME_TOKEN_CREDENTIAL_NAME)) {
            return new RememberMeCredential(obj);
        }
        if (str.equalsIgnoreCase("username")) {
            return new UsernameCredential(obj);
        }
        if (!logger.isDebugEnabled()) {
            return null;
        }
        logger.debug("Unknown credential name : " + str);
        return null;
    }

    @Override // org.josso.auth.scheme.AuthenticationScheme
    public boolean authenticate() throws SSOAuthenticationException {
        setAuthenticated(false);
        String remembermeToken = getRemembermeToken(this._inputCredentials);
        if (remembermeToken == null || remembermeToken.length() == 0) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("RememberMe Token" + ((remembermeToken == null || remembermeToken.length() == 0) ? " not" : "") + " provided. ");
            return false;
        }
        String username = getUsername(this._inputCredentials);
        if (username == null || username.length() == 0) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("Username not " + ((remembermeToken == null || remembermeToken.length() == 0) ? " not" : "") + " provided. ");
            return false;
        }
        Credential[] knownCredentials = getKnownCredentials();
        String username2 = getUsername(knownCredentials);
        String remembermeToken2 = getRemembermeToken(knownCredentials);
        if (!validateUsername(username, username2) || !validateRememberMeToken(remembermeToken, remembermeToken2)) {
            return false;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("[authenticate()], Rememberme Token : " + remembermeToken);
        }
        setAuthenticated(true);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.josso.auth.scheme.AbstractAuthenticationScheme
    public Credential[] getKnownCredentials() throws SSOAuthenticationException {
        Credential[] knownCredentials = super.getKnownCredentials();
        Credential[] credentialArr = new Credential[knownCredentials.length + 1];
        for (int i = 0; i < knownCredentials.length; i++) {
            Credential credential = knownCredentials[i];
            credentialArr[i] = knownCredentials[i];
        }
        credentialArr[credentialArr.length - 1] = getRememberMeCredential(this._inputCredentials);
        return credentialArr;
    }

    @Override // org.josso.auth.scheme.AuthenticationScheme
    public Principal getPrincipal() {
        return new SimplePrincipal(getUsername(this._inputCredentials));
    }

    @Override // org.josso.auth.scheme.AuthenticationScheme
    public Principal getPrincipal(Credential[] credentialArr) {
        return new SimplePrincipal(getUsername(credentialArr));
    }

    @Override // org.josso.auth.scheme.AuthenticationScheme
    public Credential[] getPrivateCredentials() {
        RememberMeCredential rememberMeCredential = getRememberMeCredential(this._inputCredentials);
        return rememberMeCredential == null ? new Credential[0] : new Credential[]{rememberMeCredential};
    }

    @Override // org.josso.auth.scheme.AuthenticationScheme
    public Credential[] getPublicCredentials() {
        RememberMeCredential rememberMeCredential = getRememberMeCredential(this._inputCredentials);
        return rememberMeCredential == null ? new Credential[0] : new Credential[]{rememberMeCredential};
    }

    @Override // org.josso.auth.scheme.AbstractAuthenticationScheme, org.josso.auth.scheme.AuthenticationScheme
    public void initialize(Credential[] credentialArr, Subject subject) {
        super.initialize(credentialArr, subject);
        RememberMeCredential rememberMeCredential = getRememberMeCredential(credentialArr);
        if (rememberMeCredential == null) {
            logger.warn("No remember me credential recevied");
            return;
        }
        String usernameForToken = getUsernameForToken((String) rememberMeCredential.getValue());
        if (usernameForToken == null) {
            logger.debug("Username not provided, skiping UsernameCredential injection");
            return;
        }
        Credential newCredential = doMakeCredentialProvider().newCredential("username", usernameForToken);
        this._inputCredentials = new Credential[this._inputCredentials.length + 1];
        for (int i = 0; i < credentialArr.length; i++) {
            this._inputCredentials[i] = credentialArr[i];
        }
        this._inputCredentials[this._inputCredentials.length - 1] = newCredential;
    }

    public String getUsernameForToken(String str) {
        try {
            return CipherUtil.decryptAES(URLDecoder.decode(str, "UTF-8"), this.base64Key).substring("josso:".length());
        } catch (UnsupportedEncodingException e) {
            logger.debug(e.getMessage(), e);
            return null;
        } catch (InvalidKeyException e2) {
            logger.debug(e2.getMessage(), e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            logger.debug(e3.getMessage(), e3);
            return null;
        } catch (BadPaddingException e4) {
            logger.debug(e4.getMessage(), e4);
            return null;
        } catch (IllegalBlockSizeException e5) {
            logger.debug(e5.getMessage(), e5);
            return null;
        } catch (NoSuchPaddingException e6) {
            logger.debug(e6.getMessage(), e6);
            return null;
        }
    }

    public String getRemembermeTokenForUser(String str) {
        try {
            return URLEncoder.encode(CipherUtil.encryptAES("josso:" + str, this.base64Key), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            logger.error(e.getMessage(), e);
            return "";
        } catch (InvalidKeyException e2) {
            logger.error(e2.getMessage(), e2);
            return "";
        } catch (NoSuchAlgorithmException e3) {
            logger.error(e3.getMessage(), e3);
            return "";
        } catch (BadPaddingException e4) {
            logger.error(e4.getMessage(), e4);
            return "";
        } catch (IllegalBlockSizeException e5) {
            logger.error(e5.getMessage(), e5);
            return "";
        } catch (NoSuchPaddingException e6) {
            logger.error(e6.getMessage(), e6);
            return "";
        }
    }

    protected boolean validateUsername(String str, String str2) {
        return str != null && str2 != null && str.length() > 0 && str2.length() > 0 && str.equals(str2);
    }

    protected boolean validateRememberMeToken(String str, String str2) {
        return str != null && str2 != null && str.length() > 0 && str2.length() > 0 && str.equals(str2);
    }

    protected RememberMeCredential getRememberMeCredential(Credential[] credentialArr) {
        for (int i = 0; i < credentialArr.length; i++) {
            if (credentialArr[i] instanceof RememberMeCredential) {
                return (RememberMeCredential) credentialArr[i];
            }
        }
        return null;
    }

    protected UsernameCredential getUsernameCredential(Credential[] credentialArr) {
        for (int i = 0; i < credentialArr.length; i++) {
            if (credentialArr[i] instanceof UsernameCredential) {
                return (UsernameCredential) credentialArr[i];
            }
        }
        return null;
    }

    protected String getUsername(Credential[] credentialArr) {
        UsernameCredential usernameCredential = getUsernameCredential(credentialArr);
        if (usernameCredential == null) {
            return null;
        }
        return usernameCredential.getValue().toString();
    }

    protected String getRemembermeToken(Credential[] credentialArr) {
        RememberMeCredential rememberMeCredential = getRememberMeCredential(credentialArr);
        if (rememberMeCredential == null) {
            return null;
        }
        return rememberMeCredential.getValue().toString();
    }
}
