package com.sun.identity.wsfederation.servlet;

import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.saml2.meta.SAML2MetaUtils;
import com.sun.identity.shared.DateUtils;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.shared.encode.CookieUtils;
import com.sun.identity.shared.encode.URLEncDec;
import com.sun.identity.wsfederation.common.WSFederationConstants;
import com.sun.identity.wsfederation.common.WSFederationException;
import com.sun.identity.wsfederation.common.WSFederationUtils;
import com.sun.identity.wsfederation.jaxb.entityconfig.SPSSOConfigElement;
import com.sun.identity.wsfederation.jaxb.wsfederation.FederationElement;
import com.sun.identity.wsfederation.meta.WSFederationMetaManager;
import com.sun.identity.wsfederation.meta.WSFederationMetaUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.forgerock.openam.utils.Time;

/* loaded from: input_file:com/sun/identity/wsfederation/servlet/RPSigninRequest.class */
public class RPSigninRequest extends WSFederationAction {
    private static Debug debug = WSFederationUtils.debug;
    String whr;
    String wreply;
    String wctx;
    String wct;

    public RPSigninRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, String str4) {
        super(httpServletRequest, httpServletResponse);
        this.whr = str;
        this.wct = str2;
        this.wctx = str3;
        this.wreply = str4;
    }

    @Override // com.sun.identity.wsfederation.servlet.WSFederationAction
    public void process() throws WSFederationException, IOException {
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: entered method");
        }
        if (this.wctx == null || this.wctx.length() == 0) {
            this.wctx = (this.wreply == null || this.wreply.length() <= 0) ? null : WSFederationUtils.putReplyURL(this.wreply);
        }
        String metaAliasByUri = WSFederationMetaUtils.getMetaAliasByUri(this.request.getRequestURI());
        if (metaAliasByUri == null || metaAliasByUri.length() == 0) {
            throw new WSFederationException(WSFederationUtils.bundle.getString("MetaAliasNotFound"));
        }
        String realmByMetaAlias = SAML2MetaUtils.getRealmByMetaAlias(metaAliasByUri);
        WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
        String entityByMetaAlias = metaManager.getEntityByMetaAlias(metaAliasByUri);
        if (entityByMetaAlias == null || entityByMetaAlias.length() == 0) {
            throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "invalidMetaAlias", new String[]{metaAliasByUri, realmByMetaAlias});
        }
        SPSSOConfigElement sPSSOConfig = metaManager.getSPSSOConfig(realmByMetaAlias, entityByMetaAlias);
        if (sPSSOConfig == null) {
            throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "badSPEntityID", new String[]{entityByMetaAlias, realmByMetaAlias});
        }
        Map<String, List<String>> attributes = WSFederationMetaUtils.getAttributes(sPSSOConfig);
        String str = attributes.get(WSFederationConstants.ACCOUNT_REALM_SELECTION).get(0);
        if (str == null) {
            str = "cookie";
        }
        String str2 = attributes.get(WSFederationConstants.ACCOUNT_REALM_COOKIE_NAME).get(0);
        if (str2 == null) {
            str2 = WSFederationConstants.ACCOUNT_REALM_COOKIE_NAME_DEFAULT;
        }
        String str3 = attributes.get(WSFederationConstants.HOME_REALM_DISCOVERY_SERVICE).get(0);
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: account realm selection method is " + str);
        }
        String str4 = null;
        if (this.whr != null && this.whr.length() > 0) {
            str4 = this.whr;
            if (str.equals("cookie")) {
                Cookie cookie = new Cookie(str2, this.whr);
                cookie.setMaxAge(IFSConstants.PERSISTENT_COOKIE_AGE);
                CookieUtils.addCookieToResponse(this.response, cookie);
            }
        } else if (str.equals(WSFederationConstants.USERAGENT)) {
            String header = this.request.getHeader(WSFederationConstants.USERAGENT);
            if (debug.messageEnabled()) {
                debug.message("RPSigninRequest.process: user-agent is :" + header);
            }
            str4 = WSFederationUtils.accountRealmFromUserAgent(header, str2);
        } else {
            if (!str.equals("cookie")) {
                debug.error("RPSigninRequest.process: unexpected value for " + WSFederationConstants.ACCOUNT_REALM_SELECTION + " : " + str);
                throw new WSFederationException(WSFederationUtils.bundle.getString("badAccountRealm"));
            }
            Cookie[] cookies = this.request.getCookies();
            if (cookies != null) {
                int i = 0;
                while (true) {
                    if (i >= cookies.length) {
                        break;
                    }
                    if (cookies[i].getName().equals(str2)) {
                        str4 = cookies[i].getValue();
                        break;
                    }
                    i++;
                }
            }
        }
        FederationElement entityDescriptor = metaManager.getEntityDescriptor(realmByMetaAlias, entityByMetaAlias);
        String tokenIssuerName = metaManager.getTokenIssuerName(entityDescriptor);
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: SP issuer name:" + tokenIssuerName);
        }
        String str5 = null;
        if (str4 != null && str4.length() > 0) {
            str5 = metaManager.getEntityByTokenIssuerName(null, str4);
        }
        if (str5 == null) {
            List<String> allRemoteIdentityProviderEntities = metaManager.getAllRemoteIdentityProviderEntities(realmByMetaAlias);
            ArrayList arrayList = new ArrayList();
            for (String str6 : allRemoteIdentityProviderEntities) {
                if (metaManager.isTrustedProvider(realmByMetaAlias, entityByMetaAlias, str6)) {
                    arrayList.add(str6);
                }
            }
            if (arrayList.size() == 0) {
                throw new WSFederationException(WSFederationUtils.bundle.getString("noIDPConfigured"));
            }
            if (arrayList.size() == 1) {
                str5 = (String) arrayList.get(0);
            }
        }
        FederationElement entityDescriptor2 = str5 != null ? metaManager.getEntityDescriptor(null, str5) : null;
        WSFederationUtils.sessionProvider.setLoadBalancerCookie(this.request, this.response);
        if (entityDescriptor2 == null) {
            StringBuffer stringBuffer = new StringBuffer(str3);
            stringBuffer.append("?wreply=");
            stringBuffer.append(URLEncDec.encode(this.request.getRequestURL().toString()));
            if (this.wctx != null) {
                stringBuffer.append("&wctx=");
                stringBuffer.append(URLEncDec.encode(this.wctx));
            }
            if (debug.messageEnabled()) {
                debug.message("RPSigninRequest.process: no account realm - redirecting to :" + ((Object) stringBuffer));
            }
            this.response.sendRedirect(stringBuffer.toString());
            return;
        }
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: account realm:" + str5);
        }
        String tokenIssuerEndpoint = metaManager.getTokenIssuerEndpoint(entityDescriptor2);
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: endpoint:" + tokenIssuerEndpoint);
        }
        String tokenIssuerEndpoint2 = metaManager.getTokenIssuerEndpoint(entityDescriptor);
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: replyURL:" + tokenIssuerEndpoint2);
        }
        StringBuffer stringBuffer2 = new StringBuffer(tokenIssuerEndpoint);
        stringBuffer2.append("?wa=");
        stringBuffer2.append(URLEncDec.encode(WSFederationConstants.WSIGNIN10));
        if (this.wctx != null) {
            stringBuffer2.append("&wctx=");
            stringBuffer2.append(URLEncDec.encode(this.wctx));
        }
        stringBuffer2.append("&wreply=");
        stringBuffer2.append(URLEncDec.encode(tokenIssuerEndpoint2));
        stringBuffer2.append("&wct=");
        stringBuffer2.append(URLEncDec.encode(DateUtils.toUTCDateFormat(Time.newDate())));
        stringBuffer2.append("&wtrealm=");
        stringBuffer2.append(URLEncDec.encode(tokenIssuerName));
        if (debug.messageEnabled()) {
            debug.message("RPSigninRequest.process: Redirecting to:" + ((Object) stringBuffer2));
        }
        this.response.sendRedirect(stringBuffer2.toString());
    }
}
