package com.sun.identity.federation.services;

import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement;
import com.sun.identity.federation.meta.IDFFMetaException;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.federation.meta.IDFFMetaUtils;
import com.sun.identity.federation.services.util.FSServiceUtils;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/sun/identity/federation/services/FSAuthnDecisionHandler.class */
public class FSAuthnDecisionHandler {
    private String loginURL;
    private static IDFFMetaManager metaManager;
    private Map idpAuthContextMap = null;
    private int compAuthType = 0;

    public FSAuthnDecisionHandler(String str, String str2, HttpServletRequest httpServletRequest) {
        this.loginURL = null;
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnDecisionHandler::Constructor called with entityID" + str2);
        }
        this.loginURL = SystemConfigurationUtil.getProperty(IFSConstants.IDP_LOGIN_URL);
        if (this.loginURL == null || this.loginURL.trim().length() == 0) {
            this.loginURL = FSServiceUtils.getBaseURL(httpServletRequest) + IFSConstants.LOGIN_PAGE;
        }
        this.loginURL += '?' + IFSConstants.ARGKEY + '=' + IFSConstants.NEWSESSION;
        getIDPAuthContextInfo(str, str2);
    }

    private void getIDPAuthContextInfo(String str, String str2) {
        if (metaManager == null) {
            return;
        }
        try {
            IDPDescriptorConfigElement iDPDescriptorConfig = metaManager.getIDPDescriptorConfig(str, str2);
            if (iDPDescriptorConfig == null) {
                return;
            }
            List<String> list = (List) IDFFMetaUtils.getAttributes(iDPDescriptorConfig).get(IFSConstants.IDP_AUTHNCONTEXT_MAPPING);
            if (list != null && !list.isEmpty()) {
                this.idpAuthContextMap = new HashMap();
                for (String str3 : list) {
                    try {
                        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = new FSIDPAuthenticationContextInfo(str3);
                        this.idpAuthContextMap.put(fSIDPAuthenticationContextInfo.getAuthenticationContext(), fSIDPAuthenticationContextInfo);
                    } catch (FSException e) {
                        if (FSUtils.debug.messageEnabled()) {
                            FSUtils.debug.message("FSAuthContextHandler.getIDPAuthContextInfo: info is not valid:" + str3 + " ", e);
                        }
                    }
                }
            }
        } catch (IDFFMetaException e2) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSAuthContextHandler.getIDPAuthContextInfo: ", e2);
            }
        }
    }

    private FSIDPAuthenticationContextInfo getHigherAuthContext(int i) {
        FSUtils.debug.message("FSAuthnDecisionHandler::getHigherAuthContext called.");
        for (FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo : this.idpAuthContextMap.entrySet()) {
            if (fSIDPAuthenticationContextInfo != null && fSIDPAuthenticationContextInfo.getLevel() > i) {
                return fSIDPAuthenticationContextInfo;
            }
        }
        FSUtils.debug.message("FSAuthnDecisionHandler::getHigherAuthContext returning null");
        return null;
    }

    private FSIDPAuthenticationContextInfo getLowerAuthContext(int i) {
        FSUtils.debug.message("FSAuthnDecisionHandler::getHigherAuthContext called.");
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = null;
        for (FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo2 : this.idpAuthContextMap.entrySet()) {
            if (fSIDPAuthenticationContextInfo2 != null && fSIDPAuthenticationContextInfo2.getLevel() < i && (fSIDPAuthenticationContextInfo == null || fSIDPAuthenticationContextInfo.getLevel() < fSIDPAuthenticationContextInfo2.getLevel())) {
                fSIDPAuthenticationContextInfo = fSIDPAuthenticationContextInfo2;
            }
        }
        return fSIDPAuthenticationContextInfo;
    }

    public FSAuthContextResult decideAuthnContext(List list, String str, String str2) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnDecisionHandler::decideAuthnContext called with list. " + list + " and authComparisonType " + str2);
        }
        if (str2 == null) {
            str2 = IFSConstants.MINIMUM;
        }
        FSAuthContextResult fSAuthContextResult = new FSAuthContextResult();
        if (list != null) {
            if (str2.equals(IFSConstants.MINIMUM)) {
                this.compAuthType = 1;
            } else if (str2.equals(IFSConstants.BETTER)) {
                this.compAuthType = 2;
            } else if (str2.equals(IFSConstants.MAXIMUM)) {
                this.compAuthType = 3;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                fSAuthContextResult = decideAuthnContext((String) it.next(), str);
                if (fSAuthContextResult != null) {
                    return fSAuthContextResult;
                }
            }
        }
        return fSAuthContextResult;
    }

    public FSAuthContextResult getURLForAuthnContext(List list, String str) {
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnDecisionHandler::getURLForAuthnContext called with list. " + list + " and authComparisonType " + str);
        }
        if (str == null) {
            str = IFSConstants.MINIMUM;
        }
        FSAuthContextResult fSAuthContextResult = null;
        if (list != null && str != null) {
            if (str.equals(IFSConstants.MINIMUM)) {
                this.compAuthType = 1;
            } else if (str.equals(IFSConstants.BETTER)) {
                this.compAuthType = 2;
            } else if (str.equals(IFSConstants.MAXIMUM)) {
                this.compAuthType = 3;
            }
            Iterator it = list.iterator();
            while (it.hasNext()) {
                fSAuthContextResult = getURLForAuthnContext((String) it.next());
                if (fSAuthContextResult != null && fSAuthContextResult.getLoginURL() != null) {
                    return fSAuthContextResult;
                }
            }
        }
        return fSAuthContextResult;
    }

    public FSAuthContextResult getURLForAuthnContext(List list) {
        return getURLForAuthnContext(list, null);
    }

    private FSAuthContextResult getURLForAuthnContext(String str) {
        FSUtils.debug.message("FSAuthDecisionHandler::getURLForAuthContext. Entered method");
        if (str == null || this.idpAuthContextMap == null) {
            if (!FSUtils.debug.messageEnabled()) {
                return null;
            }
            FSUtils.debug.message("FSAuthnDecisionHandler::getURLForAuthContext. Method called withauthContextMinRef null");
            return null;
        }
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str);
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnDecisionHandler::getURLForAuthnContext in auth context checking for " + str);
        }
        if (fSIDPAuthenticationContextInfo == null) {
            FSUtils.debug.error("FSAuthnDecisionHandler::getURLForAuthnContext. Could not get any authcontext");
            return null;
        }
        new String();
        if (this.loginURL == null) {
            FSUtils.debug.error("FSAuthnDecisionHandler::getURLForAuthnContext.login url is null, or auth info is not found");
            return null;
        }
        FSAuthContextResult fSAuthContextResult = new FSAuthContextResult();
        String moduleIndicatorValue = fSIDPAuthenticationContextInfo.getModuleIndicatorValue();
        fSAuthContextResult.setLoginURL((fSIDPAuthenticationContextInfo.getModuleIndicatorKey().equalsIgnoreCase(IFSConstants.NAME_ID_POLICY_NONE) || moduleIndicatorValue == null) ? this.loginURL : this.loginURL + "&" + fSIDPAuthenticationContextInfo.getModuleIndicatorKey() + "=" + moduleIndicatorValue);
        fSAuthContextResult.setAuthContextRef(fSIDPAuthenticationContextInfo.getAuthenticationContext());
        return fSAuthContextResult;
    }

    private FSAuthContextResult decideAuthnContext(String str, String str2) {
        FSUtils.debug.message("FSAuthnDecisionHandler::decideAuthnContext. Entered method");
        if (str == null || this.idpAuthContextMap == null) {
            if (!FSUtils.debug.messageEnabled()) {
                return null;
            }
            FSUtils.debug.message("FSAuthnDecisionHandler::decideAuthnContext. Method called with authContextMinRef null");
            return null;
        }
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str2);
        FSIDPAuthenticationContextInfo fSIDPAuthenticationContextInfo2 = (FSIDPAuthenticationContextInfo) this.idpAuthContextMap.get(str);
        if (fSIDPAuthenticationContextInfo == null || fSIDPAuthenticationContextInfo2 == null) {
            FSUtils.debug.error("FSAuthnDecisionHandler::decideAuthnContext Not Supported AuthContext");
            return null;
        }
        if (fSIDPAuthenticationContextInfo.getLevel() < fSIDPAuthenticationContextInfo2.getLevel()) {
            return getURLForAuthnContext(str);
        }
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSAuthnDecisionHandler::decideAuthnContext.Present Auth Level higher than needed.");
        }
        return new FSAuthContextResult();
    }

    static {
        metaManager = null;
        metaManager = FSUtils.getIDFFMetaManager();
    }
}
