package com.sun.identity.wsfederation.servlet;

import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.plugin.session.SessionProvider;
import com.sun.identity.saml2.common.SAML2Constants;
import com.sun.identity.saml2.profile.SPACSUtils;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.wsfederation.common.WSFederationConstants;
import com.sun.identity.wsfederation.common.WSFederationException;
import com.sun.identity.wsfederation.common.WSFederationUtils;
import com.sun.identity.wsfederation.jaxb.entityconfig.SPSSOConfigElement;
import com.sun.identity.wsfederation.logging.LogUtil;
import com.sun.identity.wsfederation.meta.WSFederationMetaManager;
import com.sun.identity.wsfederation.meta.WSFederationMetaUtils;
import com.sun.identity.wsfederation.plugins.SPAccountMapper;
import com.sun.identity.wsfederation.plugins.SPAttributeMapper;
import com.sun.identity.wsfederation.profile.RequestSecurityTokenResponse;
import com.sun.identity.wsfederation.profile.RequestedSecurityToken;
import com.sun.identity.wsfederation.profile.SPCache;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/sun/identity/wsfederation/servlet/RPSigninResponse.class */
public class RPSigninResponse extends WSFederationAction {
    private static Debug debug;
    private String wresult;
    private String wctx;
    static final /* synthetic */ boolean $assertionsDisabled;

    public RPSigninResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        super(httpServletRequest, httpServletResponse);
        this.wresult = str;
        this.wctx = str2;
    }

    /* JADX WARN: Type inference failed for: r29v0, types: [java.lang.Throwable, com.sun.identity.plugin.session.SessionException] */
    @Override // com.sun.identity.wsfederation.servlet.WSFederationAction
    public void process() throws WSFederationException, IOException {
        if (this.wresult == null || this.wresult.length() == 0) {
            LogUtil.error(Level.INFO, LogUtil.MISSING_WRESULT, new String[]{this.request.getQueryString()}, null);
            throw new WSFederationException(WSFederationUtils.bundle.getString("nullWresult"));
        }
        try {
            RequestSecurityTokenResponse parseXML = RequestSecurityTokenResponse.parseXML(this.wresult);
            if (debug.messageEnabled()) {
                debug.message("RPSigninResponse.process: Received RSTR: " + parseXML.toString());
            }
            String metaAliasByUri = WSFederationMetaUtils.getMetaAliasByUri(this.request.getRequestURL().toString());
            String realmByMetaAlias = WSFederationMetaUtils.getRealmByMetaAlias(metaAliasByUri);
            WSFederationMetaManager metaManager = WSFederationUtils.getMetaManager();
            try {
                String entityByMetaAlias = metaManager.getEntityByMetaAlias(metaAliasByUri);
                if (realmByMetaAlias == null || realmByMetaAlias.length() == 0) {
                    realmByMetaAlias = "/";
                }
                SPSSOConfigElement sPSSOConfig = metaManager.getSPSSOConfig(realmByMetaAlias, entityByMetaAlias);
                int i = 300;
                String attribute = WSFederationMetaUtils.getAttribute(sPSSOConfig, SAML2Constants.ASSERTION_TIME_SKEW);
                if (attribute != null && attribute.trim().length() > 0) {
                    i = Integer.parseInt(attribute);
                    if (i < 0) {
                        i = 300;
                    }
                }
                if (debug.messageEnabled()) {
                    debug.message("RPSigninResponse.process: timeskew = " + i);
                }
                if (debug.messageEnabled()) {
                    debug.message("RPSigninResponse.process:  - verifying assertion");
                }
                Map<String, Object> verifyToken = parseXML.getRequestedSecurityToken().verifyToken(realmByMetaAlias, entityByMetaAlias, i);
                if (!$assertionsDisabled && verifyToken == null) {
                    throw new AssertionError();
                }
                Map<String, List<String>> attributes = WSFederationMetaUtils.getAttributes(sPSSOConfig);
                SPAccountMapper sPAccountMapper = getSPAccountMapper(attributes);
                SPAttributeMapper sPAttributeMapper = getSPAttributeMapper(attributes);
                String identity = sPAccountMapper.getIdentity(parseXML, entityByMetaAlias, realmByMetaAlias);
                if (identity == null) {
                    throw new WSFederationException(WSFederationUtils.bundle.getString("nullUserID"));
                }
                String entityByTokenIssuerName = metaManager.getEntityByTokenIssuerName(realmByMetaAlias, parseXML.getRequestedSecurityToken().getIssuer());
                List attributes2 = parseXML.getRequestedSecurityToken().getAttributes();
                Map map = null;
                if (attributes2 != null) {
                    map = sPAttributeMapper.getAttributes(attributes2, identity, entityByMetaAlias, entityByTokenIssuerName, realmByMetaAlias);
                }
                String obj = verifyToken.get("AuthLevel").toString();
                HashMap hashMap = new HashMap();
                hashMap.put("realm", realmByMetaAlias);
                hashMap.put(SessionProvider.PRINCIPAL_NAME, identity);
                hashMap.put("AuthLevel", obj);
                try {
                    SessionProvider provider = SessionManager.getProvider();
                    Object createSession = provider.createSession(hashMap, this.request, this.response, null);
                    SPACSUtils.setAttrMapInSession(provider, map, createSession);
                    provider.setProperty(createSession, WSFederationConstants.SESSION_IDP, new String[]{entityByTokenIssuerName});
                    RequestedSecurityToken requestedSecurityToken = parseXML.getRequestedSecurityToken();
                    if (isAssertionCacheEnabled(sPSSOConfig)) {
                        String tokenId = requestedSecurityToken.getTokenId();
                        provider.setProperty(createSession, "AssertionID", new String[]{tokenId});
                        SPCache.assertionByIDCache.put(tokenId, requestedSecurityToken.toString());
                    }
                    String removeReplyURL = this.wctx != null ? WSFederationUtils.removeReplyURL(this.wctx) : WSFederationMetaUtils.getAttribute(sPSSOConfig, SAML2Constants.DEFAULT_RELAY_STATE);
                    String[] strArr = new String[6];
                    strArr[0] = this.wctx;
                    strArr[1] = LogUtil.isErrorLoggable(Level.FINER) ? this.wresult : parseXML.getRequestedSecurityToken().getTokenId();
                    strArr[2] = realmByMetaAlias;
                    strArr[3] = identity;
                    strArr[4] = obj;
                    strArr[5] = removeReplyURL;
                    LogUtil.access(Level.INFO, LogUtil.SSO_SUCCESSFUL, strArr, createSession);
                    if (removeReplyURL == null) {
                        this.response.getWriter().println("Logged in");
                    } else {
                        this.response.sendRedirect(removeReplyURL);
                    }
                } catch (SessionException e) {
                    LogUtil.error(Level.INFO, LogUtil.CANT_CREATE_SESSION, new String[]{e.getLocalizedMessage(), realmByMetaAlias, identity, obj}, null);
                    throw new WSFederationException((Throwable) e);
                }
            } catch (WSFederationException e2) {
                LogUtil.error(Level.INFO, "CONFIG_ERROR_GET_ENTITY_CONFIG", new String[]{e2.getLocalizedMessage(), metaAliasByUri, realmByMetaAlias}, null);
                throw new WSFederationException(WSFederationConstants.BUNDLE_NAME, "invalidMetaAlias", new String[]{metaAliasByUri, realmByMetaAlias});
            }
        } catch (WSFederationException e3) {
            LogUtil.error(Level.INFO, LogUtil.INVALID_WRESULT, new String[]{this.wresult}, null);
            throw new WSFederationException(WSFederationUtils.bundle.getString("invalidWresult"));
        }
    }

    private static SPAccountMapper getSPAccountMapper(Map map) throws WSFederationException {
        SPAccountMapper sPAccountMapper = null;
        List list = (List) map.get(SAML2Constants.SP_ACCOUNT_MAPPER);
        if (list != null) {
            try {
                sPAccountMapper = (SPAccountMapper) Class.forName((String) list.get(0)).newInstance();
                if (debug.messageEnabled()) {
                    debug.message("RPSigninResponse.getSPAccountMapper: mapper = " + ((String) list.get(0)));
                }
            } catch (ClassNotFoundException e) {
                throw new WSFederationException(e);
            } catch (IllegalAccessException e2) {
                throw new WSFederationException(e2);
            } catch (InstantiationException e3) {
                throw new WSFederationException(e3);
            }
        }
        if (sPAccountMapper == null) {
            throw new WSFederationException(WSFederationUtils.bundle.getString("failedAcctMapper"));
        }
        return sPAccountMapper;
    }

    private SPAttributeMapper getSPAttributeMapper(Map map) throws WSFederationException {
        SPAttributeMapper sPAttributeMapper = null;
        List list = (List) map.get(SAML2Constants.SP_ATTRIBUTE_MAPPER);
        if (list != null) {
            try {
                sPAttributeMapper = (SPAttributeMapper) Class.forName((String) list.get(0)).newInstance();
            } catch (ClassNotFoundException e) {
                throw new WSFederationException(e);
            } catch (IllegalAccessException e2) {
                throw new WSFederationException(e2);
            } catch (InstantiationException e3) {
                throw new WSFederationException(e3);
            }
        }
        if (sPAttributeMapper == null) {
            throw new WSFederationException(WSFederationUtils.bundle.getString("failedAttrMapper"));
        }
        return sPAttributeMapper;
    }

    public static void setAttrMapInSession(SessionProvider sessionProvider, Map map, Object obj) throws SessionException {
        if (map == null || map.isEmpty()) {
            return;
        }
        for (Map.Entry entry : map.entrySet()) {
            String str = (String) entry.getKey();
            Set set = (Set) entry.getValue();
            if (set != null && !set.isEmpty()) {
                sessionProvider.setProperty(obj, str, (String[]) set.toArray(new String[set.size()]));
                if (WSFederationUtils.debug.messageEnabled()) {
                    WSFederationUtils.debug.message("SPACSUtils.setAttrMapInSession: AttrMap:" + str + " , " + set);
                }
            }
        }
    }

    private boolean isAssertionCacheEnabled(SPSSOConfigElement sPSSOConfigElement) {
        String attribute = WSFederationMetaUtils.getAttribute(sPSSOConfigElement, SAML2Constants.ASSERTION_CACHE_ENABLED);
        return attribute == null || "true".equalsIgnoreCase(attribute);
    }

    static {
        $assertionsDisabled = !RPSigninResponse.class.desiredAssertionStatus();
        debug = WSFederationUtils.debug;
    }
}
