package com.sun.identity.saml.servlet;

import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.plugin.session.SessionProvider;
import com.sun.identity.saml.AssertionManager;
import com.sun.identity.saml.common.LogUtils;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLException;
import com.sun.identity.saml.common.SAMLServiceManager;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.protocol.AssertionArtifact;
import com.sun.identity.shared.encode.URLEncDec;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/sun/identity/saml/servlet/SAMLAwareServlet.class */
public class SAMLAwareServlet extends HttpServlet {
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (httpServletRequest == null || httpServletResponse == null) {
            LogUtils.error(Level.INFO, LogUtils.NULL_PARAMETER, new String[]{SAMLUtils.bundle.getString("nullInputParameter")});
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, IFSConstants.MAX_CACHING_TIME, "nullInputParameter", SAMLUtils.bundle.getString("nullInputParameter"));
            return;
        }
        SAMLUtils.checkHTTPContentLength(httpServletRequest);
        String parameter = httpServletRequest.getParameter((String) SAMLServiceManager.getAttribute(SAMLConstants.TARGET_SPECIFIER));
        String parameter2 = httpServletRequest.getParameter((String) SAMLServiceManager.getAttribute(SAMLConstants.ARTIFACT_NAME));
        if (parameter == null || parameter.length() == 0) {
            LogUtils.error(Level.INFO, LogUtils.MISSING_TARGET, new String[]{SAMLUtils.bundle.getString("missingTargetSite")});
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, IFSConstants.MAX_CACHING_TIME, "invalidConfig", SAMLUtils.bundle.getString("invalidConfig"));
            return;
        }
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        if (parameter2 == null || parameter2.length() == 0) {
            IntersiteTransfer(httpServletRequest, httpServletResponse, parameter);
        } else {
            ArtifactHandler(httpServletRequest, httpServletResponse);
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        doGet(httpServletRequest, httpServletResponse);
    }

    private List createArtifact(Object obj, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str2, String str3) throws SAMLException {
        if (obj == null || str == null || str.length() == 0 || str3 == null || str3.length() == 0) {
            throw new SAMLException(SAMLUtils.bundle.getString("createArtifactError"));
        }
        ArrayList arrayList = new ArrayList();
        try {
            AssertionArtifact createAssertionArtifact = AssertionManager.getInstance().createAssertionArtifact(SessionManager.getProvider().getSessionID(obj), str, httpServletRequest, httpServletResponse, str2, str3);
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("AssertionArtifact id = " + createAssertionArtifact.toString());
            }
            arrayList.add(createAssertionArtifact.getAssertionArtifact());
            return arrayList;
        } catch (SessionException e) {
            SAMLUtils.debug.error("Couldn't get SessionProvider.");
            throw new SAMLException(SAMLUtils.bundle.getString("nullSessionProvider"));
        }
    }

    private void IntersiteTransfer(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, ServletException {
        URL url = new URL(str);
        String host = url.getHost();
        int port = url.getPort();
        if (host == null) {
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.error("SAMLAwareServlet:IntersiteTransfer:Failed to get host name of target URL.");
            }
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, IFSConstants.MAX_CACHING_TIME, "missingTargetHost", SAMLUtils.bundle.getString("missingTargetHost"));
            return;
        }
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message("TargetUrl Host = " + host + " Port= " + port);
        }
        SAMLServiceManager.SiteEntry siteEntry = null;
        Set set = (Set) SAMLServiceManager.getAttribute(SAMLConstants.TRUSTED_SERVER_LIST);
        if (set == null) {
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, IFSConstants.MAX_CACHING_TIME, "nullTrustedSite", SAMLUtils.bundle.getString("nullTrustedSite"));
            return;
        }
        Iterator it = set.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SAMLServiceManager.SiteEntry siteEntry2 = (SAMLServiceManager.SiteEntry) it.next();
            String hostName = siteEntry2.getHostName();
            int port2 = siteEntry2.getPort();
            if (port2 != -1) {
                if (host.indexOf(hostName) != -1 && port != -1 && port == port2) {
                    siteEntry = siteEntry2;
                    break;
                }
            } else if (host.indexOf(hostName) != -1) {
                siteEntry = siteEntry2;
            }
        }
        if (siteEntry == null) {
            LogUtils.error(Level.INFO, LogUtils.TARGET_FORBIDDEN, new String[]{SAMLUtils.bundle.getString("targetForbidden"), str});
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, 403, "targetForbidden", SAMLUtils.bundle.getString("targetForbidden") + " " + str);
            return;
        }
        Object obj = null;
        boolean z = false;
        try {
            SessionProvider provider = SessionManager.getProvider();
            obj = provider.getSession(httpServletRequest);
            if (obj != null) {
                if (provider.isValid(obj)) {
                    z = true;
                }
            }
        } catch (SessionException e) {
            SAMLUtils.debug.message("Invalid SSO!");
        }
        if (!z) {
            httpServletResponse.sendRedirect(SAMLUtils.getLoginRedirectURL(httpServletRequest));
            return;
        }
        new ArrayList();
        try {
            List createArtifact = createArtifact(obj, siteEntry.getSourceID(), httpServletRequest, httpServletResponse, str, siteEntry.getVersion());
            String str2 = (String) SAMLServiceManager.getAttribute(SAMLConstants.TARGET_SPECIFIER);
            String str3 = (String) SAMLServiceManager.getAttribute(SAMLConstants.ARTIFACT_NAME);
            Iterator it2 = createArtifact.iterator();
            StringBuffer stringBuffer = new StringBuffer(1000);
            while (it2.hasNext()) {
                String encode = URLEncDec.encode((String) it2.next());
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Encoded SAML AssertionArtifact " + encode);
                }
                stringBuffer.append("&").append(str3).append("=").append(encode);
            }
            String str4 = siteEntry.getSAMLUrl() + "?" + str2 + "=" + URLEncDec.encode(str) + stringBuffer.toString();
            httpServletResponse.setStatus(302);
            httpServletResponse.setHeader("Location", str4);
            LogUtils.access(Level.FINE, LogUtils.REDIRECT_TO_URL, new String[]{SAMLUtils.bundle.getString("redirectTo"), str, str4}, obj);
            httpServletResponse.sendRedirect(str4);
        } catch (SAMLException e2) {
            SAMLUtils.debug.error("IntersiteTransfer:Failed to create AssertionArtifact(s)");
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, IFSConstants.MAX_CACHING_TIME, "errorCreateArtifact", e2.getMessage());
        }
    }

    private void ArtifactHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String parameter = httpServletRequest.getParameter((String) SAMLServiceManager.getAttribute(SAMLConstants.TARGET_SPECIFIER));
        try {
            SAMLUtils.generateSession(httpServletRequest, httpServletResponse, SAMLUtils.processArtifact(httpServletRequest.getParameterValues((String) SAMLServiceManager.getAttribute(SAMLConstants.ARTIFACT_NAME)), parameter));
            LogUtils.access(Level.INFO, LogUtils.ACCESS_GRANTED, new String[]{SAMLUtils.bundle.getString("accessGranted")});
            if (!SAMLUtils.postYN(parameter)) {
                httpServletResponse.sendRedirect(parameter);
                return;
            }
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message("POST to target:" + parameter);
            }
            SAMLUtils.postToTarget(httpServletResponse, httpServletResponse.getWriter(), null, parameter, null);
        } catch (Exception e) {
            SAMLUtils.debug.error("generateSession: ", e);
            LogUtils.error(Level.INFO, LogUtils.FAILED_TO_CREATE_SSO_TOKEN, new String[]{SAMLUtils.bundle.getString("failedCreateSSOToken")});
            SAMLUtils.sendError(httpServletRequest, httpServletResponse, IFSConstants.MAX_CACHING_TIME, "failedCreateSSOToken", SAMLUtils.bundle.getString("failedCreateSSOToken"));
        }
    }
}
