package com.sun.identity.federation.services.fednsso;

import com.sun.identity.federation.accountmgmt.FSAccountManager;
import com.sun.identity.federation.accountmgmt.FSAccountMgmtException;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.common.IFSConstants;
import com.sun.identity.federation.common.LogUtil;
import com.sun.identity.federation.jaxb.entityconfig.BaseConfigType;
import com.sun.identity.federation.jaxb.entityconfig.IDPDescriptorConfigElement;
import com.sun.identity.federation.message.FSAuthnRequest;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.federation.meta.IDFFMetaUtils;
import com.sun.identity.federation.services.FSSOAPService;
import com.sun.identity.federation.services.FSServiceManager;
import com.sun.identity.federation.services.FSSession;
import com.sun.identity.federation.services.FSSessionManager;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType;
import com.sun.identity.plugin.monitoring.FedMonAgent;
import com.sun.identity.plugin.monitoring.FedMonIDFFSvc;
import com.sun.identity.plugin.monitoring.MonitorManager;
import com.sun.identity.plugin.session.SessionException;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.plugin.session.SessionProvider;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml2.common.SAML2Constants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.util.logging.Level;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import org.w3c.dom.Element;

/* loaded from: input_file:com/sun/identity/federation/services/fednsso/FSSSOAndFedService.class */
public class FSSSOAndFedService extends HttpServlet {
    private static FSSOAPService soapService = FSSOAPService.getInstance();
    private static MessageFactory msgFactory = null;
    private static IDFFMetaManager metaManager = null;
    private static FedMonAgent agent = MonitorManager.getAgent();
    private static FedMonIDFFSvc idffSvc = MonitorManager.getIDFFSvc();

    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        try {
            msgFactory = MessageFactory.newInstance();
            metaManager = FSUtils.getIDFFMetaManager();
        } catch (SOAPException e) {
            FSUtils.debug.error("FSSSOAndFedService.init: create message factory failed.", e);
            throw new ServletException(e.getMessage());
        }
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        boolean z;
        FSUtils.debug.message("FSSSOAndFedService.doGet: Called");
        if (httpServletRequest == null || httpServletResponse == null) {
            FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("nullInputParameter"));
            httpServletResponse.sendError(IFSConstants.MAX_CACHING_TIME, FSUtils.bundle.getString("nullInputParameter"));
            return;
        }
        if (FSUtils.needSetLBCookieAndRedirect(httpServletRequest, httpServletResponse, true)) {
            return;
        }
        if (httpServletRequest.getParameter(IFSConstants.AUTHN_INDICATOR_PARAM) == null) {
            FSUtils.debug.message("FSSSOAndFedService.doGet:Pre Authentication SSO");
            try {
                FSAuthnRequest parseURLEncodedRequest = FSAuthnRequest.parseURLEncodedRequest(httpServletRequest);
                if (parseURLEncodedRequest == null) {
                    FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("invalidAuthnRequest"));
                    LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, new String[]{FSUtils.bundle.getString("invalidAuthnRequest")});
                    httpServletResponse.sendError(400, FSUtils.bundle.getString("invalidAuthnRequest"));
                    return;
                }
                String str = null;
                String str2 = null;
                String str3 = null;
                IDPDescriptorType iDPDescriptorType = null;
                IDPDescriptorConfigElement iDPDescriptorConfigElement = null;
                try {
                    str = FSServiceUtils.getMetaAlias(httpServletRequest);
                    str2 = IDFFMetaUtils.getRealmByMetaAlias(str);
                    str3 = metaManager.getEntityIDByMetaAlias(str);
                    iDPDescriptorType = metaManager.getIDPDescriptor(str2, str3);
                    iDPDescriptorConfigElement = metaManager.getIDPDescriptorConfig(str2, str3);
                } catch (Exception e) {
                    if (FSUtils.debug.messageEnabled()) {
                        FSUtils.debug.message("FSSSOAndFedService: couldn't obtain hosted entity id:", e);
                    }
                }
                handleAuthnRequest(httpServletRequest, httpServletResponse, parseURLEncodedRequest, false, false, str2, str3, str, iDPDescriptorType, iDPDescriptorConfigElement);
                return;
            } catch (FSException e2) {
                FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("invalidAuthnRequest") + ", queryString=" + httpServletRequest.getQueryString(), e2);
                LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, new String[]{FSUtils.bundle.getString("invalidAuthnRequest")});
                httpServletResponse.sendError(400, FSUtils.bundle.getString("invalidAuthnRequest"));
                return;
            }
        }
        FSUtils.debug.message("FSSSOAndFedService.doGet:Post Authentication SSO");
        if (httpServletRequest.getParameter(IFSConstants.LECP_INDICATOR_PARAM) == null) {
            FSUtils.debug.message("FSSSOAndFedService.doGet:non LECP request");
            z = false;
        } else {
            FSUtils.debug.message("FSSSOAndFedService.doGet:post Authn LECP request");
            z = true;
        }
        String parameter = httpServletRequest.getParameter("RequestID");
        String parameter2 = httpServletRequest.getParameter(IFSConstants.PROVIDER_ID_KEY);
        String parameter3 = httpServletRequest.getParameter("AuthnContext");
        String parameter4 = httpServletRequest.getParameter("realm");
        FSAuthnRequest authnRequest = FSSessionManager.getInstance(httpServletRequest.getParameter("metaAlias")).getAuthnRequest(parameter);
        if (authnRequest == null) {
            FSUtils.debug.message("FSSSOAndFedService.doGet: authnRequest is null");
        }
        if (parameter3 == null || parameter3.length() == 0) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService.doGet: authnContext is null. Using default password");
            }
            parameter3 = IFSConstants.DEFAULT_AUTHNCONTEXT_PASSWORD;
        }
        if (authnRequest != null && parameter4 != null && parameter4.length() != 0 && parameter2 != null && parameter2.length() != 0 && parameter3 != null && parameter3.length() != 0) {
            handleAuthnRequest(httpServletRequest, httpServletResponse, authnRequest, parameter4, parameter2, z, parameter3);
        } else {
            FSUtils.debug.error("FSSSOAndFedService.doGet: AuthnRequest not found in FSSessionManager");
            httpServletResponse.sendError(IFSConstants.MAX_CACHING_TIME, FSUtils.bundle.getString("nullInput"));
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        FSUtils.debug.message("FSSSOAndFedService.doPost: Called");
        if (httpServletRequest == null || httpServletResponse == null) {
            httpServletResponse.sendError(IFSConstants.MAX_CACHING_TIME, FSUtils.bundle.getString("nullInputParameter"));
            return;
        }
        if (FSUtils.needSetLBCookieAndRedirect(httpServletRequest, httpServletResponse, true)) {
            return;
        }
        if (isLECPRequest(httpServletRequest)) {
            String str = (String) httpServletRequest.getAttribute("forwardrequest");
            if (str != null && str.equals("yes")) {
                FSUtils.debug.message("FSSSOAndFedService.doPost: LECP forward");
                doGet(httpServletRequest, httpServletResponse);
                return;
            } else {
                try {
                    onMessage(httpServletRequest, httpServletResponse, msgFactory.createMessage(SAMLUtils.getMimeHeaders(httpServletRequest), httpServletRequest.getInputStream()));
                    return;
                } catch (SOAPException e) {
                    throw new ServletException(e);
                }
            }
        }
        String parameter = httpServletRequest.getParameter(IFSConstants.POST_AUTHN_REQUEST_PARAM);
        if (parameter == null) {
            doGet(httpServletRequest, httpServletResponse);
            return;
        }
        String replace = parameter.replace(' ', '\n');
        if (FSUtils.debug.messageEnabled()) {
            FSUtils.debug.message("FSSSOAndFedService.doPost: BASE64 encoded AuthnRequest at the RECEIVER: " + replace);
        }
        try {
            FSAuthnRequest parseBASE64EncodedString = FSAuthnRequest.parseBASE64EncodedString(replace);
            if (parseBASE64EncodedString == null) {
                FSUtils.debug.error("FSSSOAndFedService: " + FSUtils.bundle.getString("invalidAuthnRequest"));
                LogUtil.error(Level.INFO, LogUtil.INVALID_AUTHN_REQUEST, new String[]{FSUtils.bundle.getString("invalidAuthnRequest")});
                httpServletResponse.sendError(400, FSUtils.bundle.getString("invalidAuthnRequest"));
                return;
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService: AuthnRequest received:" + parseBASE64EncodedString.toXMLString());
            }
            String str2 = null;
            String str3 = null;
            String str4 = null;
            IDPDescriptorType iDPDescriptorType = null;
            IDPDescriptorConfigElement iDPDescriptorConfigElement = null;
            try {
                str2 = FSServiceUtils.getMetaAlias(httpServletRequest);
                str3 = IDFFMetaUtils.getRealmByMetaAlias(str2);
                str4 = metaManager.getEntityIDByMetaAlias(str2);
                iDPDescriptorType = metaManager.getIDPDescriptor(str3, str4);
                iDPDescriptorConfigElement = metaManager.getIDPDescriptorConfig(str3, str4);
            } catch (Exception e2) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSSOAndFedService: couldn't obtain hosted entity id:", e2);
                }
            }
            handleAuthnRequest(httpServletRequest, httpServletResponse, parseBASE64EncodedString, false, false, str3, str4, str2, iDPDescriptorType, iDPDescriptorConfigElement);
        } catch (FSException e3) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService: " + FSUtils.bundle.getString("invalidAuthnRequest"), e3);
            }
            httpServletResponse.sendError(400, FSUtils.bundle.getString("invalidAuthnRequest"));
        }
    }

    private boolean isLECPRequest(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getHeader(IFSConstants.LECP_HEADER_NAME) != null) {
            FSUtils.debug.message("FSSSOAndFedService: is LECP request.");
            return true;
        }
        String header = httpServletRequest.getHeader("content-type");
        return header != null && header.startsWith("text/xml");
    }

    private void handleAuthnRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FSAuthnRequest fSAuthnRequest, String str, String str2, boolean z, String str3) {
        FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Called");
        IDPDescriptorType iDPDescriptorType = null;
        BaseConfigType baseConfigType = null;
        String str4 = null;
        try {
            iDPDescriptorType = metaManager.getIDPDescriptor(str, str2);
            baseConfigType = metaManager.getIDPDescriptorConfig(str, str2);
            if (baseConfigType != null) {
                str4 = baseConfigType.getMetaAlias();
            }
        } catch (Exception e) {
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: Couldn't obtain hosted meta:", e);
            }
        }
        try {
            SessionProvider provider = SessionManager.getProvider();
            Object session = provider.getSession(httpServletRequest);
            if (session == null) {
                FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: session token is null.");
                return;
            }
            if (!provider.isValid(session)) {
                FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: session token is not valid.");
                return;
            }
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService.handleAuthnRequest: session token is valid.");
            }
            FSSessionManager fSSessionManager = FSSessionManager.getInstance(str4);
            FSSession session2 = fSSessionManager.getSession(session);
            String principalName = provider.getPrincipalName(session);
            if (session2 == null) {
                FSSession fSSession = new FSSession(provider.getSessionID(session));
                fSSession.setAuthnContext(str3);
                fSSessionManager.addSession(principalName, fSSession);
            } else {
                session2.setAuthnContext(str3);
            }
            try {
            } catch (FSAccountMgmtException e2) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSSOAndFedService:: handleAuthnRequest() No account information avialable for user. So no invocation  of name registration. ", e2);
                }
            }
            if (principalName == null) {
                LogUtil.error(Level.INFO, LogUtil.USER_NOT_FOUND, null, session);
                return;
            }
            FSAccountManager.getInstance(str4).readAccountFedInfo(principalName, fSAuthnRequest.getProviderId());
            handleAuthnRequest(httpServletRequest, httpServletResponse, fSAuthnRequest, true, z, str, str2, str4, iDPDescriptorType, baseConfigType);
        } catch (SessionException e3) {
            FSUtils.debug.error("FSSSOAndFedService.handleAuthnRequest: ", e3);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:15:0x007a A[Catch: Exception -> 0x0182, TryCatch #1 {Exception -> 0x0182, blocks: (B:39:0x0046, B:41:0x004d, B:13:0x0071, B:15:0x007a, B:17:0x00a1, B:19:0x00ab, B:20:0x00d1, B:22:0x00de, B:25:0x00fe, B:28:0x0137, B:30:0x013d, B:32:0x0148, B:34:0x014e, B:35:0x0156, B:37:0x00ed, B:12:0x0061), top: B:38:0x0046 }] */
    /* JADX WARN: Removed duplicated region for block: B:22:0x00de A[Catch: Exception -> 0x0182, TryCatch #1 {Exception -> 0x0182, blocks: (B:39:0x0046, B:41:0x004d, B:13:0x0071, B:15:0x007a, B:17:0x00a1, B:19:0x00ab, B:20:0x00d1, B:22:0x00de, B:25:0x00fe, B:28:0x0137, B:30:0x013d, B:32:0x0148, B:34:0x014e, B:35:0x0156, B:37:0x00ed, B:12:0x0061), top: B:38:0x0046 }] */
    /* JADX WARN: Removed duplicated region for block: B:25:0x00fe A[Catch: Exception -> 0x0182, TryCatch #1 {Exception -> 0x0182, blocks: (B:39:0x0046, B:41:0x004d, B:13:0x0071, B:15:0x007a, B:17:0x00a1, B:19:0x00ab, B:20:0x00d1, B:22:0x00de, B:25:0x00fe, B:28:0x0137, B:30:0x013d, B:32:0x0148, B:34:0x014e, B:35:0x0156, B:37:0x00ed, B:12:0x0061), top: B:38:0x0046 }] */
    /* JADX WARN: Removed duplicated region for block: B:28:0x0137 A[Catch: Exception -> 0x0182, TRY_ENTER, TryCatch #1 {Exception -> 0x0182, blocks: (B:39:0x0046, B:41:0x004d, B:13:0x0071, B:15:0x007a, B:17:0x00a1, B:19:0x00ab, B:20:0x00d1, B:22:0x00de, B:25:0x00fe, B:28:0x0137, B:30:0x013d, B:32:0x0148, B:34:0x014e, B:35:0x0156, B:37:0x00ed, B:12:0x0061), top: B:38:0x0046 }] */
    /* JADX WARN: Removed duplicated region for block: B:37:0x00ed A[Catch: Exception -> 0x0182, TryCatch #1 {Exception -> 0x0182, blocks: (B:39:0x0046, B:41:0x004d, B:13:0x0071, B:15:0x007a, B:17:0x00a1, B:19:0x00ab, B:20:0x00d1, B:22:0x00de, B:25:0x00fe, B:28:0x0137, B:30:0x013d, B:32:0x0148, B:34:0x014e, B:35:0x0156, B:37:0x00ed, B:12:0x0061), top: B:38:0x0046 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void handleAuthnRequest(javax.servlet.http.HttpServletRequest r7, javax.servlet.http.HttpServletResponse r8, com.sun.identity.federation.message.FSAuthnRequest r9, boolean r10, boolean r11, java.lang.String r12, java.lang.String r13, java.lang.String r14, com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType r15, com.sun.identity.federation.jaxb.entityconfig.BaseConfigType r16) {
        /*
            Method dump skipped, instructions count: 449
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.identity.federation.services.fednsso.FSSSOAndFedService.handleAuthnRequest(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.sun.identity.federation.message.FSAuthnRequest, boolean, boolean, java.lang.String, java.lang.String, java.lang.String, com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType, com.sun.identity.federation.jaxb.entityconfig.BaseConfigType):void");
    }

    public void onMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SOAPMessage sOAPMessage) {
        FSUtils.debug.message("FSSSOAndFedService.onMessage: Called");
        try {
            Element parseSOAPMessage = soapService.parseSOAPMessage(sOAPMessage);
            if (parseSOAPMessage == null) {
                FSUtils.debug.error("FSSSOAndFedService.onMessage: Error in processing. Invalid SOAPMessage");
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                return;
            }
            String trim = parseSOAPMessage.getTagName().trim();
            String trim2 = parseSOAPMessage.getNamespaceURI().trim();
            String trim3 = parseSOAPMessage.getLocalName().trim();
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message("FSSSOAndFedService.onMessage: tagName: " + trim + " namespaceUri: " + trim2 + " localName: " + trim3);
            }
            if ((!trim3.equalsIgnoreCase("AuthnRequest") || !trim2.equalsIgnoreCase("http://projectliberty.org/schemas/core/2002/12")) && !trim2.equalsIgnoreCase("urn:liberty:iff:2003-08")) {
                FSUtils.debug.error("FSSSOAndFedService.onMessage: Invalid SOAP Request:" + trim3);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
                return;
            }
            try {
                FSAuthnRequest fSAuthnRequest = new FSAuthnRequest(parseSOAPMessage);
                String metaAlias = FSServiceUtils.getMetaAlias(httpServletRequest);
                IDFFMetaManager iDFFMetaManager = FSUtils.getIDFFMetaManager();
                String realmByMetaAlias = IDFFMetaUtils.getRealmByMetaAlias(metaAlias);
                String entityIDByMetaAlias = iDFFMetaManager.getEntityIDByMetaAlias(metaAlias);
                IDPDescriptorType iDPDescriptor = iDFFMetaManager.getIDPDescriptor(realmByMetaAlias, entityIDByMetaAlias);
                IDPDescriptorConfigElement iDPDescriptorConfig = iDFFMetaManager.getIDPDescriptorConfig(realmByMetaAlias, entityIDByMetaAlias);
                FSSessionManager.getInstance(metaAlias).setAuthnRequest(fSAuthnRequest.getRequestID(), fSAuthnRequest);
                handleLECPRequest(httpServletRequest, httpServletResponse, fSAuthnRequest, iDPDescriptor, iDPDescriptorConfig, realmByMetaAlias, entityIDByMetaAlias, metaAlias);
                returnSOAPMessage(null, httpServletResponse);
            } catch (Exception e) {
                FSUtils.debug.error("FSSSOAndFedService.onMessage: Error in processing lecp AuthnRequest:", e);
                httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
                returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
            }
        } catch (Exception e2) {
            FSUtils.debug.error("FSSSOAndFedService.onMessage: Error in processing Request: Exception occured: ", e2);
            httpServletResponse.setStatus(IFSConstants.MAX_CACHING_TIME);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            e2.printStackTrace(new PrintStream(byteArrayOutputStream));
            FSUtils.debug.error(byteArrayOutputStream.toString());
            returnSOAPMessage(soapService.formSOAPError(SAML2Constants.SERVER_FAULT, "cannotProcessRequest", null), httpServletResponse);
        }
    }

    private void handleLECPRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FSAuthnRequest fSAuthnRequest, IDPDescriptorType iDPDescriptorType, BaseConfigType baseConfigType, String str, String str2, String str3) {
        FSUtils.debug.message("FSSSOAndFedService.handleLECPRequest:");
        try {
            FSSSOLECPProfileHandler lECPProfileHandler = FSServiceManager.getInstance().getLECPProfileHandler(httpServletRequest, httpServletResponse, fSAuthnRequest, str);
            lECPProfileHandler.setHostedEntityId(str2);
            lECPProfileHandler.setMetaAlias(str3);
            lECPProfileHandler.setHostedDescriptor(iDPDescriptorType);
            lECPProfileHandler.setHostedDescriptorConfig(baseConfigType);
            lECPProfileHandler.setRealm(str);
            lECPProfileHandler.processLECPAuthnRequest(fSAuthnRequest);
        } catch (Exception e) {
            FSUtils.debug.error("FSSSOAndFedService.handleLECPRequest: processing LECP request failed." + e);
        }
    }

    private void returnSOAPMessage(SOAPMessage sOAPMessage, HttpServletResponse httpServletResponse) {
        try {
            if (sOAPMessage == null) {
                httpServletResponse.flushBuffer();
                return;
            }
            SAMLUtils.setMimeHeaders(sOAPMessage.getMimeHeaders(), httpServletResponse);
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            sOAPMessage.writeTo(outputStream);
            outputStream.flush();
        } catch (Exception e) {
            FSUtils.debug.error("FSSSOAndFedService.returnSOAPMessage: Exception::", e);
        }
    }
}
