package com.sun.identity.federation.common;

import com.sun.identity.common.SystemConfigurationException;
import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.federation.meta.IDFFMetaManager;
import com.sun.identity.plugin.session.SessionManager;
import com.sun.identity.plugin.session.SessionProvider;
import com.sun.identity.sae.api.Utils;
import com.sun.identity.saml.common.SAMLConstants;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml2.common.SAML2Exception;
import com.sun.identity.shared.configuration.SystemPropertiesManager;
import com.sun.identity.shared.debug.Debug;
import com.sun.identity.shared.encode.Base64;
import com.sun.identity.shared.encode.CookieUtils;
import com.sun.identity.shared.locale.Locale;
import java.io.IOException;
import java.net.URL;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.MissingResourceException;
import java.util.ResourceBundle;
import java.util.StringTokenizer;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.forgerock.openam.ldap.LDAPUtils;
import org.forgerock.opendj.ldap.DN;

/* loaded from: input_file:com/sun/identity/federation/common/FSUtils.class */
public class FSUtils {
    public static IFSConstants sc;
    public static final String FSID_PREFIX = "f";
    private static int int_server_port;
    public static String deploymentURI = SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_URI);
    public static final String BUNDLE_NAME = "libIDFF";
    public static ResourceBundle bundle = Locale.getInstallResourceBundle(BUNDLE_NAME);
    public static Debug debug = Debug.getInstance(BUNDLE_NAME);
    private static SecureRandom random = new SecureRandom();
    public static IDFFMetaManager metaInstance = null;
    private static String server_protocol = SystemPropertiesManager.get(SAMLConstants.SERVER_PROTOCOL);
    private static String server_host = SystemPropertiesManager.get(SAMLConstants.SERVER_HOST);
    private static String server_port = SystemPropertiesManager.get(SAMLConstants.SERVER_PORT);
    private static String server_uri = SystemPropertiesManager.get(SAMLConstants.SERVER_URI);
    private static String localURL = server_protocol + "://" + server_host + ":" + server_port + server_uri;

    private FSUtils() {
    }

    public static void setLocale(String str) {
        try {
            bundle = ResourceBundle.getBundle(BUNDLE_NAME, Locale.getLocale(str));
        } catch (MissingResourceException e) {
            System.err.println(e.getMessage());
            System.exit(1);
        }
    }

    public static String generateID() {
        if (random == null) {
            return null;
        }
        byte[] bArr = new byte[20];
        random.nextBytes(bArr);
        String str = FSID_PREFIX + SAMLUtils.byteArrayToHexString(bArr);
        if (debug.messageEnabled()) {
            debug.message("FSUtils.generateID: generated id is " + str);
        }
        return str;
    }

    public static String generateSourceID(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            char[] charArray = str.toCharArray();
            byte[] bArr = new byte[charArray.length];
            for (int i = 0; i < charArray.length; i++) {
                bArr[i] = (byte) charArray[i];
            }
            messageDigest.update(bArr);
            return SAMLUtils.byteArrayToString(messageDigest.digest());
        } catch (Exception e) {
            debug.error("FSUtils.generateSourceID: Exception:", e);
            return null;
        }
    }

    public static String generateAssertionHandle() {
        String str = null;
        String generateID = generateID();
        if (generateID != null) {
            try {
                str = generateID.substring(0, 20);
            } catch (Exception e) {
                debug.error("FSUtil.generateAssertionHandle:", e);
            }
        }
        return str;
    }

    public static String stringToBase64(String str) {
        String str2 = null;
        try {
            str2 = Base64.encode(SAMLUtils.stringToByteArray(str)).trim();
        } catch (Exception e) {
            if (debug.messageEnabled()) {
                debug.message("FSUtils:stringToBase64: exception encode input:", e);
            }
        }
        if (debug.messageEnabled()) {
            debug.message("base 64 source id is :" + str2);
        }
        return str2;
    }

    public static void checkHTTPRequestLength(HttpServletRequest httpServletRequest) throws ServletException {
        int maxContentLength = SAMLUtils.getMaxContentLength();
        if (maxContentLength != 0) {
            int contentLength = httpServletRequest.getContentLength();
            if (contentLength == -1) {
                throw new ServletException(bundle.getString("unknownLength"));
            }
            if (contentLength > maxContentLength) {
                if (debug.messageEnabled()) {
                    debug.message("FSUtils.checkHTTPRequestLength: content length too large" + contentLength);
                }
                throw new ServletException(bundle.getString("largeContentLength"));
            }
        }
    }

    public static boolean isSameContainer(HttpServletRequest httpServletRequest, String str) {
        boolean z = false;
        debug.message("FSUtils.isSameContainer: called");
        try {
            String serverName = httpServletRequest.getServerName();
            int serverPort = httpServletRequest.getServerPort();
            if (debug.messageEnabled()) {
                debug.message("FSUtils.isSameContainer: SourceHost=" + serverName + " SourcePort=" + serverPort);
            }
            URL url = new URL(str);
            String host = url.getHost();
            int port = url.getPort();
            if (debug.messageEnabled()) {
                debug.message("FSUtils.isSameContainer: targetHost=" + host + " targetPort=" + port);
            }
            int indexOf = str.indexOf(deploymentURI + "/");
            if (serverName.equals(host) && serverPort == port && indexOf > 0) {
                if (debug.messageEnabled()) {
                    debug.message("FSUtils.isSameContainer: Source and Target are on the same container.");
                }
                z = true;
            } else if (debug.messageEnabled()) {
                debug.message("FSUtils.isSameContainer: Source and Target are not on the same container.");
            }
        } catch (Exception e) {
            debug.error("FSUtils.isSameContainer: Exception occured", e);
        }
        return z;
    }

    public static void forwardRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        debug.message("FSUtils.forwardRequest: called");
        String str2 = null;
        try {
            SessionProvider provider = SessionManager.getProvider();
            Object session = provider.getSession(httpServletRequest);
            if (session != null && provider.isValid(session)) {
                str2 = provider.rewriteURL(session, str);
            }
        } catch (Exception e) {
            if (debug.messageEnabled()) {
                debug.message("FSUtils.forwardReqeust: couldn't rewrite url: " + e.getMessage());
            }
            str2 = null;
        }
        if (str2 == null) {
            str2 = str;
        }
        try {
            String serverName = httpServletRequest.getServerName();
            int serverPort = httpServletRequest.getServerPort();
            debug.message("FSUtils.forwardRequest: SourceHost=" + serverName + " SourcePort=" + serverPort);
            URL url = new URL(str2);
            String host = url.getHost();
            int port = url.getPort();
            debug.message("FSUtils.forwardRequest: targetHost=" + host + " targetPort=" + port);
            boolean z = false;
            String property = SystemConfigurationUtil.getProperty("com.sun.identity.webcontainer");
            if (property != null && property.indexOf("IBM") != -1) {
                z = true;
            }
            int indexOf = str2.indexOf(deploymentURI + "/");
            if (!serverName.equals(host) || serverPort != port || indexOf <= 0 || z) {
                debug.message("FSUtils.forwardRequest: Source and Target are not on the same container.Redirecting to target");
                httpServletResponse.sendRedirect(str2);
                return;
            }
            String substring = str2.substring(indexOf + deploymentURI.length());
            if (debug.messageEnabled()) {
                debug.message("FSUtils.forwardRequest: Forwarding to :" + substring);
            }
            try {
                httpServletRequest.getRequestDispatcher(substring).forward(httpServletRequest, httpServletResponse);
            } catch (Exception e2) {
                debug.error("FSUtils.forwardRequest: Exception occured while trying to forward to resource:" + substring, e2);
            }
        } catch (Exception e3) {
            debug.error("FSUtils.forwardRequest: Exception occured", e3);
        }
    }

    private static String getProviderIDFromSuccinctID(String str, String str2) {
        if (str2 == null) {
            return null;
        }
        try {
            metaInstance = getIDFFMetaManager();
            if (metaInstance != null) {
                return metaInstance.getEntityIDBySuccinctID(str, str2);
            }
            return null;
        } catch (Exception e) {
            debug.error("FSUtils.getProviderIDFromSuccinctID::", e);
            return null;
        }
    }

    public static String findPreferredIDP(String str, HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            return null;
        }
        String parameter = httpServletRequest.getParameter(IFSConstants.PROVIDER_ID_KEY);
        if (parameter == null || parameter.length() == 0) {
            debug.message("FSUtils.findPreferredIDP::Pref IDP not found.");
            return null;
        }
        String str2 = null;
        StringTokenizer stringTokenizer = new StringTokenizer(parameter.trim(), " ");
        while (stringTokenizer.hasMoreTokens()) {
            str2 = stringTokenizer.nextToken();
            if (str2.length() < 28 && stringTokenizer.hasMoreTokens()) {
                str2 = str2 + "+" + stringTokenizer.nextToken();
            }
        }
        return getProviderIDFromSuccinctID(str, SAMLUtils.byteArrayToString(Base64.decode(str2)));
    }

    public static String removeNewLineChars(String str) {
        String str2;
        if (str == null || str.length() <= 0 || str.indexOf(10) == -1) {
            str2 = str;
        } else {
            char[] charArray = str.toCharArray();
            StringBuffer stringBuffer = new StringBuffer(charArray.length);
            for (char c : charArray) {
                if (c != '\n') {
                    stringBuffer.append(c);
                }
            }
            str2 = stringBuffer.toString();
        }
        return str2;
    }

    public static IDFFMetaManager getIDFFMetaManager() {
        IDFFMetaManager iDFFMetaManager;
        if (metaInstance != null) {
            return metaInstance;
        }
        synchronized (IDFFMetaManager.class) {
            try {
                metaInstance = new IDFFMetaManager(null);
                iDFFMetaManager = metaInstance;
            } catch (Exception e) {
                debug.error("FSUtils.getIDFFMetaManager: Could not create meta Manager", e);
                return null;
            }
        }
        return iDFFMetaManager;
    }

    public static String getAuthDomainURL(String str) {
        if (str == null || str.length() == 0) {
            return "/";
        }
        if (LDAPUtils.isDN(str)) {
            return DN.valueOf(str).rdn().toString();
        }
        if (!str.startsWith("/")) {
            debug.error("getAuthDomainURLList invalid org URL " + str);
            return null;
        }
        if (str.trim().equals("/")) {
            return "/";
        }
        if (!str.trim().endsWith("/")) {
            return str.substring(str.lastIndexOf("/") + 1).trim();
        }
        debug.error("getAuthDomainURL.invalid org URL " + str);
        return null;
    }

    public static boolean requireAddCookie(HttpServletRequest httpServletRequest) {
        List remoteServiceURLs = getRemoteServiceURLs(httpServletRequest);
        return (remoteServiceURLs == null || remoteServiceURLs.isEmpty() || CookieUtils.getCookieFromReq(httpServletRequest, getlbCookieName()) != null) ? false : true;
    }

    public static boolean requireRedirect(HttpServletRequest httpServletRequest) {
        String str = SystemPropertiesManager.get("com.sun.identity.federation.cookieHashRedirectEnabled");
        if (str == null || !str.equalsIgnoreCase("true")) {
            return false;
        }
        if (httpServletRequest.getParameter("redirected") == null) {
            return true;
        }
        if (!debug.messageEnabled()) {
            return false;
        }
        debug.message("FSUtils.needSetLBCookieAndRedirect:  redirected already and lbCookie not set correctly.");
        return false;
    }

    public static boolean needSetLBCookieAndRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        String str;
        String parameter;
        if (!requireAddCookie(httpServletRequest)) {
            return false;
        }
        if (debug.messageEnabled()) {
            debug.message("FSUtils.needSetLBCookieAndRedirect: lbCookie not set.");
        }
        setlbCookie(httpServletRequest, httpServletResponse);
        if (!requireRedirect(httpServletRequest)) {
            return false;
        }
        String queryString = httpServletRequest.getQueryString();
        StringBuilder sb = new StringBuilder();
        sb.append(httpServletRequest.getRequestURL().toString()).append("?redirected=1");
        if (queryString != null) {
            sb.append("&").append(queryString);
        }
        try {
            String method = httpServletRequest.getMethod();
            if (!method.equals(Utils.POST)) {
                if (!method.equals(Utils.GET)) {
                    return false;
                }
                httpServletResponse.sendRedirect(sb.toString());
                return true;
            }
            if (z) {
                str = "SAMLRequest";
                parameter = httpServletRequest.getParameter(str);
            } else {
                str = "SAMLResponse";
                parameter = httpServletRequest.getParameter(str);
                if (parameter == null) {
                    str = "SAMLart";
                    parameter = httpServletRequest.getParameter(str);
                }
            }
            if (parameter == null) {
                return false;
            }
            postToTarget(httpServletRequest, httpServletResponse, str, parameter, "RelayState", httpServletRequest.getParameter("RelayState"), sb.toString());
            return true;
        } catch (SAML2Exception e) {
            debug.error("FSUtils.needSetLBCookieAndRedirect: ", e);
            return false;
        } catch (IOException e2) {
            debug.error("FSUtils.needSetLBCookieAndRedirect: ", e2);
            return false;
        }
    }

    public static List getRemoteServiceURLs(HttpServletRequest httpServletRequest) {
        String str = httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort();
        if (debug.messageEnabled()) {
            debug.message("FSUtils.getRemoteServiceURLs: requestURL = " + str);
        }
        List<String> list = null;
        try {
            list = SystemConfigurationUtil.getServerList();
            List siteList = SystemConfigurationUtil.getSiteList();
            if (debug.messageEnabled()) {
                debug.message("FSUtils.getRemoteServiceURLs: servers=" + list + ", siteList=" + siteList);
            }
            list.removeAll(siteList);
            if (debug.messageEnabled()) {
                debug.message("FSUtils.getRemoteServiceURLs: new servers=" + list);
            }
        } catch (Exception e) {
            if (debug.messageEnabled()) {
                debug.message("FSUtils.getRemoteServiceURLs:", e);
            }
        }
        if (list == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (String str2 : list) {
            if (!str2.equalsIgnoreCase(str) && !str2.equalsIgnoreCase(localURL)) {
                arrayList.add(str2);
            }
        }
        if (debug.messageEnabled()) {
            debug.message("FSUtils.getRemoteServiceURLs: remoteServiceURLs = " + arrayList);
        }
        return arrayList;
    }

    public static void setlbCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = getlbCookieName();
        String str2 = getlbCookieValue();
        if (str == null || str.length() == 0) {
            return;
        }
        Iterator<String> it = SystemConfigurationUtil.getCookieDomainsForRequest(httpServletRequest).iterator();
        while (it.hasNext()) {
            CookieUtils.addCookieToResponse(httpServletResponse, CookieUtils.newCookie(str, str2, "/", it.next()));
        }
    }

    public static String getlbCookieName() {
        return SystemPropertiesManager.get("com.iplanet.am.lbcookie.name", "amlbcookie");
    }

    public static String getlbCookieValue() {
        String str = SystemPropertiesManager.get("com.iplanet.am.lbcookie.value");
        if ((str != null && str.length() != 0) || !SystemConfigurationUtil.isServerMode()) {
            return str;
        }
        try {
            return SystemConfigurationUtil.getServerID(server_protocol, server_host, int_server_port, server_uri);
        } catch (SystemConfigurationException e) {
            debug.error("FSUtils.getlbCookieValue:", e);
            return null;
        }
    }

    public static void postToTarget(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, String str4, String str5) throws SAML2Exception {
        httpServletRequest.setAttribute("TARGET_URL", str5);
        httpServletRequest.setAttribute("SAML_MESSAGE_NAME", str);
        httpServletRequest.setAttribute("SAML_MESSAGE_VALUE", str2);
        httpServletRequest.setAttribute("RELAY_STATE_NAME", str3);
        httpServletRequest.setAttribute("RELAY_STATE_VALUE", str4);
        httpServletRequest.setAttribute("SAML_POST_KEY", bundle.getString("samlPostKey"));
        httpServletResponse.setHeader("Pragma", "no-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache,no-store");
        try {
            httpServletRequest.getRequestDispatcher("/saml2/jsp/autosubmitaccessrights.jsp").forward(httpServletRequest, httpServletResponse);
        } catch (ServletException e) {
            handleForwardException(e);
        } catch (IOException e2) {
            handleForwardException(e2);
        }
    }

    private static void handleForwardException(Exception exc) throws SAML2Exception {
        debug.error("Failed to forward to auto submitting JSP", exc);
        throw new SAML2Exception(bundle.getString("postToTargetFailed"));
    }

    static {
        int_server_port = 0;
        try {
            int_server_port = Integer.parseInt(server_port);
        } catch (NumberFormatException e) {
            debug.error("Unable to parse port " + server_port, e);
        }
    }
}
