package edu.umich.auth.cosign;

import edu.umich.auth.AuthFilterRequestWrapper;
import edu.umich.auth.ServletCallbackHandler;
import edu.umich.auth.cosign.pool.CosignConnectionPool;
import edu.umich.auth.cosign.util.FactorInputCallBack;
import edu.umich.auth.cosign.util.ServiceConfig;
import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.TextInputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:edu/umich/auth/cosign/CosignServletCallbackHandler.class */
public class CosignServletCallbackHandler implements ServletCallbackHandler {
    private static final String COOKIE_NAME_PREFIX = "cosign-";
    private HttpServletRequest request;
    private HttpServletResponse response;
    private Subject subject;
    private String currentPath;
    private String queryString;
    private String resource;
    private HashMap qString;
    private Log log;
    static Class class$edu$umich$auth$cosign$CosignServletCallbackHandler;

    public CosignServletCallbackHandler() {
        Class cls;
        if (class$edu$umich$auth$cosign$CosignServletCallbackHandler == null) {
            cls = class$("edu.umich.auth.cosign.CosignServletCallbackHandler");
            class$edu$umich$auth$cosign$CosignServletCallbackHandler = cls;
        } else {
            cls = class$edu$umich$auth$cosign$CosignServletCallbackHandler;
        }
        this.log = LogFactory.getLog(cls);
    }

    @Override // edu.umich.auth.ServletCallbackHandler
    public boolean init(Map map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Subject subject) throws FailedLoginException {
        if (httpServletResponse == null || httpServletRequest == null || subject == null) {
            throw new IllegalArgumentException("Required initialization parameter(s) missing.");
        }
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        this.subject = subject;
        this.queryString = httpServletRequest.getQueryString();
        httpServletRequest.getPathInfo();
        this.currentPath = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length());
        this.resource = this.currentPath.substring(this.currentPath.lastIndexOf(47) + 1);
        boolean z = this.currentPath.lastIndexOf(47) == this.currentPath.indexOf(47);
        if (this.currentPath.charAt(this.currentPath.length() - 1) != '/' && !z) {
            this.currentPath = this.currentPath.substring(0, this.currentPath.lastIndexOf(47) + 1);
        }
        if (((String) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.COSIGN_SERVER_VERSION)).length() != 0) {
            return true;
        }
        try {
            try {
                CosignConnectionPool.INSTANCE.returnCosignConnectionList(CosignConnectionPool.INSTANCE.borrowCosignConnectionList());
                return true;
            } catch (Exception e) {
                this.log.error("Failed to return cosign connections to pool.");
                return true;
            }
        } catch (Exception e2) {
            throw new FailedLoginException("Failed to borrow cosign connections from pool.");
        }
    }

    @Override // edu.umich.auth.ServletCallbackHandler
    public boolean handleFailedLogin(Exception exc) throws ServletException {
        if (!(exc instanceof FailedLoginException)) {
            throw new ServletException(exc);
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug(exc.getMessage());
        }
        CosignPrincipal cosignPrincipal = getCosignPrincipal();
        if (cosignPrincipal != null) {
            if (!this.subject.getPrincipals().remove(cosignPrincipal)) {
                throw new ServletException("Failed to remove cosign principal from subject.");
            }
            if (((Boolean) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.CLEAR_SESSION_ON_LOGIN)).booleanValue()) {
                this.log.debug("Invalidating HTTP servlet session.");
                this.request.getSession().invalidate();
            }
        }
        ServiceConfig hasServiceOveride = CosignConfig.INSTANCE.hasServiceOveride(this.currentPath, this.resource, this.queryString);
        if (hasServiceOveride != null && hasServiceOveride.isPublicAccess()) {
            this.log.debug("Anonymous user permitted access to site.");
            return true;
        }
        Cookie cookie = new Cookie(getCookieName(hasServiceOveride), new CosignCookie().getCookie());
        cookie.setPath("/");
        cookie.setMaxAge(0);
        boolean booleanValue = ((Boolean) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.HTTPS_ONLY)).booleanValue();
        if (booleanValue) {
            cookie.setSecure(true);
        }
        this.response.addCookie(cookie);
        String str = (String) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.LOGIN_SITE_ENTRY_URL);
        if (str == null) {
            String queryString = this.request.getQueryString();
            String stringBuffer = null == queryString ? "" : new StringBuffer().append("?").append(queryString).toString();
            StringBuffer stringBuffer2 = new StringBuffer();
            String scheme = this.request.getScheme();
            int serverPort = this.request.getServerPort();
            if (booleanValue) {
                scheme = "https";
                if (!this.request.isSecure()) {
                    serverPort = ((Integer) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.HTTPS_PORT)).intValue();
                }
            }
            stringBuffer2.append(scheme);
            stringBuffer2.append("://");
            stringBuffer2.append(this.request.getServerName());
            if ((scheme.equals("http") && serverPort != 80) || (scheme.equals("https") && serverPort != 443)) {
                stringBuffer2.append(':');
                stringBuffer2.append(serverPort);
            }
            stringBuffer2.append(this.request.getRequestURI());
            stringBuffer2.append(stringBuffer);
            str = stringBuffer2.toString();
        }
        String str2 = this.request.getMethod().toLowerCase().equals("post") ? (String) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.LOGIN_POST_ERROR_URL) : (String) CosignConfig.INSTANCE.getPropertyValue(CosignConfig.LOGIN_REDIRECT_URL);
        String str3 = new String();
        if (hasServiceOveride != null && hasServiceOveride.hasFactors()) {
            if (!CosignConfig.INSTANCE.isServerVersion2()) {
                throw new ServletException("Service is configured with factors but Cosign server does not support factors");
            }
            str3 = new StringBuffer().append("factors=").append(hasServiceOveride.factorsAsString()).append("&").toString();
        }
        try {
            String stringBuffer3 = new StringBuffer().append(str2).append("?").append(str3).append(getCookieName(hasServiceOveride)).append("&").append(str).toString();
            if (this.log.isDebugEnabled()) {
                this.log.debug(new StringBuffer().append("Redirecting user to: ").append(stringBuffer3).toString());
                this.log.info(new StringBuffer().append("Redirecting user to: ").append(stringBuffer3).toString());
            }
            this.response.sendRedirect(stringBuffer3);
            return false;
        } catch (Exception e) {
            throw new ServletException(e);
        }
    }

    @Override // edu.umich.auth.ServletCallbackHandler
    public void handleSuccessfulLogin() throws ServletException {
        CosignPrincipal cosignPrincipal = getCosignPrincipal();
        if (cosignPrincipal == null) {
            throw new IllegalStateException("CosignPrincipal does not exist.");
        }
        this.request = new AuthFilterRequestWrapper(this.request, cosignPrincipal, "CoSign");
    }

    @Override // edu.umich.auth.ServletCallbackHandler
    public HttpServletResponse getResponse() {
        return this.response;
    }

    @Override // edu.umich.auth.ServletCallbackHandler
    public HttpServletRequest getRequest() {
        return this.request;
    }

    @Override // edu.umich.auth.ServletCallbackHandler, javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        ServiceConfig hasServiceOveride = CosignConfig.INSTANCE.hasServiceOveride(this.currentPath, this.resource, this.queryString);
        if (hasServiceOveride == null) {
            this.log.debug("Service config is null.");
        } else {
            this.log.debug(new StringBuffer().append("Service config found is: ").append(hasServiceOveride.getName()).toString());
        }
        for (int i = 0; i < callbackArr.length; i++) {
            if (callbackArr[i] instanceof TextInputCallback) {
                TextInputCallback textInputCallback = (TextInputCallback) callbackArr[i];
                String prompt = textInputCallback.getPrompt();
                if (prompt.equals(CosignLoginModule.COOKIE_VALUE_IN_CODE)) {
                    Cookie[] cookies = this.request.getCookies();
                    if (cookies == null) {
                        return;
                    }
                    String cookieName = getCookieName(hasServiceOveride);
                    int i2 = 0;
                    while (true) {
                        if (i2 >= cookies.length) {
                            break;
                        }
                        if (cookies[i2].getName().equals(cookieName)) {
                            textInputCallback.setText(cookies[i2].getValue());
                            break;
                        }
                        i2++;
                    }
                } else if (prompt.equals(CosignLoginModule.COOKIE_NAME_IN_CODE)) {
                    textInputCallback.setText(getCookieName(hasServiceOveride));
                } else if (!prompt.equals(CosignLoginModule.PROXY_IN_CODE)) {
                    if (!prompt.equals(CosignLoginModule.IP_ADDR_IN_CODE)) {
                        throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized text callback request.");
                    }
                    textInputCallback.setText(this.request.getRemoteAddr());
                } else if (hasServiceOveride.isDoProxies()) {
                    textInputCallback.setText("true");
                } else {
                    textInputCallback.setText("false");
                }
            } else {
                if (!(callbackArr[i] instanceof FactorInputCallBack)) {
                    throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized callback type.");
                }
                FactorInputCallBack factorInputCallBack = (FactorInputCallBack) callbackArr[i];
                if (hasServiceOveride != null) {
                    factorInputCallBack.setFactors(hasServiceOveride.getFactors());
                }
            }
        }
    }

    private CosignPrincipal getCosignPrincipal() {
        Iterator<Principal> it = this.subject.getPrincipals().iterator();
        CosignPrincipal cosignPrincipal = null;
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Principal next = it.next();
            if (next instanceof CosignPrincipal) {
                cosignPrincipal = (CosignPrincipal) next;
                break;
            }
        }
        return cosignPrincipal;
    }

    private String getCookieName(ServiceConfig serviceConfig) {
        String name = serviceConfig != null ? serviceConfig.getName() : (String) CosignConfig.INSTANCE.getPropertyValueinContext(CosignConfig.SERVICE_NAME, this.currentPath, this.resource, this.queryString);
        return (!name.startsWith(COOKIE_NAME_PREFIX) || COOKIE_NAME_PREFIX.length() >= name.length()) ? new StringBuffer().append(COOKIE_NAME_PREFIX).append(name).toString() : name;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
