package com.evasion.sam;

import com.evasion.sam.jaas.EvasionGroup;
import com.evasion.sam.jaas.EvasionPrincipal;
import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.security.auth.message.callback.CallerPrincipalCallback;
import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.module.ServerAuthModule;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:lib/evasion-sam-modul-1.0.0.4.jar:com/evasion/sam/ServletAuthModule.class */
public abstract class ServletAuthModule implements ServerAuthModule {
    public static final String AUTH_TYPE_INFO_KEY = "javax.servlet.http.authType";
    public static final String IS_MANDATORY_INFO_KEY = "javax.security.auth.message.MessagePolicy.isMandatory";
    protected static final String POLICY_CONTEXT_OPTIONS_KEY = "javax.security.jacc.PolicyContext";
    protected static final String SAVED_PRINCIPAL_ATTRIBUTE = "javax.security.auth.message.SavedPrincipals";
    protected static final String SAVED_TOKEN_ATTRIBUTE = "com.evasion.SavedToken";
    protected static final String REGISTER_WITH_AUTHENTICATOR = "com.sun.web.RealmAdapter.register";
    protected static final Class[] SUPPORTED_MESSAGE_TYPES = {HttpServletRequest.class, HttpServletResponse.class};
    protected static final Logger LOGGER = Logger.getLogger(ServletAuthModule.class.getName());
    protected MessagePolicy requestPolicy;
    protected MessagePolicy responsePolicy;
    protected CallbackHandler handler;
    protected Map options;
    protected String policyContextID;
    private String[] assignedGroups;
    protected boolean isMandatory;
    protected static final String KEY_EVASION_SAVED_REQUEST_URL = "javax.security.evasion.SavedRequestURL";

    @Override // javax.security.auth.message.module.ServerAuthModule
    public void initialize(MessagePolicy messagePolicy, MessagePolicy messagePolicy2, CallbackHandler callbackHandler, Map map) throws AuthException {
        this.requestPolicy = messagePolicy;
        this.responsePolicy = messagePolicy2;
        this.isMandatory = messagePolicy.isMandatory();
        this.handler = callbackHandler;
        this.options = map;
        if (map == null) {
            this.options = new HashMap();
        } else {
            this.options = map;
        }
        if (this.options.containsKey(POLICY_CONTEXT_OPTIONS_KEY)) {
            this.policyContextID = (String) this.options.get(POLICY_CONTEXT_OPTIONS_KEY);
        } else {
            this.policyContextID = null;
        }
    }

    @Override // javax.security.auth.message.module.ServerAuthModule
    public Class[] getSupportedMessageTypes() {
        return (Class[]) SUPPORTED_MESSAGE_TYPES.clone();
    }

    @Override // javax.security.auth.message.ServerAuth
    public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
        boolean z = false;
        HttpServletRequest httpServletRequest = (HttpServletRequest) messageInfo.getRequestMessage();
        while (httpServletRequest instanceof HttpServletRequestWrapper) {
            httpServletRequest = (HttpServletRequest) ((HttpServletRequestWrapper) httpServletRequest).getRequest();
            z = true;
        }
        if (z) {
            messageInfo.setRequestMessage(httpServletRequest);
        }
        boolean z2 = false;
        HttpServletResponse httpServletResponse = (HttpServletResponse) messageInfo.getResponseMessage();
        while (httpServletResponse instanceof HttpServletResponseWrapper) {
            httpServletResponse = (HttpServletResponse) ((HttpServletResponseWrapper) httpServletResponse).getResponse();
            z2 = true;
        }
        if (z2) {
            messageInfo.setResponseMessage(httpServletResponse);
        }
        return AuthStatus.SEND_SUCCESS;
    }

    @Override // javax.security.auth.message.ServerAuth
    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) messageInfo.getRequestMessage();
        clearSavedRequestURLs(httpServletRequest);
        clearPrincipals(httpServletRequest);
        subject.getPrincipals().clear();
        subject.getPrivateCredentials().clear();
        subject.getPublicCredentials().clear();
    }

    protected AuthStatus sendFailureMessage(HttpServletResponse httpServletResponse, int i, String str) {
        try {
            try {
                httpServletResponse.setStatus(i);
                httpServletResponse.sendError(i, str);
                return AuthStatus.SEND_FAILURE;
            } catch (IOException e) {
                LOGGER.log(Level.WARNING, "jmac.servlet_failed_sending_failure", (Throwable) e);
                return AuthStatus.SEND_FAILURE;
            }
        } catch (Throwable th) {
            return AuthStatus.SEND_FAILURE;
        }
    }

    protected AuthStatus respondWithRedirect(HttpServletResponse httpServletResponse, String str) throws AuthException {
        try {
            httpServletResponse.addHeader("Pragma", "No-Cache");
            httpServletResponse.setStatus(302);
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str));
            return AuthStatus.SEND_CONTINUE;
        } catch (IOException e) {
            LOGGER.log(Level.WARNING, "jmac.servlet_redirect_failed", (Throwable) e);
            AuthException authException = new AuthException();
            authException.initCause(e);
            throw authException;
        }
    }

    protected boolean addGroups(String[] strArr, Subject subject) {
        if (strArr == null || strArr.length <= 0) {
            return false;
        }
        try {
            this.handler.handle(new Callback[]{new GroupPrincipalCallback(subject, strArr)});
            return true;
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "jmac.failed_to_assign_groups", (Throwable) e);
            return false;
        }
    }

    protected boolean setCallerPrincipal(EvasionPrincipal evasionPrincipal, Subject subject) {
        boolean z = true;
        CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(subject, evasionPrincipal);
        try {
            this.handler.handle(new Callback[]{callerPrincipalCallback});
            LOGGER.log(Level.FINE, "jmac.caller_principal:" + callerPrincipalCallback.getName() + " " + callerPrincipalCallback.getPrincipal());
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "jmac.failed_to_set_caller", (Throwable) e);
            z = false;
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean setCallerPrincipal(Subject subject) {
        boolean z = true;
        boolean z2 = true;
        ArrayList arrayList = new ArrayList();
        Principal principal = null;
        for (Principal principal2 : subject.getPrincipals()) {
            String name = principal2.getName();
            LOGGER.fine("Principal utilisé: " + name);
            if ((principal2 instanceof EvasionGroup) && "Roles".equals(name)) {
                Iterator it = Collections.list(((EvasionGroup) principal2).members()).iterator();
                while (it.hasNext()) {
                    Principal principal3 = (Principal) it.next();
                    arrayList.add(principal3.getName());
                    LOGGER.fine("Groupe associe: " + principal3.getName());
                }
                this.assignedGroups = new String[arrayList.size()];
                this.assignedGroups = (String[]) arrayList.toArray(this.assignedGroups);
            } else {
                principal = principal2;
            }
        }
        CallerPrincipalCallback callerPrincipalCallback = new CallerPrincipalCallback(subject, principal);
        if (callerPrincipalCallback.getName() == null && callerPrincipalCallback.getPrincipal() == null) {
            z2 = false;
        }
        try {
            this.handler.handle(z2 ? new Callback[]{callerPrincipalCallback, new GroupPrincipalCallback(callerPrincipalCallback.getSubject(), this.assignedGroups)} : new Callback[]{callerPrincipalCallback});
            LOGGER.log(Level.FINE, "jmac.caller_principal:" + callerPrincipalCallback.getName() + " " + callerPrincipalCallback.getPrincipal());
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "jmac.failed_to_set_caller", (Throwable) e);
            z = false;
        }
        return z;
    }

    protected void debugToken(String str, byte[] bArr) {
        if (LOGGER.isLoggable(Level.FINE)) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("bytes: ");
            boolean z = true;
            for (byte b : bArr) {
                if (z) {
                    stringBuffer.append((int) b);
                    z = false;
                } else {
                    stringBuffer.append(", ").append((int) b);
                }
            }
            LOGGER.log(Level.FINE, str, stringBuffer);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void debugRequest(HttpServletRequest httpServletRequest) {
        if (LOGGER.isLoggable(Level.FINER) || LOGGER.isLoggable(Level.FINEST)) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("Request: " + ((Object) httpServletRequest.getRequestURL()) + IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("UserPrincipal: " + httpServletRequest.getUserPrincipal() + IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("AuthType: " + httpServletRequest.getAuthType() + IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("Headers:\n");
            Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String nextElement = headerNames.nextElement();
                stringBuffer.append("\t" + nextElement + "\t" + httpServletRequest.getHeader(nextElement) + IOUtils.LINE_SEPARATOR_UNIX);
            }
            LOGGER.log(Level.FINER, "jmac.servlet_request " + stringBuffer.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void debugSession(HttpSession httpSession) {
        if (httpSession == null) {
            LOGGER.log(Level.FINER, "Session is null");
            return;
        }
        if (LOGGER.isLoggable(Level.FINER) || LOGGER.isLoggable(Level.FINEST)) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(IOUtils.LINE_SEPARATOR_UNIX);
            stringBuffer.append("Session: \n");
            Enumeration<String> attributeNames = httpSession.getAttributeNames();
            while (attributeNames.hasMoreElements()) {
                String nextElement = attributeNames.nextElement();
                stringBuffer.append("\t" + nextElement + "\t" + httpSession.getAttribute(nextElement) + IOUtils.LINE_SEPARATOR_UNIX);
            }
            LOGGER.log(Level.FINER, "Session elements " + stringBuffer.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSavedRequestURL(HttpSession httpSession) {
        return (String) httpSession.getAttribute(KEY_EVASION_SAVED_REQUEST_URL);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void saveLoginBackToURL(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (httpSession != null) {
            StringBuilder sb = new StringBuilder(httpServletRequest.getRequestURI());
            if (httpServletRequest.getQueryString() != null) {
                sb.append('?');
                sb.append(httpServletRequest.getQueryString());
            }
            httpSession.setAttribute(KEY_EVASION_SAVED_REQUEST_URL, sb.toString());
            LOGGER.log(Level.FINE, "Sauvegarde de la requête url=" + sb.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void clearSavedRequestURLs(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.removeAttribute(KEY_EVASION_SAVED_REQUEST_URL);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void savePrincipals(HttpServletRequest httpServletRequest, Subject subject) {
        httpServletRequest.getSession(true).setAttribute(SAVED_PRINCIPAL_ATTRIBUTE, subject.getPrincipals());
    }

    protected void clearPrincipals(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.removeAttribute(SAVED_PRINCIPAL_ATTRIBUTE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getToken(HttpServletRequest httpServletRequest) {
        Object attribute;
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null || (attribute = session.getAttribute(SAVED_TOKEN_ATTRIBUTE)) == null) {
            return null;
        }
        return (String) attribute;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void saveTokenId(HttpServletRequest httpServletRequest, String str) {
        httpServletRequest.getSession(true).setAttribute(SAVED_TOKEN_ATTRIBUTE, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean restorePrincipals(HttpServletRequest httpServletRequest, Subject subject) {
        Set set;
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null || (set = (Set) session.getAttribute(SAVED_PRINCIPAL_ATTRIBUTE)) == null) {
            return false;
        }
        subject.getPrincipals().addAll(set);
        return true;
    }

    protected String getServerName(MessageInfo messageInfo) {
        return ((HttpServletRequest) messageInfo.getRequestMessage()).getServerName();
    }

    protected String getContextPath(MessageInfo messageInfo) {
        return ((HttpServletRequest) messageInfo.getRequestMessage()).getContextPath();
    }
}
