package edu.uiuc.ncsa.myproxy.oa4mp.server.servlet;

import edu.uiuc.ncsa.myproxy.oa4mp.server.DSTransaction;
import edu.uiuc.ncsa.security.core.util.DateUtils;
import edu.uiuc.ncsa.security.delegation.server.issuers.ProtectedAssetIssuer;
import edu.uiuc.ncsa.security.delegation.server.request.PARequest;
import edu.uiuc.ncsa.security.delegation.server.request.PAResponse;
import edu.uiuc.ncsa.security.delegation.servlet.TransactionState;
import edu.uiuc.ncsa.security.delegation.token.AccessToken;
import java.io.IOException;
import java.util.HashMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oa4mp/server/servlet/CertServlet.class */
public class CertServlet extends MyProxyDelegationServlet {
    protected ProtectedAssetIssuer getPAI() throws IOException {
        return getServiceEnvironment().getProtectedAssetIssuer();
    }

    protected void doIt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        doDelegation(httpServletRequest, httpServletResponse);
    }

    protected void doDelegation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        info("6.a. Starting to process cert request");
        PARequest pARequest = new PARequest(httpServletRequest, getClient(httpServletRequest));
        checkClient(pARequest.getClient());
        String str = "client = " + pARequest.getClient().getIdentifier();
        pARequest.setAccessToken(getServiceEnvironment().getTokenForge().getAccessToken(httpServletRequest));
        PAResponse process = getPAI().process(pARequest);
        AccessToken accessToken = process.getAccessToken();
        DateUtils.checkTimestamp(accessToken.getToken());
        debug("6.a. " + str);
        DSTransaction dSTransaction = getTransactionStore().get(accessToken);
        if (dSTransaction == null) {
            throw new ServletException("Error: no transaction found for access token \"" + accessToken + "\"");
        }
        if (!dSTransaction.isAccessTokenValid()) {
            throw new ServletException("Error: invalid access token. Request refused");
        }
        info("6.a. Processing request for transaction " + dSTransaction.getIdentifier());
        dSTransaction.setAccessTokenValid(false);
        preprocess(new TransactionState(httpServletRequest, httpServletResponse, process.getParameters(), dSTransaction));
        debug("6.a. protected asset:" + (dSTransaction.getProtectedAsset() == null ? "(null)" : AuthorizationServlet.AUTHORIZATION_ACTION_OK_VALUE) + ", " + str);
        HashMap hashMap = new HashMap();
        hashMap.put("username", dSTransaction.getUsername());
        hashMap.putAll(process.getParameters());
        process.setAdditionalInformation(hashMap);
        process.setProtectedAsset(dSTransaction.getProtectedAsset());
        debug("6.a. Added username \"" + dSTransaction.getUsername() + "\" & cert for request from " + str);
        getTransactionStore().save(dSTransaction);
        info("6.b. Done with cert request " + str);
        process.write(httpServletResponse);
        info("6.b. Completed transaction " + dSTransaction.getIdentifierString() + ", " + str);
        postprocess(new TransactionState(httpServletRequest, httpServletResponse, process.getParameters(), dSTransaction));
    }
}
