package edu.uiuc.ncsa.myproxy.oa4mp.server.servlet;

import edu.uiuc.ncsa.myproxy.oa4mp.server.ServiceConstantKeys;
import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import edu.uiuc.ncsa.security.core.util.DateUtils;
import edu.uiuc.ncsa.security.delegation.server.ServiceTransaction;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WEB-INF/lib/oa4mp-server-api-1.2.1.jar:edu/uiuc/ncsa/myproxy/oa4mp/server/servlet/AuthorizedServlet.class */
public abstract class AuthorizedServlet extends CRServlet {
    public static final String AUTHORIZATION_USER_NAME_KEY = "userName";
    public static final String AUTHORIZATION_PASSWORD_KEY = "password";
    public static final String AUTHORIZATION_CERT_LIFETIME_KEY = "lifetime";
    public static final String STATUS_KEY = "status";
    public static final String STATUS_OK = "ok";
    public static final String REDIRECT_URL_KEY = "redirect_url";

    public abstract String createCallback(ServiceTransaction serviceTransaction);

    @Override // edu.uiuc.ncsa.security.servlet.AbstractServlet
    protected void doIt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        String parameter = httpServletRequest.getParameter(CONST(ServiceConstantKeys.TOKEN_KEY));
        if (parameter == null) {
            throw new GeneralException("Error: Invalid request -- no token. Request rejected.");
        }
        ServiceTransaction andCheckTransaction = getAndCheckTransaction(parameter);
        String parameter2 = httpServletRequest.getParameter("userName");
        String parameter3 = httpServletRequest.getParameter("password");
        String createMyProxyUsername = getServiceEnvironment().getUsernameTransformer().createMyProxyUsername(httpServletRequest);
        if (createMyProxyUsername != null) {
            parameter2 = createMyProxyUsername;
        }
        andCheckTransaction.setUsername(parameter2);
        String parameter4 = httpServletRequest.getParameter(AUTHORIZATION_CERT_LIFETIME_KEY);
        long lifetime = andCheckTransaction.getLifetime();
        if (parameter4 != null && 0 < parameter4.length()) {
            try {
                lifetime = Long.parseLong(parameter4);
            } catch (Throwable th) {
            }
        }
        createMPConnection(andCheckTransaction.getIdentifier(), parameter2, parameter3, lifetime, "");
        String createCallback = createCallback(andCheckTransaction);
        PrintWriter writer = httpServletResponse.getWriter();
        httpServletResponse.setStatus(200);
        writer.write("status=ok\n" + REDIRECT_URL_KEY + "=" + createCallback);
        writer.close();
        httpServletResponse.sendRedirect(createCallback);
    }

    protected ServiceTransaction getAndCheckTransaction(String str) throws IOException {
        DateUtils.checkTimestamp(str);
        ServiceTransaction serviceTransaction = MyProxyDelegationServlet.getServiceEnvironment().getTransactionStore().get(MyProxyDelegationServlet.getServiceEnvironment().getTokenForge().getAuthorizationGrant(str));
        if (serviceTransaction == null) {
            warn("Error: no delegation request found for " + str);
            throw new GeneralException("Error: no delegation request found.");
        }
        checkClient(serviceTransaction.getClient());
        return serviceTransaction;
    }
}
