package net.sf.jguard.jsf.authentication;

import java.security.Permission;
import java.util.Map;
import javax.faces.context.FacesContext;
import javax.portlet.PortletRequest;
import javax.portlet.PortletResponse;
import javax.portlet.PortletSession;
import javax.security.auth.callback.CallbackHandler;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.sf.jguard.core.authentication.AccessContext;
import net.sf.jguard.core.authentication.AuthenticationUtils;
import net.sf.jguard.core.authentication.Stateful;
import net.sf.jguard.core.authorization.AuthorizationBindings;
import net.sf.jguard.core.authorization.policy.AccessControllerUtils;
import net.sf.jguard.ext.authentication.AbstractAuthenticationBindings;
import net.sf.jguard.jee.authentication.callbacks.HttpServletCallbackHandler;
import net.sf.jguard.jee.authentication.http.AbstractJEEAuthenticationBindings;
import net.sf.jguard.jee.authentication.http.AuthSchemesHelper;
import net.sf.jguard.jsf.authentication.callbacks.PortletCallbackHandler;
import net.sf.jguard.jsf.permissions.JSFPermission;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/jsf/authentication/JSFAuthenticationBindings.class */
public class JSFAuthenticationBindings extends AbstractJEEAuthenticationBindings implements Stateful {
    private static final Logger logger;
    private String indexView;
    private String logonView;
    static Class class$net$sf$jguard$jsf$authentication$JSFAuthenticationBindings;
    static Class class$javax$servlet$http$HttpServletRequest;
    static Class class$javax$portlet$PortletRequest;

    public JSFAuthenticationBindings(AuthorizationBindings authorizationBindings) {
        super(authorizationBindings);
    }

    private void redirect(AccessContext accessContext, String str) {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        currentInstance.getApplication().getNavigationHandler().handleNavigation(currentInstance, (String) null, str);
    }

    public void process(AccessContext accessContext) {
    }

    public CallbackHandler getCallbackHandler(AccessContext accessContext) {
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        Object request = currentInstance.getExternalContext().getRequest();
        Object response = currentInstance.getExternalContext().getResponse();
        HttpServletCallbackHandler httpServletCallbackHandler = null;
        if ((request instanceof HttpServletRequest) && (response instanceof HttpServletResponse)) {
            httpServletCallbackHandler = new HttpServletCallbackHandler((HttpServletRequest) request, (HttpServletResponse) response);
        } else if ((request instanceof PortletRequest) && (response instanceof PortletResponse)) {
            httpServletCallbackHandler = new PortletCallbackHandler((PortletRequest) request, (PortletResponse) response);
        }
        return httpServletCallbackHandler;
    }

    public Object getSessionAttribute(AccessContext accessContext, String str) {
        return FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get(str);
    }

    public void setSessionAttribute(AccessContext accessContext, String str, Object obj) {
        FacesContext.getCurrentInstance().getExternalContext().getSessionMap().put(str, obj);
    }

    public void removeSessionAttribute(AccessContext accessContext, String str) {
        FacesContext.getCurrentInstance().getExternalContext().getSessionMap().remove(str);
    }

    public void setApplicationAttribute(AccessContext accessContext, String str, Object obj) {
        FacesContext.getCurrentInstance().getExternalContext().getApplicationMap().put(str, obj);
    }

    public void setRequestAttribute(AccessContext accessContext, String str, Object obj) {
        FacesContext.getCurrentInstance().getExternalContext().getRequestMap().put(str, obj);
    }

    public Object getApplicationAttribute(AccessContext accessContext, String str) {
        return FacesContext.getCurrentInstance().getExternalContext().getApplicationMap().get(str);
    }

    public Object getRequestAttribute(AccessContext accessContext, String str) {
        return FacesContext.getCurrentInstance().getExternalContext().getRequestMap().get(str);
    }

    public boolean authenticationFailed(AccessContext accessContext) {
        if (((AbstractAuthenticationBindings) this).authenticationFailedPermission == null || ((AbstractAuthenticationBindings) this).authenticationFailedPermission.getURI().equals("")) {
            ((AbstractAuthenticationBindings) this).authZbindings.accessDenied(accessContext);
            return true;
        }
        redirect(accessContext, ((AbstractAuthenticationBindings) this).authenticationFailedPermission.getName());
        logger.debug(new StringBuffer().append("authentication failed redirect to ").append(((AbstractAuthenticationBindings) this).authenticationFailedPermission.getName()).toString());
        return true;
    }

    public boolean authenticationSucceed(AccessContext accessContext) {
        String str = this.indexView;
        String str2 = null;
        Permission permission = (Permission) getSessionAttribute(accessContext, "lastAccessDeniedPermission");
        if (permission != null) {
            str2 = permission.getName();
        }
        AuthenticationUtils authenticationUtils = getAuthenticationUtils(accessContext);
        if (str2 == null || "".equals(str2) || !((AbstractAuthenticationBindings) this).goToLastAccessDeniedUriOnSuccess) {
            try {
                AccessControllerUtils.checkPermission(authenticationUtils.getSubject(), ((AbstractAuthenticationBindings) this).indexPermission);
                logger.debug(" user is authenticated ", new StringBuffer().append(" redirect to ").append(str).toString());
            } catch (Exception e) {
                str = this.logonView;
            }
        } else {
            str = str2;
        }
        FacesContext currentInstance = FacesContext.getCurrentInstance();
        currentInstance.setViewRoot(currentInstance.getApplication().getViewHandler().createView(currentInstance, str));
        redirect(accessContext, str);
        return true;
    }

    protected void init(Map map) {
        this.indexView = (String) map.get("indexURI");
        ((AbstractAuthenticationBindings) this).indexPermission = new JSFPermission(this.indexView);
        ((AbstractAuthenticationBindings) this).authenticationFailedPermission = new JSFPermission((String) map.get("authenticationFailedURI"));
        ((AbstractAuthenticationBindings) this).logonProcessPermission = new JSFPermission((String) map.get("logonProcessURI"));
        AbstractAuthenticationBindings.logonPermission = new JSFPermission((String) map.get("logonURI"));
        ((AbstractAuthenticationBindings) this).logoffPermission = new JSFPermission((String) map.get("logoffURI"));
        ((AbstractAuthenticationBindings) this).authScheme = (String) map.get("authScheme");
        HttpServletCallbackHandler.setAuthSchemes(((AbstractAuthenticationBindings) this).authScheme);
        ((AbstractAuthenticationBindings) this).authSchemes = AuthSchemesHelper.validateAuthScheme(((AbstractAuthenticationBindings) this).authScheme);
        if (((AbstractAuthenticationBindings) this).authSchemes.contains("FORM")) {
            HttpServletCallbackHandler.setLoginField((String) map.get("loginField"));
            HttpServletCallbackHandler.setPasswordField((String) map.get("passwordField"));
        }
        String str = (String) map.get("goToLastAccessDeniedUriOnSuccess");
        if ("false".equalsIgnoreCase(str) || "no".equalsIgnoreCase(str)) {
            ((AbstractAuthenticationBindings) this).goToLastAccessDeniedUriOnSuccess = false;
        }
    }

    public void removeApplicationAttribute(AccessContext accessContext, String str) {
        FacesContext.getCurrentInstance().getExternalContext().getApplicationMap().remove(str);
    }

    public void removeRequestAttribute(AccessContext accessContext, String str) {
        FacesContext.getCurrentInstance().getExternalContext().getRequestMap().remove(str);
    }

    public boolean isStateful() {
        return true;
    }

    public void invalidateSession(AccessContext accessContext) {
        Class cls;
        Class cls2;
        PortletSession portletSession;
        Object request = FacesContext.getCurrentInstance().getExternalContext().getRequest();
        if (class$javax$servlet$http$HttpServletRequest == null) {
            cls = class$("javax.servlet.http.HttpServletRequest");
            class$javax$servlet$http$HttpServletRequest = cls;
        } else {
            cls = class$javax$servlet$http$HttpServletRequest;
        }
        if (cls.isAssignableFrom(request.getClass())) {
            HttpSession session = ((HttpServletRequest) request).getSession();
            if (session != null) {
                session.invalidate();
                return;
            }
            return;
        }
        if (class$javax$portlet$PortletRequest == null) {
            cls2 = class$("javax.portlet.PortletRequest");
            class$javax$portlet$PortletRequest = cls2;
        } else {
            cls2 = class$javax$portlet$PortletRequest;
        }
        if (!cls2.isAssignableFrom(request.getClass()) || (portletSession = ((PortletRequest) request).getPortletSession()) == null) {
            return;
        }
        portletSession.invalidate();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$net$sf$jguard$jsf$authentication$JSFAuthenticationBindings == null) {
            cls = class$("net.sf.jguard.jsf.authentication.JSFAuthenticationBindings");
            class$net$sf$jguard$jsf$authentication$JSFAuthenticationBindings = cls;
        } else {
            cls = class$net$sf$jguard$jsf$authentication$JSFAuthenticationBindings;
        }
        logger = LoggerFactory.getLogger(cls.getName());
    }
}
