package org.hspconsortium.platform.authentication;

import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.ProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContexts;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.cookie.Cookie;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultRedirectStrategy;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;
import org.mitre.openid.connect.model.DefaultUserInfo;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.config.http.PortMappingsBeanDefinitionParser;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/hspconsortium/platform/authentication/LaunchAuthenticationEndpoint.class */
public class LaunchAuthenticationEndpoint {

    @Value("${hspc.platform.persona.oauthUserLoginEndpointURL}")
    String oauthUserLoginEndpointURL;

    @RequestMapping(value = {"/authenticate"}, method = {RequestMethod.POST}, consumes = {"application/json"}, produces = {"application/json"})
    public void handleLaunchRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody String str) {
        JsonObject asJsonObject = new JsonParser().parse(str).getAsJsonObject();
        JsonElement jsonElement = asJsonObject.get(DefaultUserInfo.PARAM_USERNAME);
        String str2 = null;
        if (jsonElement != null) {
            str2 = jsonElement.getAsString();
        }
        JsonElement jsonElement2 = asJsonObject.get("password");
        String str3 = null;
        if (jsonElement2 != null) {
            str3 = jsonElement2.getAsString();
        }
        Cookie cookie = authenticateUser(str2, str3).get(0);
        httpServletResponse.setStatus(200);
        httpServletResponse.setHeader("SET-COOKIE", "JSESSIONID=" + cookie.getValue() + "; Path=" + cookie.getPath() + "; HttpOnly");
    }

    private List<Cookie> authenticateUser(String str, String str2) {
        HttpPost httpPost = new HttpPost(this.oauthUserLoginEndpointURL);
        httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
        httpPost.addHeader("Connection", HTTP.CONN_KEEP_ALIVE);
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair("j_username", str));
            arrayList.add(new BasicNameValuePair(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, str2));
            arrayList.add(new BasicNameValuePair("submit", "Sign in"));
            httpPost.setEntity(new UrlEncodedFormEntity((List<? extends NameValuePair>) arrayList));
            try {
                SSLContext build = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).useSSL().build();
                HttpClientBuilder create = HttpClientBuilder.create();
                SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(build, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
                create.setSSLSocketFactory(sSLConnectionSocketFactory);
                create.setConnectionManager(new BasicHttpClientConnectionManager(RegistryBuilder.create().register(PortMappingsBeanDefinitionParser.ATT_HTTPS_PORT, sSLConnectionSocketFactory).register("http", new PlainConnectionSocketFactory()).build()));
                CloseableHttpClient build2 = create.setRedirectStrategy(new DefaultRedirectStrategy() { // from class: org.hspconsortium.platform.authentication.LaunchAuthenticationEndpoint.1
                    @Override // org.apache.http.impl.client.DefaultRedirectStrategy, org.apache.http.client.RedirectStrategy
                    public boolean isRedirected(HttpRequest httpRequest, HttpResponse httpResponse, HttpContext httpContext) {
                        boolean z = false;
                        try {
                            z = super.isRedirected(httpRequest, httpResponse, httpContext);
                        } catch (ProtocolException e) {
                            e.printStackTrace();
                        }
                        if (z) {
                            return false;
                        }
                        int statusCode = httpResponse.getStatusLine().getStatusCode();
                        return statusCode == 301 || statusCode == 302;
                    }
                }).build();
                HttpClientContext create2 = HttpClientContext.create();
                try {
                    try {
                        CloseableHttpResponse execute = build2.execute((HttpUriRequest) httpPost, (HttpContext) create2);
                        Throwable th = null;
                        try {
                            if (execute.getStatusLine().getStatusCode() != 200) {
                                throw new RuntimeException(String.format("Invalid Credentials\nResponse Status : %s .\nResponse Detail :%s.", execute.getStatusLine(), EntityUtils.toString(execute.getEntity(), StandardCharsets.UTF_8)));
                            }
                            List<Cookie> cookies = create2.getCookieStore().getCookies();
                            if (execute != null) {
                                if (0 != 0) {
                                    try {
                                        execute.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    execute.close();
                                }
                            }
                            return cookies;
                        } catch (Throwable th3) {
                            if (execute != null) {
                                if (0 != 0) {
                                    try {
                                        execute.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    execute.close();
                                }
                            }
                            throw th3;
                        }
                    } finally {
                        try {
                            build2.close();
                        } catch (IOException e) {
                        }
                    }
                } catch (IOException e2) {
                    throw new RuntimeException(e2);
                }
            } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e3) {
                throw new RuntimeException(e3);
            }
        } catch (UnsupportedEncodingException e4) {
            throw new RuntimeException(e4);
        }
    }
}
