package pt.digitalis.dif.centralauth.controller.http;

import com.google.inject.Inject;
import java.util.Iterator;
import pt.digitalis.dif.RemoteAuthConfigurations;
import pt.digitalis.dif.centralauth.interfaces.ICentralAuthentication;
import pt.digitalis.dif.centralauth.objects.CentralUserData;
import pt.digitalis.dif.controller.http.DispatcherHTTPImpl;
import pt.digitalis.dif.controller.interfaces.IDIFRequest;
import pt.digitalis.dif.controller.interfaces.IDIFSession;
import pt.digitalis.dif.controller.objects.ControllerExecutionStep;
import pt.digitalis.dif.controller.objects.DIFRequest;
import pt.digitalis.dif.controller.objects.DIFSession;
import pt.digitalis.dif.controller.objects.DispatcherAuthenticationResult;
import pt.digitalis.dif.controller.security.managers.IAuthenticationManager;
import pt.digitalis.dif.controller.security.managers.IAuthorizationManager;
import pt.digitalis.dif.controller.security.managers.IIdentityManager;
import pt.digitalis.dif.controller.security.managers.ISessionManager;
import pt.digitalis.dif.controller.security.managers.ISessionManagerInternal;
import pt.digitalis.dif.dem.DEMRegistryImpl;
import pt.digitalis.dif.dem.interfaces.IService;
import pt.digitalis.dif.exception.controller.ControllerException;
import pt.digitalis.dif.exception.security.AuthenticationManagerException;
import pt.digitalis.dif.exception.security.IdentityManagerException;
import pt.digitalis.dif.features.DIFFeature;
import pt.digitalis.dif.features.DIFFeatures;
import pt.digitalis.dif.features.IDIFFeature;
import pt.digitalis.dif.ioc.DIFIoCRegistry;
import pt.digitalis.dif.presentation.entities.AbstractCentralAuthentication;
import pt.digitalis.dif.utils.logging.DIFLogger;
import pt.digitalis.dif.utils.logging.IErrorLogManager;
import pt.digitalis.utils.common.StringUtils;
import pt.digitalis.utils.config.IConfigurations;

/* loaded from: input_file:WEB-INF/lib/dif-remote-auth-2.8.9-13.jar:pt/digitalis/dif/centralauth/controller/http/CentralAuthenticationDispatcherHTTPImpl.class */
public class CentralAuthenticationDispatcherHTTPImpl extends DispatcherHTTPImpl {
    private static final String SLO_REQUEST_PARAMTER_ID = "slorequest";
    boolean isUsernameRequestMade;
    CentralUserData userData;
    private IErrorLogManager errorLog;
    private ICentralAuthentication centralAuthenticationImpl;

    @Inject
    public CentralAuthenticationDispatcherHTTPImpl(IIdentityManager iIdentityManager, IAuthenticationManager iAuthenticationManager, IAuthorizationManager iAuthorizationManager, ISessionManager iSessionManager, IConfigurations iConfigurations) {
        super(iIdentityManager, iAuthenticationManager, iAuthorizationManager, iSessionManager, iConfigurations);
        this.isUsernameRequestMade = false;
        this.userData = null;
        this.errorLog = (IErrorLogManager) DIFIoCRegistry.getRegistry().getImplementation(IErrorLogManager.class);
        this.centralAuthenticationImpl = null;
    }

    private ICentralAuthentication getCAImpl() {
        IService service2;
        if (this.centralAuthenticationImpl == null) {
            String str = (String) getContext().getRequest().getParameter(DIFRequest.CA_IMPL_REQUEST_PARAMETER_ID);
            if (str == null) {
                str = getContext().getSession().getAttribute(DIFRequest.CA_IMPL_REQUEST_PARAMETER_ID) != null ? (String) getContext().getSession().getAttribute(DIFRequest.CA_IMPL_REQUEST_PARAMETER_ID) : RemoteAuthConfigurations.getInstance().getCentralAuthentication();
            }
            if (str != null && (service2 = DEMRegistryImpl.getRegistry().getService(str.toLowerCase() + AbstractCentralAuthentication.SERVICE_SUFFIX)) != null && service2.isRegistered()) {
                Iterator<IDIFFeature> it2 = DIFFeatures.getImplementations(DIFFeature.BASE_AUTHENTICATION).iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    IDIFFeature next = it2.next();
                    if (next.isActive().booleanValue() && next.getName().equalsIgnoreCase(str)) {
                        this.centralAuthenticationImpl = (ICentralAuthentication) next;
                        break;
                    }
                }
            }
        }
        return this.centralAuthenticationImpl;
    }

    private CentralUserData getUserData() {
        if (!this.isUsernameRequestMade) {
            CentralUserData userData = getCAImpl().getUserData(getContext());
            if (userData != null) {
                this.userData = userData;
            }
            this.isUsernameRequestMade = true;
        }
        return this.userData;
    }

    private boolean isCentralAuthenticationActive() {
        IDIFRequest request = getContext().getRequest();
        return getCAImpl() != null && (request.getParameter(IDIFRequest.USER_PARAMETER_ID) == null || request.getParameter(IDIFRequest.PASSWORD_PARAMETER_ID) == null || "dummyPassword".equalsIgnoreCase((String) request.getParameter(IDIFRequest.PASSWORD_PARAMETER_ID)));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pt.digitalis.dif.controller.AbstractDIFDispatcher
    public IDIFSession logIn(String str, String str2) throws AuthenticationManagerException {
        if (!isCentralAuthenticationActive()) {
            return super.logIn(str, str2);
        }
        IDIFSession logInNoPasswordValidation = ((ISessionManagerInternal) this.theSessionManager).logInNoPasswordValidation(getContext().getSession().getSessionID(), str, str2);
        logInNoPasswordValidation.addAttribute(DIFRequest.CA_IMPL_REQUEST_PARAMETER_ID, getCAImpl().getName());
        return logInNoPasswordValidation;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pt.digitalis.dif.controller.AbstractDIFDispatcher
    public DispatcherAuthenticationResult performAuthentication() throws ControllerException {
        try {
            if (!isCentralAuthenticationActive()) {
                return super.performAuthentication();
            }
            if (getContext().getSession().isLogged()) {
                if ("true".equals(getContext().getRequest().getParameter(SLO_REQUEST_PARAMTER_ID))) {
                    getCAImpl().cleanUp(getContext());
                    return super.performAuthentication();
                }
                if ("true".equals(getContext().getRequest().getParameter(IDIFRequest.LOGOUT_PARAMETER_ID))) {
                    String str = (String) getContext().getRequest().getParameter(IDIFRequest.LOGOUT_REDIRECT_URL_PARAMETER_ID);
                    if (StringUtils.isNotBlank(str)) {
                        getContext().getSession().addAttribute(IDIFRequest.LOGOUT_REDIRECT_URL_PARAMETER_ID, str);
                    }
                    if (getCAImpl().supportSingleLogout(getContext())) {
                        performLogoutOnCentral();
                        return DispatcherAuthenticationResult.NO_ACTION;
                    }
                    if (getCAImpl().getRedirectLogout(getContext()) != null) {
                        performLogoutOnCentral();
                        return super.performAuthentication();
                    }
                    getContext().getSession().addAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGOUT, getCAImpl().getName());
                    return super.performAuthentication();
                }
            } else if ("true".equals(getContext().getRequest().getParameter(IDIFRequest.LOGIN_PARAMETER_ID))) {
                DIFLogger.getLogger().debug("Remote Authentication - Performing user login in Central Service...");
                try {
                    getContext().getRequest().getParameters().put(IDIFRequest.REDIRECT_TO_URL, getCAImpl().getRedirectLogin(getContext()));
                } catch (Exception e) {
                    throw new ControllerException(ControllerExecutionStep.DISPATCHER_AUTHENTICATION, e);
                }
            } else {
                if (getUserData() != null && getContext().getSession().getUser() == null) {
                    DIFLogger.getLogger().debug("Remote Authentication - User is Authenticated in Central Service but not in DIF2. Performing login in DIF2 for user " + getUserData().getUsername());
                    getContext().getRequest().addParameter(IDIFRequest.USER_PARAMETER_ID, getUserData().getUsername());
                    getContext().getRequest().addParameter(IDIFRequest.PASSWORD_PARAMETER_ID, "dummyPassword");
                    return super.performAuthentication();
                }
                try {
                    Boolean valueOf = Boolean.valueOf((getUserData() == null || getUserData().getUsername() == null || validateUserCredentials(getUserData().getUsername(), null)) ? false : true);
                    if ((getContext().getSession().getUser() != null && getUserData() != null && !getContext().getSession().getUser().getID().equals(getUserData().getUsername())) || valueOf.booleanValue()) {
                        DIFLogger.getLogger().warn("Remote Authentication - User is Authenticated in Central Service and maybe on DIF2 but the user doesn't exist in DIF2 or the Central and DIF2 users are not the same...");
                        getContext().getRequest().addParameter(IDIFRequest.LOGOUT_PARAMETER_ID, "true");
                    }
                    if (valueOf.booleanValue()) {
                        if (getCAImpl().supportSingleLogout(getContext())) {
                            performLogoutOnCentral();
                            return DispatcherAuthenticationResult.NO_ACTION;
                        }
                        getContext().getSession().addAttribute(DIFSession.REMOTE_AUTHENTICATION_PROVIDER_LOGOUT, getCAImpl().getName());
                        return super.performAuthentication();
                    }
                } catch (IdentityManagerException e2) {
                    throw new ControllerException(ControllerExecutionStep.DISPATCHER_AUTHENTICATION, "Could not access identity manager to validate the user's credentials! ", new Exception(e2));
                }
            }
            return DispatcherAuthenticationResult.NO_ACTION;
        } catch (ControllerException e3) {
            this.errorLog.logError("Central Authentication Dispatcher", "Perform Autentication", e3);
            throw e3;
        }
    }

    private void performLogoutOnCentral() {
        getContext().getRequest().getParameters().put(IDIFRequest.REDIRECT_TO_URL, getCAImpl().getRedirectLogout(getContext()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pt.digitalis.dif.controller.AbstractDIFDispatcher
    public boolean validateUserCredentials(String str, String str2, boolean z) throws IdentityManagerException, ControllerException {
        return super.validateUserCredentials(str, str2, !isCentralAuthenticationActive());
    }
}
