package pt.digitalis.dif.presentation.entities.system.difsso;

import com.google.inject.Inject;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import pt.digitalis.dif.controller.http.HTTPControllerConfiguration;
import pt.digitalis.dif.controller.interfaces.IDIFContext;
import pt.digitalis.dif.controller.objects.DIFRequest;
import pt.digitalis.dif.controller.security.managers.IIdentityManager;
import pt.digitalis.dif.controller.security.managers.ISessionManager;
import pt.digitalis.dif.controller.security.managers.ISessionManagerInternal;
import pt.digitalis.dif.controller.security.objects.IDIFUser;
import pt.digitalis.dif.dem.annotations.entities.StageDefinition;
import pt.digitalis.dif.dem.annotations.parameter.Parameter;
import pt.digitalis.dif.dem.annotations.presentation.OnAJAX;
import pt.digitalis.dif.dem.annotations.stage.Context;
import pt.digitalis.dif.dem.annotations.stage.Execute;
import pt.digitalis.dif.dem.annotations.stage.InjectMessages;
import pt.digitalis.dif.dem.interfaces.IStage;
import pt.digitalis.dif.dem.managers.IDEMManager;
import pt.digitalis.dif.utils.ObjectFormatter;
import pt.digitalis.dif.utils.logging.DIFLogger;
import pt.digitalis.utils.common.StringUtils;

@StageDefinition(name = "Data Provider", service = "ssoservice")
/* loaded from: input_file:WEB-INF/lib/dif-presentation-core-2.2.18-6.jar:pt/digitalis/dif/presentation/entities/system/difsso/SSORequestReceiver.class */
public class SSORequestReceiver {
    public static final String SSO_REQUEST_AJAX_HANDLER_ID = "ssoRequestAjaxHandlerId";

    @Context
    IDIFContext context;

    @Inject
    IDEMManager demManager;

    @Parameter(constraints = "required")
    protected String destinationStageID;

    @Inject
    IIdentityManager identityManager;

    @InjectMessages
    Map<String, String> messages;

    @Inject
    protected ISessionManager sessionManager;

    @Parameter
    protected String tokenID;

    @Parameter(constraints = "required")
    protected String userID;

    @Execute
    public void execute() throws Exception {
        SSOToken tokenByID = SSOManager.getInstance().getTokenByID(this.tokenID);
        boolean z = false;
        if (!SSOSecurityConfiguration.getInstance().getActive().booleanValue()) {
            this.context.addResultMessage("WARN", this.messages.get("ssoFailed"), this.messages.get("SSODisabled"), true, true);
        } else if (this.destinationStageID == null || this.userID == null || tokenByID == null) {
            this.context.addResultMessage("WARN", this.messages.get("ssoFailed"), this.messages.get("incorrectOrMissingParameters"), true, true);
        } else if (!tokenByID.isExpired() && tokenByID.getStageID().equals(this.destinationStageID) && tokenByID.getUserID().equals(this.userID)) {
            ((ISessionManagerInternal) this.sessionManager).logInNoPasswordValidation(this.context.getSession().getSessionID(), this.userID, null);
            this.context.redirectTo(this.destinationStageID);
            z = true;
        } else {
            this.context.addResultMessage("WARN", this.messages.get("ssoFailed"), this.messages.get("tokenInvalidOrExpired"), true, true);
        }
        if (z) {
            return;
        }
        this.context.redirectTo(HTTPControllerConfiguration.getInstance().getHomeStageID());
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v56, types: [java.util.List] */
    @OnAJAX(SSO_REQUEST_AJAX_HANDLER_ID)
    public SSOResponse processSSORequest() throws Exception {
        ArrayList arrayList;
        SSOResponse sSOResponse;
        if (!SSOSecurityConfiguration.getInstance().getActive().booleanValue()) {
            return new SSOResponse(false, null, this.messages.get("SSODisabled"));
        }
        String remoteAddr = ((HttpServletRequest) this.context.getRequest().getAttribute(DIFRequest.ORIGINAL_REQUEST)).getRemoteAddr();
        DIFLogger.getLogger().debug("SSO Request: [Stage: " + this.destinationStageID + "; User: " + this.userID + "] received from " + remoteAddr);
        if (StringUtils.isNotBlank(SSOSecurityConfiguration.getInstance().getServerIPWhiteList())) {
            arrayList = Arrays.asList(SSOSecurityConfiguration.getInstance().getServerIPWhiteList().split(","));
        } else {
            arrayList = new ArrayList();
            Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
            while (networkInterfaces.hasMoreElements()) {
                Enumeration<InetAddress> inetAddresses = networkInterfaces.nextElement().getInetAddresses();
                while (inetAddresses.hasMoreElements()) {
                    arrayList.add(inetAddresses.nextElement().getHostAddress());
                }
            }
        }
        DIFLogger.getLogger().debug("WhiteList infered: " + arrayList.toString());
        SSOToken sSOToken = null;
        if (arrayList.contains(remoteAddr)) {
            IDIFUser user = this.identityManager.getUser(this.userID);
            IStage stage = this.demManager.getStage(this.destinationStageID);
            if (user == null) {
                sSOResponse = new SSOResponse(false, null, this.messages.get("userDoesNotExist"));
            } else if (stage == null) {
                sSOResponse = new SSOResponse(false, null, this.messages.get("stageDoesNotExist"));
            } else if (user.canAccess(stage)) {
                sSOToken = SSOManager.getInstance().newToken(this.destinationStageID, this.userID);
                sSOResponse = new SSOResponse(true, sSOToken.getId());
            } else {
                sSOResponse = new SSOResponse(false, null, this.messages.get("noAccessToStage"));
            }
        } else {
            sSOResponse = new SSOResponse(false, null, this.messages.get("notInIPWhiteList"));
        }
        DIFLogger.getLogger().debug("SSO result: " + new ObjectFormatter().addItemIfNotNull("generatedToken", sSOToken).addItemIfNotNull("response", sSOResponse).getFormatedObject());
        return sSOResponse;
    }
}
