package com.ibm.sbt.services.endpoints;

import com.ibm.commons.runtime.Context;
import com.ibm.commons.runtime.util.UrlUtil;
import com.ibm.commons.util.PathUtil;
import com.ibm.commons.util.StringUtil;
import com.ibm.sbt.jslibrary.servlet.AbstractLibrary;
import com.ibm.sbt.security.authentication.AuthenticationException;
import com.ibm.sbt.service.core.handlers.AuthCredsHandler;
import com.ibm.sbt.service.core.servlet.ServiceServlet;
import com.ibm.sbt.services.client.ClientServicesException;
import com.ibm.sbt.services.client.base.CommonConstants;
import com.ibm.sbt.services.endpoints.js.JSReference;
import java.io.IOException;
import java.net.URL;
import java.net.URLEncoder;
import java.text.MessageFormat;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.http.HttpException;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.cookie.BasicClientCookie2;
import org.apache.http.protocol.HttpContext;

/* JADX WARN: Classes with same name are omitted:
  input_file:acme.sample.webapp-1.1.5.20150520-1200.war:WEB-INF/lib/com.ibm.sbt.core-1.1.5.20150520-1200.jar:com/ibm/sbt/services/endpoints/SSOEndpoint.class
 */
/* loaded from: input_file:acme.social.sample.webapp-1.1.5.20150520-1200.war:WEB-INF/lib/com.ibm.sbt.core-1.1.5.20150520-1200.jar:com/ibm/sbt/services/endpoints/SSOEndpoint.class */
public class SSOEndpoint extends AbstractEndpoint {
    private static final long serialVersionUID = 1;
    private String domain = null;
    private String authenticationPage = null;
    static final String sourceClass = SSOEndpoint.class.getName();
    static final Logger logger = Logger.getLogger(sourceClass);

    /* JADX WARN: Classes with same name are omitted:
      input_file:acme.sample.webapp-1.1.5.20150520-1200.war:WEB-INF/lib/com.ibm.sbt.core-1.1.5.20150520-1200.jar:com/ibm/sbt/services/endpoints/SSOEndpoint$LtpaInterceptor.class
     */
    /* loaded from: input_file:acme.social.sample.webapp-1.1.5.20150520-1200.war:WEB-INF/lib/com.ibm.sbt.core-1.1.5.20150520-1200.jar:com/ibm/sbt/services/endpoints/SSOEndpoint$LtpaInterceptor.class */
    private static class LtpaInterceptor implements HttpRequestInterceptor {
        String _domain;

        public LtpaInterceptor(String str, String str2) {
            if (str2 == null) {
                try {
                    this._domain = new URL(str).getHost();
                    if (this._domain.startsWith("[") && this._domain.endsWith("]")) {
                        this._domain = this._domain.substring(0, this._domain.length() - 1);
                    }
                } catch (Exception unused) {
                    this._domain = str.substring(str.indexOf(CommonConstants.DOUBLE_SLASH) + 2);
                    if (this._domain.indexOf(CommonConstants.COLON) != -1) {
                        this._domain = this._domain.substring(0, this._domain.indexOf(CommonConstants.COLON));
                    }
                }
                if (StringUtil.isNotEmpty(this._domain) && countMatch(this._domain, '.') > 1) {
                    this._domain = this._domain.substring(this._domain.indexOf(46) + 1, this._domain.length());
                }
            } else {
                this._domain = str2;
            }
            if (SSOEndpoint.logger.isLoggable(Level.INFO)) {
                SSOEndpoint.logger.log(Level.INFO, MessageFormat.format("SSO endpoint domain for {0} is {1}", str, this._domain));
            }
        }

        private static int countMatch(String str, char c) {
            int i = 0;
            if (StringUtil.isNotEmpty(str)) {
                for (int i2 = 0; i2 < str.length(); i2++) {
                    if (StringUtil.equals(Character.valueOf(str.charAt(i2)), Character.valueOf(c))) {
                        i++;
                    }
                }
            }
            return i;
        }

        public String getRawCookieValue(Cookie cookie, HttpServletRequest httpServletRequest) {
            try {
                String[] splitString = StringUtil.splitString(httpServletRequest.getHeader("cookie"), "; ", false);
                String name = cookie.getName();
                for (String str : splitString) {
                    if (str.startsWith(name)) {
                        return str.substring(name.length() + 1);
                    }
                }
            } catch (Exception e) {
                if (SSOEndpoint.logger.isLoggable(Level.INFO)) {
                    SSOEndpoint.logger.log(Level.INFO, "Unable to parse cookie header", (Throwable) e);
                }
            }
            return cookie.getValue();
        }

        @Override // org.apache.http.HttpRequestInterceptor
        public void process(HttpRequest httpRequest, HttpContext httpContext) throws HttpException, IOException {
            BasicCookieStore basicCookieStore = new BasicCookieStore();
            Context context = Context.get();
            boolean z = false;
            Map<String, Object> requestCookieMap = context.getRequestCookieMap();
            if (requestCookieMap.containsKey("LtpaToken")) {
                Cookie cookie = (Cookie) requestCookieMap.get("LtpaToken");
                BasicClientCookie2 basicClientCookie2 = new BasicClientCookie2(cookie.getName(), getRawCookieValue(cookie, context.getHttpRequest()));
                if (cookie.getDomain() != null) {
                    basicClientCookie2.setDomain(cookie.getDomain());
                } else {
                    basicClientCookie2.setDomain(this._domain);
                }
                if (cookie.getPath() != null) {
                    basicClientCookie2.setPath(cookie.getPath());
                } else {
                    basicClientCookie2.setPath(CommonConstants.SLASH);
                }
                basicCookieStore.addCookie(basicClientCookie2);
                z = true;
            }
            if (requestCookieMap.containsKey("LtpaToken2")) {
                Cookie cookie2 = (Cookie) requestCookieMap.get("LtpaToken2");
                BasicClientCookie2 basicClientCookie22 = new BasicClientCookie2(cookie2.getName(), getRawCookieValue(cookie2, context.getHttpRequest()));
                if (cookie2.getDomain() != null) {
                    basicClientCookie22.setDomain(cookie2.getDomain());
                } else {
                    basicClientCookie22.setDomain(this._domain);
                }
                if (cookie2.getPath() != null) {
                    basicClientCookie22.setPath(cookie2.getPath());
                } else {
                    basicClientCookie22.setPath(CommonConstants.SLASH);
                }
                basicCookieStore.addCookie(basicClientCookie22);
                z = true;
            }
            if (!z && SSOEndpoint.logger.isLoggable(Level.INFO)) {
                String str = "";
                try {
                    str = httpRequest.getRequestLine().getUri();
                } catch (Exception unused) {
                }
                SSOEndpoint.logger.log(Level.INFO, "Unable to find LTPA token for request " + str);
            }
            httpContext.setAttribute("http.cookie-store", basicCookieStore);
        }
    }

    @Override // com.ibm.sbt.services.endpoints.AbstractEndpoint, com.ibm.sbt.services.endpoints.Endpoint
    public String getAuthType() {
        return "sso";
    }

    @Override // com.ibm.sbt.services.endpoints.Endpoint
    public boolean isAuthenticated() throws ClientServicesException {
        return true;
    }

    @Override // com.ibm.sbt.services.endpoints.Endpoint
    public void authenticate(boolean z) throws ClientServicesException {
        if (z || !isAuthenticated()) {
            String authenticationPage = getAuthenticationPage();
            Context context = Context.get();
            if (!StringUtil.isNotEmpty(authenticationPage)) {
                throw new ClientServicesException(null, "LTPA token expired or invalid. Cannot refresh: authentication page is not set", new Object[0]);
            }
            try {
                if (!UrlUtil.isAbsoluteUrl(authenticationPage)) {
                    authenticationPage = UrlUtil.makeUrlAbsolute(context.getHttpRequest(), authenticationPage);
                }
                String requestUrl = UrlUtil.getRequestUrl(context.getHttpRequest());
                context.sendRedirect(PathUtil.concat(PathUtil.concat(PathUtil.concat(PathUtil.concat(authenticationPage, AbstractLibrary.PROP_PROXY_PATH, '&'), URLEncoder.encode(PathUtil.concat(PathUtil.concat(PathUtil.concat(PathUtil.concat(UrlUtil.getBaseUrl(context.getHttpRequest()), ServiceServlet.getServletPath(), '/'), AuthCredsHandler.URL_PATH, '/'), authenticationPage.substring(authenticationPage.indexOf(CommonConstants.EQUALS) + 1, authenticationPage.length()), '/'), AuthCredsHandler.JAVA_APP, '/'), "UTF-8"), '='), AuthCredsHandler.REDIRECT_URL, '&'), URLEncoder.encode(requestUrl, "UTF-8"), '='));
            } catch (IOException e) {
                throw new ClientServicesException(e, "LTPA token refresh failed because: " + e.getMessage(), new Object[0]);
            }
        }
    }

    @Override // com.ibm.sbt.services.endpoints.AbstractEndpoint, com.ibm.sbt.services.endpoints.Endpoint
    public JSReference getAuthenticator(String str, String str2) {
        JSReference jSReference = new JSReference("sbt/authenticator/SSO");
        jSReference.getProperties().put("url", str2);
        return jSReference;
    }

    public void redirect() {
    }

    @Override // com.ibm.sbt.services.endpoints.Endpoint
    public void initialize(DefaultHttpClient defaultHttpClient) {
        defaultHttpClient.addRequestInterceptor(new LtpaInterceptor(getUrl(), getDomain()), 0);
    }

    @Override // com.ibm.sbt.services.endpoints.Endpoint
    public void logout() throws AuthenticationException {
    }

    public String getAuthenticationPage() {
        return this.authenticationPage;
    }

    public void setAuthenticationPage(String str) {
        this.authenticationPage = str;
    }

    public String getDomain() {
        return this.domain;
    }

    public void setDomain(String str) {
        this.domain = str;
    }
}
