package org.apache.jetspeed.portlets.sso;

import java.io.IOException;
import java.net.URI;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import javax.portlet.PortletConfig;
import javax.portlet.PortletException;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import javax.security.auth.Subject;
import org.apache.commons.lang.StringUtils;
import org.apache.jetspeed.security.JSSubject;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.sso.SSOManager;
import org.apache.jetspeed.sso.SSOSite;
import org.apache.jetspeed.sso.SSOUser;
import org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet;
import org.apache.portals.applications.webcontent.proxy.HttpReverseProxyConstants;
import org.apache.portals.applications.webcontent.proxy.SSOSiteCredentials;
import org.apache.portals.applications.webcontent.proxy.impl.DefaultSSOSiteCredentials;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.class */
public class SSOReverseProxyIFramePortlet extends IFrameGenericPortlet {
    public static final String SUBJECT_SSO_SITE_CREDS = "org.apache.jetspeed.portlets.sso.ssoSiteCredsOfSubject";
    private static Logger log = LoggerFactory.getLogger(SSOReverseProxyIFramePortlet.class);
    private SSOManager ssoManager;

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void init(PortletConfig portletConfig) throws PortletException {
        super.init(portletConfig);
        this.ssoManager = (SSOManager) portletConfig.getPortletContext().getAttribute("cps:SSO");
        if (null == this.ssoManager) {
            throw new PortletException("Failed to find SSO Provider on portlet initialization");
        }
    }

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void doView(RenderRequest renderRequest, RenderResponse renderResponse) throws PortletException, IOException {
        if (((List) renderRequest.getPortletSession().getAttribute(SUBJECT_SSO_SITE_CREDS, 1)) == null) {
            renderRequest.getPortletSession().setAttribute(SUBJECT_SSO_SITE_CREDS, createSSOSiteCredentialsOfSubject(), 1);
            renderRequest.getPortletSession().setAttribute(HttpReverseProxyConstants.SSO_SITE_CREDENTIALS_PROVIDER, new DefaultSSOSiteCredentialsProviderImpl(), 1);
        }
        super.doView(renderRequest, renderResponse);
    }

    private List<SSOSiteCredentials> createSSOSiteCredentialsOfSubject() {
        ArrayList arrayList = new ArrayList();
        try {
            Subject subject = JSSubject.getSubject(AccessController.getContext());
            Collection<SSOSite> sitesForSubject = this.ssoManager.getSitesForSubject(subject);
            if (sitesForSubject != null) {
                for (SSOSite sSOSite : sitesForSubject) {
                    URI create = URI.create(sSOSite.getURL());
                    Collection<SSOUser> remoteUsers = this.ssoManager.getRemoteUsers(sSOSite, subject);
                    if (remoteUsers != null) {
                        for (SSOUser sSOUser : remoteUsers) {
                            DefaultSSOSiteCredentials defaultSSOSiteCredentials = new DefaultSSOSiteCredentials(sSOSite.getURL(), create.getHost(), create.getPort());
                            if (!StringUtils.isBlank(sSOSite.getRealm())) {
                                defaultSSOSiteCredentials.setRealm(sSOSite.getRealm());
                            }
                            PasswordCredential credentials = this.ssoManager.getCredentials(sSOUser);
                            defaultSSOSiteCredentials.setUsername(credentials.getUserName());
                            defaultSSOSiteCredentials.setPassword(credentials.getPassword());
                            if (sSOSite.isFormAuthentication()) {
                                defaultSSOSiteCredentials.setFormAuthentication(true);
                                defaultSSOSiteCredentials.setFormUserField(sSOSite.getFormUserField());
                                defaultSSOSiteCredentials.setFormPwdField(sSOSite.getFormPwdField());
                            }
                            arrayList.add(defaultSSOSiteCredentials);
                        }
                    }
                }
            }
        } catch (Exception e) {
            if (log.isWarnEnabled()) {
                log.warn("Failed to retrieve sso site credentials. {}", e.toString());
            }
        }
        return arrayList;
    }
}
