package org.apache.jetspeed.portlets.sso;

import java.io.IOException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletConfig;
import javax.portlet.PortletContext;
import javax.portlet.PortletException;
import javax.portlet.PortletMode;
import javax.portlet.PortletPreferences;
import javax.portlet.PortletSession;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import javax.portlet.ResourceURL;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.jetspeed.portlets.security.SecurityResources;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.mfa.util.SecurityHelper;
import org.apache.jetspeed.sso.SSOException;
import org.apache.jetspeed.sso.SSOManager;
import org.apache.jetspeed.sso.SSOSite;
import org.apache.jetspeed.sso.SSOUser;
import org.apache.portals.applications.gems.browser.StatusMessage;
import org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet;
import org.apache.portals.messaging.PortletMessaging;
import org.exolab.castor.persist.spi.QueryExpression;

/* loaded from: input_file:WEB-INF/classes/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.class */
public class SSOIFramePortlet extends IFrameGenericPortlet {
    public static final String SSO_TYPE = "sso.type";
    public static final String SSO_TYPE_URL = "url";
    public static final String SSO_TYPE_URL_BASE64 = "url.base64";
    public static final String SSO_TYPE_HTTP = "http";
    public static final String SSO_TYPE_CERTIFICATE = "certificate";
    public static final String SSO_TYPE_FORM = "form";
    public static final String SSO_TYPE_FORM_GET = "form.get";
    public static final String SSO_TYPE_FORM_POST = "form.post";
    public static final String SSO_TYPE_URL_USERNAME = "sso.url.Principal";
    public static final String SSO_TYPE_URL_PASSWORD = "sso.url.Credential";
    public static final String SSO_TYPE_FORM_USERNAME = "sso.form.Principal";
    public static final String SSO_TYPE_FORM_PASSWORD = "sso.form.Credential";
    public static final String SSO_TYPE_FORM_ACTION = "sso.form.Action";
    public static final String SSO_TYPE_FORM_ARGS = "sso.form.Args";
    public static final String SSO_TYPE_FORM_AUTH_FLAG = SSOIFramePortlet.class.getName() + ".authFlag";
    public static final String SSO_REQUEST_ATTRIBUTE_USERNAME = "sso.ra.username";
    public static final String SSO_REQUEST_ATTRIBUTE_PASSWORD = "sso.ra.password";
    public static final String SSO_FORM_PRINCIPAL = "ssoPrincipal";
    public static final String SSO_FORM_CREDENTIAL = "ssoCredential";
    private PortletContext context;
    private SSOManager sso;

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void init(PortletConfig portletConfig) throws PortletException {
        super.init(portletConfig);
        this.context = getPortletContext();
        this.sso = (SSOManager) this.context.getAttribute("cps:SSO");
        if (null == this.sso) {
            throw new PortletException("Failed to find SSO Provider on portlet initialization");
        }
    }

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void doEdit(RenderRequest renderRequest, RenderResponse renderResponse) throws PortletException, IOException {
        SSOSite siteByUrl = this.sso.getSiteByUrl(renderRequest.getPreferences().getValue("SRC", ""));
        if (siteByUrl != null) {
            try {
                SSOUser remoteUser = SSOPortletUtil.getRemoteUser(this.sso, renderRequest, siteByUrl);
                if (remoteUser != null) {
                    PasswordCredential credentials = this.sso.getCredentials(remoteUser);
                    getContext(renderRequest).put("ssoPrincipal", credentials.getUserName());
                    getContext(renderRequest).put("ssoCredential", credentials.getPassword());
                } else {
                    getContext(renderRequest).put("ssoPrincipal", "");
                    getContext(renderRequest).put("ssoCredential", "");
                }
            } catch (SSOException e) {
                if (e.getMessage().equals("The site has no Single Sign On credentails attached.")) {
                    getContext(renderRequest).put("ssoPrincipal", "");
                    getContext(renderRequest).put("ssoCredential", "");
                } else {
                    SSOPortletUtil.publishStatusMessage(renderRequest, "SSOIFrame", "status", e, "Could not load Site info for user");
                }
            }
        }
        StatusMessage statusMessage = (StatusMessage) PortletMessaging.consume(renderRequest, "SSOIFrame", "status");
        if (statusMessage != null) {
            getContext(renderRequest).put("statusMsg", statusMessage);
        }
        getContext(renderRequest).put("ssoTypes", SSOWebContentPortlet.SSO_TYPES);
        getContext(renderRequest).put("ssoTypeSelected", renderRequest.getPreferences().getValue("sso.type", "basic"));
        super.doEdit(renderRequest, renderResponse);
    }

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void doView(RenderRequest renderRequest, RenderResponse renderResponse) throws PortletException, IOException {
        SSOUser remoteUser;
        String value = renderRequest.getPreferences().getValue("SRC", (String) null);
        SSOSite sSOSite = null;
        if (value != null) {
            sSOSite = this.sso.getSiteByUrl(value);
        }
        if (sSOSite == null) {
            renderResponse.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
            return;
        }
        try {
            remoteUser = SSOPortletUtil.getRemoteUser(this.sso, renderRequest, sSOSite);
        } catch (SSOException e) {
            if (e.getMessage().equals("The site has no Single Sign On credentails attached.")) {
                renderResponse.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
                return;
            }
            SSOPortletUtil.publishStatusMessage(renderRequest, "SSOIFrame", "status", e, "Could not load Site info for user");
        }
        if (remoteUser == null) {
            renderResponse.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
            return;
        }
        PasswordCredential credentials = this.sso.getCredentials(remoteUser);
        renderRequest.setAttribute("sso.ra.username", credentials.getUserName());
        renderRequest.setAttribute("sso.ra.password", credentials.getPassword());
        StatusMessage statusMessage = (StatusMessage) PortletMessaging.consume(renderRequest, "SSOIFrame", "status");
        if (statusMessage != null) {
            getContext(renderRequest).put("statusMsg", statusMessage);
        }
        super.doView(renderRequest, renderResponse);
    }

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void processAction(ActionRequest actionRequest, ActionResponse actionResponse) throws PortletException, IOException {
        super.processAction(actionRequest, actionResponse);
        String parameter = actionRequest.getParameter("ssoPrincipal");
        String parameter2 = actionRequest.getParameter("ssoCredential");
        if (parameter == null || parameter2 == null) {
            actionResponse.setPortletMode(PortletMode.EDIT);
        }
        String value = actionRequest.getPreferences().getValue("SRC", "");
        SSOSite siteByUrl = this.sso.getSiteByUrl(value);
        try {
            if (!SecurityHelper.isEmpty(value) && !SecurityHelper.isEmpty(parameter) && !SecurityHelper.isEmpty(parameter2)) {
                if (siteByUrl == null) {
                    SSOSite newSite = this.sso.newSite(value, value);
                    this.sso.addSite(newSite);
                    SSOPortletUtil.updateUser(this.sso, actionRequest, newSite, parameter, parameter2);
                } else {
                    SSOPortletUtil.updateUser(this.sso, actionRequest, siteByUrl, parameter, parameter2);
                }
            }
        } catch (SSOException e) {
            String str = "Failed to add remote user for the portal principal, " + actionRequest.getUserPrincipal().getName() + ".";
            if (e.getCause() != null) {
                str = str + " (" + e.getCause() + DefaultExpressionEngine.DEFAULT_INDEX_END;
            }
            PortletMessaging.publish(actionRequest, "SSOIFrame", "status", new StatusMessage(str, "portlet-msg-error"));
            actionResponse.setPortletMode(PortletMode.EDIT);
        }
    }

    @Override // org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet
    public String getURLSource(RenderRequest renderRequest, RenderResponse renderResponse, PortletPreferences portletPreferences) {
        String uRLSource = super.getURLSource(renderRequest, renderResponse, portletPreferences);
        String value = portletPreferences.getValue("sso.type", "url");
        if (!value.equals("url") && !value.equals("url.base64")) {
            if (!value.equals("form") && !value.equals("form.get") && !value.equals("form.post")) {
                return uRLSource;
            }
            PortletSession portletSession = renderRequest.getPortletSession(false);
            if (portletSession != null && portletSession.getAttribute(SSO_TYPE_FORM_AUTH_FLAG) != null) {
                return uRLSource;
            }
            ResourceURL createResourceURL = renderResponse.createResourceURL();
            createResourceURL.setResourceID("/WEB-INF/security/sso/sso-iframe-form-login.jsp");
            return createResourceURL.toString();
        }
        String value2 = portletPreferences.getValue("sso.url.Principal", SecurityResources.TOPIC_USER);
        String value3 = portletPreferences.getValue("sso.url.Credential", "password");
        StringBuffer stringBuffer = new StringBuffer(uRLSource);
        if (uRLSource.indexOf("?") == -1) {
            stringBuffer.append("?");
        } else {
            stringBuffer.append("&");
        }
        stringBuffer.append(value2);
        stringBuffer.append(QueryExpression.OpEquals);
        String str = (String) renderRequest.getAttribute("sso.ra.username");
        if (str == null) {
            str = "";
        }
        String str2 = (String) renderRequest.getAttribute("sso.ra.password");
        if (str2 == null) {
            str2 = "";
        }
        if (value.equals("url.base64")) {
            Base64 base64 = new Base64();
            str = new String(base64.encode(str.getBytes()));
            str2 = new String(base64.encode(str2.getBytes()));
        }
        stringBuffer.append(str);
        stringBuffer.append("&");
        stringBuffer.append(value3);
        stringBuffer.append(QueryExpression.OpEquals);
        stringBuffer.append(str2);
        return renderResponse.encodeURL(stringBuffer.toString());
    }
}
