package at.gv.egovernment.moa.id.auth.modules.internal.tasks;

import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component("EvaluateSSOConsentsTaskImpl")
/* loaded from: input_file:at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.class */
public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
    private static final String PARAM_SSO_CONSENTS = "value";

    @Autowired
    private SSOManager ssoManager;

    @Autowired
    protected IAuthenticationSessionStoreage authenticatedSessionStorage;

    public void execute(ExecutionContext executionContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws TaskExecutionException {
        try {
            String escapeHtml = StringEscapeUtils.escapeHtml(httpServletRequest.getParameter(PARAM_SSO_CONSENTS));
            if (!ParamValidatorUtils.isValidUseMandate(escapeHtml)) {
                throw new WrongParametersException("EvaluateSSOConsentsTaskImpl", PARAM_SSO_CONSENTS, null);
            }
            boolean z = false;
            if (MiscUtil.isNotEmpty(escapeHtml)) {
                z = Boolean.parseBoolean(escapeHtml);
            }
            if (!this.ssoManager.isValidSSOSession(this.ssoManager.getSSOSessionID(httpServletRequest), this.pendingReq)) {
                Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ...");
                throw new AuthenticationException("auth.30", null);
            }
            this.revisionsLogger.logEvent(this.pendingReq, MOAIDEventConstants.AUTHPROCESS_SSO_ASK_USER_FINISHED, String.valueOf(z));
            if (z) {
                this.pendingReq.setRawDataToTransaction(this.authenticatedSessionStorage.getInternalSSOSession(this.pendingReq.getInternalSSOSessionIdentifier()).getKeyValueRepresentationFromAuthSession());
                this.pendingReq.setNeedUserConsent(false);
                this.pendingReq.setAuthenticated(true);
                this.pendingReq.setAbortedByUser(false);
            } else {
                Logger.debug("User deny the Single Sign-On authentication for SP: " + this.pendingReq.getSPEntityId());
                this.pendingReq.setAbortedByUser(true);
            }
            this.requestStoreage.storePendingRequest(this.pendingReq);
            performRedirectToProtocolFinialization(executionContext, this.pendingReq, httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            Logger.warn("FinalizeAuthenticationTask has an internal error", e);
            throw new TaskExecutionException(this.pendingReq, e.getMessage(), e);
        } catch (MOAIDException e2) {
            throw new TaskExecutionException(this.pendingReq, e2.getMessage(), e2);
        }
    }
}
