package at.gv.egovernment.moa.id.auth.servlet;

import at.gv.egiz.eaaf.core.api.gui.GroupDefinition;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;
import java.io.IOException;
import java.net.URL;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
/* loaded from: input_file:at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.class */
public class RedirectServlet {
    public static final String SERVICE_ENDPOINT = "/RedirectServlet";
    public static final String REDIRCT_PARAM_URL = "redirecturl";
    private static final String DEFAULT_REDIRECTTARGET = "_parent";
    private static final String URL = "URL";
    private static final String TARGET = "TARGET";

    @Autowired(required = true)
    SSOManager ssoManager;

    @Autowired(required = true)
    IGUIFormBuilder guiBuilder;

    @Autowired(required = true)
    private AuthConfiguration authConfig;

    @RequestMapping(value = {SERVICE_ENDPOINT}, method = {RequestMethod.GET})
    public void performLogOut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Logger.debug("Receive " + RedirectServlet.class + " Request");
        String parameter = httpServletRequest.getParameter(REDIRCT_PARAM_URL);
        String escapeHtml = StringEscapeUtils.escapeHtml(httpServletRequest.getParameter("Target"));
        String parameter2 = httpServletRequest.getParameter("SAMLArtifact");
        String parameter3 = httpServletRequest.getParameter("interIDP");
        Logger.debug("Check URL against online-applications");
        String str = DEFAULT_REDIRECTTARGET;
        try {
            new URL(parameter);
            IOAAuthParameters iOAAuthParameters = (IOAAuthParameters) this.authConfig.getServiceProviderConfiguration(parameter, IOAAuthParameters.class);
            String extractAuthURLFromRequest = HTTPUtils.extractAuthURLFromRequest(httpServletRequest);
            List<String> publicURLPrefix = this.authConfig.getPublicURLPrefix();
            if ((iOAAuthParameters == null && !checkRedirectToItself(parameter, publicURLPrefix)) || !this.authConfig.getPublicURLPrefix().contains(extractAuthURLFromRequest)) {
                Logger.warn("Requested URL " + extractAuthURLFromRequest + " is not in PublicPrefix Configuration");
                httpServletResponse.sendError(403, "Parameters not valid");
                return;
            }
            if (MiscUtil.isNotEmpty(parameter2)) {
                try {
                    String configurationValue = iOAAuthParameters.getConfigurationValue("auth.templates.customize.applet.redirecttarget");
                    if (MiscUtil.isNotEmpty(configurationValue)) {
                        str = configurationValue;
                    }
                } catch (Exception e) {
                    Logger.debug("Use default redirectTarget.");
                }
                Logger.info("Redirect to " + parameter);
                if (MiscUtil.isNotEmpty(escapeHtml)) {
                    parameter = HTTPUtils.addURLParameter(parameter, "Target", URLEncoder.encode(escapeHtml, "UTF-8"));
                }
                String encodeRedirectURL = httpServletResponse.encodeRedirectURL(HTTPUtils.addURLParameter(parameter, "SAMLArtifact", URLEncoder.encode(parameter2, "UTF-8")));
                DefaultGUIFormBuilderConfiguration defaultGUIFormBuilderConfiguration = new DefaultGUIFormBuilderConfiguration(extractAuthURLFromRequest, "redirectForm.html", (String) null);
                defaultGUIFormBuilderConfiguration.putCustomParameterWithOutEscaption((GroupDefinition) null, URL, StringEscapeUtils.escapeHtml(encodeRedirectURL));
                defaultGUIFormBuilderConfiguration.putCustomParameter((GroupDefinition) null, TARGET, str);
                this.guiBuilder.build(httpServletRequest, httpServletResponse, defaultGUIFormBuilderConfiguration, "RedirectForm.html");
            } else if (MiscUtil.isNotEmpty(parameter3)) {
                Logger.info("Receive an interfederation redirect request for IDP " + parameter3);
                this.ssoManager.setInterfederationIDPCookie(httpServletRequest, httpServletResponse, parameter3);
                Logger.debug("Redirect to " + parameter);
                String encodeRedirectURL2 = httpServletResponse.encodeRedirectURL(parameter);
                httpServletResponse.setContentType("text/html");
                httpServletResponse.setStatus(302);
                httpServletResponse.addHeader("Location", encodeRedirectURL2);
            } else {
                Logger.debug("Redirect to " + parameter);
                try {
                    String configurationValue2 = iOAAuthParameters.getConfigurationValue("auth.templates.customize.applet.redirecttarget");
                    if (MiscUtil.isNotEmpty(configurationValue2)) {
                        str = configurationValue2;
                    }
                } catch (Exception e2) {
                    Logger.debug("Use default redirectTarget.");
                }
                DefaultGUIFormBuilderConfiguration defaultGUIFormBuilderConfiguration2 = new DefaultGUIFormBuilderConfiguration(extractAuthURLFromRequest, "redirectForm.html", (String) null);
                defaultGUIFormBuilderConfiguration2.putCustomParameterWithOutEscaption((GroupDefinition) null, URL, StringEscapeUtils.escapeHtml(parameter));
                defaultGUIFormBuilderConfiguration2.putCustomParameter((GroupDefinition) null, TARGET, str);
                this.guiBuilder.build(httpServletRequest, httpServletResponse, defaultGUIFormBuilderConfiguration2, "RedirectForm.html");
            }
        } catch (Throwable th) {
            httpServletResponse.sendError(403, "Request not allowed.");
        }
    }

    private boolean checkRedirectToItself(String str, List<String> list) {
        if (str == null) {
            return false;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (str.startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }
}
