package at.gv.util.filter.moaid;

import at.gv.util.MiscUtil;
import at.gv.util.ToStringUtil;
import at.gv.util.WebAppUtil;
import at.gv.util.client.moaid.MOAIDClient;
import at.gv.util.client.moaid.MOAIDClientException;
import at.gv.util.config.EgovUtilConfiguration;
import at.gv.util.ex.EgovUtilException;
import at.gv.util.xsd.saml.assertion.AssertionType;
import at.gv.util.xsd.saml.protocol.ResponseType;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.DateFormatUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/gv/util/filter/moaid/AbstractGenericMOAIDAuthenticationServlet.class */
public abstract class AbstractGenericMOAIDAuthenticationServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    public static final String REQUEST_ATTRIBUTE_ERROR_MESSAGE = "javax.servlet.error.message";
    private final Logger log = LoggerFactory.getLogger(AbstractGenericMOAIDAuthenticationServlet.class);
    private static MOAIDClient moaclient = null;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    private void errorPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) {
        this.log.debug("Forwarding to error page \"" + getErrorPage() + "\".");
        this.log.error("Messages for Errorpage (saved in request attribute \"javax.servlet.error.message\"): " + ToStringUtil.toString((Object[]) strArr));
        httpServletRequest.setAttribute(REQUEST_ATTRIBUTE_ERROR_MESSAGE, ToStringUtil.toString((Object[]) strArr));
        try {
            httpServletRequest.getRequestDispatcher(getErrorPage()).forward(httpServletRequest, httpServletResponse);
        } catch (Throwable th) {
            this.log.error("Unexpected error (" + th.getMessage() + ") forwarding to error page \"" + getErrorPage() + "\".");
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        HttpSession session;
        this.log.debug("MOAIDLogin invoked.");
        String parameter = httpServletRequest.getParameter("SAMLArtifact");
        if (MiscUtil.isEmpty(parameter)) {
            errorPage(httpServletRequest, httpServletResponse, "SAMLArtifact post parameter must not be null or empty.");
            return;
        }
        String expectedTarget = getExpectedTarget();
        String parameter2 = httpServletRequest.getParameter("Target");
        if (!MiscUtil.isNotEmpty(parameter2)) {
            this.log.debug("No expected target parameter given. Maybe configured as wbpk application. Skipping target value evaluation.");
        } else if (MiscUtil.isNotEmpty(expectedTarget)) {
            this.log.debug("Verifying target parameter.");
            if (!expectedTarget.equals(parameter2)) {
                errorPage(httpServletRequest, httpServletResponse, "Transmitted target parameter does not match the expected target parameter value \"" + expectedTarget + "\".");
                return;
            }
        }
        this.log.debug("SAMLArtifact = \"" + parameter + "\".");
        try {
            ResponseType sendGetAuthenticationDataRequest = getMOAIDClient().sendGetAuthenticationDataRequest(getAuthDataURL(), parameter);
            if (!"Success".equals(sendGetAuthenticationDataRequest.getStatus().getStatusCode().getValue().getLocalPart())) {
                throw new MOAIDClientException("Wrong MOA-ID return code: " + sendGetAuthenticationDataRequest.getStatus().getStatusCode().getValue().toString());
            }
            AssertionType assertionType = sendGetAuthenticationDataRequest.getAssertion().get(0);
            HttpSession session2 = httpServletRequest.getSession(false);
            if (session2 != null) {
                HashMap hashMap = new HashMap();
                Enumeration attributeNames = session2.getAttributeNames();
                while (attributeNames.hasMoreElements()) {
                    String str = (String) attributeNames.nextElement();
                    if (!str.equals("JSESSIONID")) {
                        hashMap.put(str, session2.getAttribute(str));
                    }
                }
                session2.invalidate();
                session = httpServletRequest.getSession(true);
                for (Map.Entry entry : hashMap.entrySet()) {
                    session.setAttribute((String) entry.getKey(), entry.getValue());
                }
            } else {
                session = httpServletRequest.getSession(true);
            }
            this.log.debug("Using session " + session.getId() + ", created at " + DateFormatUtils.ISO_DATETIME_TIME_ZONE_FORMAT.format(session.getCreationTime()) + ".");
            Object authDataObject = getAuthDataObject(assertionType, httpServletRequest);
            if (authDataObject == null) {
                this.log.info("No auth data provided from implementing application. Denying access.");
                httpServletResponse.sendError(403, "Access is denied.");
                return;
            }
            this.log.debug("Authentication data = " + authDataObject);
            session.setAttribute(getAuthDataSessionAttribute(), authDataObject);
            String str2 = null;
            String trim = StringUtils.trim(getAuthenticatedPage(httpServletRequest, null));
            if (MiscUtil.isNotEmpty(trim)) {
                try {
                    new URL(trim);
                } catch (MalformedURLException e) {
                    trim = WebAppUtil.getBaseURL(httpServletRequest) + MiscUtil.removePrecedingSlash(trim);
                }
                this.log.debug("User is authenticated. Authenticated page given. Redirecting to \"" + trim + "\".");
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(trim));
                return;
            }
            this.log.debug("No authenticated page given. Trying to find original url.");
            String storedRequestURLSessionAttribute = getStoredRequestURLSessionAttribute();
            if (MiscUtil.isNotEmpty(storedRequestURLSessionAttribute)) {
                this.log.debug("Fetching saved request url from session attribute \"" + storedRequestURLSessionAttribute + "\".");
                str2 = (String) session.getAttribute(storedRequestURLSessionAttribute);
                session.removeAttribute(storedRequestURLSessionAttribute);
            }
            if (str2 != null) {
                this.log.debug("User is authenticated. Redirecting to original location \"" + str2 + "\".");
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str2));
                return;
            }
            this.log.warn("Unable to find saved request. Session seems to got lost.");
            String sessionLostPage = getSessionLostPage();
            if (!MiscUtil.isNotEmpty(sessionLostPage)) {
                errorPage(httpServletRequest, httpServletResponse, "Unable to find saved request.");
                return;
            }
            String str3 = WebAppUtil.getBaseURL(httpServletRequest) + MiscUtil.removePrecedingSlash(sessionLostPage);
            this.log.debug("Found failsafe page for redirection in case of session loss. Redirecting to \"" + str3 + "\".");
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str3));
        } catch (MOAIDClientException | EgovUtilException e2) {
            String str4 = "Error retrieving authentication data (" + e2.getMessage() + ").";
            this.log.error(str4);
            errorPage(httpServletRequest, httpServletResponse, str4);
        }
    }

    private synchronized MOAIDClient getMOAIDClient() throws MOAIDClientException, EgovUtilException {
        if (moaclient == null) {
            moaclient = new MOAIDClient(getConfiguration());
        }
        return moaclient;
    }

    public abstract String getAuthenticatedPage(HttpServletRequest httpServletRequest, String str);

    public abstract String getAuthDataSessionAttribute();

    public abstract String getStoredRequestURLSessionAttribute();

    public abstract String getErrorPage();

    public abstract Object getAuthDataObject(AssertionType assertionType);

    public Object getAuthDataObject(AssertionType assertionType, HttpServletRequest httpServletRequest) {
        return getAuthDataObject(assertionType);
    }

    public abstract String getAuthDataURL();

    public abstract String getSessionLostPage();

    public abstract String getExpectedTarget();

    public abstract EgovUtilConfiguration getConfiguration();
}
