package org.nuxeo.ecm.platform.ui.web.auth.cleartrust;

import java.io.IOException;
import java.util.Enumeration;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPluginLogoutExtension;

/* loaded from: input_file:org/nuxeo/ecm/platform/ui/web/auth/cleartrust/ClearTrustAuthenticator.class */
public class ClearTrustAuthenticator implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension {
    protected static final String CLEARTRUST_HEADER_UID = "REMOTE_USER";
    protected static final String CLEARTRUST_COOKIE_SESSION_A = "ACTSESSION";
    protected static final String CLEARTRUST_COOKIE_SESSION = "CTSESSION";
    protected String cookieDomain = "";
    protected String cleartrustLoginUrl = "";
    protected String cleartrustLogoutUrl = "";
    private static final Log log = LogFactory.getLog(ClearTrustAuthenticator.class);

    public List<String> getUnAuthenticatedURLPrefix() {
        return null;
    }

    public Boolean handleLoginPrompt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        log.debug("handleLoginPrompt ...");
        log.debug("handleLoginPrompt requestURL = " + ((Object) httpServletRequest.getRequestURL()));
        Cookie[] cookies = getCookies(httpServletRequest);
        displayRequestInformation(httpServletRequest);
        displayCookieInformation(cookies);
        String cookieValue = getCookieValue(CLEARTRUST_COOKIE_SESSION, cookies);
        String cookieValue2 = getCookieValue(CLEARTRUST_COOKIE_SESSION_A, cookies);
        log.debug("ctSession = " + cookieValue);
        log.debug("ctSessionA = " + cookieValue2);
        boolean z = false;
        if (cookieValue == null) {
            log.debug("No ClearTrust session: not authorizing + redirecting to ClearTrust");
            z = true;
        }
        if ("%20".equals(cookieValue2)) {
            log.debug("User has logout from ClearTrust: not authorizing + redirecting to ClearTrust");
            z = true;
        }
        String header = httpServletRequest.getHeader(CLEARTRUST_HEADER_UID);
        log.debug("ctUid = [" + header + "]");
        if (header == null) {
            z = true;
        }
        if (!z) {
            log.debug("ClearTrust authentication is OK, letting the user in.");
            return false;
        }
        String str2 = this.cleartrustLoginUrl;
        try {
            if (this.cleartrustLoginUrl == null || "".equals(this.cleartrustLoginUrl)) {
                str2 = str + "login.jsp";
            }
            log.debug("Redirecting to loginUrl: " + str2);
            httpServletResponse.sendRedirect(str2);
            return true;
        } catch (IOException e) {
            log.error("Unable to redirect to ClearTrust login URL [" + str2 + "]:", e);
            return false;
        }
    }

    public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("handleRetrieveIdentity ...");
        Cookie[] cookies = getCookies(httpServletRequest);
        displayRequestInformation(httpServletRequest);
        displayCookieInformation(cookies);
        String header = httpServletRequest.getHeader(CLEARTRUST_HEADER_UID);
        log.debug("handleRetrieveIdentity ctUid = [" + header + "]");
        UserIdentificationInfo userIdentificationInfo = new UserIdentificationInfo(header, "No password needed for ClearTrust authentication");
        log.debug("handleRetrieveIdentity going on with authenticated user = [" + header + "]");
        return userIdentificationInfo;
    }

    public Boolean needLoginPrompt(HttpServletRequest httpServletRequest) {
        return true;
    }

    public Boolean handleLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("handleLogout ...");
        expireCookie(CLEARTRUST_COOKIE_SESSION, httpServletRequest, httpServletResponse);
        expireCookie(CLEARTRUST_COOKIE_SESSION_A, httpServletRequest, httpServletResponse);
        if (this.cleartrustLogoutUrl == null || "".equals(this.cleartrustLogoutUrl)) {
            return false;
        }
        try {
            log.debug("Redirecting to logoutUrl = [" + this.cleartrustLogoutUrl + "] ...");
            httpServletResponse.sendRedirect(this.cleartrustLogoutUrl);
            log.debug("handleLogout DONE!");
            return true;
        } catch (IOException e) {
            log.error("Unable to redirect to the logout URL [" + this.cleartrustLogoutUrl + "] :", e);
            return false;
        }
    }

    protected Cookie[] getCookies(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            cookies = new Cookie[0];
        }
        return cookies;
    }

    private String getCookieValue(String str, Cookie[] cookieArr) {
        String str2 = null;
        for (Cookie cookie : cookieArr) {
            if (str.equals(cookie.getName())) {
                str2 = cookie.getValue();
            }
        }
        return str2;
    }

    private void expireCookie(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("expiring cookie [" + str + "]  ...");
        Cookie cookie = new Cookie(str, "");
        cookie.setMaxAge(0);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
    }

    protected void displayCookieInformation(Cookie[] cookieArr) {
        log.debug(">>>>>>>>>>>>> Here are the cookies: ");
        for (Cookie cookie : cookieArr) {
            log.debug("displayCookieInformation cookie name: [" + cookie.getName() + "] path: [" + cookie.getPath() + "] domain: " + cookie.getDomain() + " max age: " + cookie.getMaxAge() + " value: [" + cookie.getValue() + "]");
        }
    }

    protected void displayRequestInformation(HttpServletRequest httpServletRequest) {
        log.debug(">>>>>>>>>>>>> Here is the request: ");
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            log.debug("header " + str + " : [" + httpServletRequest.getHeader(str) + "]");
        }
        Enumeration attributeNames = httpServletRequest.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            String str2 = (String) attributeNames.nextElement();
            log.debug("attribute " + str2 + " : [" + httpServletRequest.getAttribute(str2) + "]");
        }
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str3 = (String) parameterNames.nextElement();
            log.debug("parameter " + str3 + " : [" + httpServletRequest.getParameter(str3) + "]");
        }
    }

    public void initPlugin(Map<String, String> map) {
        log.debug("initPlugin v 1.1");
        if (map.containsKey(ClearTrustParameters.COOKIE_DOMAIN)) {
            this.cookieDomain = map.get(ClearTrustParameters.COOKIE_DOMAIN);
            log.debug("initPlugin cookieDomain = [" + this.cookieDomain + "]");
        }
        if (map.containsKey(ClearTrustParameters.CLEARTRUST_LOGIN_URL)) {
            this.cleartrustLoginUrl = map.get(ClearTrustParameters.CLEARTRUST_LOGIN_URL);
            log.debug("initPlugin cleartrustLoginUrl = [" + this.cleartrustLoginUrl + "]");
        }
        if (map.containsKey(ClearTrustParameters.CLEARTRUST_LOGOUT_URL)) {
            this.cleartrustLogoutUrl = map.get(ClearTrustParameters.CLEARTRUST_LOGOUT_URL);
            log.debug("initPlugin cleartrustLogoutUrl = [" + this.cleartrustLogoutUrl + "]");
        }
        log.debug("initPlugin DONE");
    }
}
