package org.nuxeo.ecm.platform.shibboleth.auth;

import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.directory.DirectoryException;
import org.nuxeo.ecm.directory.Session;
import org.nuxeo.ecm.directory.api.DirectoryService;
import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
import org.nuxeo.ecm.platform.shibboleth.service.ShibbolethAuthenticationService;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPluginLogoutExtension;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.runtime.api.Framework;

/* loaded from: input_file:org/nuxeo/ecm/platform/shibboleth/auth/ShibbolethAuthenticationPlugin.class */
public class ShibbolethAuthenticationPlugin implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension {
    private static final Log log = LogFactory.getLog(ShibbolethAuthenticationPlugin.class);
    protected ShibbolethAuthenticationService service;

    protected ShibbolethAuthenticationService getService() {
        if (this.service == null) {
            try {
                this.service = (ShibbolethAuthenticationService) Framework.getService(ShibbolethAuthenticationService.class);
            } catch (Exception e) {
                log.error("Failed to get Shibboleth authentication service", e);
            }
        }
        return this.service;
    }

    public List<String> getUnAuthenticatedURLPrefix() {
        return null;
    }

    public Boolean handleLoginPrompt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        if (getService() == null) {
            return false;
        }
        String loginURL = getService().getLoginURL(httpServletRequest);
        if (loginURL == null) {
            log.error("Unable to handle Shibboleth login, no loginURL registered");
            return false;
        }
        try {
            httpServletResponse.sendRedirect(loginURL);
            return true;
        } catch (IOException e) {
            log.error(String.format("Unable to handle Shibboleth login on %s", loginURL), e);
            return false;
        }
    }

    public Boolean handleLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String logoutURL;
        if (getService() != null && (logoutURL = getService().getLogoutURL(httpServletRequest)) != null) {
            try {
                httpServletResponse.sendRedirect(logoutURL);
                return true;
            } catch (IOException e) {
                log.error("Unable to handle Shibboleth logout", e);
                return false;
            }
        }
        return false;
    }

    public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String userID;
        if (getService() == null || (userID = getService().getUserID(httpServletRequest)) == null || "".equals(userID)) {
            return null;
        }
        Session session = null;
        try {
            try {
                UserManager userManager = (UserManager) Framework.getService(UserManager.class);
                Session open = ((DirectoryService) Framework.getService(DirectoryService.class)).open(userManager.getUserDirectoryName());
                Map<String, Object> userMetadata = getService().getUserMetadata(userManager.getUserIdField(), httpServletRequest);
                DocumentModel entry = open.getEntry(userID);
                if (entry == null) {
                    open.createEntry(userMetadata);
                } else {
                    entry.getDataModel(userManager.getUserSchemaName()).setMap(userMetadata);
                    open.updateEntry(entry);
                }
                if (open != null) {
                    try {
                        open.close();
                    } catch (DirectoryException e) {
                        log.error("Error while closing directory session", e);
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        session.close();
                    } catch (DirectoryException e2) {
                        log.error("Error while closing directory session", e2);
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            log.error("Failed to get or create user entry", e3);
            if (0 != 0) {
                try {
                    session.close();
                } catch (DirectoryException e4) {
                    log.error("Error while closing directory session", e4);
                }
            }
        }
        return new UserIdentificationInfo(userID, userID);
    }

    public void initPlugin(Map<String, String> map) {
    }

    public Boolean needLoginPrompt(HttpServletRequest httpServletRequest) {
        return true;
    }
}
