package org.wso2.carbon.identity.post.authn.handler.disclaimer;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.handler.request.AbstractPostAuthnHandler;
import org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthnHandlerFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;

/* loaded from: input_file:org/wso2/carbon/identity/post/authn/handler/disclaimer/DisclaimerPostAuthenticationHandler.class */
public class DisclaimerPostAuthenticationHandler extends AbstractPostAuthnHandler {
    private String CONSENT_POPPED_UP = "consentPoppedUp";

    public PostAuthnHandlerFlowStatus handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws PostAuthenticationFailedException {
        if (getAuthenticatedUser(authenticationContext) == null) {
            return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
        }
        if (isConsentPoppedUp(authenticationContext)) {
            if (httpServletRequest.getParameter("consent").equalsIgnoreCase("approve")) {
                return PostAuthnHandlerFlowStatus.SUCCESS_COMPLETED;
            }
            throw new PostAuthenticationFailedException("Cannot access this application : Consent Denied", "Consent denied");
        }
        try {
            httpServletResponse.sendRedirect(ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace("/login.do", "") + "/disclaimer.jsp?sessionDataKey=" + authenticationContext.getContextIdentifier() + "&application=" + authenticationContext.getSequenceConfig().getApplicationConfig().getApplicationName());
            setConsentPoppedUpState(authenticationContext);
            return PostAuthnHandlerFlowStatus.INCOMPLETE;
        } catch (IOException e) {
            throw new PostAuthenticationFailedException("Invalid Consent", "Error while redirecting", e);
        }
    }

    public String getName() {
        return "DisclaimerHandler";
    }

    private AuthenticatedUser getAuthenticatedUser(AuthenticationContext authenticationContext) {
        return authenticationContext.getSequenceConfig().getAuthenticatedUser();
    }

    private void setConsentPoppedUpState(AuthenticationContext authenticationContext) {
        authenticationContext.addParameter(this.CONSENT_POPPED_UP, true);
    }

    private boolean isConsentPoppedUp(AuthenticationContext authenticationContext) {
        return authenticationContext.getParameter(this.CONSENT_POPPED_UP) != null;
    }
}
