package org.wso2.carbon.identity.sso.agent;

import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.wso2.carbon.identity.sso.agent.bean.SSOAgentConfig;
import org.wso2.carbon.identity.sso.agent.exception.InvalidSessionException;
import org.wso2.carbon.identity.sso.agent.exception.SSOAgentException;
import org.wso2.carbon.identity.sso.agent.oauth2.SAML2GrantManager;
import org.wso2.carbon.identity.sso.agent.openid.OpenIDManager;
import org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager;
import org.wso2.carbon.identity.sso.agent.util.SSOAgentFilterUtils;
import org.wso2.carbon.identity.sso.agent.util.SSOAgentRequestResolver;
import org.wso2.carbon.identity.sso.agent.util.SSOAgentUtils;

/* loaded from: input_file:WEB-INF/lib/org.wso2.carbon.identity.sso.agent-5.3.4.jar:org/wso2/carbon/identity/sso/agent/SAML2SSOAgentFilter.class */
public class SAML2SSOAgentFilter implements Filter {
    private static final Logger LOGGER = Logger.getLogger("org.wso2.carbon.identity.sso.agent");
    protected FilterConfig filterConfig = null;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        SSOAgentConfig sSOAgentConfig;
        SSOAgentRequestResolver sSOAgentRequestResolver;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            sSOAgentConfig = SSOAgentFilterUtils.getSSOAgentConfig(this.filterConfig);
            sSOAgentRequestResolver = new SSOAgentRequestResolver(httpServletRequest, httpServletResponse, sSOAgentConfig);
        } catch (InvalidSessionException e) {
            LOGGER.log(Level.FINE, "Invalid Session!", (Throwable) e);
            httpServletResponse.sendRedirect(this.filterConfig.getServletContext().getContextPath());
        }
        if (sSOAgentRequestResolver.isURLToSkip()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (sSOAgentRequestResolver.isSLORequest()) {
            SAML2SSOManager sAML2SSOManager = new SAML2SSOManager(sSOAgentConfig);
            SSOAgentUtils.sendPostResponse(httpServletRequest, httpServletResponse, sAML2SSOManager.buildPostResponse(sAML2SSOManager.doSLO(httpServletRequest)));
            return;
        }
        if (sSOAgentRequestResolver.isSAML2SSOResponse()) {
            try {
                new SAML2SSOManager(sSOAgentConfig).processResponse(httpServletRequest, httpServletResponse);
            } catch (SSOAgentException e2) {
                handleException(httpServletRequest, e2);
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (sSOAgentRequestResolver.isSAML2ArtifactResponse()) {
            try {
                new SAML2SSOManager(sSOAgentConfig).processArtifactResponse(httpServletRequest);
            } catch (SSOAgentException e3) {
                handleException(httpServletRequest, e3);
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (sSOAgentRequestResolver.isOpenIdLoginResponse()) {
            try {
                new OpenIDManager(sSOAgentConfig).processOpenIDLoginResponse(httpServletRequest, httpServletResponse);
            } catch (SSOAgentException e4) {
                handleException(httpServletRequest, e4);
            }
        } else {
            if (sSOAgentRequestResolver.isSLOURL()) {
                SAML2SSOManager sAML2SSOManager2 = new SAML2SSOManager(sSOAgentConfig);
                if (sSOAgentRequestResolver.isHttpPostBinding()) {
                    boolean booleanValue = sSOAgentConfig.getSAML2().isPassiveAuthn().booleanValue();
                    sSOAgentConfig.getSAML2().setPassiveAuthn(false);
                    String buildPostRequest = sAML2SSOManager2.buildPostRequest(httpServletRequest, httpServletResponse, true);
                    sSOAgentConfig.getSAML2().setPassiveAuthn(Boolean.valueOf(booleanValue));
                    SSOAgentUtils.sendPostResponse(httpServletRequest, httpServletResponse, buildPostRequest);
                    return;
                }
                boolean booleanValue2 = sSOAgentConfig.getSAML2().isPassiveAuthn().booleanValue();
                sSOAgentConfig.getSAML2().setPassiveAuthn(false);
                String buildRedirectRequest = sAML2SSOManager2.buildRedirectRequest(httpServletRequest, true);
                sSOAgentConfig.getSAML2().setPassiveAuthn(Boolean.valueOf(booleanValue2));
                httpServletResponse.sendRedirect(buildRedirectRequest);
                return;
            }
            if (sSOAgentRequestResolver.isSAML2SSOURL()) {
                SAML2SSOManager sAML2SSOManager3 = new SAML2SSOManager(sSOAgentConfig);
                if (sSOAgentRequestResolver.isHttpPostBinding()) {
                    SSOAgentUtils.sendPostResponse(httpServletRequest, httpServletResponse, sAML2SSOManager3.buildPostRequest(httpServletRequest, httpServletResponse, false));
                    return;
                } else {
                    httpServletResponse.sendRedirect(sAML2SSOManager3.buildRedirectRequest(httpServletRequest, false));
                    return;
                }
            }
            if (sSOAgentRequestResolver.isPassiveAuthnRequest()) {
                SAML2SSOManager sAML2SSOManager4 = new SAML2SSOManager(sSOAgentConfig);
                boolean booleanValue3 = sSOAgentConfig.getSAML2().isPassiveAuthn().booleanValue();
                sSOAgentConfig.getSAML2().setPassiveAuthn(true);
                String buildRedirectRequest2 = sAML2SSOManager4.buildRedirectRequest(httpServletRequest, false);
                sSOAgentConfig.getSAML2().setPassiveAuthn(Boolean.valueOf(booleanValue3));
                httpServletResponse.sendRedirect(buildRedirectRequest2);
                return;
            }
            if (sSOAgentRequestResolver.isSAML2OAuth2GrantRequest()) {
                new SAML2GrantManager(sSOAgentConfig).getAccessToken(httpServletRequest, httpServletResponse);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        return;
        LOGGER.log(Level.FINE, "Invalid Session!", (Throwable) e);
        httpServletResponse.sendRedirect(this.filterConfig.getServletContext().getContextPath());
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    protected void handleException(HttpServletRequest httpServletRequest, SSOAgentException sSOAgentException) throws SSOAgentException {
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.getSession(false).removeAttribute("org.wso2.carbon.identity.sso.agent.LoggedInSessionBean");
        }
        throw sSOAgentException;
    }
}
