package io.asgardio.tomcat.saml.agent;

import io.asgardio.java.saml.sdk.SAML2SSOManager;
import io.asgardio.java.saml.sdk.bean.LoggedInSessionBean;
import io.asgardio.java.saml.sdk.bean.SSOAgentConfig;
import io.asgardio.java.saml.sdk.exception.InvalidSessionException;
import io.asgardio.java.saml.sdk.exception.SSOAgentException;
import io.asgardio.java.saml.sdk.util.SSOAgentFilterUtils;
import io.asgardio.java.saml.sdk.util.SSOAgentRequestResolver;
import io.asgardio.java.saml.sdk.util.SSOAgentUtils;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:io/asgardio/tomcat/saml/agent/SAML2SSOAgentFilter.class */
public class SAML2SSOAgentFilter implements Filter {
    private static final Logger LOGGER = Logger.getLogger("org.wso2.carbon.identity.sso.agent");
    protected FilterConfig filterConfig = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String indexPage;
        LoggedInSessionBean loggedInSessionBean;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            SSOAgentConfig sSOAgentConfig = SSOAgentFilterUtils.getSSOAgentConfig(this.filterConfig);
            SSOAgentRequestResolver sSOAgentRequestResolver = new SSOAgentRequestResolver(httpServletRequest, httpServletResponse, sSOAgentConfig);
            if (sSOAgentRequestResolver.isURLToSkip()) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            if (sSOAgentRequestResolver.isSLORequest()) {
                SAML2SSOManager sAML2SSOManager = new SAML2SSOManager(sSOAgentConfig);
                SSOAgentUtils.sendPostResponse(httpServletRequest, httpServletResponse, sAML2SSOManager.buildPostResponse(sAML2SSOManager.doSLO(httpServletRequest)));
                return;
            }
            if (sSOAgentRequestResolver.isSAML2SSOResponse()) {
                try {
                    new SAML2SSOManager(sSOAgentConfig).processResponse(httpServletRequest, httpServletResponse);
                    indexPage = sSOAgentConfig.getIndexPage();
                    if (httpServletRequest.getSession(false) == null && httpServletRequest.getSession(false).getAttribute("org.wso2.carbon.identity.sso.agent.LoggedInSessionBean") == null) {
                        httpServletRequest.getSession().invalidate();
                        httpServletResponse.sendRedirect(indexPage);
                        return;
                    }
                    loggedInSessionBean = (LoggedInSessionBean) httpServletRequest.getSession().getAttribute("org.wso2.carbon.identity.sso.agent.LoggedInSessionBean");
                    if (loggedInSessionBean != null || loggedInSessionBean.getSAML2SSO() == null) {
                        httpServletResponse.sendRedirect(indexPage);
                    } else {
                        filterChain.doFilter(httpServletRequest, httpServletResponse);
                        return;
                    }
                } catch (SSOAgentException e) {
                    handleException(httpServletRequest, httpServletResponse, sSOAgentConfig, e);
                    return;
                }
            }
            if (sSOAgentRequestResolver.isSAML2ArtifactResponse()) {
                try {
                    new SAML2SSOManager(sSOAgentConfig).processArtifactResponse(httpServletRequest);
                } catch (SSOAgentException e2) {
                    handleException(httpServletRequest, httpServletResponse, sSOAgentConfig, e2);
                    return;
                }
            } else {
                if (sSOAgentRequestResolver.isSLOURL()) {
                    SAML2SSOManager sAML2SSOManager2 = new SAML2SSOManager(sSOAgentConfig);
                    if (sSOAgentRequestResolver.isHttpPostBinding()) {
                        boolean booleanValue = sSOAgentConfig.getSAML2().isPassiveAuthn().booleanValue();
                        sSOAgentConfig.getSAML2().setPassiveAuthn(false);
                        String buildPostRequest = sAML2SSOManager2.buildPostRequest(httpServletRequest, httpServletResponse, true);
                        sSOAgentConfig.getSAML2().setPassiveAuthn(Boolean.valueOf(booleanValue));
                        SSOAgentUtils.sendPostResponse(httpServletRequest, httpServletResponse, buildPostRequest);
                        return;
                    }
                    boolean booleanValue2 = sSOAgentConfig.getSAML2().isPassiveAuthn().booleanValue();
                    sSOAgentConfig.getSAML2().setPassiveAuthn(false);
                    String buildRedirectRequest = sAML2SSOManager2.buildRedirectRequest(httpServletRequest, true);
                    sSOAgentConfig.getSAML2().setPassiveAuthn(Boolean.valueOf(booleanValue2));
                    httpServletResponse.sendRedirect(buildRedirectRequest);
                    return;
                }
                if (sSOAgentRequestResolver.isSAML2SSOURL()) {
                    SAML2SSOManager sAML2SSOManager3 = new SAML2SSOManager(sSOAgentConfig);
                    if (sSOAgentRequestResolver.isHttpPostBinding()) {
                        SSOAgentUtils.sendPostResponse(httpServletRequest, httpServletResponse, sAML2SSOManager3.buildPostRequest(httpServletRequest, httpServletResponse, false));
                        return;
                    } else {
                        httpServletResponse.sendRedirect(sAML2SSOManager3.buildRedirectRequest(httpServletRequest, false));
                        return;
                    }
                }
                if (sSOAgentRequestResolver.isPassiveAuthnRequest()) {
                    SAML2SSOManager sAML2SSOManager4 = new SAML2SSOManager(sSOAgentConfig);
                    boolean booleanValue3 = sSOAgentConfig.getSAML2().isPassiveAuthn().booleanValue();
                    sSOAgentConfig.getSAML2().setPassiveAuthn(true);
                    String buildRedirectRequest2 = sAML2SSOManager4.buildRedirectRequest(httpServletRequest, false);
                    sSOAgentConfig.getSAML2().setPassiveAuthn(Boolean.valueOf(booleanValue3));
                    httpServletResponse.sendRedirect(buildRedirectRequest2);
                    return;
                }
            }
            indexPage = sSOAgentConfig.getIndexPage();
            if (httpServletRequest.getSession(false) == null) {
            }
            loggedInSessionBean = (LoggedInSessionBean) httpServletRequest.getSession().getAttribute("org.wso2.carbon.identity.sso.agent.LoggedInSessionBean");
            if (loggedInSessionBean != null) {
            }
            httpServletResponse.sendRedirect(indexPage);
        } catch (InvalidSessionException e3) {
            LOGGER.log(Level.FINE, "Invalid Session!", e3);
            httpServletResponse.sendRedirect(this.filterConfig.getServletContext().getContextPath());
        }
    }

    public void destroy() {
    }

    protected void handleException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SSOAgentConfig sSOAgentConfig, SSOAgentException sSOAgentException) throws IOException, ServletException {
        String errorPage = sSOAgentConfig.getErrorPage();
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.getSession(false).removeAttribute("org.wso2.carbon.identity.sso.agent.LoggedInSessionBean");
        }
        LOGGER.log(Level.SEVERE, sSOAgentException.getMessage());
        httpServletRequest.setAttribute("SSOAgentException", sSOAgentException);
        httpServletRequest.getServletContext().getRequestDispatcher(errorPage).forward(httpServletRequest, httpServletResponse);
    }
}
