package org.apache.hadoop.gateway.service.knoxsso;

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;
import org.apache.hadoop.gateway.services.GatewayServices;
import org.apache.hadoop.gateway.services.security.token.JWTokenAuthority;
import org.apache.hadoop.gateway.services.security.token.impl.JWT;

@Path(WebSSOResource.RESOURCE_PATH)
/* loaded from: input_file:org/apache/hadoop/gateway/service/knoxsso/WebSSOResource.class */
public class WebSSOResource {
    private static final String ORIGINAL_URL_REQUEST_PARAM = "originalUrl";
    private static final String ORIGINAL_URL_COOKIE_NAME = "original-url";
    private static final String JWT_COOKIE_NAME = "hadoop-jwt";
    static final String RESOURCE_PATH = "/knoxsso/api/v1/websso";
    private static KnoxSSOMessages log = (KnoxSSOMessages) MessagesFactory.get(KnoxSSOMessages.class);

    @Context
    private HttpServletRequest request;

    @Context
    private HttpServletResponse response;

    @GET
    @Produces({"application/json", "application/xml"})
    public Response doGet() {
        return getAuthenticationToken(307);
    }

    @POST
    @Produces({"application/json", "application/xml"})
    public Response doPost() {
        return getAuthenticationToken(303);
    }

    private Response getAuthenticationToken(int i) {
        GatewayServices gatewayServices = (GatewayServices) this.request.getServletContext().getAttribute("org.apache.hadoop.gateway.gateway.services");
        boolean z = true;
        String cookieValue = getCookieValue(this.request, ORIGINAL_URL_COOKIE_NAME);
        if (cookieValue == null) {
            z = false;
            cookieValue = this.request.getParameter(ORIGINAL_URL_REQUEST_PARAM);
            if (cookieValue == null) {
                log.originalURLNotFound();
                throw new WebApplicationException("Original URL not found in the request.", Response.Status.BAD_REQUEST);
            }
        }
        addJWTHadoopCookie(cookieValue, ((JWTokenAuthority) gatewayServices.getService("TokenService")).issueToken(this.request.getUserPrincipal(), "RS256"));
        if (z) {
            removeOriginalUrlCookie(this.response);
        }
        log.aboutToRedirectToOriginal(cookieValue);
        this.response.setStatus(i);
        this.response.setHeader("Location", cookieValue);
        try {
            this.response.getOutputStream().close();
            return null;
        } catch (IOException e) {
            log.unableToCloseOutputStream(e.getMessage(), e.getStackTrace().toString());
            return null;
        }
    }

    public void addJWTHadoopCookie(String str, JWT jwt) {
        log.addingJWTCookie(jwt.toString());
        Cookie cookie = new Cookie(JWT_COOKIE_NAME, jwt.toString());
        cookie.setPath("/");
        try {
            cookie.setDomain(getDomainName(str));
            cookie.setHttpOnly(true);
            cookie.setSecure(true);
            cookie.setMaxAge(120);
            this.response.addCookie(cookie);
            log.addedJWTCookie();
        } catch (Exception e) {
            log.unableAddCookieToResponse(e.getMessage(), e.getStackTrace().toString());
            throw new WebApplicationException("Unable to add JWT cookie to response.");
        }
    }

    private void removeOriginalUrlCookie(HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(ORIGINAL_URL_COOKIE_NAME, (String) null);
        cookie.setMaxAge(0);
        cookie.setPath(RESOURCE_PATH);
        httpServletResponse.addCookie(cookie);
    }

    public String getDomainName(String str) throws URISyntaxException {
        String host = new URI(str).getHost();
        int indexOf = host.indexOf(46);
        if (indexOf == -1) {
            indexOf = 0;
        }
        return host.startsWith("www.") ? host.substring(4) : host.substring(indexOf);
    }

    private String getCookieValue(HttpServletRequest httpServletRequest, String str) {
        String str2 = null;
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (str.equals(cookie.getName())) {
                str2 = cookie.getValue();
            }
        }
        if (str2 == null) {
            log.cookieNotFound(str);
        }
        return str2;
    }
}
