package org.wso2.carbon.identity.application.authentication.framework;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthenticationGraph;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/AbstractApplicationAuthenticator.class */
public abstract class AbstractApplicationAuthenticator implements ApplicationAuthenticator {
    private static final long serialVersionUID = -4406878411547612129L;
    private static final Log log = LogFactory.getLog(AbstractApplicationAuthenticator.class);

    /* JADX WARN: Type inference failed for: r10v1, types: [java.lang.Throwable, org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException] */
    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public AuthenticatorFlowStatus process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException, LogoutFailedException {
        if (authenticationContext.isLogoutRequest()) {
            try {
                if (canHandle(httpServletRequest)) {
                    processLogoutResponse(httpServletRequest, httpServletResponse, authenticationContext);
                    return AuthenticatorFlowStatus.SUCCESS_COMPLETED;
                }
                authenticationContext.setCurrentAuthenticator(getName());
                initiateLogoutRequest(httpServletRequest, httpServletResponse, authenticationContext);
                return AuthenticatorFlowStatus.INCOMPLETE;
            } catch (UnsupportedOperationException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Ignoring UnsupportedOperationException.", e);
                }
                return AuthenticatorFlowStatus.SUCCESS_COMPLETED;
            }
        }
        if (!authenticationContext.isReturning() || !canHandle(httpServletRequest) || Boolean.TRUE.equals(httpServletRequest.getAttribute(FrameworkConstants.REQ_ATTR_HANDLED))) {
            if (getName().equals(authenticationContext.getProperty(FrameworkConstants.LAST_FAILED_AUTHENTICATOR))) {
                authenticationContext.setRetrying(true);
            }
            initiateAuthenticationRequest(httpServletRequest, httpServletResponse, authenticationContext);
            authenticationContext.setCurrentAuthenticator(getName());
            authenticationContext.setRetrying(false);
            return AuthenticatorFlowStatus.INCOMPLETE;
        }
        try {
            processAuthenticationResponse(httpServletRequest, httpServletResponse, authenticationContext);
            if ((this instanceof LocalApplicationAuthenticator) && !authenticationContext.getSequenceConfig().getApplicationConfig().isSaaSApp() && !StringUtils.equals(authenticationContext.getSubject().getTenantDomain(), authenticationContext.getTenantDomain())) {
                authenticationContext.setProperty(FrameworkConstants.USER_TENANT_DOMAIN_MISMATCH, true);
                throw new AuthenticationFailedException("Service Provider tenant domain must be equal to user tenant domain for non-SaaS applications", authenticationContext.getSubject());
            }
            httpServletRequest.setAttribute(FrameworkConstants.REQ_ATTR_HANDLED, true);
            authenticationContext.setProperty(FrameworkConstants.LAST_FAILED_AUTHENTICATOR, null);
            publishAuthenticationStepAttempt(httpServletRequest, authenticationContext, authenticationContext.getSubject(), true);
            return AuthenticatorFlowStatus.SUCCESS_COMPLETED;
        } catch (AuthenticationFailedException e2) {
            publishAuthenticationStepAttempt(httpServletRequest, authenticationContext, e2.getUser(), false);
            httpServletRequest.setAttribute(FrameworkConstants.REQ_ATTR_HANDLED, true);
            boolean z = isStepHasMultiOption(authenticationContext) && isRedirectToMultiOptionPageOnFailure();
            authenticationContext.setRetrying(retryAuthenticationEnabled());
            if (!retryAuthenticationEnabled(authenticationContext) || z) {
                authenticationContext.setProperty(FrameworkConstants.LAST_FAILED_AUTHENTICATOR, getName());
                throw e2;
            }
            authenticationContext.setCurrentAuthenticator(getName());
            initiateAuthenticationRequest(httpServletRequest, httpServletResponse, authenticationContext);
            return AuthenticatorFlowStatus.INCOMPLETE;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean retryAuthenticationEnabled(AuthenticationContext authenticationContext) {
        AuthenticationGraph authenticationGraph = authenticationContext.getSequenceConfig().getAuthenticationGraph();
        if (authenticationGraph == null || !authenticationGraph.isEnabled()) {
            return retryAuthenticationEnabled();
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isStepHasMultiOption(AuthenticationContext authenticationContext) {
        StepConfig stepConfig;
        Map<Integer, StepConfig> stepMap = authenticationContext.getSequenceConfig().getStepMap();
        boolean z = false;
        if (stepMap != null && !stepMap.isEmpty() && (stepConfig = stepMap.get(Integer.valueOf(authenticationContext.getCurrentStep()))) != null) {
            z = stepConfig.isMultiOption();
        }
        return z;
    }

    protected void publishAuthenticationStepAttempt(HttpServletRequest httpServletRequest, AuthenticationContext authenticationContext, User user, boolean z) {
        AuthenticationDataPublisher authnDataPublisherProxy = FrameworkServiceDataHolder.getInstance().getAuthnDataPublisherProxy();
        if (authnDataPublisherProxy == null || !authnDataPublisherProxy.isEnabled(authenticationContext)) {
            return;
        }
        boolean z2 = this instanceof FederatedApplicationAuthenticator;
        HashMap hashMap = new HashMap();
        hashMap.put(FrameworkConstants.AnalyticsAttributes.USER, user);
        if (z2) {
            authenticationContext.setProperty(FrameworkConstants.AnalyticsAttributes.HAS_FEDERATED_STEP, true);
            hashMap.put(FrameworkConstants.AnalyticsAttributes.IS_FEDERATED, true);
            hashMap.put("authenticator", getName());
            if (user != null) {
                user.setTenantDomain(authenticationContext.getTenantDomain());
            }
        } else {
            authenticationContext.setProperty(FrameworkConstants.AnalyticsAttributes.HAS_LOCAL_STEP, true);
            hashMap.put(FrameworkConstants.AnalyticsAttributes.IS_FEDERATED, false);
        }
        Map<String, Object> unmodifiableMap = Collections.unmodifiableMap(hashMap);
        if (z) {
            authnDataPublisherProxy.publishAuthenticationStepSuccess(httpServletRequest, authenticationContext, unmodifiableMap);
        } else {
            authnDataPublisherProxy.publishAuthenticationStepFailure(httpServletRequest, authenticationContext, unmodifiableMap);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initiateAuthenticationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public abstract void processAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException;

    /* JADX INFO: Access modifiers changed from: protected */
    public void initiateLogoutRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws LogoutFailedException {
        throw new UnsupportedOperationException();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processLogoutResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws LogoutFailedException {
        throw new UnsupportedOperationException();
    }

    protected AuthenticatorConfig getAuthenticatorConfig() {
        AuthenticatorConfig authenticatorBean = FileBasedConfigurationBuilder.getInstance().getAuthenticatorBean(getName());
        if (authenticatorBean == null) {
            authenticatorBean = new AuthenticatorConfig();
            authenticatorBean.setParameterMap(new HashMap());
        }
        return authenticatorBean;
    }

    protected boolean retryAuthenticationEnabled() {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isRedirectToMultiOptionPageOnFailure() {
        Map<String, String> parameterMap = getAuthenticatorConfig().getParameterMap();
        boolean z = true;
        if (MapUtils.isNotEmpty(parameterMap)) {
            String str = parameterMap.get("redirectToMultiOptionPageOnFailure");
            z = str == null || Boolean.parseBoolean(str);
            if (log.isDebugEnabled()) {
                log.debug("redirectToMultiOptionOnFailure has been set as : " + z);
            }
        }
        return z;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public String getClaimDialectURI() {
        return null;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public List<Property> getConfigurationProperties() {
        return new ArrayList();
    }

    protected String getUserStoreAppendedName(String str) {
        if (!str.contains(CarbonConstants.DOMAIN_SEPARATOR) && UserCoreUtil.getDomainFromThreadLocal() != null && !"".equals(UserCoreUtil.getDomainFromThreadLocal())) {
            str = UserCoreUtil.getDomainFromThreadLocal() + CarbonConstants.DOMAIN_SEPARATOR + str;
        }
        return str;
    }

    public Map<String, String> getRuntimeParams(AuthenticationContext authenticationContext) {
        Map<String, String> authenticatorParams = authenticationContext.getAuthenticatorParams(getName());
        Map<String, String> authenticatorParams2 = authenticationContext.getAuthenticatorParams(FrameworkConstants.JSAttributes.JS_COMMON_OPTIONS);
        if (!MapUtils.isNotEmpty(authenticatorParams2)) {
            return authenticatorParams != null ? authenticatorParams : Collections.emptyMap();
        }
        if (authenticatorParams != null) {
            authenticatorParams2.putAll(authenticatorParams);
        }
        return authenticatorParams2;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public String getAuthMechanism() {
        String str = getAuthenticatorConfig().getParameterMap().get(FrameworkConstants.AUTH_MECHANISM);
        if (StringUtils.isEmpty(str)) {
            str = getName();
        }
        return str;
    }
}
