package org.wso2.carbon.identity.application.authentication.framework.util;

import com.google.gson.JsonObject;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Map;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/util/LoginContextManagementUtil.class */
public class LoginContextManagementUtil {
    private static final Log log = LogFactory.getLog(LoginContextManagementUtil.class);

    public static void handleLoginContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("sessionDataKey");
        String parameter2 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.ISSUER);
        String parameter3 = httpServletRequest.getParameter(FrameworkUtils.REQUEST_PARAM_APPLICATION);
        String tenantDomain = getTenantDomain(httpServletRequest);
        JsonObject jsonObject = new JsonObject();
        httpServletResponse.setContentType("application/json");
        if (StringUtils.isBlank(parameter) || (StringUtils.isBlank(parameter3) && StringUtils.isBlank(parameter2))) {
            if (log.isDebugEnabled()) {
                log.debug("Required data to proceed is not available in the request.");
            }
            jsonObject.addProperty("status", "success");
            httpServletResponse.getWriter().write(jsonObject.toString());
            return;
        }
        AuthenticationContext authenticationContextFromCache = FrameworkUtils.getAuthenticationContextFromCache(parameter);
        if (authenticationContextFromCache != null) {
            if (isStepHasMultiOption(authenticationContextFromCache)) {
                authenticationContextFromCache.setCurrentAuthenticator(null);
            }
            jsonObject.addProperty("status", "success");
            httpServletResponse.getWriter().write(jsonObject.toString());
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Retrieving redirect url for the requested application:" + parameter3 + " relying party: " + parameter2 + " for sessionDataKey: " + parameter);
        }
        String redirectURL = getRedirectURL(parameter3, parameter2, tenantDomain, httpServletRequest);
        if (!StringUtils.isBlank(redirectURL)) {
            jsonObject.addProperty("status", "redirect");
            jsonObject.addProperty("redirectUrl", redirectURL);
            httpServletResponse.getWriter().write(jsonObject.toString());
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Unable to obtain a redirect URL for the application: " + parameter3 + "or relyingParty: " + parameter2 + " for sessionDataKey: " + parameter);
            }
            jsonObject.addProperty("status", "success");
            httpServletResponse.getWriter().write(jsonObject.toString());
        }
    }

    private static String getTenantDomain(HttpServletRequest httpServletRequest) {
        String parameter;
        if (IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
            if (log.isDebugEnabled()) {
                log.debug("Tenant Qualified URL mode enabled. Retrieving tenantDomain from thread local context.");
            }
            parameter = IdentityTenantUtil.getTenantDomainFromContext();
        } else {
            parameter = httpServletRequest.getParameter("tenantDomain");
        }
        if (StringUtils.isEmpty(parameter)) {
            parameter = "carbon.super";
        }
        if (log.isDebugEnabled()) {
            log.debug("Service Provider tenant domain: " + parameter);
        }
        return parameter;
    }

    private static String getRedirectURL(String str, String str2, String str3, HttpServletRequest httpServletRequest) {
        String str4 = null;
        if (StringUtils.isNotEmpty(str)) {
            return replaceURLPlaceholders(getAccessURLFromApplication(str, str3), httpServletRequest);
        }
        if (StringUtils.isNotEmpty(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("Trying to retrieve the access url using relyingParty: " + str2 + " as the application name is not sent in the request.");
            }
            str4 = getRelyingPartyRedirectUrl(str2, str3);
        }
        return str4;
    }

    public static String getAccessURLFromApplication(String str, String str2) {
        String str3 = null;
        try {
            str = URLDecoder.decode(str, FrameworkUtils.UTF_8);
            ServiceProvider serviceProvider = (FrameworkConstants.Application.MY_ACCOUNT_APP.equals(str) || FrameworkConstants.Application.CONSOLE_APP.equals(str)) ? ApplicationManagementService.getInstance().getServiceProvider(str, "carbon.super") : ApplicationManagementService.getInstance().getServiceProvider(str, str2);
            if (serviceProvider != null) {
                str3 = serviceProvider.getAccessUrl();
            }
        } catch (IdentityApplicationManagementException e) {
            log.error("Unable to retrieve an application with name: " + str, e);
        } catch (UnsupportedEncodingException e2) {
            log.error("Error while decoding application name: " + str, e2);
        }
        if (FrameworkConstants.Application.MY_ACCOUNT_APP.equals(str)) {
            str3 = FrameworkUtils.getMyAccountURL(str3);
        } else if (FrameworkConstants.Application.CONSOLE_APP.equals(str)) {
            str3 = FrameworkUtils.getConsoleURL(str3);
        }
        if (log.isDebugEnabled() && StringUtils.isNotEmpty(str3)) {
            log.debug("Access URL is: " + str3 + " for the the application: " + str + " in tenant: " + str2);
        }
        return str3;
    }

    private static String replaceURLPlaceholders(String str, HttpServletRequest httpServletRequest) {
        if (!StringUtils.isBlank(str) && str.contains("${UserTenantHint}")) {
            String parameter = httpServletRequest.getParameter(FrameworkConstants.RequestParams.USER_TENANT_DOMAIN_HINT);
            if (StringUtils.isBlank(parameter)) {
                parameter = httpServletRequest.getParameter(FrameworkConstants.RequestParams.LOGIN_TENANT_DOMAIN);
            }
            if (StringUtils.isBlank(parameter)) {
                parameter = "carbon.super";
            }
            return str.replaceAll(Pattern.quote("${UserTenantHint}"), parameter).replaceAll(Pattern.quote("/t/carbon.super/"), FrameworkUtils.ROOT_DOMAIN);
        }
        return str;
    }

    @Deprecated
    public static String getRelyingPartyRedirectUrl(String str, String str2) {
        if (log.isDebugEnabled()) {
            log.debug("Retrieving configured url against relying party : " + str + "for tenant domain : " + str2);
        }
        String str3 = null;
        ServiceProvider serviceProviderByRelyingParty = getServiceProviderByRelyingParty(str, str2, "oauth2");
        if (serviceProviderByRelyingParty == null) {
            serviceProviderByRelyingParty = getServiceProviderByRelyingParty(str, str2, "samlsso");
        }
        if (serviceProviderByRelyingParty != null) {
            str3 = serviceProviderByRelyingParty.getAccessUrl();
        }
        if (log.isDebugEnabled() && StringUtils.isNotEmpty(str3)) {
            log.debug("Redirect URL is: " + str3 + " for the the relyingParty: " + str + " in tenant: " + str2);
        }
        return str3;
    }

    private static ServiceProvider getServiceProviderByRelyingParty(String str, String str2, String str3) {
        ServiceProvider serviceProvider = null;
        try {
            serviceProvider = ApplicationManagementService.getInstance().getServiceProviderByClientId(str, str3, str2);
            if (serviceProvider != null) {
                if (FrameworkConstants.DEFAULT_SEQUENCE.equals(serviceProvider.getApplicationName())) {
                    return null;
                }
            }
        } catch (IdentityApplicationManagementException e) {
            log.warn("Unable to retrieve an application for the relying party: " + str + " of type: " + str3 + " in the tenant: " + str2);
        }
        return serviceProvider;
    }

    public static boolean isPostAuthenticationExtensionCompleted(AuthenticationContext authenticationContext) {
        Object property = authenticationContext.getProperty(FrameworkConstants.POST_AUTHENTICATION_EXTENSION_COMPLETED);
        if (property == null || !(property instanceof Boolean)) {
            return false;
        }
        return ((Boolean) property).booleanValue();
    }

    public static void markPostAuthenticationCompleted(AuthenticationContext authenticationContext) {
        authenticationContext.setProperty(FrameworkConstants.POST_AUTHENTICATION_EXTENSION_COMPLETED, true);
    }

    private static boolean isStepHasMultiOption(AuthenticationContext authenticationContext) {
        StepConfig stepConfig;
        Map<Integer, StepConfig> stepMap = authenticationContext.getSequenceConfig().getStepMap();
        boolean z = false;
        if (stepMap != null && !stepMap.isEmpty() && (stepConfig = stepMap.get(Integer.valueOf(authenticationContext.getCurrentStep()))) != null) {
            z = stepConfig.isMultiOption();
        }
        return z;
    }
}
