package org.wso2.carbon.apimgt.authenticator.oidc.ui.authenticator;

import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.authenticator.oidc.ui.common.OIDCAuthenticationClient;
import org.wso2.carbon.apimgt.authenticator.oidc.ui.common.OIDCConstants;
import org.wso2.carbon.apimgt.authenticator.oidc.ui.common.Util;
import org.wso2.carbon.apimgt.authenticator.oidc.ui.internal.OIDCAuthFEDataHolder;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.ui.AbstractCarbonUIAuthenticator;
import org.wso2.carbon.ui.CarbonSSOSessionManager;
import org.wso2.carbon.ui.CarbonUIUtil;

/* loaded from: input_file:org/wso2/carbon/apimgt/authenticator/oidc/ui/authenticator/OIDCUIAuthenticator.class */
public class OIDCUIAuthenticator extends AbstractCarbonUIAuthenticator {
    private static final int DEFAULT_PRIORITY_LEVEL = 50;
    public static final Log log = LogFactory.getLog(OIDCUIAuthenticator.class);

    public boolean canHandle(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().contains("/carbon/admin/logout_action.jsp");
    }

    public void authenticate(HttpServletRequest httpServletRequest) throws AuthenticationException {
        HttpSession session = httpServletRequest.getSession();
        String parameter = httpServletRequest.getParameter(OIDCConstants.PARAM_CODE);
        String str = (String) httpServletRequest.getSession().getAttribute(OIDCConstants.PARAM_NONCE);
        ServletContext servletContext = httpServletRequest.getSession().getServletContext();
        ConfigurationContext configurationContext = (ConfigurationContext) servletContext.getAttribute("ConfigurationContext");
        String parameter2 = httpServletRequest.getParameter("backendURL");
        if (parameter2 == null) {
            parameter2 = CarbonUIUtil.getServerURL(servletContext, session);
        }
        session.setAttribute("ServerURL", parameter2);
        String str2 = (String) session.getAttribute("wso2carbon.admin.service.cookie");
        try {
            if (log.isDebugEnabled()) {
                log.debug("Invoking the OIDC Authenticator BE for the Response Code : " + parameter);
            }
            String login = new OIDCAuthenticationClient(configurationContext, parameter2, str2, session).login(parameter, str);
            if (login == null || login.equals("")) {
                log.error("Authentication failed due to empty user name");
                throw new AuthenticationException("Authentication failed due to empty user name");
            }
            CarbonSSOSessionManager carbonSSOSessionManager = OIDCAuthFEDataHolder.getInstance().getCarbonSSOSessionManager();
            if (parameter != null) {
                carbonSSOSessionManager.addSessionMapping(parameter, session.getId());
                httpServletRequest.getSession().setAttribute(OIDCConstants.IDP_SESSION_INDEX, parameter);
            }
            onSuccessAdminLogin(httpServletRequest, login);
            if (login == null || login.equals("")) {
                throw new AuthenticationException("Authentication failure " + login);
            }
        } catch (Exception e) {
            log.error("Error when login to OIDC server", e);
            throw new AuthenticationException("Error when login to OIDC server.", e);
        }
    }

    public void unauthenticate(Object obj) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) obj;
        HttpSession session = httpServletRequest.getSession();
        String str = (String) session.getAttribute("logged-user");
        ServletContext servletContext = session.getServletContext();
        try {
            new OIDCAuthenticationClient((ConfigurationContext) servletContext.getAttribute("ConfigurationContext"), CarbonUIUtil.getServerURL(servletContext, session), (String) session.getAttribute("wso2carbon.admin.service.cookie"), session).logout(session);
            log.info(str + "@" + PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain() + " successfully logged out");
            String str2 = Util.getIdentityProviderURI() + OIDCConstants.LOG_OUT_REQ;
            httpServletRequest.setAttribute(OIDCConstants.HTTP_ATTR_IS_LOGOUT_REQ, true);
            httpServletRequest.setAttribute(OIDCConstants.EXTERNAL_LOGOUT_PAGE, str2);
        } catch (Exception e) {
            log.error("OIDC logout failed", e);
            throw new Exception("OIDC logout failed", e);
        }
    }

    public int getPriority() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(OIDCConstants.AUTHENTICATOR_NAME);
        return (authenticatorConfig == null || authenticatorConfig.getPriority() <= 0) ? DEFAULT_PRIORITY_LEVEL : authenticatorConfig.getPriority();
    }

    public String getAuthenticatorName() {
        return OIDCConstants.AUTHENTICATOR_NAME;
    }

    public boolean isDisabled() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(OIDCConstants.AUTHENTICATOR_NAME);
        return authenticatorConfig != null && authenticatorConfig.isDisabled();
    }

    public void authenticateWithCookie(HttpServletRequest httpServletRequest) throws AuthenticationException {
    }

    public String doAuthentication(Object obj, boolean z, ServiceClient serviceClient, HttpServletRequest httpServletRequest) throws AuthenticationException {
        return null;
    }

    public void handleRememberMe(Map map, HttpServletRequest httpServletRequest) throws AuthenticationException {
    }
}
