package org.wso2.carbon.identity.application.authentication.framework.handler.step.impl;

import java.io.IOException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.ExternalIdPConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException;
import org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException;
import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
import org.wso2.carbon.identity.application.authentication.framework.handler.step.StepHandler;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedIdPData;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.core.model.IdentityErrorMsgContext;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.idp.mgt.IdentityProviderManagementException;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.class */
public class DefaultStepHandler implements StepHandler {
    private static final Log log = LogFactory.getLog(DefaultStepHandler.class);
    private static volatile DefaultStepHandler instance;

    public static DefaultStepHandler getInstance() {
        if (instance == null) {
            synchronized (DefaultStepHandler.class) {
                if (instance == null) {
                    instance = new DefaultStepHandler();
                }
            }
        }
        return instance;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.handler.step.StepHandler
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws FrameworkException {
        StepConfig stepConfig = authenticationContext.getSequenceConfig().getStepMap().get(Integer.valueOf(authenticationContext.getCurrentStep()));
        List<AuthenticatorConfig> authenticatorList = stepConfig.getAuthenticatorList();
        String authenticatorIdPMappingString = FrameworkUtils.getAuthenticatorIdPMappingString(authenticatorList);
        String authenticationEndpointURL = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
        String parameter = httpServletRequest.getParameter(FrameworkConstants.RequestParams.FEDERATED_IDP);
        Map<String, AuthenticatedIdPData> previousAuthenticatedIdPs = authenticationContext.getPreviousAuthenticatedIdPs();
        Map<String, AuthenticatorConfig> authenticatedStepIdPs = FrameworkUtils.getAuthenticatedStepIdPs(stepConfig, previousAuthenticatedIdPs);
        if (authenticationContext.isPassiveAuthenticate()) {
            if (authenticatedStepIdPs.isEmpty()) {
                authenticationContext.setRequestAuthenticated(false);
            } else {
                populateStepConfigWithAuthenticationDetails(stepConfig, previousAuthenticatedIdPs.get(authenticatedStepIdPs.entrySet().iterator().next().getKey()));
            }
            stepConfig.setCompleted(true);
            return;
        }
        String parameter2 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.MAX_AGE);
        if (StringUtils.isNotBlank(parameter2) && StringUtils.isNotBlank(authenticationContext.getSessionIdentifier())) {
            if (Long.parseLong(parameter2) < (System.currentTimeMillis() - (FrameworkUtils.getSessionContextFromCache(authenticationContext.getSessionIdentifier()).getProperty(FrameworkConstants.UPDATED_TIMESTAMP) != null ? Long.parseLong(FrameworkUtils.getSessionContextFromCache(authenticationContext.getSessionIdentifier()).getProperty(FrameworkConstants.UPDATED_TIMESTAMP).toString()) : Long.parseLong(FrameworkUtils.getSessionContextFromCache(authenticationContext.getSessionIdentifier()).getProperty(FrameworkConstants.CREATED_TIMESTAMP).toString()))) / 1000) {
                authenticationContext.setForceAuthenticate(true);
            } else {
                authenticationContext.setPreviousAuthTime(true);
            }
        }
        if (parameter != null && stepConfig.getOrder() == 1) {
            handleHomeRealmDiscovery(httpServletRequest, httpServletResponse, authenticationContext);
            return;
        }
        if (authenticationContext.isReturning()) {
            if (httpServletRequest.getParameter("authenticator") == null || httpServletRequest.getParameter("authenticator").isEmpty()) {
                handleResponse(httpServletRequest, httpServletResponse, authenticationContext);
                return;
            } else {
                handleRequestFromLoginPage(httpServletRequest, httpServletResponse, authenticationContext);
                return;
            }
        }
        if (ConfigurationFacade.getInstance().isDumbMode()) {
            if (log.isDebugEnabled()) {
                log.debug("Executing in Dumb mode");
            }
            try {
                httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, AuthenticatorFlowStatus.INCOMPLETE);
                httpServletResponse.sendRedirect(authenticationEndpointURL + "?" + authenticationContext.getContextIdIncludedQueryParams() + "&authenticators=" + URLEncoder.encode(authenticatorIdPMappingString, FrameworkUtils.UTF_8) + "&hrd=true");
                return;
            } catch (IOException e) {
                throw new FrameworkException(e.getMessage(), e);
            }
        }
        if (!authenticationContext.isForceAuthenticate() && !authenticatedStepIdPs.isEmpty()) {
            Map.Entry<String, AuthenticatorConfig> next = authenticatedStepIdPs.entrySet().iterator().next();
            String key = next.getKey();
            AuthenticatorConfig value = next.getValue();
            if (!authenticationContext.isReAuthenticate()) {
                if (log.isDebugEnabled()) {
                    log.debug("Already authenticated. Skipping the step");
                }
                populateStepConfigWithAuthenticationDetails(stepConfig, previousAuthenticatedIdPs.get(key));
                stepConfig.setCompleted(true);
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug("Re-authenticating with " + key + " IdP");
            }
            try {
                authenticationContext.setExternalIdP(ConfigurationFacade.getInstance().getIdPConfigByName(key, authenticationContext.getTenantDomain()));
            } catch (IdentityProviderManagementException e2) {
                log.error("Exception while getting IdP by name", e2);
            }
            doAuthentication(httpServletRequest, httpServletResponse, authenticationContext, value);
            return;
        }
        boolean z = false;
        AuthenticatorConfig authenticatorConfig = null;
        if (authenticatorList.size() > 1) {
            z = true;
        } else {
            authenticatorConfig = authenticatorList.get(0);
            if (authenticatorConfig.getIdpNames().size() > 1) {
                z = true;
            }
        }
        if (!z) {
            if (!authenticatorConfig.getIdpNames().isEmpty()) {
                if (log.isDebugEnabled()) {
                    log.debug("Step contains only a single IdP. Going to call it directly");
                }
                try {
                    authenticationContext.setExternalIdP(ConfigurationFacade.getInstance().getIdPConfigByName(authenticatorConfig.getIdpNames().get(0), authenticationContext.getTenantDomain()));
                } catch (IdentityProviderManagementException e3) {
                    log.error("Exception while getting IdP by name", e3);
                }
            }
            doAuthentication(httpServletRequest, httpServletResponse, authenticationContext, authenticatorConfig);
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug("Sending to the Multi Option page");
        }
        Map<String, String> parameterMap = getAuthenticatorConfig().getParameterMap();
        String str = null;
        if (parameterMap != null) {
            str = parameterMap.get(FrameworkConstants.SHOW_AUTHFAILURE_RESON_CONFIG);
            if (log.isDebugEnabled()) {
                log.debug("showAuthFailureReason has been set as : " + str);
            }
        }
        String str2 = "";
        if (stepConfig.isRetrying()) {
            authenticationContext.setCurrentAuthenticator(null);
            str2 = "&authFailure=true&authFailureMsg=login.fail.message";
        }
        try {
            httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, AuthenticatorFlowStatus.INCOMPLETE);
            httpServletResponse.sendRedirect(getRedirectUrl(httpServletRequest, httpServletResponse, authenticationContext, authenticatorIdPMappingString, str, str2, authenticationEndpointURL));
        } catch (IOException e4) {
            throw new FrameworkException(e4.getMessage(), e4);
        }
    }

    protected void handleHomeRealmDiscovery(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws FrameworkException {
        if (log.isDebugEnabled()) {
            log.debug("Request contains fidp parameter. Initiating Home Realm Discovery");
        }
        String parameter = httpServletRequest.getParameter(FrameworkConstants.RequestParams.FEDERATED_IDP);
        if (log.isDebugEnabled()) {
            log.debug("Received domain: " + parameter);
        }
        StepConfig stepConfig = authenticationContext.getSequenceConfig().getStepMap().get(Integer.valueOf(authenticationContext.getCurrentStep()));
        List<AuthenticatorConfig> authenticatorList = stepConfig.getAuthenticatorList();
        String authenticatorIdPMappingString = FrameworkUtils.getAuthenticatorIdPMappingString(authenticatorList);
        String authenticationEndpointURL = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
        if (parameter.trim().length() == 0) {
            try {
                httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, AuthenticatorFlowStatus.INCOMPLETE);
                httpServletResponse.sendRedirect(authenticationEndpointURL + "?" + authenticationContext.getContextIdIncludedQueryParams() + "&authenticators=" + URLEncoder.encode(authenticatorIdPMappingString, FrameworkUtils.UTF_8) + "&hrd=true");
                return;
            } catch (IOException e) {
                throw new FrameworkException(e.getMessage(), e);
            }
        }
        String discover = FrameworkUtils.getHomeRealmDiscoverer().discover(parameter);
        if (log.isDebugEnabled()) {
            log.debug("Home realm discovered: " + discover);
        }
        ExternalIdPConfig externalIdPConfig = null;
        try {
            externalIdPConfig = ConfigurationFacade.getInstance().getIdPConfigByRealm(discover, authenticationContext.getTenantDomain());
        } catch (IdentityProviderManagementException e2) {
            log.error("Exception while getting IdP by realm", e2);
        }
        if (externalIdPConfig != null) {
            String idPName = externalIdPConfig.getIdPName();
            if (log.isDebugEnabled()) {
                log.debug("Found IdP of the realm: " + idPName);
            }
            Map<String, AuthenticatedIdPData> previousAuthenticatedIdPs = authenticationContext.getPreviousAuthenticatedIdPs();
            if (FrameworkUtils.getAuthenticatedStepIdPs(stepConfig, previousAuthenticatedIdPs).containsKey(idPName) && !authenticationContext.isForceAuthenticate() && !authenticationContext.isReAuthenticate()) {
                populateStepConfigWithAuthenticationDetails(stepConfig, previousAuthenticatedIdPs.get(idPName));
                stepConfig.setCompleted(true);
                return;
            }
            for (AuthenticatorConfig authenticatorConfig : authenticatorList) {
                if (authenticatorConfig.getIdpNames().contains(idPName)) {
                    authenticationContext.setExternalIdP(externalIdPConfig);
                    doAuthentication(httpServletRequest, httpServletResponse, authenticationContext, authenticatorConfig);
                    return;
                }
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("An IdP was not found for the sent domain. Sending to the domain page");
        }
        try {
            httpServletResponse.sendRedirect(authenticationEndpointURL + "?" + authenticationContext.getContextIdIncludedQueryParams() + "&authenticators=" + URLEncoder.encode(authenticatorIdPMappingString, FrameworkUtils.UTF_8) + "&authFailure=true&authFailureMsg=domain.unknown&hrd=true");
        } catch (IOException e3) {
            throw new FrameworkException(e3.getMessage(), e3);
        }
    }

    protected void handleRequestFromLoginPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws FrameworkException {
        if (log.isDebugEnabled()) {
            log.debug("Relieved a request from the multi option page");
        }
        StepConfig stepConfig = authenticationContext.getSequenceConfig().getStepMap().get(Integer.valueOf(authenticationContext.getCurrentStep()));
        String parameter = httpServletRequest.getParameter("idp");
        if (parameter != null) {
            if (log.isDebugEnabled()) {
                log.debug("User has selected IdP: " + parameter);
            }
            try {
                authenticationContext.setExternalIdP(ConfigurationFacade.getInstance().getIdPConfigByName(parameter, authenticationContext.getTenantDomain()));
            } catch (IdentityProviderManagementException e) {
                log.error("Exception while getting IdP by name", e);
            }
        }
        for (AuthenticatorConfig authenticatorConfig : stepConfig.getAuthenticatorList()) {
            ApplicationAuthenticator applicationAuthenticator = authenticatorConfig.getApplicationAuthenticator();
            if (applicationAuthenticator != null && applicationAuthenticator.getName().equalsIgnoreCase(httpServletRequest.getParameter("authenticator"))) {
                doAuthentication(httpServletRequest, httpServletResponse, authenticationContext, authenticatorConfig);
                return;
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x00cc  */
    /* JADX WARN: Removed duplicated region for block: B:27:0x00e8 A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void handleResponse(javax.servlet.http.HttpServletRequest r7, javax.servlet.http.HttpServletResponse r8, org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext r9) throws org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException {
        /*
            r6 = this;
            org.apache.commons.logging.Log r0 = org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.log
            boolean r0 = r0.isDebugEnabled()
            if (r0 == 0) goto L15
            org.apache.commons.logging.Log r0 = org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.log
            java.lang.String r1 = "Receive a response from the external party"
            r0.debug(r1)
        L15:
            r0 = r9
            org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig r0 = r0.getSequenceConfig()
            r10 = r0
            r0 = r9
            int r0 = r0.getCurrentStep()
            r11 = r0
            r0 = 1
            r12 = r0
            r0 = r10
            java.util.Map r0 = r0.getStepMap()
            r1 = r11
            java.lang.Integer r1 = java.lang.Integer.valueOf(r1)
            java.lang.Object r0 = r0.get(r1)
            org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig r0 = (org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig) r0
            r13 = r0
            r0 = r13
            java.util.List r0 = r0.getAuthenticatorList()
            java.util.Iterator r0 = r0.iterator()
            r14 = r0
        L44:
            r0 = r14
            boolean r0 = r0.hasNext()
            if (r0 == 0) goto Lc7
            r0 = r14
            java.lang.Object r0 = r0.next()
            org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig r0 = (org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig) r0
            r15 = r0
            r0 = r15
            org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator r0 = r0.getApplicationAuthenticator()
            r16 = r0
            r0 = r16
            if (r0 == 0) goto Lc4
            r0 = r16
            r1 = r7
            boolean r0 = r0.canHandle(r1)
            if (r0 == 0) goto Lc4
            r0 = r9
            java.lang.String r0 = r0.getCurrentAuthenticator()
            if (r0 == 0) goto L89
            r0 = r16
            java.lang.String r0 = r0.getName()
            r1 = r9
            java.lang.String r1 = r1.getCurrentAuthenticator()
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto Lc4
        L89:
            r0 = 0
            r12 = r0
            org.apache.commons.logging.Log r0 = org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.log
            boolean r0 = r0.isDebugEnabled()
            if (r0 == 0) goto Lb8
            org.apache.commons.logging.Log r0 = org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.log
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r2 = r1
            r2.<init>()
            r2 = r16
            java.lang.String r2 = r2.getName()
            java.lang.StringBuilder r1 = r1.append(r2)
            java.lang.String r2 = " can handle the request."
            java.lang.StringBuilder r1 = r1.append(r2)
            java.lang.String r1 = r1.toString()
            r0.debug(r1)
        Lb8:
            r0 = r6
            r1 = r7
            r2 = r8
            r3 = r9
            r4 = r15
            r0.doAuthentication(r1, r2, r3, r4)
            goto Lc7
        Lc4:
            goto L44
        Lc7:
            r0 = r12
            if (r0 == 0) goto Le8
            org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException r0 = new org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "No authenticator can handle the request in step :  "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r11
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r1.<init>(r2)
            throw r0
        Le8:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext):void");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r14v0, types: [java.lang.Throwable, org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException] */
    /* JADX WARN: Type inference failed for: r14v1, types: [java.lang.Throwable, org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException] */
    protected void doAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, AuthenticatorConfig authenticatorConfig) throws FrameworkException {
        AuthenticatorFlowStatus process;
        StepConfig stepConfig = authenticationContext.getSequenceConfig().getStepMap().get(Integer.valueOf(authenticationContext.getCurrentStep()));
        ApplicationAuthenticator applicationAuthenticator = authenticatorConfig.getApplicationAuthenticator();
        if (applicationAuthenticator == null) {
            log.error("Authenticator is null");
            return;
        }
        try {
            authenticationContext.setAuthenticatorProperties(FrameworkUtils.getAuthenticatorPropertyMapFromIdP(authenticationContext.getExternalIdP(), applicationAuthenticator.getName()));
            process = applicationAuthenticator.process(httpServletRequest, httpServletResponse, authenticationContext);
            httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, process);
            if (log.isDebugEnabled()) {
                log.debug(applicationAuthenticator.getName() + " returned: " + process.toString());
            }
        } catch (InvalidCredentialsException e) {
            if (log.isDebugEnabled()) {
                log.debug("A login attempt was failed due to invalid credentials", e);
            }
            authenticationContext.setRequestAuthenticated(false);
        } catch (AuthenticationFailedException e2) {
            log.error(e2.getMessage(), e2);
            authenticationContext.setRequestAuthenticated(false);
        } catch (LogoutFailedException e3) {
            throw new FrameworkException(e3.getMessage(), (Throwable) e3);
        }
        if (process == AuthenticatorFlowStatus.INCOMPLETE) {
            if (log.isDebugEnabled()) {
                log.debug(applicationAuthenticator.getName() + " is redirecting");
                return;
            }
            return;
        }
        if (applicationAuthenticator instanceof FederatedApplicationAuthenticator) {
            if (authenticationContext.getSubject().getUserName() == null) {
                authenticationContext.getSubject().setUserName(authenticationContext.getSubject().getAuthenticatedSubjectIdentifier());
            }
            if (authenticationContext.getSubject().getFederatedIdPName() == null && authenticationContext.getExternalIdP() != null) {
                authenticationContext.getSubject().setFederatedIdPName(authenticationContext.getExternalIdP().getIdPName());
            }
            if (authenticationContext.getSubject().getTenantDomain() == null) {
                authenticationContext.getSubject().setTenantDomain(authenticationContext.getTenantDomain());
            }
        }
        AuthenticatedIdPData authenticatedIdPData = new AuthenticatedIdPData();
        AuthenticatedUser subject = authenticationContext.getSubject();
        stepConfig.setAuthenticatedUser(subject);
        authenticatedIdPData.setUser(subject);
        authenticatorConfig.setAuthenticatorStateInfo(authenticationContext.getStateInfo());
        stepConfig.setAuthenticatedAutenticator(authenticatorConfig);
        String idPName = authenticationContext.getExternalIdP() != null ? authenticationContext.getExternalIdP().getIdPName() : "LOCAL";
        stepConfig.setAuthenticatedIdP(idPName);
        authenticatedIdPData.setIdpName(idPName);
        authenticatedIdPData.setAuthenticator(authenticatorConfig);
        authenticationContext.getCurrentAuthenticatedIdPs().put(idPName, authenticatedIdPData);
        stepConfig.setCompleted(true);
    }

    protected void populateStepConfigWithAuthenticationDetails(StepConfig stepConfig, AuthenticatedIdPData authenticatedIdPData) {
        stepConfig.setAuthenticatedUser(authenticatedIdPData.getUser());
        stepConfig.setAuthenticatedIdP(authenticatedIdPData.getIdpName());
        stepConfig.setAuthenticatedAutenticator(authenticatedIdPData.getAuthenticator());
    }

    private String getRedirectUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, String str, String str2, String str3, String str4) throws IOException {
        IdentityErrorMsgContext identityErrorMsg = IdentityUtil.getIdentityErrorMsg();
        IdentityUtil.clearIdentityErrorMsg();
        if (str2 == null || !"true".equals(str2)) {
            String errorCode = identityErrorMsg != null ? identityErrorMsg.getErrorCode() : null;
            return (errorCode == null || !errorCode.equals("17003")) ? httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&authenticators=" + str + ":LOCAL" + str3 : httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&failedUsername=" + URLEncoder.encode(httpServletRequest.getParameter(FrameworkConstants.USERNAME), FrameworkUtils.UTF_8) + "&authenticators=" + str + ":LOCAL" + str3;
        }
        if (identityErrorMsg == null) {
            return httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&authenticators=" + str + ":LOCAL" + str3;
        }
        String errorCode2 = identityErrorMsg.getErrorCode();
        int maximumLoginAttempts = identityErrorMsg.getMaximumLoginAttempts() - identityErrorMsg.getFailedLoginAttempts();
        if (log.isDebugEnabled()) {
            StringBuilder sb = new StringBuilder();
            sb.append("Identity error message context is not null. Error details are as follows.");
            sb.append("errorCode : " + errorCode2 + "\n");
            sb.append("username : " + httpServletRequest.getParameter(FrameworkConstants.USERNAME) + "\n");
            sb.append("remainingAttempts : " + maximumLoginAttempts);
            log.debug(sb.toString());
        }
        if (errorCode2.equals("17002")) {
            return httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&authenticators=" + str + ":LOCAL" + (str3 + "&errorCode=" + errorCode2 + "&failedUsername=" + URLEncoder.encode(httpServletRequest.getParameter(FrameworkConstants.USERNAME), FrameworkUtils.UTF_8) + "&remainingAttempts=" + maximumLoginAttempts);
        }
        if (errorCode2.equals("17003")) {
            return maximumLoginAttempts == 0 ? httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&errorCode=" + errorCode2 + "&failedUsername=" + URLEncoder.encode(httpServletRequest.getParameter(FrameworkConstants.USERNAME), FrameworkUtils.UTF_8) + "&remainingAttempts=0&authenticators=" + URLEncoder.encode(str, FrameworkUtils.UTF_8) + str3 : httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&errorCode=" + errorCode2 + "&failedUsername=" + URLEncoder.encode(httpServletRequest.getParameter(FrameworkConstants.USERNAME), FrameworkUtils.UTF_8) + "&authenticators=" + URLEncoder.encode(str, FrameworkUtils.UTF_8) + str3;
        }
        return httpServletResponse.encodeRedirectURL(str4 + "?" + authenticationContext.getContextIdIncludedQueryParams()) + "&authenticators=" + str + ":LOCAL" + (str3 + "&errorCode=" + errorCode2 + "&failedUsername=" + URLEncoder.encode(httpServletRequest.getParameter(FrameworkConstants.USERNAME), FrameworkUtils.UTF_8));
    }

    private AuthenticatorConfig getAuthenticatorConfig() {
        AuthenticatorConfig authenticatorBean = FileBasedConfigurationBuilder.getInstance().getAuthenticatorBean(FrameworkConstants.BASIC_AUTHENTICATOR_CLASS);
        if (authenticatorBean == null) {
            authenticatorBean = new AuthenticatorConfig();
            authenticatorBean.setParameterMap(new HashMap());
        }
        return authenticatorBean;
    }
}
