package org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.client.utils.URIBuilder;
import org.wso2.carbon.identity.application.authentication.framework.AsyncCaller;
import org.wso2.carbon.identity.application.authentication.framework.AsyncProcess;
import org.wso2.carbon.identity.application.authentication.framework.AsyncReturn;
import org.wso2.carbon.identity.application.authentication.framework.AuthenticatorFlowStatus;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthGraphNode;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.AuthenticationGraph;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.DynamicDecisionNode;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.EndStep;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.FailNode;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsWrapperFactoryProvider;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.LongWaitNode;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.ShowPromptNode;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.StepConfigGraphNode;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException;
import org.wso2.carbon.identity.application.authentication.framework.exception.JsFailureException;
import org.wso2.carbon.identity.application.authentication.framework.handler.sequence.SequenceHandler;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationError;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationResult;
import org.wso2.carbon.identity.application.authentication.framework.model.LongWaitStatus;
import org.wso2.carbon.identity.application.authentication.framework.store.LongWaitStatusStoreService;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/GraphBasedSequenceHandler.class */
public class GraphBasedSequenceHandler extends DefaultStepBasedSequenceHandler implements SequenceHandler {
    private static final Log log = LogFactory.getLog(GraphBasedSequenceHandler.class);
    private static final String PROMPT_DEFAULT_ACTION = "Success";
    private static final String PROMPT_ACTION_PREFIX = "action.";
    private static final String RESPONSE_HANDLED_BY_FRAMEWORK = "hasResponseHandledByFramework";
    public static final String SKIPPED_CALLBACK_NAME = "onSkip";
    public static final String STEP_IDENTIFIER_PARAM = "step";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.GraphBasedSequenceHandler$1, reason: invalid class name */
    /* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/sequence/impl/GraphBasedSequenceHandler$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$wso2$carbon$identity$application$authentication$framework$AuthenticatorFlowStatus = new int[AuthenticatorFlowStatus.values().length];

        static {
            try {
                $SwitchMap$org$wso2$carbon$identity$application$authentication$framework$AuthenticatorFlowStatus[AuthenticatorFlowStatus.SUCCESS_COMPLETED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$wso2$carbon$identity$application$authentication$framework$AuthenticatorFlowStatus[AuthenticatorFlowStatus.FAIL_COMPLETED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$wso2$carbon$identity$application$authentication$framework$AuthenticatorFlowStatus[AuthenticatorFlowStatus.FALLBACK.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$wso2$carbon$identity$application$authentication$framework$AuthenticatorFlowStatus[AuthenticatorFlowStatus.USER_ABORT.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler, org.wso2.carbon.identity.application.authentication.framework.handler.sequence.SequenceHandler
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws FrameworkException {
        if (log.isDebugEnabled()) {
            log.debug("Executing the Step Based Authentication...");
        }
        if (isBackToFirstStep(authenticationContext)) {
            modifyCurrentNodeAsFirstStep(authenticationContext);
        }
        SequenceConfig sequenceConfig = authenticationContext.getSequenceConfig();
        String authenticationType = sequenceConfig.getApplicationConfig().getServiceProvider().getLocalAndOutBoundAuthenticationConfig().getAuthenticationType();
        AuthenticationGraph authenticationGraph = sequenceConfig.getAuthenticationGraph();
        if (authenticationGraph == null || !authenticationGraph.isEnabled() || (!"flow".equals(authenticationType) && !FrameworkConstants.DEFAULT_SEQUENCE.equals(authenticationType))) {
            if (log.isDebugEnabled()) {
                log.debug("Authentication Graph not defined for the application. Performing Step based authentication. Service Provider :" + sequenceConfig.getApplicationId());
            }
            DefaultStepBasedSequenceHandler.getInstance().handle(httpServletRequest, httpServletResponse, authenticationContext);
            return;
        }
        if (LoggerUtils.isDiagnosticLogsEnabled()) {
            HashMap hashMap = new HashMap();
            hashMap.put(FrameworkConstants.LogConstants.SERVICE_PROVIDER, authenticationContext.getServiceProviderName());
            hashMap.put(FrameworkConstants.LogConstants.TENANT_DOMAIN, authenticationContext.getTenantDomain());
            LoggerUtils.triggerDiagnosticLogEvent(FrameworkConstants.LogConstants.AUTHENTICATION_FRAMEWORK, hashMap, "SUCCESS", "Executing script-based authentication", FrameworkConstants.LogConstants.ActionIDs.HANDLE_AUTH_REQUEST, (Map) null);
        }
        if (authenticationGraph.isBuildSuccessful()) {
            boolean z = false;
            while (!z && !authenticationContext.getSequenceConfig().isCompleted()) {
                AuthGraphNode authGraphNode = (AuthGraphNode) authenticationContext.getProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE);
                z = authGraphNode == null ? handleInitialize(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, authenticationGraph) : handleNode(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, authGraphNode);
            }
            return;
        }
        if (LoggerUtils.isDiagnosticLogsEnabled()) {
            HashMap hashMap2 = new HashMap();
            hashMap2.put(FrameworkConstants.LogConstants.SERVICE_PROVIDER, authenticationContext.getServiceProviderName());
            hashMap2.put(FrameworkConstants.LogConstants.TENANT_DOMAIN, authenticationContext.getTenantDomain());
            LoggerUtils.triggerDiagnosticLogEvent(FrameworkConstants.LogConstants.AUTHENTICATION_FRAMEWORK, hashMap2, "FAILED", "Error while parsing the authentication script. Nested exception is: " + authenticationGraph.getErrorReason(), FrameworkConstants.LogConstants.AUTH_SCRIPT_LOGGING, (Map) null);
        }
        throw new FrameworkException("Error while building graph from Javascript. Nested exception is: " + authenticationGraph.getErrorReason());
    }

    private void modifyCurrentNodeAsFirstStep(AuthenticationContext authenticationContext) {
        authenticationContext.removeProperty(FrameworkConstants.BACK_TO_FIRST_STEP);
        if (authenticationContext.getProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE) != null) {
            int size = authenticationContext.getSequenceConfig().getStepMap().size();
            for (int i = 2; i <= size; i++) {
                authenticationContext.getSequenceConfig().getStepMap().remove(Integer.valueOf(i));
            }
            authenticationContext.getSequenceConfig().setCompleted(false);
            authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, null);
            AuthGraphNode startNode = authenticationContext.getSequenceConfig().getAuthenticationGraph().getStartNode();
            if (startNode instanceof StepConfigGraphNode) {
                ((StepConfigGraphNode) startNode).getStepConfig().setCompleted(false);
                ((StepConfigGraphNode) startNode).getStepConfig().setAuthenticatedAutenticator(null);
                ((StepConfigGraphNode) startNode).getStepConfig().setAuthenticatedUser(null);
                if (((StepConfigGraphNode) startNode).getNext() instanceof DynamicDecisionNode) {
                    ((DynamicDecisionNode) ((StepConfigGraphNode) startNode).getNext()).setDefaultEdge(new EndStep());
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("Modified current node a parent node which can restart authentication flow from first step.");
            }
        }
    }

    private boolean isBackToFirstStep(AuthenticationContext authenticationContext) {
        return authenticationContext.getProperty(FrameworkConstants.BACK_TO_FIRST_STEP) != null && Boolean.parseBoolean(authenticationContext.getProperty(FrameworkConstants.BACK_TO_FIRST_STEP).toString());
    }

    private boolean handleNode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, AuthGraphNode authGraphNode) throws FrameworkException {
        authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, authGraphNode);
        boolean z = false;
        if (authGraphNode instanceof ShowPromptNode) {
            log.info("Current node is an instance of ShowPromptNode.");
            z = handlePrompt(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, (ShowPromptNode) authGraphNode);
            log.info("Handled prompt for current node");
        } else if (authGraphNode instanceof LongWaitNode) {
            log.info("Current node is an instance of LongWaitNode.");
            z = handleLongWait(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, (LongWaitNode) authGraphNode);
            log.info("Handled long wait for current node");
        } else if (authGraphNode instanceof DynamicDecisionNode) {
            handleDecisionPoint(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, (DynamicDecisionNode) authGraphNode);
        } else if (authGraphNode instanceof StepConfigGraphNode) {
            z = handleAuthenticationStep(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, (StepConfigGraphNode) authGraphNode);
            if (!z) {
                gotoToNextNode(authenticationContext, sequenceConfig, authGraphNode);
            }
        } else if (authGraphNode instanceof EndStep) {
            handleEndOfSequence(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig);
        } else if (authGraphNode instanceof FailNode) {
            handleAuthFail(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, (FailNode) authGraphNode);
        }
        return z;
    }

    private void displayLongWait(AuthenticationContext authenticationContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws FrameworkException {
        try {
            httpServletResponse.sendRedirect(ConfigurationFacade.getInstance().getAuthenticationEndpointWaitURL() + "?sessionDataKey=" + authenticationContext.getContextIdentifier());
            httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, AuthenticatorFlowStatus.INCOMPLETE);
        } catch (IOException e) {
            throw new FrameworkException("Error while redirecting to wait.do", e);
        }
    }

    private boolean handlePrompt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, ShowPromptNode showPromptNode) throws FrameworkException {
        log.info("Handle prompt invoked for context identifier: " + authenticationContext.getContextIdentifier());
        boolean z = false;
        if (authenticationContext.isReturning()) {
            log.info("Prompt is returning for context identifier: " + authenticationContext.getContextIdentifier());
            String str = "Success";
            Iterator it = httpServletRequest.getParameterMap().keySet().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                String str2 = (String) it.next();
                if (str2.startsWith(PROMPT_ACTION_PREFIX)) {
                    str = StringUtils.capitalize(str2.substring(PROMPT_ACTION_PREFIX.length(), str2.length()));
                    break;
                }
            }
            executeFunction(FrameworkConstants.REMEMBER_ME_OPT_ON + str, showPromptNode, authenticationContext);
            authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, showPromptNode.getDefaultEdge());
            authenticationContext.setReturning(false);
        } else {
            log.info("Prompt is starting for context identifier: " + authenticationContext.getContextIdentifier());
            if (showPromptNode.getHandlerMap().get(ShowPromptNode.PRE_HANDLER) != null) {
                Object evaluateHandler = evaluateHandler(ShowPromptNode.PRE_HANDLER, showPromptNode, authenticationContext, showPromptNode.getParameters().get("step"));
                log.info("Result of prompt pre handler: " + evaluateHandler + " for context identifier: " + authenticationContext.getContextIdentifier());
                if (Boolean.TRUE.equals(evaluateHandler)) {
                    executeFunction(SKIPPED_CALLBACK_NAME, showPromptNode, authenticationContext);
                    AuthGraphNode defaultEdge = showPromptNode.getDefaultEdge();
                    log.info("Prompt pre handler returned true. Going to next node: " + defaultEdge.getName() + " for context identifier: " + authenticationContext.getContextIdentifier());
                    authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, defaultEdge);
                } else {
                    log.info("Prompt pre handler returned false. Displaying prompt for context identifier: " + authenticationContext.getContextIdentifier());
                    displayPrompt(authenticationContext, httpServletRequest, httpServletResponse, showPromptNode);
                    z = true;
                }
                return z;
            }
            log.info("Prompt pre handler is not defined. Displaying prompt for context identifier: " + authenticationContext.getContextIdentifier());
            displayPrompt(authenticationContext, httpServletRequest, httpServletResponse, showPromptNode);
            z = true;
        }
        return z;
    }

    private void displayPrompt(AuthenticationContext authenticationContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ShowPromptNode showPromptNode) throws FrameworkException {
        try {
            String authenticationEndpointPromptURL = ConfigurationFacade.getInstance().getAuthenticationEndpointPromptURL();
            if (!IdentityTenantUtil.isTenantQualifiedUrlsEnabled()) {
                authenticationEndpointPromptURL = FrameworkUtils.appendQueryParamsStringToUrl(authenticationEndpointPromptURL, "tenantDomain=" + authenticationContext.getTenantDomain());
            }
            String appendQueryParamsStringToUrl = FrameworkUtils.appendQueryParamsStringToUrl(FrameworkUtils.appendQueryParamsStringToUrl(authenticationEndpointPromptURL, "sessionDataKey=" + authenticationContext.getContextIdentifier()), "templateId=" + URLEncoder.encode(showPromptNode.getTemplateId(), StandardCharsets.UTF_8.name()) + "&promptId=" + authenticationContext.getContextIdentifier());
            if (showPromptNode.getData() != null) {
                authenticationContext.addEndpointParams(showPromptNode.getData());
            }
            httpServletResponse.sendRedirect(appendQueryParamsStringToUrl);
            httpServletRequest.setAttribute(FrameworkConstants.RequestAttribute.AUTH_RESULT, new AuthenticationResult());
            httpServletRequest.setAttribute(RESPONSE_HANDLED_BY_FRAMEWORK, Boolean.TRUE);
            httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, AuthenticatorFlowStatus.INCOMPLETE);
        } catch (UnsupportedEncodingException e) {
            throw new FrameworkException("Error while encoding the data to send to prompt page with session data key" + authenticationContext.getContextIdentifier(), e);
        } catch (IOException e2) {
            throw new FrameworkException("Error while redirecting the user for prompt page with session data key" + authenticationContext.getContextIdentifier(), e2);
        }
    }

    private void gotoToNextNode(AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, AuthGraphNode authGraphNode) {
        AuthGraphNode authGraphNode2 = null;
        if (authGraphNode instanceof StepConfigGraphNode) {
            authGraphNode2 = ((StepConfigGraphNode) authGraphNode).getNext();
        }
        if (authGraphNode2 == null) {
            if (log.isDebugEnabled()) {
                log.debug("No Next node found for the current graph node : " + authGraphNode.getName() + ", Service Provider: " + authenticationContext.getServiceProviderName() + " . Ending the authentication flow.");
            }
            authGraphNode2 = new EndStep();
        }
        authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, authGraphNode2);
    }

    private void handleEndOfSequence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig) throws FrameworkException {
        if (log.isDebugEnabled()) {
            log.debug("There are no more steps to execute");
        }
        authenticationContext.getSequenceConfig().setCompleted(true);
        authenticationContext.setRequestAuthenticated(true);
        if (log.isDebugEnabled()) {
            log.debug("Request is successfully authenticated");
        }
        handlePostAuthentication(httpServletRequest, httpServletResponse, authenticationContext);
        if (log.isDebugEnabled()) {
            log.debug("Step processing is completed");
        }
    }

    private void handleAuthFail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, FailNode failNode) throws FrameworkException {
        String uRIBuilder;
        if (log.isDebugEnabled()) {
            log.debug("Found a Fail Node in conditional authentication");
        }
        if (!failNode.isShowErrorPage()) {
            setErrorPropertiesToContext(failNode, authenticationContext);
            return;
        }
        String errorPageUri = failNode.getErrorPageUri();
        try {
            if (StringUtils.isBlank(errorPageUri)) {
                errorPageUri = ConfigurationFacade.getInstance().getAuthenticationEndpointRetryURL();
                URIBuilder uRIBuilder2 = new URIBuilder(errorPageUri);
                String uuid = UUID.randomUUID().toString();
                uRIBuilder2.addParameter(FrameworkConstants.REQUEST_PARAM_ERROR_KEY, uuid);
                uRIBuilder2.addParameter(FrameworkConstants.REQUEST_PARAM_AUTH_FLOW_ID, authenticationContext.getContextIdentifier());
                Map<String, String> failureData = failNode.getFailureData();
                failureData.put(FrameworkConstants.REQUEST_PARAM_SP, authenticationContext.getServiceProviderName());
                FrameworkUtils.addAuthenticationErrorToCache(uuid, new AuthenticationError(failureData), authenticationContext.getTenantDomain());
                uRIBuilder = uRIBuilder2.toString();
            } else {
                URIBuilder uRIBuilder3 = new URIBuilder(errorPageUri);
                Map<String, String> failureData2 = failNode.getFailureData();
                Objects.requireNonNull(uRIBuilder3);
                failureData2.forEach(uRIBuilder3::addParameter);
                uRIBuilder = uRIBuilder3.toString();
            }
            httpServletResponse.sendRedirect(FrameworkUtils.getRedirectURL(uRIBuilder, httpServletRequest));
            authenticationContext.setRequestAuthenticated(false);
            authenticationContext.getSequenceConfig().setCompleted(true);
            httpServletRequest.setAttribute(FrameworkConstants.RequestParams.FLOW_STATUS, AuthenticatorFlowStatus.INCOMPLETE);
            throw new JsFailureException("Error initiated from authentication script. User will be redirected to " + uRIBuilder);
        } catch (IOException e) {
            throw new FrameworkException("Error when redirecting user to " + errorPageUri, e);
        } catch (URISyntaxException e2) {
            throw new FrameworkException("Error when redirecting user to " + errorPageUri + ". Error page is not a valid URL.", e2);
        }
    }

    private void setErrorPropertiesToContext(FailNode failNode, AuthenticationContext authenticationContext) throws FrameworkException {
        Map<String, String> failureData = failNode.getFailureData();
        if (failureData.containsKey("errorCode")) {
            authenticationContext.setProperty(FrameworkConstants.AUTH_ERROR_CODE, failureData.get("errorCode"));
        }
        if (failureData.containsKey(FrameworkConstants.ERROR_MESSAGE)) {
            authenticationContext.setProperty(FrameworkConstants.AUTH_ERROR_MSG, failureData.get(FrameworkConstants.ERROR_MESSAGE));
        }
        if (failureData.containsKey(FrameworkConstants.ERROR_URI)) {
            try {
                new URL(failureData.get(FrameworkConstants.ERROR_URI));
                authenticationContext.setProperty(FrameworkConstants.AUTH_ERROR_URI, failureData.get(FrameworkConstants.ERROR_URI));
            } catch (MalformedURLException e) {
                throw new FrameworkException("Error when validating provided errorURI: " + failureData.get(FrameworkConstants.ERROR_URI), e);
            }
        }
        authenticationContext.setRequestAuthenticated(false);
        authenticationContext.getSequenceConfig().setCompleted(true);
    }

    private boolean handleAuthenticationStep(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, StepConfigGraphNode stepConfigGraphNode) throws FrameworkException {
        StepConfig stepConfig = stepConfigGraphNode.getStepConfig();
        if (stepConfig == null) {
            throw new FrameworkException("StepConfig not found while handling the step. Service Provider : " + authenticationContext.getServiceProviderName());
        }
        if (stepConfig.isCompleted()) {
            stepConfig.setCompleted(false);
            stepConfig.setRetrying(false);
            if (!authenticationContext.isRequestAuthenticated()) {
                if (log.isDebugEnabled()) {
                    log.debug("Authentication has failed in the Step " + authenticationContext.getCurrentStep());
                }
                if (!stepConfig.isMultiOption() || authenticationContext.isPassiveAuthenticate()) {
                    FrameworkUtils.resetAuthenticationContext(authenticationContext);
                } else {
                    stepConfig.setRetrying(true);
                    authenticationContext.setRequestAuthenticated(true);
                }
            } else if (log.isDebugEnabled()) {
                log.debug("Step " + stepConfig.getOrder() + " is completed. Going to get the next one.");
            }
            FrameworkUtils.resetAuthenticationContext(authenticationContext);
        }
        if (log.isDebugEnabled()) {
            log.debug("Starting Step: " + stepConfig.getOrder());
        }
        AuthenticatorFlowStatus authenticatorFlowStatus = (AuthenticatorFlowStatus) httpServletRequest.getAttribute(FrameworkConstants.RequestParams.FLOW_STATUS);
        int currentStep = authenticationContext.getCurrentStep();
        if (!authenticationContext.isReturning()) {
            if (currentStep <= 0) {
                currentStep = 1;
            } else if (authenticatorFlowStatus != AuthenticatorFlowStatus.FAIL_COMPLETED) {
                currentStep++;
            }
            authenticationContext.setCurrentStep(currentStep);
            authenticationContext.getSequenceConfig().getStepMap().put(Integer.valueOf(currentStep), stepConfig);
        }
        FrameworkUtils.getStepHandler().handle(httpServletRequest, httpServletResponse, authenticationContext);
        AuthenticatorFlowStatus authenticatorFlowStatus2 = (AuthenticatorFlowStatus) httpServletRequest.getAttribute(FrameworkConstants.RequestParams.FLOW_STATUS);
        if (authenticatorFlowStatus2 != AuthenticatorFlowStatus.SUCCESS_COMPLETED && authenticatorFlowStatus2 != AuthenticatorFlowStatus.INCOMPLETE && (!AuthenticatorFlowStatus.FAIL_COMPLETED.equals(authenticatorFlowStatus2) || !authenticationContext.isRetrying())) {
            stepConfig.setSubjectAttributeStep(false);
            stepConfig.setSubjectIdentifierStep(false);
        }
        if (authenticatorFlowStatus2 == AuthenticatorFlowStatus.FAIL_COMPLETED && !(stepConfigGraphNode.getNext() instanceof DynamicDecisionNode)) {
            if (authenticationContext.isRetrying()) {
                StepConfigGraphNode stepConfigGraphNode2 = new StepConfigGraphNode(stepConfigGraphNode.getStepConfig());
                stepConfigGraphNode2.setNext(stepConfigGraphNode.getNext());
                AuthGraphNode parent = stepConfigGraphNode.getParent();
                if (parent == null) {
                    parent = sequenceConfig.getAuthenticationGraph().getStartNode();
                }
                stepConfigGraphNode2.setParent(parent);
                if (parent instanceof DynamicDecisionNode) {
                    ((DynamicDecisionNode) parent).setDefaultEdge(stepConfigGraphNode2);
                } else if (parent instanceof StepConfigGraphNode) {
                    ((StepConfigGraphNode) parent).setNext(stepConfigGraphNode2);
                }
                stepConfigGraphNode.setNext(stepConfigGraphNode2);
            } else {
                stepConfigGraphNode.setNext(new FailNode());
            }
        }
        if (!stepConfig.isCompleted()) {
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug("Step is not complete yet. Redirecting to outside.");
            return true;
        }
        if (!authenticationContext.isPassiveAuthenticate() || authenticationContext.isRequestAuthenticated()) {
            authenticationContext.setReturning(false);
            return false;
        }
        authenticationContext.getSequenceConfig().setCompleted(true);
        return true;
    }

    private boolean handleLongWait(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, LongWaitNode longWaitNode) throws FrameworkException {
        boolean callExternalSystem;
        AuthGraphNode failNode;
        log.info("Started handling long wait for context identifier: " + authenticationContext.getContextIdentifier());
        LongWaitStatusStoreService longWaitStatusStoreService = FrameworkServiceDataHolder.getInstance().getLongWaitStatusStoreService();
        LongWaitStatus wait = longWaitStatusStoreService.getWait(authenticationContext.getContextIdentifier());
        if (wait == null || wait.getStatus() == LongWaitStatus.Status.UNKNOWN) {
            LongWaitStatus longWaitStatus = new LongWaitStatus();
            longWaitStatus.setStatus(LongWaitStatus.Status.WAITING);
            longWaitStatusStoreService.addWait(IdentityTenantUtil.getTenantId(authenticationContext.getTenantDomain()), authenticationContext.getContextIdentifier(), longWaitStatus);
            callExternalSystem = callExternalSystem(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, longWaitNode);
            if (FrameworkUtils.promptOnLongWait() && callExternalSystem) {
                displayLongWait(authenticationContext, httpServletRequest, httpServletResponse);
            }
        } else {
            authenticationContext.setReturning(false);
            callExternalSystem = LongWaitStatus.Status.COMPLETED != wait.getStatus();
            log.info("This is a continuation of long wait process: " + authenticationContext.getContextIdentifier() + ". The long wait status is " + wait.getStatus());
            longWaitStatusStoreService.removeWait(authenticationContext.getContextIdentifier());
            String str = (String) authenticationContext.getProperty(FrameworkConstants.JSAttributes.JS_CALL_AND_WAIT_STATUS);
            Map<String, Object> map = (Map) authenticationContext.getProperty(FrameworkConstants.JSAttributes.JS_CALL_AND_WAIT_DATA);
            authenticationContext.removeProperty(FrameworkConstants.JSAttributes.JS_CALL_AND_WAIT_STATUS);
            authenticationContext.removeProperty(FrameworkConstants.JSAttributes.JS_CALL_AND_WAIT_DATA);
            if (str != null) {
                executeFunction(str, longWaitNode, authenticationContext, map);
                failNode = longWaitNode.getDefaultEdge();
                if (failNode == null) {
                    log.error("Authentication script does not have applicable event handler for outcome " + str + " from the long wait process : " + authenticationContext.getContextIdentifier() + ". So ending the authentication flow. Add the correspoding event handler to the script");
                    failNode = new FailNode();
                }
            } else {
                log.error("The outcome from the long wait process " + authenticationContext.getContextIdentifier() + " is null. Because asyncReturn.accept() has not been used properly in the async process flow of the custom function. So ending the authentication flow. Check the flow in the async process flow of the custom function and add asyncReturn.accept() with the corresponding outcome.");
                failNode = new FailNode();
            }
            authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, failNode);
        }
        return callExternalSystem;
    }

    private void resumeLongWait(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws FrameworkException {
        handle(httpServletRequest, httpServletResponse, authenticationContext);
    }

    private boolean callExternalSystem(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, LongWaitNode longWaitNode) throws FrameworkException {
        AsyncProcess asyncProcess = longWaitNode.getAsyncProcess();
        if (asyncProcess == null) {
            return false;
        }
        AsyncCaller asyncCaller = asyncProcess.getAsyncCaller();
        log.info("AsyncCaller is set for the long wait process: " + authenticationContext.getContextIdentifier());
        AsyncReturn rethrowTriConsumer = rethrowTriConsumer((authenticationContext2, map, str) -> {
            log.info("For session data key: " + authenticationContext.getContextIdentifier() + " asyncReturn.accept() has been set by the async process flow of the custom function.");
            authenticationContext2.setProperty(FrameworkConstants.JSAttributes.JS_CALL_AND_WAIT_STATUS, str);
            authenticationContext2.setProperty(FrameworkConstants.JSAttributes.JS_CALL_AND_WAIT_DATA, map);
            if (FrameworkUtils.promptOnLongWait()) {
                return;
            }
            synchronized (authenticationContext) {
                authenticationContext.notify();
            }
        });
        if (asyncCaller == null) {
            return false;
        }
        FrameworkServiceDataHolder.getInstance().getAsyncSequenceExecutor().exec(asyncCaller, rethrowTriConsumer, authenticationContext);
        if (FrameworkUtils.promptOnLongWait()) {
            return true;
        }
        int longWaitTimeout = getLongWaitTimeout();
        synchronized (authenticationContext) {
            try {
                authenticationContext.wait(longWaitTimeout);
            } catch (InterruptedException e) {
                Thread.currentThread().interrupt();
                log.error("Thread interrupted while waiting for the external call to complete for session data key: " + authenticationContext.getContextIdentifier() + ". ", e);
            }
        }
        resumeLongWait(httpServletRequest, httpServletResponse, authenticationContext);
        return true;
    }

    private int getLongWaitTimeout() {
        String property = IdentityUtil.getProperty(FrameworkConstants.AdaptiveAuthentication.ADAPTIVE_AUTH_LONG_WAIT_TIMEOUT);
        int i = 10000;
        if (property != null) {
            try {
                i = Integer.parseInt(property);
            } catch (NumberFormatException e) {
                log.warn("Error while reading the wait timeout. Default value of 10 seconds will be used. ", e);
            }
        }
        return i;
    }

    private void handleDecisionPoint(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, DynamicDecisionNode dynamicDecisionNode) throws FrameworkException {
        if (dynamicDecisionNode == null) {
            log.error("Dynamic decision node is null");
            return;
        }
        AuthenticatorFlowStatus authenticatorFlowStatus = (AuthenticatorFlowStatus) httpServletRequest.getAttribute(FrameworkConstants.RequestParams.FLOW_STATUS);
        if (authenticatorFlowStatus != null) {
            switch (AnonymousClass1.$SwitchMap$org$wso2$carbon$identity$application$authentication$framework$AuthenticatorFlowStatus[authenticatorFlowStatus.ordinal()]) {
                case FrameworkConstants.AdaptiveAuthentication.DEFAULT_EXECUTION_SUPERVISOR_THREAD_COUNT /* 1 */:
                    executeFunction("onSuccess", dynamicDecisionNode, authenticationContext);
                    break;
                case 2:
                    if (dynamicDecisionNode.getFunctionMap().get("onFail") != null) {
                        executeFunction("onFail", dynamicDecisionNode, authenticationContext);
                    } else if (authenticationContext.isRetrying()) {
                        authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, dynamicDecisionNode.getParent());
                        return;
                    }
                    if (dynamicDecisionNode.getDefaultEdge() instanceof EndStep) {
                        dynamicDecisionNode.setDefaultEdge(new FailNode());
                        break;
                    }
                    break;
                case FrameworkConstants.MAX_RETRY_TIME /* 3 */:
                    executeFunction("onFallback", dynamicDecisionNode, authenticationContext);
                    break;
                case 4:
                    executeFunction("onUserAbort", dynamicDecisionNode, authenticationContext);
                    break;
            }
        }
        authenticationContext.setProperty(FrameworkConstants.JSAttributes.PROP_CURRENT_NODE, dynamicDecisionNode.getDefaultEdge());
    }

    private void executeFunction(String str, DynamicDecisionNode dynamicDecisionNode, AuthenticationContext authenticationContext) {
        FrameworkServiceDataHolder.getInstance().getJsGraphBuilderFactory().createBuilder(authenticationContext, authenticationContext.getSequenceConfig().getAuthenticationGraph().getStepMap(), dynamicDecisionNode).getScriptEvaluator(dynamicDecisionNode.getFunctionMap().get(str)).evaluate(authenticationContext, JsWrapperFactoryProvider.getInstance().getWrapperFactory().createJsAuthenticationContext(authenticationContext));
        if (dynamicDecisionNode.getDefaultEdge() == null) {
            dynamicDecisionNode.setDefaultEdge(new EndStep());
        }
    }

    private void executeFunction(String str, DynamicDecisionNode dynamicDecisionNode, AuthenticationContext authenticationContext, Map<String, Object> map) {
        FrameworkServiceDataHolder.getInstance().getJsGraphBuilderFactory().createBuilder(authenticationContext, authenticationContext.getSequenceConfig().getAuthenticationGraph().getStepMap(), dynamicDecisionNode).getScriptEvaluator(dynamicDecisionNode.getFunctionMap().get(str)).evaluate(authenticationContext, JsWrapperFactoryProvider.getInstance().getWrapperFactory().createJsAuthenticationContext(authenticationContext), JsWrapperFactoryProvider.getInstance().getWrapperFactory().createJsWritableParameters(map));
        if (dynamicDecisionNode.getDefaultEdge() == null) {
            dynamicDecisionNode.setDefaultEdge(new EndStep());
        }
    }

    private Object evaluateHandler(String str, ShowPromptNode showPromptNode, AuthenticationContext authenticationContext, Object obj) {
        return FrameworkServiceDataHolder.getInstance().getJsGraphBuilderFactory().createBuilder(authenticationContext, authenticationContext.getSequenceConfig().getAuthenticationGraph().getStepMap(), showPromptNode).getScriptEvaluator(showPromptNode.getHandlerMap().get(str)).evaluate(authenticationContext, JsWrapperFactoryProvider.getInstance().getWrapperFactory().createJsAuthenticationContext(authenticationContext));
    }

    private boolean handleInitialize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext, SequenceConfig sequenceConfig, AuthenticationGraph authenticationGraph) throws FrameworkException {
        AuthGraphNode startNode = authenticationGraph.getStartNode();
        if (startNode == null) {
            throw new FrameworkException("Start node is not set for authentication graph:" + authenticationGraph.getName());
        }
        authenticationContext.setCurrentStep(0);
        return handleNode(httpServletRequest, httpServletResponse, authenticationContext, sequenceConfig, startNode);
    }

    public static <T, U, V, E extends Exception> AsyncReturn rethrowTriConsumer(AsyncReturn asyncReturn) {
        return (authenticationContext, map, str) -> {
            try {
                asyncReturn.accept(authenticationContext, map, str);
            } catch (Exception e) {
                throwAsUnchecked(e);
            }
        };
    }

    private static <E extends Throwable> void throwAsUnchecked(Exception exc) throws Throwable {
        throw exc;
    }

    private boolean isFirstStep(AuthGraphNode authGraphNode) {
        return !(authGraphNode instanceof DynamicDecisionNode) && (authGraphNode instanceof StepConfigGraphNode) && ((StepConfigGraphNode) authGraphNode).getStepConfig().getOrder() == 1;
    }
}
