package org.apache.catalina.authenticator;

import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.HttpRequest;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
import org.apache.catalina.Session;
import org.apache.catalina.SessionEvent;
import org.apache.catalina.SessionListener;
import org.apache.catalina.util.StringManager;
import org.apache.catalina.valves.ValveBase;

/* loaded from: input_file:org/apache/catalina/authenticator/SingleSignOn.class */
public class SingleSignOn extends ValveBase implements SessionListener {
    private static final Logger log = Logger.getLogger(SingleSignOn.class.getName());
    protected static final StringManager sm = StringManager.getManager(Constants.Package);
    protected static final String info = "org.apache.catalina.authenticator.SingleSignOn";
    protected HashMap cache = new HashMap();
    protected HashMap reverse = new HashMap();

    @Override // org.apache.catalina.valves.ValveBase
    public int getDebug() {
        return this.debug;
    }

    @Override // org.apache.catalina.valves.ValveBase
    public void setDebug(int i) {
        this.debug = i;
    }

    @Override // org.apache.catalina.valves.ValveBase, org.apache.catalina.Lifecycle
    public void start() throws LifecycleException {
        if (this.started) {
            return;
        }
        super.start();
        if (this.debug >= 1) {
            log("Started");
        }
    }

    @Override // org.apache.catalina.valves.ValveBase, org.apache.catalina.Lifecycle
    public void stop() throws LifecycleException {
        if (this.started) {
            if (this.debug >= 1) {
                log("Stopped");
            }
            super.stop();
        }
    }

    public void sessionEvent(SessionEvent sessionEvent) {
        String str;
        if (Session.SESSION_DESTROYED_EVENT.equals(sessionEvent.getType())) {
            Session session = sessionEvent.getSession();
            if (this.debug >= 1) {
                log("Process session destroyed on " + session);
            }
            synchronized (this.reverse) {
                str = (String) this.reverse.get(session);
            }
            if (str == null) {
                return;
            }
            deregister(str, session);
        }
    }

    @Override // org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve, org.glassfish.web.valve.GlassFishValve
    public String getInfo() {
        return info;
    }

    @Override // org.apache.catalina.valves.ValveBase, org.glassfish.web.valve.GlassFishValve
    public int invoke(Request request, Response response) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request.getRequest();
        HttpServletResponse httpServletResponse = (HttpServletResponse) response.getResponse();
        request.removeNote(Constants.REQ_SSOID_NOTE);
        if (this.debug >= 1) {
            log("Process request for '" + httpServletRequest.getRequestURI() + "'");
        }
        if (httpServletRequest.getUserPrincipal() != null) {
            if (this.debug < 1) {
                return 2;
            }
            log(" Principal '" + httpServletRequest.getUserPrincipal().getName() + "' has already been authenticated");
            return 2;
        }
        if (this.debug >= 1) {
            log(" Checking for SSO cookie");
        }
        Cookie cookie = null;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            cookies = new Cookie[0];
        }
        int i = 0;
        while (true) {
            if (i >= cookies.length) {
                break;
            }
            if (Constants.SINGLE_SIGN_ON_COOKIE.equals(cookies[i].getName())) {
                cookie = cookies[i];
                break;
            }
            i++;
        }
        if (cookie == null) {
            if (this.debug < 1) {
                return 1;
            }
            log(" SSO cookie is not present");
            return 1;
        }
        if (this.debug >= 1) {
            log(" Checking for cached principal for " + cookie.getValue());
        }
        SingleSignOnEntry lookup = lookup(cookie.getValue());
        if (lookup == null) {
            if (this.debug >= 1) {
                log(" No cached principal found, erasing SSO cookie");
            }
            cookie.setMaxAge(0);
            httpServletResponse.addCookie(cookie);
            return 1;
        }
        if (this.debug >= 1) {
            log(" Found cached principal '" + lookup.principal.getName() + "' with auth type '" + lookup.authType + "'");
        }
        request.setNote(Constants.REQ_SSOID_NOTE, cookie.getValue());
        ((HttpRequest) request).setAuthType(lookup.authType);
        ((HttpRequest) request).setUserPrincipal(lookup.principal);
        return 1;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder("SingleSignOn[");
        if (this.container == null) {
            sb.append("Container is null");
        } else {
            sb.append(this.container.getName());
        }
        sb.append("]");
        return sb.toString();
    }

    public void associate(String str, Session session) {
        if (this.started) {
            if (this.debug >= 1) {
                log("Associate sso id " + str + " with session " + session);
            }
            SingleSignOnEntry lookup = lookup(str);
            if (lookup != null) {
                lookup.addSession(this, session);
            }
            synchronized (this.reverse) {
                this.reverse.put(session, str);
            }
        }
    }

    protected void deregister(String str, Session session) {
        synchronized (this.reverse) {
            this.reverse.remove(session);
        }
        SingleSignOnEntry lookup = lookup(str);
        if (lookup == null) {
            return;
        }
        lookup.removeSession(session);
        if (lookup.isEmpty()) {
            synchronized (this.cache) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void register(String str, Principal principal, String str2, String str3, char[] cArr, String str4) {
        if (this.debug >= 1) {
            log("Registering sso id '" + str + "' for user '" + principal.getName() + "' with auth type '" + str2 + "'");
        }
        synchronized (this.cache) {
            this.cache.put(str, new SingleSignOnEntry(str, principal, str2, str3, cArr, str4));
        }
    }

    protected void log(String str) {
        org.apache.catalina.Logger logger = this.container.getLogger();
        if (logger != null) {
            logger.log(toString() + ": " + str);
        } else {
            log.info(toString() + ": " + str);
        }
    }

    protected void log(String str, Throwable th) {
        org.apache.catalina.Logger logger = this.container.getLogger();
        if (logger != null) {
            logger.log(toString() + ": " + str, th, 2);
        } else {
            log.log(Level.WARNING, toString() + ": " + str, th);
        }
    }

    protected SingleSignOnEntry lookup(String str) {
        SingleSignOnEntry singleSignOnEntry;
        synchronized (this.cache) {
            singleSignOnEntry = (SingleSignOnEntry) this.cache.get(str);
        }
        return singleSignOnEntry;
    }
}
