package org.wso2.carbon.identity.application.authentication.framework;

import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder;
import org.wso2.carbon.identity.application.authentication.framework.config.model.AuthenticatorConfig;
import org.wso2.carbon.identity.application.authentication.framework.config.model.StepConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.LogoutFailedException;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceDataHolder;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.user.core.util.UserCoreUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/AbstractApplicationAuthenticator.class */
public abstract class AbstractApplicationAuthenticator implements ApplicationAuthenticator {
    private static final long serialVersionUID = -4406878411547612129L;
    private static final Log log = LogFactory.getLog(AbstractApplicationAuthenticator.class);

    /* JADX WARN: Type inference failed for: r10v1, types: [java.lang.Throwable, org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException] */
    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public AuthenticatorFlowStatus process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException, LogoutFailedException {
        StepConfig stepConfig;
        if (authenticationContext.isLogoutRequest()) {
            try {
                if (canHandle(httpServletRequest)) {
                    processLogoutResponse(httpServletRequest, httpServletResponse, authenticationContext);
                    return AuthenticatorFlowStatus.SUCCESS_COMPLETED;
                }
                authenticationContext.setCurrentAuthenticator(getName());
                initiateLogoutRequest(httpServletRequest, httpServletResponse, authenticationContext);
                return AuthenticatorFlowStatus.INCOMPLETE;
            } catch (UnsupportedOperationException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Ignoring UnsupportedOperationException.", e);
                }
                return AuthenticatorFlowStatus.SUCCESS_COMPLETED;
            }
        }
        if (!canHandle(httpServletRequest) || (httpServletRequest.getAttribute(FrameworkConstants.REQ_ATTR_HANDLED) != null && ((Boolean) httpServletRequest.getAttribute(FrameworkConstants.REQ_ATTR_HANDLED)).booleanValue())) {
            initiateAuthenticationRequest(httpServletRequest, httpServletResponse, authenticationContext);
            authenticationContext.setCurrentAuthenticator(getName());
            return AuthenticatorFlowStatus.INCOMPLETE;
        }
        try {
            processAuthenticationResponse(httpServletRequest, httpServletResponse, authenticationContext);
            if ((this instanceof LocalApplicationAuthenticator) && !authenticationContext.getSequenceConfig().getApplicationConfig().isSaaSApp() && !StringUtils.equals(authenticationContext.getSubject().getTenantDomain(), authenticationContext.getTenantDomain())) {
                authenticationContext.setProperty("UserTenantDomainMismatch", true);
                throw new AuthenticationFailedException("Service Provider tenant domain must be equal to user tenant domain for non-SaaS applications");
            }
            httpServletRequest.setAttribute(FrameworkConstants.REQ_ATTR_HANDLED, true);
            publishAuthenticationStepAttempt(httpServletRequest, authenticationContext, authenticationContext.getSubject(), true);
            return AuthenticatorFlowStatus.SUCCESS_COMPLETED;
        } catch (AuthenticationFailedException e2) {
            Map<Integer, StepConfig> stepMap = authenticationContext.getSequenceConfig().getStepMap();
            boolean z = false;
            publishAuthenticationStepAttempt(httpServletRequest, authenticationContext, e2.getUser(), false);
            if (stepMap != null && !stepMap.isEmpty() && (stepConfig = stepMap.get(Integer.valueOf(authenticationContext.getCurrentStep()))) != null) {
                z = stepConfig.isMultiOption();
            }
            if (!retryAuthenticationEnabled() || z) {
                throw e2;
            }
            authenticationContext.setRetrying(true);
            authenticationContext.setCurrentAuthenticator(getName());
            initiateAuthenticationRequest(httpServletRequest, httpServletResponse, authenticationContext);
            return AuthenticatorFlowStatus.INCOMPLETE;
        }
    }

    private void publishAuthenticationStepAttempt(HttpServletRequest httpServletRequest, AuthenticationContext authenticationContext, AuthenticatedUser authenticatedUser, boolean z) {
        AuthenticationDataPublisher authnDataPublisherProxy = FrameworkServiceDataHolder.getInstance().getAuthnDataPublisherProxy();
        if (authnDataPublisherProxy == null || !authnDataPublisherProxy.isEnabled(authenticationContext)) {
            return;
        }
        boolean z2 = this instanceof FederatedApplicationAuthenticator;
        HashMap hashMap = new HashMap();
        hashMap.put(FrameworkConstants.AnalyticsAttributes.USER, authenticatedUser);
        if (z2) {
            authenticationContext.setProperty(FrameworkConstants.AnalyticsAttributes.HAS_FEDERATED_STEP, true);
            hashMap.put(FrameworkConstants.AnalyticsAttributes.IS_FEDERATED, true);
        } else {
            authenticationContext.setProperty(FrameworkConstants.AnalyticsAttributes.HAS_LOCAL_STEP, true);
            hashMap.put(FrameworkConstants.AnalyticsAttributes.IS_FEDERATED, false);
        }
        Map<String, Object> unmodifiableMap = Collections.unmodifiableMap(hashMap);
        if (z) {
            authnDataPublisherProxy.publishAuthenticationStepSuccess(httpServletRequest, authenticationContext, unmodifiableMap);
        } else {
            authnDataPublisherProxy.publishAuthenticationStepFailure(httpServletRequest, authenticationContext, unmodifiableMap);
        }
    }

    protected void initiateAuthenticationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
    }

    protected abstract void processAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException;

    protected void initiateLogoutRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws LogoutFailedException {
        throw new UnsupportedOperationException();
    }

    protected void processLogoutResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws LogoutFailedException {
        throw new UnsupportedOperationException();
    }

    protected AuthenticatorConfig getAuthenticatorConfig() {
        AuthenticatorConfig authenticatorBean = FileBasedConfigurationBuilder.getInstance().getAuthenticatorBean(getName());
        if (authenticatorBean == null) {
            authenticatorBean = new AuthenticatorConfig();
            authenticatorBean.setParameterMap(new HashMap());
        }
        return authenticatorBean;
    }

    protected boolean retryAuthenticationEnabled() {
        return false;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public String getClaimDialectURI() {
        return null;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator
    public List<Property> getConfigurationProperties() {
        return new ArrayList();
    }

    protected String getUserStoreAppendedName(String str) {
        if (!str.contains("/") && UserCoreUtil.getDomainFromThreadLocal() != null && !"".equals(UserCoreUtil.getDomainFromThreadLocal())) {
            str = UserCoreUtil.getDomainFromThreadLocal() + "/" + str;
        }
        return str;
    }
}
