package org.wso2.carbon.identity.application.authenticator.openid;

import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.authenticator.openid.exception.OpenIDException;
import org.wso2.carbon.identity.application.authenticator.openid.manager.DefaultOpenIDManager;
import org.wso2.carbon.identity.application.authenticator.openid.manager.OpenIDManager;

/* loaded from: input_file:org/wso2/carbon/identity/application/authenticator/openid/OpenIDAuthenticator.class */
public class OpenIDAuthenticator extends AbstractApplicationAuthenticator implements FederatedApplicationAuthenticator {
    private static final long serialVersionUID = 2878862656196592256L;
    private static final String OPENID_MANAGER = "OpenIDManager";
    private static Log log = LogFactory.getLog(OpenIDAuthenticator.class);

    public boolean canHandle(HttpServletRequest httpServletRequest) {
        if (log.isTraceEnabled()) {
            log.trace("Inside canHandle()");
        }
        String parameter = httpServletRequest.getParameter(OpenIDAuthenticatorConstants.MODE);
        return (parameter == null || "checkid_immediate".equals(parameter) || "checkid_setup".equals(parameter) || "check_authentication".equals(parameter)) ? false : true;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable, org.wso2.carbon.identity.application.authenticator.openid.exception.OpenIDException] */
    protected void initiateAuthenticationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        String str;
        OpenIDManager newOpenIDManagerInstance = getNewOpenIDManagerInstance();
        if (authenticationContext.getExternalIdP() == null && httpServletRequest.getParameter("claimed_id") == null) {
            try {
                httpServletResponse.sendRedirect(ConfigurationFacade.getInstance().getAuthenticationEndpointURL() + "?" + FrameworkUtils.getQueryStringWithFrameworkContextId(authenticationContext.getQueryParams(), authenticationContext.getCallerSessionKey(), authenticationContext.getContextIdentifier()) + "&loginType=openid&authenticators=" + getName() + ":LOCAL");
                return;
            } catch (IOException e) {
                log.error("Error when sending to the login page", e);
                throw new AuthenticationFailedException(e.getMessage(), e);
            }
        }
        try {
            Map<String, String> authenticatorProperties = authenticationContext.getAuthenticatorProperties();
            if (authenticatorProperties != null) {
                setOpenIDServerUrl(authenticatorProperties);
            }
            if (getOpenIDServerUrl() != null) {
                authenticatorProperties.put("OpenIdUrl", getOpenIDServerUrl());
            }
            String doOpenIDLogin = newOpenIDManagerInstance.doOpenIDLogin(httpServletRequest, httpServletResponse, authenticationContext);
            String parameter = httpServletRequest.getParameter("domain");
            if (parameter != null) {
                doOpenIDLogin = doOpenIDLogin + "&fidp=" + parameter;
            }
            if (authenticatorProperties != null && (str = authenticatorProperties.get("commonAuthQueryParams")) != null) {
                doOpenIDLogin = !str.startsWith("&") ? doOpenIDLogin + "&" + str : doOpenIDLogin + str;
            }
            httpServletResponse.sendRedirect(doOpenIDLogin);
        } catch (IOException e2) {
            log.error("Error when sending to OpenID Provider", e2);
            throw new AuthenticationFailedException(e2.getMessage(), e2);
        } catch (OpenIDException e3) {
            log.error("Error when sending to OpenID Provider", e3);
            throw new AuthenticationFailedException(e3.getMessage(), (Throwable) e3);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r10v0, types: [java.lang.Throwable, org.wso2.carbon.identity.application.authenticator.openid.exception.OpenIDException] */
    protected void processAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        try {
            getNewOpenIDManagerInstance().processOpenIDLoginResponse(httpServletRequest, httpServletResponse, authenticationContext);
            AuthenticatedUser subject = authenticationContext.getSubject();
            String str = null;
            if ("true".equalsIgnoreCase((String) authenticationContext.getAuthenticatorProperties().get("IsUserIdInClaims"))) {
                str = getSubjectFromUserIDClaimURI(authenticationContext);
            }
            if (str == null) {
                str = subject.getAuthenticatedSubjectIdentifier();
            }
            if (str == null) {
                throw new OpenIDException("Cannot find federated User Identifier");
            }
            subject.setAuthenticatedSubjectIdentifier(str);
        } catch (OpenIDException e) {
            log.error("Error when processing response from OpenID Provider", e);
            throw new AuthenticationFailedException(e.getMessage(), (Throwable) e);
        }
    }

    public String getContextIdentifier(HttpServletRequest httpServletRequest) {
        if (log.isTraceEnabled()) {
            log.trace("Inside getContextIdentifier()");
        }
        return httpServletRequest.getParameter(OpenIDAuthenticatorConstants.SESSION_DATA_KEY);
    }

    private OpenIDManager getNewOpenIDManagerInstance() {
        OpenIDManager openIDManager = null;
        String str = (String) getAuthenticatorConfig().getParameterMap().get(OPENID_MANAGER);
        if (str != null) {
            try {
                openIDManager = (OpenIDManager) Thread.currentThread().getContextClassLoader().loadClass(str).newInstance();
            } catch (ClassNotFoundException e) {
                log.error("Error while instantiating the OpenIDManager ", e);
            } catch (IllegalAccessException e2) {
                log.error("Error while instantiating the OpenIDManager ", e2);
            } catch (InstantiationException e3) {
                log.error("Error while instantiating the OpenIDManager ", e3);
            }
        } else {
            openIDManager = new DefaultOpenIDManager();
        }
        return openIDManager;
    }

    public String getClaimDialectURI() {
        return OpenIDAuthenticatorConstants.CLAIM_DIALECT_URI;
    }

    public String getFriendlyName() {
        return OpenIDAuthenticatorConstants.AUTHENTICATOR_FRIENDLY_NAME;
    }

    public String getName() {
        return OpenIDAuthenticatorConstants.AUTHENTICATOR_NAME;
    }

    protected String getOpenIDServerUrl() {
        return null;
    }

    protected void setOpenIDServerUrl(Map<String, String> map) {
    }

    protected String getSubjectFromUserIDClaimURI(AuthenticationContext authenticationContext) {
        String str = null;
        try {
            str = FrameworkUtils.getFederatedSubjectFromClaims(authenticationContext, getClaimDialectURI());
        } catch (Exception e) {
            if (log.isDebugEnabled()) {
                log.debug("Couldn't find the subject claim from claim mappings " + e);
            }
        }
        return str;
    }
}
