package org.wso2.carbon.ui;

import java.io.IOException;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.ui.tracker.AuthenticatorRegistry;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/ui/CarbonUILoginUtil.class */
public final class CarbonUILoginUtil {
    protected static final int RETURN_FALSE = 0;
    protected static final int RETURN_TRUE = 1;
    protected static final int CONTINUE = 2;
    private static Log log = LogFactory.getLog(CarbonUILoginUtil.class);
    private static final String TENANT_ENABLED_URI_PATTERN = "(/.*/|/)t/[^/]*($|/.*)";
    private static Pattern tenantEnabledUriPattern = Pattern.compile(TENANT_ENABLED_URI_PATTERN);

    /* JADX INFO: Access modifiers changed from: protected */
    public static Pattern getTenantEnabledUriPattern() {
        return tenantEnabledUriPattern;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static CarbonUIAuthenticator getAuthenticator(HttpServletRequest httpServletRequest) {
        return AuthenticatorRegistry.getCarbonAuthenticator(httpServletRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean saveOriginalUrl(CarbonUIAuthenticator carbonUIAuthenticator, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession, boolean z, String str, String str2, String str3) throws IOException {
        if (!str3.endsWith("admin/error.jsp")) {
            String queryString = httpServletRequest.getQueryString();
            String str4 = queryString != null ? str3 + "?" + queryString : str3;
            String str5 = "".equals(str) ? "../.." + str4 : uRIContextBuilder(str) + str4;
            httpServletRequest.getSession(false).setAttribute("requestedUri", str5);
            if (!str5.contains("session-validate.jsp") && !"/null".equals(str3)) {
                Cookie cookie = new Cookie("requestedURI", str5);
                cookie.setPath("/");
                httpServletResponse.addCookie(cookie);
            }
        }
        try {
            Cookie[] cookies = httpServletRequest.getCookies();
            if (cookies != null) {
                int length = cookies.length;
                for (int i = RETURN_FALSE; i < length; i += RETURN_TRUE) {
                    if (cookies[i].getName().equals("wso2.carbon.rememberme") && carbonUIAuthenticator != null) {
                        try {
                            carbonUIAuthenticator.authenticateWithCookie(httpServletRequest);
                            return true;
                        } catch (AuthenticationException e) {
                            if (log.isDebugEnabled()) {
                                log.debug(e);
                            }
                        }
                    }
                }
            }
        } catch (Exception e2) {
            log.error("error occurred while login", e2);
        }
        if (httpServletRequest.getAttribute("tenantDomain") != null) {
            if (z) {
                httpServletResponse.sendRedirect("../admin/login_action.jsp");
                return false;
            }
            httpServletResponse.sendRedirect("../admin/login.jsp");
            return false;
        }
        if (z) {
            httpServletResponse.sendRedirect(str + "/carbon/admin/login_action.jsp");
            return false;
        }
        httpServletResponse.sendRedirect(str + "/carbon/admin/login.jsp");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getCustomIndexPage(HttpServletRequest httpServletRequest, String str) {
        return httpServletRequest.getParameter("IndexPageURL") != null ? httpServletRequest.getParameter("IndexPageURL") : str == null ? "/carbon/admin/index.jsp" : str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getIndexPageUrlFromCookie(String str, String str2, HttpServletRequest httpServletRequest) {
        Cookie[] cookies;
        if (str.equals("/carbon/admin/login_action.jsp") && (cookies = httpServletRequest.getCookies()) != null) {
            int length = cookies.length;
            for (int i = RETURN_FALSE; i < length; i += RETURN_TRUE) {
                Cookie cookie = cookies[i];
                if (cookie.getName().equals("requestedURI")) {
                    str2 = cookie.getValue();
                }
            }
            if (tenantEnabledUriPattern.matcher(str2).matches()) {
                str2 = CarbonUIUtil.removeTenantSpecificStringsFromURL(str2);
            }
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean letRequestedUrlIn(String str, String str2) {
        return str.endsWith(".css") || str.endsWith(".gif") || str.endsWith(".GIF") || str.endsWith(".jpg") || str.endsWith(".JPG") || str.endsWith(".png") || str.endsWith(".PNG") || str.endsWith(".xsl") || str.endsWith(".xslt") || str.endsWith(".js") || str.startsWith("/registry") || str.endsWith(".html") || str.endsWith(".ico") || str.startsWith("/openid/") || str.indexOf("/openid/") > -1 || str.indexOf("/openidserver") > -1 || str.indexOf("/gadgets") > -1 || str.indexOf("/samlsso") > -1;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean handleLogout(CarbonUIAuthenticator carbonUIAuthenticator, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession, boolean z, String str, String str2, String str3) throws IOException {
        log.debug("Handling Logout..");
        try {
            CarbonUIAuthenticator carbonUIAuthenticator2 = (CarbonUIAuthenticator) httpSession.getAttribute(CarbonSecuredHttpContext.CARBON_AUTHNETICATOR);
            if (carbonUIAuthenticator2 != null) {
                carbonUIAuthenticator2.unauthenticate(httpServletRequest);
                log.debug("Backend session invalidated");
            }
            if ("true".equals(httpServletRequest.getParameter("logoutcomplete"))) {
                if (httpServletRequest.getSession(false) != null) {
                    httpSession.removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                    httpSession.getServletContext().removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                    try {
                        invalidateSession(httpSession);
                    } catch (Exception e) {
                        if (log.isDebugEnabled()) {
                            log.debug("Error in invalidating frontend session ", e);
                        }
                    }
                }
                httpServletResponse.sendRedirect("../../carbon/admin/login.jsp");
                return false;
            }
            if (httpServletRequest.getAttribute("ExternalLogoutPage") != null) {
                if (httpServletRequest.getSession(false) != null) {
                    httpSession.removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                    httpSession.getServletContext().removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                    try {
                        invalidateSession(httpSession);
                    } catch (Exception e2) {
                        if (log.isDebugEnabled()) {
                            log.debug("Error in invalidating frontend session ", e2);
                        }
                    }
                }
                httpServletResponse.sendRedirect((String) httpServletRequest.getAttribute("ExternalLogoutPage"));
                return false;
            }
            CarbonSSOSessionManager carbonSSOSessionManager = CarbonSSOSessionManager.getInstance();
            if (!carbonSSOSessionManager.skipSSOSessionInvalidation(httpServletRequest, carbonUIAuthenticator2) && !carbonSSOSessionManager.isSessionValid(httpServletRequest.getSession().getId())) {
                if (httpServletRequest.getSession(false) != null) {
                    httpSession.removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                    httpSession.getServletContext().removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                    try {
                        invalidateSession(httpSession);
                        log.debug("SSO session session invalidated ");
                    } catch (Exception e3) {
                        if (log.isDebugEnabled()) {
                            log.debug("Error in invalidating frontend session ", e3);
                        }
                    }
                }
                httpServletResponse.sendRedirect("../.." + str2);
                return false;
            }
            carbonSSOSessionManager.removeInvalidSession(httpServletRequest.getSession().getId());
            if (httpServletRequest.getAttribute("logoutRequest") != null) {
                log.debug("Loging out from SSO session");
                httpServletResponse.sendRedirect("../../carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true");
                return false;
            }
            if (httpServletRequest.isRequestedSessionIdValid()) {
                httpSession.removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                httpSession.getServletContext().removeAttribute(CarbonSecuredHttpContext.LOGGED_USER);
                try {
                    invalidateSession(httpSession);
                } catch (Exception e4) {
                    if (log.isDebugEnabled()) {
                        log.debug("Error in invalidating frontend session ", e4);
                    }
                }
            }
            Cookie cookie = new Cookie("wso2.carbon.rememberme", (String) null);
            cookie.setPath("/");
            cookie.setSecure(true);
            cookie.setMaxAge(RETURN_FALSE);
            httpServletResponse.addCookie(cookie);
            httpServletResponse.sendRedirect(str + str2);
            return false;
        } catch (Exception e5) {
            log.error(e5.getMessage(), e5);
            httpServletResponse.sendRedirect("../admin/login.jsp");
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean handleLogin(CarbonUIAuthenticator carbonUIAuthenticator, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession, boolean z, String str, String str2, String str3) throws IOException {
        try {
            String parameter = httpServletRequest.getParameter("RelayState");
            String parameter2 = httpServletRequest.getParameter("idpSessionIndex");
            if (parameter != null && parameter.endsWith("-logout") && parameter2 != null && !"".equals(parameter2)) {
                httpSession.setAttribute(CarbonSecuredHttpContext.LOGGED_USER, httpServletRequest.getParameter(AbstractCarbonUIAuthenticator.USERNAME));
                httpSession.setAttribute("idpSessionIndex", parameter2);
                httpServletResponse.sendRedirect("/carbon/sso-acs/redirect_ajaxprocessor.jsp?logout=true");
                return false;
            }
            carbonUIAuthenticator.authenticate(httpServletRequest);
            HttpSession session = httpServletRequest.getSession();
            session.setAttribute(CarbonSecuredHttpContext.CARBON_AUTHNETICATOR, carbonUIAuthenticator);
            String str4 = (String) httpServletRequest.getAttribute(AbstractCarbonUIAuthenticator.USERNAME);
            if (log.isDebugEnabled()) {
                log.debug("Login request from " + str4);
            }
            String str5 = RETURN_FALSE;
            if (httpServletRequest.getAttribute("tenantDomain") != null) {
                str5 = (String) httpServletRequest.getAttribute("tenantDomain");
            }
            if (str5 == null) {
                str5 = MultitenantUtils.getTenantDomain(str4);
            }
            if (str5 != null && !"carbon.super".equals(str5)) {
                str = str + "/t/" + str5;
            }
            String parameter3 = httpServletRequest.getParameter(AbstractCarbonUIAuthenticator.REMEMBER_ME);
            boolean z2 = RETURN_FALSE;
            if (parameter3 != null && parameter3.equals(AbstractCarbonUIAuthenticator.REMEMBER_ME)) {
                z2 = RETURN_TRUE;
            }
            if (z2) {
                try {
                    String str6 = (String) httpServletRequest.getAttribute("wso2.carbon.rememberme.value");
                    int parseInt = Integer.parseInt((String) httpServletRequest.getAttribute("wso2.carbon.rememberme.age"));
                    Cookie cookie = new Cookie("wso2.carbon.rememberme", str6);
                    cookie.setPath("/");
                    cookie.setSecure(true);
                    cookie.setMaxAge(parseInt);
                    httpServletResponse.addCookie(cookie);
                } catch (Exception e) {
                    httpServletResponse.sendRedirect(str + str2 + (str2.indexOf(63) == -1 ? "?" : "&") + "loginStatus=false");
                    if (!log.isDebugEnabled()) {
                        return false;
                    }
                    log.debug("Security check failed for login request for " + str4);
                    return false;
                }
            }
            if (parameter != null && parameter.endsWith("-logout")) {
                session.setAttribute(CarbonSecuredHttpContext.LOGGED_USER, httpServletRequest.getParameter(AbstractCarbonUIAuthenticator.USERNAME));
                httpServletResponse.sendRedirect("/carbon/admin/logout_action.jsp");
                return false;
            }
            if (str != null) {
                if (str2.startsWith("../..")) {
                    str2 = str2.substring(5);
                }
                httpServletResponse.sendRedirect(str + str2 + (str2.indexOf(63) == -1 ? "?" : "&") + "loginStatus=true");
            }
            return false;
        } catch (AuthenticationException e2) {
            log.debug("Authentication failure ...", e2);
            try {
                httpServletRequest.getSession().invalidate();
                getAuthenticator(httpServletRequest).unauthenticate(httpServletRequest);
                if (str3 != null) {
                    httpServletResponse.sendRedirect(str3 + "?loginStatus=false");
                    return false;
                }
                httpServletResponse.sendRedirect("/carbon/admin/login.jsp?loginStatus=false");
                return false;
            } catch (Exception e3) {
                return false;
            }
        } catch (Exception e4) {
            log.error("error occurred while login", e4);
            httpServletResponse.sendRedirect("../../carbon/admin/login.jsp?loginStatus=failed");
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getForcedSignOutRequestedURI(String str, HttpServletRequest httpServletRequest) {
        if (str.endsWith(".jsp") && !str.endsWith("ajaxprocessor.jsp") && !str.endsWith("session_validate.jsp") && httpServletRequest.getSession().getAttribute("authenticated") != null && ((Boolean) httpServletRequest.getSession().getAttribute("authenticated")).booleanValue() && ((httpServletRequest.getSession().getAttribute("tenantDomain") == null && httpServletRequest.getAttribute("tenantDomain") != null) || (httpServletRequest.getSession().getAttribute("tenantDomain") != null && httpServletRequest.getAttribute("tenantDomain") != null && !httpServletRequest.getSession().getAttribute("tenantDomain").equals(httpServletRequest.getAttribute("tenantDomain"))))) {
            str = "../admin/logout_action.jsp";
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int handleLoginPageRequest(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, String str2, String str3) throws IOException {
        String str4;
        if (str.indexOf("login.jsp") <= -1 && str.indexOf("login_ajaxprocessor.jsp") <= -1 && str.indexOf("admin/layout/template.jsp") <= -1 && !str.endsWith("/filedownload") && !str.endsWith("/fileupload") && str.indexOf("/fileupload/") <= -1 && str.indexOf("login_action.jsp") <= -1 && str.indexOf("admin/jsp/WSRequestXSSproxy_ajaxprocessor.jsp") <= -1 && str.indexOf("tryit/JAXRSRequestXSSproxy_ajaxprocessor.jsp") <= -1) {
            return CONTINUE;
        }
        if ((str.indexOf("login.jsp") > -1 || str.indexOf("login_ajaxprocessor.jsp") > -1 || str.indexOf("login_action.jsp") > -1) && z) {
            if (httpServletRequest.getSession().getAttribute("tenantDomain") != null && (str4 = (String) httpServletRequest.getSession().getAttribute("tenantDomain")) != null && !"carbon.super".equals(str4)) {
                str2 = str2 + "/t/" + str4;
            }
            if (log.isDebugEnabled()) {
                log.debug("User already authenticated. Redirecting to " + str3);
            }
            httpServletResponse.sendRedirect(str2 + "/carbon/admin/index.jsp");
            return RETURN_FALSE;
        }
        if (str.indexOf("login_action.jsp") <= -1 || z) {
            if (!log.isDebugEnabled()) {
                return RETURN_TRUE;
            }
            log.debug("Skipping security checks for " + str);
            return RETURN_TRUE;
        }
        if (!log.isDebugEnabled()) {
            return CONTINUE;
        }
        log.debug("User is not yet authenticated and now trying to get authenticated;do nothing, leave for authentication at the end");
        return CONTINUE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean escapeTenantWebAppRequests(boolean z, HttpServletResponse httpServletResponse, String str, String str2) throws IOException {
        if (str.contains("/webapps/")) {
            httpServletResponse.sendError(404, "Web application not found. Request URI: " + str);
            return false;
        }
        if (!str.contains("/carbon/admin/login.jsp") || z) {
            log.debug("Skipping security checks");
            return true;
        }
        httpServletResponse.sendRedirect(str2 + "/carbon/admin/login.jsp");
        log.debug("Redirecting to /carbon/admin/login.jsp");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String addNewContext(String str) {
        String replaceFirst;
        int indexOf;
        if (str.startsWith("/carbon") && !str.startsWith("/carbon/carbon/")) {
            str = str;
        } else if (str.indexOf("filedownload") == -1 && str.indexOf("fileupload") == -1 && (indexOf = (replaceFirst = str.replaceFirst("/", "")).indexOf(47)) > -1) {
            String substring = replaceFirst.substring(RETURN_FALSE, indexOf);
            str = (str.startsWith("/registry/registry/") || str.startsWith("/registry/carbon/") || !(substring.equals("registry") || substring.equals("gadgets") || substring.equals("social"))) ? str.substring(indexOf + RETURN_TRUE) : str;
        }
        return str;
    }

    protected static String uRIContextBuilder(String str) {
        int countMatches = StringUtils.countMatches(str, "/");
        String str2 = "../..";
        for (int i = RETURN_FALSE; i < countMatches; i += RETURN_TRUE) {
            str2 = str2 + "/..";
        }
        return str2;
    }

    private static void invalidateSession(HttpSession httpSession) {
        if (isRequestedFromLocalTransport()) {
            return;
        }
        httpSession.invalidate();
        if (log.isDebugEnabled()) {
            log.debug("Frontend session invalidated");
        }
    }

    private static boolean isRequestedFromLocalTransport() {
        MessageContext currentMessageContext = MessageContext.getCurrentMessageContext();
        if (currentMessageContext != null) {
            return currentMessageContext.getIncomingTransportName().equals("local");
        }
        return false;
    }
}
