package org.wso2.carbon.identity.authenticator.webseal.ui;

import java.net.URLDecoder;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.axiom.om.util.Base64;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.identity.authenticator.webseal.ui.client.WebSealAuthenticatorClient;
import org.wso2.carbon.ui.CarbonUIUtil;
import org.wso2.carbon.ui.DefaultCarbonAuthenticator;

/* loaded from: input_file:org/wso2/carbon/identity/authenticator/webseal/ui/WebSealUIAuthenticator.class */
public class WebSealUIAuthenticator extends DefaultCarbonAuthenticator {
    public static final String WEBSEAL_USER = "iv-user";
    protected static final Log log = LogFactory.getLog(WebSealUIAuthenticator.class);
    private static final int DEFAULT_PRIORITY_LEVEL = 10;
    private static final String AUTHENTICATOR_NAME = "WebSealUIAuthenticator";

    public boolean canHandle(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(WEBSEAL_USER);
        if (log.isDebugEnabled()) {
            if (header == null) {
                log.debug("iv-user header is null. WebSealUIAuthenticator can not process this request");
            } else {
                log.debug("iv-user header is : " + header);
            }
        }
        return header != null;
    }

    public int getPriority() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(AUTHENTICATOR_NAME);
        return (authenticatorConfig == null || authenticatorConfig.getPriority() <= 0) ? DEFAULT_PRIORITY_LEVEL : authenticatorConfig.getPriority();
    }

    public String getAuthenticatorName() {
        return AUTHENTICATOR_NAME;
    }

    public void authenticate(HttpServletRequest httpServletRequest) throws AuthenticationException {
        String header = httpServletRequest.getHeader("Authorization");
        String header2 = httpServletRequest.getHeader(WEBSEAL_USER);
        if (header != null) {
            handleSecurity(header.trim(), httpServletRequest.getParameter("rememberMe") != null, httpServletRequest);
            httpServletRequest.setAttribute("username", header2);
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Authorization header is empty");
            }
            throw new AuthenticationException("Autherization header is empty");
        }
    }

    public String doAuthentication(Object obj, boolean z, ServiceClient serviceClient, HttpServletRequest httpServletRequest) throws AuthenticationException {
        String str = null;
        String str2 = null;
        String str3 = (String) obj;
        if (str3 != null) {
            try {
                if (str3.startsWith("Basic ")) {
                    String str4 = new String(Base64.decode(str3.substring(6)));
                    int indexOf = str4.indexOf(58);
                    str = indexOf == -1 ? str4 : str4.substring(0, indexOf);
                    if (indexOf != -1) {
                        str2 = str4.substring(indexOf + 1);
                        if (str2 != null && str2.trim().equals("")) {
                            str2 = null;
                        }
                    }
                }
            } catch (Exception e) {
                log.error("Error when sign-in for the user : " + ((String) null), e);
                throw new AuthenticationException("Error when sign-in for the user : " + ((String) null), e);
            } catch (AuthenticationException e2) {
                throw e2;
            }
        }
        String header = httpServletRequest.getHeader(WEBSEAL_USER);
        if (str == null || str2 == null) {
            if (log.isDebugEnabled()) {
                if (str == null) {
                    log.debug("No valid webseal user name provided");
                } else {
                    log.debug("WebSeal user name is : " + str);
                }
                if (str2 == null) {
                    log.debug("No valid webseal user password provided");
                }
                if (header == null) {
                    log.debug("No valid webseal authenticated user name provided");
                }
            }
            throw new AuthenticationException("Invalid credentials");
        }
        if (header != null) {
            header = URLDecoder.decode(header, "UTF-8");
        }
        ServletContext servletContext = httpServletRequest.getSession().getServletContext();
        ConfigurationContext configurationContext = (ConfigurationContext) servletContext.getAttribute("ConfigurationContext");
        if (configurationContext == null) {
            log.error("Configuration context is null.");
        }
        HttpSession session = httpServletRequest.getSession();
        String parameter = httpServletRequest.getParameter("backendURL");
        if (parameter == null) {
            parameter = CarbonUIUtil.getServerURL(servletContext, httpServletRequest.getSession());
        }
        session.setAttribute("ServerURL", parameter);
        if (new WebSealAuthenticatorClient(configurationContext, parameter, (String) session.getAttribute("wso2carbon.admin.service.cookie"), session).login(str, str2, header)) {
            return header;
        }
        throw new AuthenticationException("Cannot login user " + header);
    }

    public boolean isDisabled() {
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig = AuthenticatorsConfiguration.getInstance().getAuthenticatorConfig(AUTHENTICATOR_NAME);
        if (authenticatorConfig != null) {
            return authenticatorConfig.isDisabled();
        }
        return true;
    }

    public void unauthenticate(Object obj) throws Exception {
        HttpSession session = ((HttpServletRequest) obj).getSession();
        ServletContext servletContext = session.getServletContext();
        try {
            new WebSealAuthenticatorClient((ConfigurationContext) servletContext.getAttribute("ConfigurationContext"), CarbonUIUtil.getServerURL(servletContext, session), (String) session.getAttribute("wso2carbon.admin.service.cookie"), session).logout(session);
        } catch (AuthenticationException e) {
            log.error("Error occurred while logging out", e);
            throw new Exception("Error occurred while logging out", e);
        }
    }
}
