package org.wso2.solutions.identity.user.ui.action;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.struts2.StrutsStatics;
import org.openid4java.message.ParameterList;
import org.openid4java.message.pape.PapeMessage;
import org.wso2.solutions.identity.openid.OpenIDUtil;
import org.wso2.solutions.identity.user.ui.UIConstants;
import sun.misc.BASE64Decoder;

/* loaded from: input_file:WEB-INF/classes/org/wso2/solutions/identity/user/ui/action/OpenIDAuthenticationAction.class */
public class OpenIDAuthenticationAction extends ManagedAction {
    private static final long serialVersionUID = 2379986821364538695L;
    public boolean phishingResistanceAuthentication;
    public boolean multiFactorAuthentication;
    public boolean multiFactorPhysicalAuthentication;
    public boolean multiFactorAuthenticationWithUsernamePassword;

    @Override // com.opensymphony.xwork2.ActionSupport, com.opensymphony.xwork2.Action
    public String execute() throws Exception {
        ActionContext context = ActionContext.getContext();
        HttpServletRequest httpServletRequest = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
        HttpServletResponse httpServletResponse = (HttpServletResponse) context.get(StrutsStatics.HTTP_RESPONSE);
        HttpSession session = httpServletRequest.getSession();
        ParameterList parameterList = (ParameterList) session.getAttribute("parameterlist");
        if (parameterList == null || !parameterList.hasParameter("openid.identity")) {
            addErrorMessage(getText("openid_required"));
            loadMessages();
            return Action.ERROR;
        }
        String value = parameterList.getParameter("openid.identity").getValue();
        loadMessages();
        if (session.getAttribute("multiFactorAuthenticationWithUsernamePassword") != null) {
            this.multiFactorAuthenticationWithUsernamePassword = true;
            session.removeAttribute("multiFactorAuthenticationWithUsernamePassword");
        }
        if (this.multiFactorAuthenticationWithUsernamePassword) {
            return Action.SUCCESS;
        }
        String[] requestedAuthenticationPolicies = OpenIDUtil.getRequestedAuthenticationPolicies(parameterList);
        if (requestedAuthenticationPolicies != null) {
            for (String str : requestedAuthenticationPolicies) {
                if (str.equalsIgnoreCase(PapeMessage.PAPE_POLICY_PHISHING_RESISTANT)) {
                    this.phishingResistanceAuthentication = true;
                }
                if (str.equalsIgnoreCase(PapeMessage.PAPE_POLICY_MULTI_FACTOR)) {
                    this.multiFactorAuthentication = true;
                    this.phishingResistanceAuthentication = false;
                }
                if (str.equalsIgnoreCase(PapeMessage.PAPE_POLICY_MULTI_FACTOR_PHYSICAL)) {
                    this.multiFactorPhysicalAuthentication = true;
                }
            }
        }
        Cookie[] cookies = httpServletRequest.getCookies();
        boolean z = false;
        String str2 = null;
        String str3 = null;
        String str4 = null;
        if (cookies == null) {
            return Action.SUCCESS;
        }
        for (Cookie cookie : cookies) {
            if (cookie.getName().equalsIgnoreCase("rememberme")) {
                z = true;
            } else if (cookie.getName().equalsIgnoreCase("openid")) {
                str2 = cookie.getValue();
            } else if (cookie.getName().equalsIgnoreCase("password")) {
                str3 = new String(new BASE64Decoder().decodeBuffer(cookie.getValue()), "UTF-8");
            } else if (cookie.getName().equalsIgnoreCase("infocardCookie")) {
                str4 = cookie.getValue();
            }
        }
        if (str4 != null && str4.equals(value) && !this.multiFactorAuthentication && !this.multiFactorPhysicalAuthentication) {
            session.setAttribute("phishingResistanceAuthentication", "true");
            httpServletResponse.sendRedirect("OpenIDSelfIssuedLogin.action");
            return Action.SUCCESS;
        }
        if (!z || str2 == null || !str2.equals(value) || str3 == null || this.phishingResistanceAuthentication || this.multiFactorAuthentication || this.multiFactorPhysicalAuthentication) {
            return Action.SUCCESS;
        }
        session.setAttribute("password", str3);
        httpServletResponse.sendRedirect(UIConstants.OPENID_AUTH_VERIFICATION_ACTION);
        return Action.SUCCESS;
    }

    public boolean isPhishingResistanceAuthentication() {
        return this.phishingResistanceAuthentication;
    }

    public boolean isMultiFactorAuthentication() {
        return this.multiFactorAuthentication;
    }

    public boolean isMultiFactorPhysicalAuthentication() {
        return this.multiFactorPhysicalAuthentication;
    }

    public boolean isMultiFactorAuthenticationWithUsernamePassword() {
        return this.multiFactorAuthenticationWithUsernamePassword;
    }
}
