package org.wso2.carbon.identity.application.authentication.framework;

import java.io.IOException;
import java.net.URLDecoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.internal.ApplicationAuthenticationFrameworkServiceComponent;
import org.wso2.carbon.registry.core.utils.UUIDGenerator;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/CommonApplicationAuthenticationServlet.class */
public class CommonApplicationAuthenticationServlet extends HttpServlet {
    private static Log log = LogFactory.getLog(CommonApplicationAuthenticationServlet.class);
    private static final String REQUEST_CAN_BE_HANDLED = "requestCanBeHandled";
    public ApplicationAuthenticator[] authenticators;
    private final boolean isSingleFactor = ApplicationAuthenticatorsConfiguration.getInstance().isSingleFactor();

    public void init() {
        this.authenticators = ApplicationAuthenticationFrameworkServiceComponent.authenticators;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        int status;
        if (httpServletRequest.getParameter("type") != null) {
            String parameter = httpServletRequest.getParameter(ApplicationAuthenticatorConstants.SESSION_DATA_KEY);
            String decode = URLDecoder.decode(httpServletRequest.getParameter(ApplicationAuthenticatorConstants.CALLER_PATH), "UTF-8");
            String parameter2 = httpServletRequest.getParameter("type");
            boolean booleanValue = httpServletRequest.getParameter("forceAuthenticate") != null ? Boolean.valueOf(httpServletRequest.getParameter("forceAuthenticate")).booleanValue() : false;
            boolean booleanValue2 = httpServletRequest.getParameter("checkAuthentication") != null ? Boolean.valueOf(httpServletRequest.getParameter("checkAuthentication")).booleanValue() : false;
            String str = (String) httpServletRequest.getSession().getAttribute("username");
            if (booleanValue2) {
                sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.valueOf(str != null), parameter, decode, parameter2);
                return;
            }
            if (str != null && !booleanValue) {
                sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.TRUE, parameter, decode, parameter2);
                return;
            }
            cleanUpSession(httpServletRequest);
            ApplicationAuthenticationSessionDTO applicationAuthenticationSessionDTO = new ApplicationAuthenticationSessionDTO();
            applicationAuthenticationSessionDTO.setRequestType(parameter2);
            applicationAuthenticationSessionDTO.setCallerPath(decode);
            applicationAuthenticationSessionDTO.setCallerSessionKey(parameter);
            String generateUUID = UUIDGenerator.generateUUID();
            if (log.isDebugEnabled()) {
                log.debug("CommonApplicationAuthenticationServlet sessionDataKey: " + generateUUID);
            }
            String queryString = httpServletRequest.getQueryString();
            if (log.isDebugEnabled()) {
                log.debug("The query-string sent by the calling servlet is: " + queryString);
            }
            String replace = queryString.replace(parameter, generateUUID);
            applicationAuthenticationSessionDTO.setQueryParams("?" + replace);
            httpServletRequest.getSession().setAttribute(ApplicationAuthenticatorConstants.SESSION_DATA_KEY, generateUUID);
            httpServletRequest.getSession().setAttribute(generateUUID, applicationAuthenticationSessionDTO);
            httpServletRequest.setAttribute(ApplicationAuthenticatorConstants.QUERY_PARAMS, "?" + replace);
        }
        if (httpServletRequest.getParameter("deny") != null) {
            sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.FALSE);
            return;
        }
        for (ApplicationAuthenticator applicationAuthenticator : this.authenticators) {
            if (!applicationAuthenticator.isDisabled() && ((status = applicationAuthenticator.getStatus(httpServletRequest)) != 1 || status != -1)) {
                if (httpServletRequest.getSession().getAttribute(REQUEST_CAN_BE_HANDLED) == null) {
                    httpServletRequest.getSession().setAttribute(REQUEST_CAN_BE_HANDLED, Boolean.TRUE);
                }
                int doAuthentication = applicationAuthenticator.doAuthentication(httpServletRequest, httpServletResponse);
                if (doAuthentication != 1 && doAuthentication != 0 && doAuthentication != -1) {
                    if (log.isDebugEnabled()) {
                        log.debug(applicationAuthenticator.getAuthenticatorName() + " has set custom status code: " + String.valueOf(doAuthentication));
                        return;
                    }
                    return;
                } else if (doAuthentication == 0) {
                    if (log.isDebugEnabled()) {
                        log.debug("Authentication chain failed due to " + applicationAuthenticator.getAuthenticatorName() + "failure");
                    }
                    sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.FALSE);
                    return;
                } else if (doAuthentication == 1 && this.isSingleFactor) {
                    if (log.isDebugEnabled()) {
                        log.debug("Authenticaticated by " + applicationAuthenticator.getAuthenticatorName() + " in single-factor mode");
                    }
                    sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.TRUE);
                    return;
                }
            }
        }
        if (httpServletRequest.getSession().getAttribute(REQUEST_CAN_BE_HANDLED) == null) {
            if (log.isDebugEnabled()) {
                log.debug("No Authenticator can handle the request");
            }
            sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.FALSE);
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Authenticared passed in multi-factor mode");
            }
            sendResponseToCaller(httpServletRequest, httpServletResponse, Boolean.TRUE);
        }
    }

    private void sendResponseToCaller(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Boolean bool) throws ServletException, IOException {
        httpServletRequest.getParameter(ApplicationAuthenticatorConstants.SESSION_DATA_KEY);
        ApplicationAuthenticationSessionDTO applicationAuthenticationSessionDTO = (ApplicationAuthenticationSessionDTO) httpServletRequest.getSession().getAttribute((String) httpServletRequest.getSession().getAttribute(ApplicationAuthenticatorConstants.SESSION_DATA_KEY));
        sendResponseToCaller(httpServletRequest, httpServletResponse, bool, applicationAuthenticationSessionDTO.getCallerSessionKey(), applicationAuthenticationSessionDTO.getCallerPath(), applicationAuthenticationSessionDTO.getRequestType());
    }

    private void sendResponseToCaller(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Boolean bool, String str, String str2, String str3) throws ServletException, IOException {
        httpServletRequest.setAttribute(ApplicationAuthenticatorConstants.AUTHENTICATED, bool);
        httpServletRequest.setAttribute(ApplicationAuthenticatorConstants.AUTHENTICATED_USER, (String) httpServletRequest.getSession().getAttribute("username"));
        httpServletRequest.setAttribute(ApplicationAuthenticatorConstants.SESSION_DATA_KEY, str);
        if (log.isDebugEnabled()) {
            log.debug("Sending response back to: " + str2);
        }
        if (str3.equals("oauth2")) {
            httpServletRequest.getServletContext().getContext("/oauth2").getRequestDispatcher("/authorize/").forward(httpServletRequest, httpServletResponse);
        } else {
            httpServletRequest.getRequestDispatcher(str2).forward(httpServletRequest, httpServletResponse);
        }
    }

    private void cleanUpSession(HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession().removeAttribute(REQUEST_CAN_BE_HANDLED);
        httpServletRequest.getSession().removeAttribute(ApplicationAuthenticatorConstants.DO_AUTHENTICATION);
        for (ApplicationAuthenticator applicationAuthenticator : this.authenticators) {
            applicationAuthenticator.resetStatus(httpServletRequest);
        }
    }
}
