package org.wso2.carbon.identity.application.authentication.framework.handler.request.impl;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCache;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheKey;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.config.model.SequenceConfig;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.context.SessionContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException;
import org.wso2.carbon.identity.application.authentication.framework.handler.request.RequestCoordinator;
import org.wso2.carbon.identity.application.authentication.framework.internal.FrameworkServiceComponent;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.registry.core.utils.UUIDGenerator;
import org.wso2.carbon.user.api.Tenant;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/framework/handler/request/impl/DefaultRequestCoordinator.class */
public class DefaultRequestCoordinator implements RequestCoordinator {
    private static Log log = LogFactory.getLog(DefaultRequestCoordinator.class);
    private static volatile DefaultRequestCoordinator instance;

    public static DefaultRequestCoordinator getInstance() {
        if (instance == null) {
            synchronized (DefaultRequestCoordinator.class) {
                if (instance == null) {
                    instance = new DefaultRequestCoordinator();
                }
            }
        }
        return instance;
    }

    @Override // org.wso2.carbon.identity.application.authentication.framework.handler.request.RequestCoordinator
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        AuthenticationContext contextData;
        try {
            try {
                AuthenticationRequestCacheEntry authenticationRequestCacheEntry = null;
                String parameter = httpServletRequest.getParameter(FrameworkConstants.SESSION_DATA_KEY);
                boolean z = false;
                if (httpServletRequest == null || httpServletRequest.getParameter(FrameworkConstants.RequestParams.TYPE) == null) {
                    z = true;
                    contextData = FrameworkUtils.getContextData(httpServletRequest);
                } else {
                    authenticationRequestCacheEntry = (AuthenticationRequestCacheEntry) AuthenticationRequestCache.getInstance(0).getValueFromCache(new AuthenticationRequestCacheKey(parameter));
                    log.debug("retrieving authentication request from cache..");
                    if (authenticationRequestCacheEntry != null) {
                        httpServletRequest = FrameworkUtils.getCommonAuthReqWithParams(httpServletRequest, authenticationRequestCacheEntry);
                    }
                    contextData = initializeFlow(httpServletRequest, httpServletResponse);
                }
                if (contextData != null) {
                    contextData.setReturning(z);
                    if (!contextData.isReturning() && authenticationRequestCacheEntry != null) {
                        contextData.setAuthenticationRequest(authenticationRequestCacheEntry.getAuthenticationRequest());
                    }
                    if (contextData.isLogoutRequest()) {
                        FrameworkUtils.getLogoutRequestHandler().handle(httpServletRequest, httpServletResponse, contextData);
                    } else {
                        FrameworkUtils.getAuthenticationRequestHandler().handle(httpServletRequest, httpServletResponse, contextData);
                    }
                } else {
                    if (log.isDebugEnabled()) {
                        String parameter2 = httpServletRequest.getParameter(FrameworkConstants.SESSION_DATA_KEY);
                        if (parameter2 == null) {
                            log.debug("Session data key is null in the request");
                        } else {
                            log.debug("Session data key  :  " + parameter2);
                        }
                    }
                    log.error("Context does not exist. Probably due to invalidated cache");
                    FrameworkUtils.sendToRetryPage(httpServletRequest, httpServletResponse);
                }
                FrameworkUtils.removeAuthenticationRequestFromCache(httpServletRequest.getParameter(FrameworkConstants.SESSION_DATA_KEY));
            } catch (Throwable th) {
                log.error("Exception in Authentication Framework", th);
                FrameworkUtils.sendToRetryPage(httpServletRequest, httpServletResponse);
                FrameworkUtils.removeAuthenticationRequestFromCache(httpServletRequest.getParameter(FrameworkConstants.SESSION_DATA_KEY));
            }
        } catch (Throwable th2) {
            FrameworkUtils.removeAuthenticationRequestFromCache(httpServletRequest.getParameter(FrameworkConstants.SESSION_DATA_KEY));
            throw th2;
        }
    }

    protected AuthenticationContext initializeFlow(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws FrameworkException {
        if (log.isDebugEnabled()) {
            log.debug("Initializing the flow");
        }
        String parameter = httpServletRequest.getParameter(FrameworkConstants.SESSION_DATA_KEY);
        String parameter2 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.CALLER_PATH);
        if (parameter2 != null) {
            try {
                parameter2 = URLDecoder.decode(parameter2, "UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new FrameworkException(e.getMessage(), e);
            }
        }
        String parameter3 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.TYPE);
        String parameter4 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.ISSUER);
        String parameter5 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.TENANT_DOMAIN);
        if (parameter5 == null || parameter5.isEmpty() || parameter5.equals("null")) {
            String parameter6 = httpServletRequest.getParameter(FrameworkConstants.RequestParams.TENANT_ID);
            if (parameter6 == null || parameter6.equals("-1234")) {
                parameter5 = "carbon.super";
            } else {
                try {
                    Tenant tenant = FrameworkServiceComponent.getRealmService().getTenantManager().getTenant(Integer.valueOf(parameter6).intValue());
                    if (tenant != null) {
                        parameter5 = tenant.getDomain();
                    }
                } catch (Exception e2) {
                    throw new FrameworkException(e2.getMessage(), e2);
                }
            }
        }
        AuthenticationContext authenticationContext = new AuthenticationContext();
        authenticationContext.setCallerSessionKey(parameter);
        authenticationContext.setCallerPath(parameter2);
        authenticationContext.setRequestType(parameter3);
        authenticationContext.setRelyingParty(parameter4);
        authenticationContext.setTenantDomain(parameter5);
        String generateUUID = UUIDGenerator.generateUUID();
        authenticationContext.setContextIdentifier(generateUUID);
        if (log.isDebugEnabled()) {
            log.debug("Framework contextId: " + generateUUID);
        }
        if (httpServletRequest.getParameter("commonAuthLogout") != null) {
            if (log.isDebugEnabled()) {
                log.debug("Starting a logout flow");
            }
            authenticationContext.setLogoutRequest(true);
            if (authenticationContext.getRelyingParty() == null || authenticationContext.getRelyingParty().trim().length() == 0) {
                if (log.isDebugEnabled()) {
                    log.debug("relyingParty param is null. This is a possible logout scenario.");
                }
                Cookie authCookie = FrameworkUtils.getAuthCookie(httpServletRequest);
                if (authCookie != null) {
                    authenticationContext.setSessionIdentifier(authCookie.getValue());
                }
                return authenticationContext;
            }
        } else if (log.isDebugEnabled()) {
            log.debug("Starting an authentication flow");
        }
        findPreviousAuthenticatedSession(httpServletRequest, authenticationContext);
        buildOutboundQueryString(httpServletRequest, authenticationContext);
        return authenticationContext;
    }

    protected void findPreviousAuthenticatedSession(HttpServletRequest httpServletRequest, AuthenticationContext authenticationContext) throws FrameworkException {
        SequenceConfig sequenceConfig = ConfigurationFacade.getInstance().getSequenceConfig(authenticationContext.getRequestType(), httpServletRequest.getParameter(FrameworkConstants.RequestParams.ISSUER), authenticationContext.getTenantDomain());
        Cookie authCookie = FrameworkUtils.getAuthCookie(httpServletRequest);
        if (authCookie != null) {
            if (log.isDebugEnabled()) {
                log.debug("commonAuthId cookie is available with the value: " + authCookie.getValue());
            }
            SessionContext sessionContextFromCache = FrameworkUtils.getSessionContextFromCache(authCookie.getValue());
            if (sessionContextFromCache != null) {
                authenticationContext.setSessionIdentifier(authCookie.getValue());
                String applicationName = sequenceConfig.getApplicationConfig().getApplicationName();
                if (log.isDebugEnabled()) {
                    log.debug("Service Provider is: " + applicationName);
                }
                SequenceConfig sequenceConfig2 = sessionContextFromCache.getAuthenticatedSequences().get(applicationName);
                if (sequenceConfig2 != null) {
                    if (log.isDebugEnabled()) {
                        log.debug("A previously authenticated sequence found for the SP: " + applicationName);
                    }
                    authenticationContext.setPreviousSessionFound(true);
                    sequenceConfig = sequenceConfig2;
                    String authenticatedUser = sequenceConfig.getAuthenticatedUser();
                    if (authenticatedUser != null) {
                        authenticationContext.setSubject(authenticatedUser);
                        if (log.isDebugEnabled()) {
                            log.debug("Already authenticated by username: " + authenticatedUser);
                        }
                    }
                    String authenticatedUserTenantDomain = sequenceConfig.getAuthenticatedUserTenantDomain();
                    if (authenticatedUserTenantDomain != null && log.isDebugEnabled()) {
                        log.debug("Already authenticated by user tenant domain: " + authenticatedUserTenantDomain);
                    }
                }
                authenticationContext.setPreviousAuthenticatedIdPs(sessionContextFromCache.getAuthenticatedIdPs());
            } else if (log.isDebugEnabled()) {
                log.debug("Failed to find the SessionContext from the cache. Possible cache timeout.");
            }
        }
        authenticationContext.setServiceProviderName(sequenceConfig.getApplicationConfig().getApplicationName());
        authenticationContext.setSequenceConfig(sequenceConfig);
    }

    private void buildOutboundQueryString(HttpServletRequest httpServletRequest, AuthenticationContext authenticationContext) {
        String queryStringWithConfiguredParams = FrameworkUtils.getQueryStringWithConfiguredParams(httpServletRequest);
        if (queryStringWithConfiguredParams.trim().length() != 0) {
            queryStringWithConfiguredParams = queryStringWithConfiguredParams + "&";
        }
        String str = queryStringWithConfiguredParams + "sessionDataKey=" + authenticationContext.getContextIdentifier() + "&relyingParty=" + authenticationContext.getRelyingParty() + "&type=" + authenticationContext.getRequestType() + "&sp=" + authenticationContext.getServiceProviderName() + "&isSaaSApp=" + authenticationContext.getSequenceConfig().getApplicationConfig().isSaaSApp();
        if (log.isDebugEnabled()) {
            log.debug("Outbound Query String: " + str);
        }
        authenticationContext.setContextIdIncludedQueryParams(str);
        authenticationContext.setOrignalRequestQueryParams(str);
    }
}
