package org.n52.security.service.authentication;

import java.net.URL;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Hashtable;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.log4j.Logger;
import org.n52.security.common.authentication.Credential;
import org.n52.security.common.authentication.SAMLTicket;
import org.n52.security.common.authentication.SessionIDCredential;
import org.n52.security.common.authentication.UsernameIDPrincipal;
import org.n52.security.common.protocol.AuthenticationService;
import org.n52.security.common.protocol.artifact.AuthenticationServiceCapabilities;
import org.n52.security.common.protocol.artifact.SAMLResponse;
import org.n52.security.common.protocol.artifact.ServiceException;
import org.n52.security.common.protocol.artifact.SessionInfo;
import org.n52.security.service.common.loginmodule.AuthenticationModule;

/* loaded from: input_file:org/n52/security/service/authentication/AuthenticationServiceImpl.class */
public class AuthenticationServiceImpl implements AuthenticationService {
    private static Logger sLogger;
    private AuthenticationServiceConfiguration config;
    private Hashtable sessions = new Hashtable();
    private AuthenticationModule mAuthentModule;
    private Key mPrivKey;
    private Certificate mCert;
    private int mSessionTimeout;
    private AuthenticationServiceCapabilities mASCaps;
    static Class class$org$n52$security$service$authentication$AuthenticationServiceImpl;
    static Class class$org$n52$security$common$authentication$SessionIDCredential;
    static Class class$org$n52$security$common$authentication$UsernameIDPrincipal;
    static Class class$org$n52$security$common$authentication$AttributePrincipal;

    public AuthenticationServiceImpl(AuthenticationServiceConfiguration authenticationServiceConfiguration) throws ServiceException {
        this.mSessionTimeout = 600;
        this.config = authenticationServiceConfiguration;
        try {
            this.mAuthentModule = authenticationServiceConfiguration.getAuthenticationModule();
            URL url = new URL(authenticationServiceConfiguration.getWas_PK_Keystore_Path());
            sLogger.info(new StringBuffer().append("Opening Java Keystore from ").append(url.toString()).toString());
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(url.openStream(), authenticationServiceConfiguration.getWas_PK_Keystore_Password().toCharArray());
            this.mPrivKey = keyStore.getKey(authenticationServiceConfiguration.getWas_PK_Alias(), authenticationServiceConfiguration.getWas_PK_Password().toCharArray());
            KeyStore keyStore2 = KeyStore.getInstance("JKS");
            keyStore2.load(new URL(authenticationServiceConfiguration.getWas_Certificate_Keystore_Path()).openStream(), authenticationServiceConfiguration.getWas_Certificate_Keystore_Password().toCharArray());
            this.mCert = keyStore2.getCertificate(authenticationServiceConfiguration.getWas_Certificate_Alias());
            if (this.mAuthentModule.supportsAuthenticationMethod("urn:opengeospatial:authNMethod:OWS:1.0:session")) {
                this.mSessionTimeout = this.mAuthentModule.getAuthenticationMethod("urn:opengeospatial:authNMethod:OWS:1.0:session").getSessionTimeout();
            }
            this.mASCaps = new AuthenticationServiceCapabilities(new URL(authenticationServiceConfiguration.getCapabilitiesURL()).openStream(), "UTF-8");
            this.mASCaps.setOperationsUrls(authenticationServiceConfiguration.getBindingParameter("was.url"));
            this.mASCaps.addAuthenticationMethods(this.mAuthentModule.getAuthenticationMethods());
        } catch (Exception e) {
            sLogger.error("", e);
            throw new ServiceException("Internal service error", "ServiceError");
        }
    }

    public String authenticate(String str, String str2, String str3, String str4) {
        return "";
    }

    public void closeSession(String str, String str2) throws ServiceException {
        if (str2 == null) {
            throw new ServiceException("No SESSIONID parameter or value", "InvalidFormat");
        }
        SessionInfo sessionInfo = (SessionInfo) this.sessions.remove(str2);
        if (sessionInfo == null) {
            throw new ServiceException("No matching session found. Session may already be closed.", "InvalidSessionID");
        }
        sessionInfo.close();
    }

    public AuthenticationServiceCapabilities getCapabilities(String str, String str2) throws ServiceException {
        return this.mASCaps;
    }

    public SAMLResponse getSAMLResponse(String str, Credential credential) throws ServiceException {
        Class cls;
        Class cls2;
        Class cls3;
        if (!(credential instanceof SessionIDCredential)) {
            StringBuffer append = new StringBuffer().append("Expected credential of type ");
            if (class$org$n52$security$common$authentication$SessionIDCredential == null) {
                cls3 = class$("org.n52.security.common.authentication.SessionIDCredential");
                class$org$n52$security$common$authentication$SessionIDCredential = cls3;
            } else {
                cls3 = class$org$n52$security$common$authentication$SessionIDCredential;
            }
            throw new IllegalArgumentException(append.append(cls3).append(". Found ").append(credential.getClass()).toString());
        }
        SessionInfo sessionInfo = (SessionInfo) this.sessions.get(((SessionIDCredential) credential).getSessionID());
        if (sessionInfo == null) {
            throw new ServiceException("No matching session found. Session may already be closed.", "InvalidSessionID");
        }
        if (sessionInfo.getExpiry().before(new Date())) {
            throw new ServiceException("Session expired, please reauthenticate.", "SessionExpired");
        }
        sessionInfo.update(this.mSessionTimeout);
        Subject subject = sessionInfo.getSubject();
        try {
            if (class$org$n52$security$common$authentication$UsernameIDPrincipal == null) {
                cls = class$("org.n52.security.common.authentication.UsernameIDPrincipal");
                class$org$n52$security$common$authentication$UsernameIDPrincipal = cls;
            } else {
                cls = class$org$n52$security$common$authentication$UsernameIDPrincipal;
            }
            UsernameIDPrincipal usernameIDPrincipal = (UsernameIDPrincipal) subject.getPrincipals(cls).iterator().next();
            if (class$org$n52$security$common$authentication$AttributePrincipal == null) {
                cls2 = class$("org.n52.security.common.authentication.AttributePrincipal");
                class$org$n52$security$common$authentication$AttributePrincipal = cls2;
            } else {
                cls2 = class$org$n52$security$common$authentication$AttributePrincipal;
            }
            return new SAMLResponse(SAMLTicket.createSAMLResponseFromPrincipals(usernameIDPrincipal, subject.getPrincipals(cls2), this.config.getSessionIssuerName(), "", this.config.getResponseTimeout(), "#password", this.mPrivKey, this.mCert, true));
        } catch (Exception e) {
            sLogger.error(e.getMessage(), e);
            throw new ServiceException("Internal service error. Please contact the service administrator.", "ServiceError");
        }
    }

    public SessionInfo getSession(String str, Credential credential) throws ServiceException {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(credential);
            String authenticationMethodURN = credential.getAuthenticationMethodURN();
            if (!this.mAuthentModule.supportsAuthenticationMethod(authenticationMethodURN)) {
                throw new ServiceException("Sessions are not supported by this service", "InvalidFormat");
            }
            SessionInfo sessionInfo = new SessionInfo(this.mSessionTimeout, this.config.getSessionIssuerName(), "default", "opened", this.mAuthentModule.authenticate(authenticationMethodURN, arrayList));
            this.sessions.put(sessionInfo.getID(), sessionInfo);
            return sessionInfo;
        } catch (LoginException e) {
            sLogger.warn(new StringBuffer().append("Login failed for credentials ").append(credential).toString(), e);
            throw new ServiceException(e.getMessage(), "AuthenticationFailed");
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$n52$security$service$authentication$AuthenticationServiceImpl == null) {
            cls = class$("org.n52.security.service.authentication.AuthenticationServiceImpl");
            class$org$n52$security$service$authentication$AuthenticationServiceImpl = cls;
        } else {
            cls = class$org$n52$security$service$authentication$AuthenticationServiceImpl;
        }
        sLogger = Logger.getLogger(cls);
    }
}
