package org.n52.security.apps.wscweb.struts;

import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionMessage;
import org.apache.struts.action.ActionMessages;
import org.n52.security.apps.wscweb.FacadeGlobals;
import org.n52.security.authentication.UsernamePasswordCredential;
import org.n52.security.precondition.Precondition;
import org.n52.security.precondition.PreconditionManager;
import org.n52.security.service.base.ClientException;
import org.n52.security.service.base.ServiceException;
import org.n52.security.service.config.support.WebSecurityConfigUtil;
import org.n52.security.service.facade.FacadeTools;
import org.n52.security.service.wss.capabilities.SupportedAuthenticationMethod;
import org.n52.security.service.wss.client.WSSSecurityClient;
import org.n52.security.service.wss.precondition.IdentifyPreconditionHandler;
import org.safehaus.uuid.UUIDGenerator;

/* loaded from: input_file:org/n52/security/apps/wscweb/struts/IDPreconditionAction.class */
public class IDPreconditionAction extends FacadeAction {
    private static Logger sLogger = Logger.getLogger(IDPreconditionAction.class);
    private List m_methods = null;

    public ActionForward execute(ActionMapping actionMapping, ActionForm actionForm, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String str;
        String str2;
        UsernamePasswordCredential usernamePasswordCredential;
        IDPreconditionForm iDPreconditionForm = (IDPreconditionForm) actionForm;
        WSSSecurityClient wSSSecurityClient = (WSSSecurityClient) httpServletRequest.getSession().getAttribute(FacadeGlobals.SECURITY_SYSTEM_CLIENT);
        PreconditionManager preconditionManager = (PreconditionManager) httpServletRequest.getSession().getAttribute(FacadeGlobals.PRECONDITION_MANAGER);
        String username = iDPreconditionForm.getUsername();
        String password = iDPreconditionForm.getPassword();
        boolean isAnonymous = iDPreconditionForm.isAnonymous();
        if (isAnonymous) {
            String uuid = UUIDGenerator.getInstance().generateRandomBasedUUID().toString();
            new UsernamePasswordCredential(uuid, new char[0]);
            str = "anonymous-" + uuid;
            str2 = "urn:opengeospatial:authNMethod:OWS:1.0:password";
            usernamePasswordCredential = new UsernamePasswordCredential(str, new char[0]);
        } else {
            str = username != null ? username.trim() : null;
            String str3 = (String) WebSecurityConfigUtil.getSecurityConfig(httpServletRequest.getSession().getServletContext()).getServiceConfig("FacadeService").getProperties().get("notAllowUsernamePattern");
            if (str3 != null && str3.length() > 0 && Pattern.matches(str3, str)) {
                ActionMessages actionMessages = new ActionMessages();
                actionMessages.add("login.failed", new ActionMessage("failure.text.loginFailed", str));
                saveErrors(httpServletRequest, actionMessages);
                sLogger.warn("a user tried logon with preserved credentails <" + str + ">");
                return actionMapping.findForward(FacadeGlobals.FAILURE_FORWARD);
            }
            usernamePasswordCredential = new UsernamePasswordCredential(str, password);
            str2 = "urn:opengeospatial:authNMethod:OWS:1.0:password";
        }
        SupportedAuthenticationMethod selectAuthenticationMethod = FacadeTools.selectAuthenticationMethod(wSSSecurityClient.getURL(), "urn:opengeospatial:authNMethod:OWS:1.0:wauthns", usernamePasswordCredential, str2);
        try {
            IdentifyPreconditionHandler identifyPreconditionHandler = wSSSecurityClient.getIdentifyPreconditionHandler();
            identifyPreconditionHandler.setCredential(usernamePasswordCredential);
            identifyPreconditionHandler.setCredentialFormat(str2);
            identifyPreconditionHandler.setSelectedAuthnMethod(selectAuthenticationMethod);
            identifyPreconditionHandler.setAnonymous(isAnonymous);
            identifyPreconditionHandler.handle();
            sLogger.info("Successfully authenticated user " + str);
            preconditionManager.preconditionProcessed();
            httpServletRequest.getSession(true).setAttribute(FacadeGlobals.USERNAME, str);
            return actionMapping.findForward(FacadeGlobals.PRECONDITION_CONTROL_FORWARD);
        } catch (Exception e) {
            ActionMessages actionMessages2 = new ActionMessages();
            actionMessages2.add("login.failed", new ActionMessage("failure.text.loginFailed", str));
            saveErrors(httpServletRequest, actionMessages2);
            sLogger.error("Login failed for " + str + " at " + wSSSecurityClient.getURL(), e);
            return actionMapping.findForward(FacadeGlobals.FAILURE_FORWARD);
        }
    }

    protected List generateAuthNMethodList(Precondition precondition) throws ClientException, ServiceException {
        if (this.m_methods == null) {
            this.m_methods = Arrays.asList((SupportedAuthenticationMethod[]) precondition.getParams().get("wss.authenticationmethods"));
        }
        return this.m_methods;
    }

    private SupportedAuthenticationMethod findChosenAuthNMethod(List list, String str) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            SupportedAuthenticationMethod supportedAuthenticationMethod = (SupportedAuthenticationMethod) it.next();
            if (supportedAuthenticationMethod.getTextualRepresentation().equals(str)) {
                return supportedAuthenticationMethod;
            }
        }
        return null;
    }
}
