package org.n52.security.service.was;

import java.io.IOException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.n52.security.authentication.CredentialFactory;
import org.n52.security.authentication.SAMLResponse;
import org.n52.security.authentication.SAMLTicket;
import org.n52.security.common.artifact.ServiceException;
import org.n52.security.common.artifact.Transferable;
import org.n52.security.common.artifact.TransferableFactory;
import org.n52.security.common.util.ServletUtils;
import org.n52.security.common.util.StringUtils;
import org.n52.security.common.util.TransferableServletWriter;
import org.n52.security.service.config.SecurityConfig;
import org.n52.security.service.config.ServiceConfig;
import org.n52.security.service.config.support.AbstractSecurityServiceServlet;
import org.opensaml.SAMLException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/service/was/AuthenticationServiceServlet.class */
public class AuthenticationServiceServlet extends AbstractSecurityServiceServlet {
    private static final long serialVersionUID = 3824772542904879676L;
    private static final String CAPABILITIES_MIME_TYPE = "application/vnd.gdinrw.authn_xml";
    private String m_version = "1.1";
    private static final Logger LOG = LoggerFactory.getLogger(AuthenticationServiceServlet.class);
    private static ThreadLocal sRequestIpAddress = new ThreadLocal();

    protected AuthenticationServiceImpl getAuthn() {
        return (AuthenticationServiceImpl) getServiceInstance();
    }

    public String getServletInfo() {
        return "Web Authentication Service 1.0";
    }

    public String getVersion() {
        return this.m_version;
    }

    protected void init(ServletConfig servletConfig, ServiceConfig serviceConfig, SecurityConfig securityConfig) {
        if (!(getServiceInstance() instanceof AuthenticationServiceImpl)) {
            throw new IllegalStateException("The service instance configured with id <" + getServiceName() + "> must implement <" + AuthenticationServiceImpl.class.getName() + ">");
        }
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Transferable asTransferable;
        String parameterValueEqualIgnoreCase = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "REQUEST");
        if (LOG.isInfoEnabled()) {
            LOG.info("incoming request " + httpServletRequest.getQueryString());
            LOG.info("operation: " + parameterValueEqualIgnoreCase);
        }
        sRequestIpAddress.set(httpServletRequest.getRemoteAddr());
        try {
        } catch (Exception e) {
            if (LOG.isErrorEnabled()) {
                LOG.error("unexpected exception occured wihtin the AuthenticationServlet: " + e, e);
            }
            asTransferable = new ServiceException("internal error occured", "ServiceError").getAsTransferable();
        } catch (ServiceException e2) {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Service request caused ServiceException: " + e2, e2);
            }
            asTransferable = e2.getAsTransferable();
        }
        if (parameterValueEqualIgnoreCase == null) {
            throw new ServiceException("Missing parameter 'REQUEST'", "InvalidFormat");
        }
        if ("GetCapabilities".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
            asTransferable = performGetCapabilities(httpServletRequest);
        } else if ("GetSession".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
            asTransferable = performGetSession(httpServletRequest);
        } else if ("GetSAMLResponse".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
            asTransferable = performGetSAMLResponse(httpServletRequest);
        } else {
            if (!"CloseSession".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
                throw new ServiceException("Invalid Operation <" + parameterValueEqualIgnoreCase + ">", "InvalidFormat");
            }
            asTransferable = performCloseSession(httpServletRequest);
        }
        if (asTransferable != null) {
            new TransferableServletWriter(asTransferable).write(httpServletResponse);
        }
    }

    private Transferable performGetCapabilities(HttpServletRequest httpServletRequest) throws ServiceException {
        if (LOG.isTraceEnabled()) {
            LOG.trace("AuthenticationServiceServlet.performGetCapabilities()");
        }
        String parameterValueEqualIgnoreCase = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "SERVICE");
        if (parameterValueEqualIgnoreCase == null) {
            throw new ServiceException("Missing parameter 'SERVICE'", "InvalidFormat");
        }
        if (!"Authentication".equalsIgnoreCase(parameterValueEqualIgnoreCase) && !"WAS".equalsIgnoreCase(parameterValueEqualIgnoreCase)) {
            throw new ServiceException("Parameter 'SERVICE' has wrong value '" + parameterValueEqualIgnoreCase + "'. Must be 'Authentication' or 'WAS'.", "InvalidFormat");
        }
        AuthenticationServiceCapabilities capabilities = getAuthn().getCapabilities(getVersion());
        capabilities.setOperationsUrls(ServletUtils.getServletLocation(httpServletRequest));
        try {
            return TransferableFactory.getInstance().createStreamTransferable(CAPABILITIES_MIME_TYPE, capabilities.getStream(), "utf-8");
        } catch (IOException e) {
            throw new RuntimeException("Could not create Capabilities document", e);
        }
    }

    private Transferable performGetSession(HttpServletRequest httpServletRequest) throws ServiceException {
        if (LOG.isTraceEnabled()) {
            LOG.trace("AuthenticationServiceServlet.performGetSession()");
        }
        String parameterValueEqualIgnoreCase = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "METHOD");
        String parameterValueEqualIgnoreCase2 = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "CREDENTIALS");
        if (parameterValueEqualIgnoreCase2 == null) {
            throw new ServiceException("Missing parameter 'CREDENTIALS'", "InvalidFormat");
        }
        if (parameterValueEqualIgnoreCase == null) {
            throw new ServiceException("Missing parameter 'METHOD'", "InvalidFormat");
        }
        boolean equalsIgnoreCase = "true".equalsIgnoreCase(ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "ANONYMOUS"));
        return getAuthn().getSession(getVersion(), parameterValueEqualIgnoreCase, CredentialFactory.getDefaultFactory().decode(parameterValueEqualIgnoreCase, parameterValueEqualIgnoreCase2), equalsIgnoreCase).getAsTransferable();
    }

    private Transferable performGetSAMLResponse(HttpServletRequest httpServletRequest) throws ServiceException {
        if (LOG.isTraceEnabled()) {
            LOG.trace("AuthenticationServiceServlet.performGetSAMLResponse()");
        }
        String parameterValueEqualIgnoreCase = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "METHOD");
        String parameterValueEqualIgnoreCase2 = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "CREDENTIALS");
        if (parameterValueEqualIgnoreCase2 == null) {
            parameterValueEqualIgnoreCase2 = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "SESSIONID");
            if (parameterValueEqualIgnoreCase2 == null) {
                throw new ServiceException("Missing correct combination of parameters 'METHOD' and 'CREDENTIALS' or 'SESSIONID'", "InvalidFormat");
            }
            parameterValueEqualIgnoreCase = "urn:opengeospatial:authNMethod:OWS:1.0:session";
        }
        if (parameterValueEqualIgnoreCase == null) {
            throw new ServiceException("Missing parameter 'METHOD'", "InvalidFormat");
        }
        boolean equalsIgnoreCase = "true".equalsIgnoreCase(ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "ANONYMOUS"));
        String parameterValueEqualIgnoreCase3 = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "RETURNFORMAT");
        SAMLResponse sAMLResponse = getAuthn().getSAMLResponse(getVersion(), parameterValueEqualIgnoreCase, CredentialFactory.getDefaultFactory().decode(parameterValueEqualIgnoreCase, parameterValueEqualIgnoreCase2), equalsIgnoreCase);
        if (!"ASSERTION".equalsIgnoreCase(parameterValueEqualIgnoreCase3)) {
            return TransferableFactory.getInstance().createTextualTransferable("text/plain", sAMLResponse.getTicket(), "UTF-8");
        }
        try {
            return TransferableFactory.getInstance().createTextualTransferable("text/plain", new SAMLTicket(StringUtils.decodeBase64(sAMLResponse.getTicket())).getAssertionAsBase64String(), "UTF-8");
        } catch (SAMLException e) {
            throw new ServiceException("Can't create assertion response!", "ServiceError");
        }
    }

    private Transferable performCloseSession(HttpServletRequest httpServletRequest) throws ServiceException {
        if (LOG.isTraceEnabled()) {
            LOG.trace("AuthenticationServiceServlet.performCloseSession()");
        }
        String parameterValueEqualIgnoreCase = ServletUtils.getParameterValueEqualIgnoreCase(httpServletRequest, "SESSIONID");
        if (parameterValueEqualIgnoreCase == null) {
            throw new ServiceException("Missing parameter 'SESSIONID'", "InvalidFormat");
        }
        getAuthn().closeSession(getVersion(), parameterValueEqualIgnoreCase);
        return TransferableFactory.getInstance().createTextualTransferable("text/plain", "SUCCESS", "UTF-8");
    }

    public static String getCurrentRequestIPAddress() {
        return (String) sRequestIpAddress.get();
    }
}
