package fr.paris.lutece.plugins.mylutece.modules.openam.service;

import fr.paris.lutece.plugins.mylutece.authentication.MultiLuteceAuthentication;
import fr.paris.lutece.plugins.mylutece.modules.openam.authentication.OpenamAuthentication;
import fr.paris.lutece.plugins.mylutece.modules.openam.authentication.OpenamUser;
import fr.paris.lutece.portal.service.spring.SpringContextService;
import fr.paris.lutece.portal.service.util.AppPropertiesService;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:fr/paris/lutece/plugins/mylutece/modules/openam/service/OpenamService.class */
public final class OpenamService {
    public static final String ERROR_ALREADY_SUBSCRIBE = "ALREADY_SUBSCRIBE";
    public static final String ERROR_DURING_SUBSCRIBE = "ERROR_DURING_SUBSCRIBE";
    private static final String AUTHENTICATION_BEAN_NAME = "mylutece-openam.authentication";
    private static boolean _bAgentEnable;
    private static OpenamService _singleton;
    private static final String PROPERTY_AGENT_ENABLE = "mylutece-openam.agentEnable";
    private static final String PROPERTY_COOKIE_OPENAM_NAME = "mylutece-openam.cookieName";
    private static final String PROPERTY_COOKIE_OPENAM_DOMAIN = "mylutece-openam.cookieDomain";
    private static final String PROPERTY_COOKIE_OPENAM_PATH = "mylutece-openam.cookiePath";
    private static final String PROPERTY_COOKIE_OPENAM_MAX_AGE = "mylutece-openam.cookieMaxAge";
    private static final String PROPERTY_COOKIE_OPENAM_MAX_SECURE = "mylutece-openam.cookieSecure";
    public static final String PROPERTY_USER_KEY_NAME = "mylutece-openam.attributeKeyUsername";
    public static final String PROPERTY_USER_MAPPING_ATTRIBUTES = "mylutece-openam.userMappingAttributes";
    public static final String CONSTANT_LUTECE_USER_PROPERTIES_PATH = "mylutece-openam.attribute";
    private static String COOKIE_OPENAM_NAME;
    private static String COOKIE_OPENAM_DOMAIN;
    private static String COOKIE_OPENAM_PATH;
    private static int COOKIE_OPENAM_MAX_AGE;
    private static boolean COOKIE_OPENAM_SECURE;
    private static final String SEPARATOR = ",";
    private static Map<String, List<String>> ATTRIBUTE_USER_MAPPING;
    private static String ATTRIBUTE_USER_KEY_NAME;

    private OpenamService() {
    }

    public static OpenamService getInstance() {
        if (_singleton == null) {
            _singleton = new OpenamService();
            COOKIE_OPENAM_NAME = AppPropertiesService.getProperty(PROPERTY_COOKIE_OPENAM_NAME);
            COOKIE_OPENAM_DOMAIN = AppPropertiesService.getProperty(PROPERTY_COOKIE_OPENAM_DOMAIN);
            COOKIE_OPENAM_PATH = AppPropertiesService.getProperty(PROPERTY_COOKIE_OPENAM_PATH);
            COOKIE_OPENAM_MAX_AGE = AppPropertiesService.getPropertyInt(PROPERTY_COOKIE_OPENAM_MAX_AGE, 1800);
            COOKIE_OPENAM_SECURE = AppPropertiesService.getPropertyBoolean(PROPERTY_COOKIE_OPENAM_MAX_SECURE, true);
            ATTRIBUTE_USER_KEY_NAME = AppPropertiesService.getProperty(PROPERTY_USER_KEY_NAME);
            String property = AppPropertiesService.getProperty(PROPERTY_USER_MAPPING_ATTRIBUTES);
            ATTRIBUTE_USER_MAPPING = new HashMap();
            if (StringUtils.isNotBlank(property)) {
                String[] split = property.split(SEPARATOR);
                for (int i = 0; i < split.length; i++) {
                    String property2 = AppPropertiesService.getProperty("mylutece-openam.attribute." + split[i]);
                    if (StringUtils.isNotBlank(property2)) {
                        if (!ATTRIBUTE_USER_MAPPING.containsKey(property2)) {
                            ATTRIBUTE_USER_MAPPING.put(property2, new ArrayList());
                        }
                        ATTRIBUTE_USER_MAPPING.get(property2).add(split[i]);
                    }
                }
            }
        }
        return _singleton;
    }

    public void init() {
        _bAgentEnable = AppPropertiesService.getPropertyBoolean(PROPERTY_AGENT_ENABLE, false);
        OpenamAuthentication openamAuthentication = (OpenamAuthentication) SpringContextService.getPluginBean(OpenamPlugin.PLUGIN_NAME, AUTHENTICATION_BEAN_NAME);
        if (openamAuthentication != null) {
            MultiLuteceAuthentication.registerAuthentication(openamAuthentication);
        } else {
            OpenamAPI._logger.error("OpenamAuthentication not found, please check your openam_context.xml configuration");
        }
    }

    public OpenamUser doLogin(HttpServletRequest httpServletRequest, String str, String str2, OpenamAuthentication openamAuthentication) throws OpenamAuthenticationAgentException {
        Map<String, String> userInformations;
        OpenamUser openamUser = null;
        if (isAgentEnabled()) {
            Map<String, String> userInformationInHeaderRequest = getUserInformationInHeaderRequest(httpServletRequest);
            if (userInformationInHeaderRequest == null || userInformationInHeaderRequest.isEmpty() || !userInformationInHeaderRequest.containsKey(ATTRIBUTE_USER_KEY_NAME)) {
                throw new OpenamAuthenticationAgentException();
            }
            openamUser = new OpenamUser(userInformationInHeaderRequest.get(ATTRIBUTE_USER_KEY_NAME), openamAuthentication, getConnectionCookie(httpServletRequest));
            addUserAttributes(userInformationInHeaderRequest, openamUser);
        } else {
            try {
                String doLogin = OpenamAPIService.doLogin(str, str2);
                if (doLogin != null && (userInformations = OpenamAPIService.getUserInformations(doLogin, str, COOKIE_OPENAM_NAME, ATTRIBUTE_USER_MAPPING, ATTRIBUTE_USER_KEY_NAME)) != null && userInformations.containsKey(ATTRIBUTE_USER_KEY_NAME)) {
                    openamUser = new OpenamUser(userInformations.get(ATTRIBUTE_USER_KEY_NAME), openamAuthentication, doLogin);
                    addUserAttributes(userInformations, openamUser);
                }
            } catch (OpenamAPIException e) {
                OpenamAPI._logger.error("Error During Login Openam" + e.getMessage());
            }
        }
        return openamUser;
    }

    public void doLogout(OpenamUser openamUser) {
        try {
            OpenamAPIService.doDisconnect(COOKIE_OPENAM_NAME, openamUser.getSubjectId());
        } catch (OpenamAPIException e) {
            OpenamAPI._logger.error("Error During Logout Openam" + e.getMessage());
        }
    }

    public OpenamUser getHttpAuthenticatedUser(HttpServletRequest httpServletRequest, OpenamAuthentication openamAuthentication) {
        Map<String, String> userInformations;
        OpenamUser openamUser = null;
        Map<String, String> map = null;
        if (isAgentEnabled()) {
            map = getUserInformationInHeaderRequest(httpServletRequest);
        }
        if (map == null || map.isEmpty() || !map.containsKey(ATTRIBUTE_USER_KEY_NAME)) {
            String connectionCookie = getConnectionCookie(httpServletRequest);
            if (!StringUtils.isEmpty(connectionCookie)) {
                try {
                    String isValidate = OpenamAPIService.isValidate(connectionCookie);
                    if (isValidate != null && (userInformations = OpenamAPIService.getUserInformations(connectionCookie, isValidate, COOKIE_OPENAM_NAME, ATTRIBUTE_USER_MAPPING, ATTRIBUTE_USER_KEY_NAME)) != null && userInformations.containsKey(ATTRIBUTE_USER_KEY_NAME)) {
                        openamUser = new OpenamUser(userInformations.get(ATTRIBUTE_USER_KEY_NAME), openamAuthentication, connectionCookie);
                        addUserAttributes(userInformations, openamUser);
                    }
                } catch (OpenamAPIException e) {
                    OpenamAPI._logger.error("Error getting Openam user Informations" + e.getMessage());
                }
            }
        } else {
            openamUser = new OpenamUser(map.get(ATTRIBUTE_USER_KEY_NAME), openamAuthentication, getConnectionCookie(httpServletRequest));
            addUserAttributes(map, openamUser);
        }
        return openamUser;
    }

    public String getConnectionCookie(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        String str = null;
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals(COOKIE_OPENAM_NAME)) {
                    str = cookie.getValue();
                    OpenamAPI._logger.debug("getHttpAuthenticatedUser : cookie '" + COOKIE_OPENAM_NAME + "' found - value=" + str);
                }
            }
        }
        return str;
    }

    public boolean isTokenValidated(String str) {
        if (StringUtils.isEmpty(str)) {
            return false;
        }
        try {
            return !StringUtils.isEmpty(OpenamAPIService.isValidate(str));
        } catch (OpenamAPIException e) {
            OpenamAPI._logger.error("Error getting Openam user Informations" + e.getMessage());
            return false;
        }
    }

    public void setConnectionCookie(String str, HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(COOKIE_OPENAM_NAME, str);
        cookie.setDomain(COOKIE_OPENAM_DOMAIN);
        cookie.setSecure(COOKIE_OPENAM_SECURE);
        cookie.setMaxAge(COOKIE_OPENAM_MAX_AGE);
        cookie.setPath(COOKIE_OPENAM_PATH);
        httpServletResponse.addCookie(cookie);
    }

    public void removeConnectionCookie(HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie(COOKIE_OPENAM_NAME, (String) null);
        cookie.setDomain(COOKIE_OPENAM_DOMAIN);
        cookie.setSecure(COOKIE_OPENAM_SECURE);
        cookie.setMaxAge(0);
        cookie.setPath(COOKIE_OPENAM_PATH);
        httpServletResponse.addCookie(cookie);
    }

    private void addUserAttributes(Map<String, String> map, OpenamUser openamUser) {
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (ATTRIBUTE_USER_MAPPING.containsKey(entry.getKey())) {
                Iterator<String> it = ATTRIBUTE_USER_MAPPING.get(entry.getKey()).iterator();
                while (it.hasNext()) {
                    openamUser.setUserInfo(it.next(), entry.getValue());
                }
            }
        }
        Map<String, String> identityInformations = getIdentityInformations(openamUser.getName(), ATTRIBUTE_USER_MAPPING);
        openamUser.getUserInfos().putAll(identityInformations);
        if (identityInformations != null) {
            for (Map.Entry<String, String> entry2 : identityInformations.entrySet()) {
                if (ATTRIBUTE_USER_MAPPING.containsKey(entry2.getKey())) {
                    Iterator<String> it2 = ATTRIBUTE_USER_MAPPING.get(entry2.getKey()).iterator();
                    while (it2.hasNext()) {
                        openamUser.setUserInfo(it2.next(), entry2.getValue());
                    }
                }
            }
            map.putAll(identityInformations);
        }
    }

    private boolean isAgentEnabled() {
        return _bAgentEnable;
    }

    private Map<String, String> getUserInformationInHeaderRequest(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            if (ATTRIBUTE_USER_MAPPING.containsKey(str) || ATTRIBUTE_USER_KEY_NAME.equals(str)) {
                hashMap.put(str, httpServletRequest.getHeader(str));
            }
        }
        if (OpenamAPI._bDebug) {
            Enumeration headerNames2 = httpServletRequest.getHeaderNames();
            OpenamAPI._logger.debug("Openam Headers Informations");
            while (headerNames2.hasMoreElements()) {
                String str2 = (String) headerNames2.nextElement();
                OpenamAPI._logger.debug(str2 + "=" + httpServletRequest.getHeader(str2));
            }
        }
        return hashMap;
    }

    public Map<String, String> getIdentityInformations(String str, Map<String, List<String>> map) {
        Iterator it = SpringContextService.getBeansOfType(IIdentityProviderService.class).iterator();
        return it.hasNext() ? ((IIdentityProviderService) it.next()).getIdentityInformations(str) : new HashMap();
    }
}
