package com.landray.sso.client.oracle;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchResult;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import oracle.security.sso.ias904.toolkit.IPASAuthException;
import oracle.security.sso.ias904.toolkit.IPASAuthInterface;
import oracle.security.sso.ias904.toolkit.IPASInsufficientCredException;
import oracle.security.sso.ias904.toolkit.IPASUserInfo;
import oracle.security.sso.server.auth.AuthUtil;
import oracle.security.sso.server.auth.SSOServerAuth;
import oracle.security.sso.server.conf.ConfigurationException;
import oracle.security.sso.server.token.InvalidTokenException;
import oracle.security.sso.server.token.PartnerTokenParser;
import org.apache.commons.httpclient.DefaultHttpMethodRetryHandler;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.methods.GetMethod;
import org.jasig.cas.client.validation.Cas10TicketValidator;

/* loaded from: input_file:com/landray/sso/client/oracle/SSOAuthenticator.class */
public class SSOAuthenticator implements IPASAuthInterface {
    private String validateURL;
    private String OIDServer;
    private String OIDPort;
    private String OIDLogin;
    private String OIDPassword;
    private String OIDRootContext;
    private boolean OIDUseSSL;
    private boolean debug;
    private InitialDirContext ctx;
    private String serverAddress;
    private String localKey;
    private String convertUserName;
    private String open_internal_external_function;
    private static SSOServerAuth ssoServerAuth = new SSOServerAuth();

    public SSOAuthenticator() {
        this.debug = false;
        this.convertUserName = "false";
        this.open_internal_external_function = "false";
        InputStream inputStream = null;
        try {
            try {
                try {
                    inputStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("sso-config.properties");
                    Properties properties = new Properties();
                    properties.load(inputStream);
                    this.validateURL = properties.getProperty("CASURLFilter.cas.server");
                    this.debug = Boolean.valueOf(properties.getProperty("showDebug").trim()).booleanValue();
                    this.OIDServer = properties.getProperty("OIDServer");
                    this.OIDPort = properties.getProperty("OIDPort");
                    this.OIDLogin = properties.getProperty("OIDLogin");
                    this.OIDPassword = properties.getProperty("OIDPassword");
                    this.OIDRootContext = properties.getProperty("OIDRootContext");
                    this.OIDUseSSL = Boolean.getBoolean(properties.getProperty("OIDSSL"));
                    this.serverAddress = getConfigProperty(properties, "UsernameConvertFilter.serverAddress");
                    this.localKey = getConfigProperty(properties, "UsernameConvertFilter.localKey");
                    this.convertUserName = properties.getProperty("convertUserName");
                    this.open_internal_external_function = properties.getProperty("open_internal_external_function");
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e) {
                            e.printStackTrace();
                        }
                    }
                } catch (Throwable th) {
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e2) {
                            e2.printStackTrace();
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                SSODebug2.print((Throwable) e3, true);
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                        e4.printStackTrace();
                    }
                }
            }
        } catch (FileNotFoundException e5) {
            SSODebug2.print(" >>> ERROR: File not found:sso-config.properties", e5, true);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e6) {
                    e6.printStackTrace();
                }
            }
        } catch (IOException e7) {
            SSODebug2.print((Throwable) e7, true);
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e8) {
                    e8.printStackTrace();
                }
            }
        }
    }

    public IPASUserInfo authenticate(HttpServletRequest httpServletRequest) throws IPASAuthException, IPASInsufficientCredException {
        if (!"true".equals(this.open_internal_external_function.equals("false") ? "true" : CookieUtil.getCookie(httpServletRequest, "isInnerUser"))) {
            SSODebug2.print("isOutterUser:true", this.debug);
            try {
                IPASUserInfo authenticate = ssoServerAuth.authenticate(httpServletRequest);
                SSODebug2.print("uinfo.getUserName:" + authenticate.getUserName(), this.debug);
                SSODebug2.print("uinfo.getRequestedURL:" + authenticate.getRequestedURL(), this.debug);
                return authenticate;
            } catch (IPASInsufficientCredException e) {
                SSODebug2.print("ssoServerAuth.authenticate IPASInsufficientCredException ERROR:" + e.getMessage(), true);
                SSODebug2.print(e.getStackTrace().toString(), true);
                throw new IPASInsufficientCredException(e.getMessage());
            } catch (IPASAuthException e2) {
                SSODebug2.print("ssoServerAuth.authenticate IPASAuthException ERROR:" + e2.getMessage(), true);
                SSODebug2.print(e2.getStackTrace().toString(), true);
                throw new IPASAuthException(e2.getMessage());
            }
        }
        String parameter = httpServletRequest.getParameter("ticket");
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        String queryString = httpServletRequest.getQueryString();
        if (this.debug) {
            SSODebug2.print("", this.debug);
            SSODebug2.print(" * * * * * * * * * * * * * * * * * * * * * ", this.debug);
            SSODebug2.print(" >>> INFO: ticketValue: " + parameter, this.debug);
            SSODebug2.print(" >>> INFO: queryString: " + queryString, this.debug);
        }
        if (parameter == null) {
            if (this.debug) {
                SSODebug2.print(" >>> INFO: CAS-ticket missing!!", this.debug);
            }
            throw new IPASInsufficientCredException(" CAS-ticket missing!! ");
        }
        if (queryString.indexOf("&ticket=") >= 0) {
            queryString = queryString.substring(0, queryString.indexOf("&ticket="));
        }
        String str = ((Object) requestURL) + "?" + queryString;
        String str2 = null;
        SSODebug2.print(" >>> validateURL: " + this.validateURL, this.debug);
        Cas10TicketValidator cas10TicketValidator = new Cas10TicketValidator(this.validateURL);
        try {
            SSODebug2.print(" ticket validate: ", this.debug);
            str2 = cas10TicketValidator.validate(parameter, str).getPrincipal().getName();
            SSODebug2.print(" >>> INFO: username: " + str2, this.debug);
        } catch (Exception e3) {
            SSODebug2.print("Exception=" + e3.getMessage(), this.debug);
        }
        if (str2 == null || str2.trim().length() <= 0) {
            SSODebug2.print(" >>> ERROR: CAS-ticket validation", true);
            throw new IPASInsufficientCredException(" >>> ERROR: CAS-ticket validation");
        }
        SSODebug2.print("convertUserName:" + this.convertUserName, this.debug);
        if (this.convertUserName.equals("true")) {
            try {
                str2 = convertUser(str2, "", this.localKey);
            } catch (Exception e4) {
                SSODebug2.print("到SSO服务器转换用户名时发生错误", true);
                SSODebug2.print(e4.getMessage(), true);
            }
        }
        IPASUserInfo iPASUserInfo = new IPASUserInfo(str2);
        iPASUserInfo.setRequestedURL(((Object) httpServletRequest.getRequestURL()) + "?" + httpServletRequest.getQueryString());
        SSODebug2.print("uinfo.getUserName:" + iPASUserInfo.getUserName(), this.debug);
        SSODebug2.print("uinfo.getRequestedURL:" + iPASUserInfo.getRequestedURL(), this.debug);
        return iPASUserInfo;
    }

    private String convertUser(String str, String str2, String str3) throws HttpException, IOException {
        SSODebug2.print("convertUser:" + str, this.debug);
        if (str == null || "".equals(str)) {
            return null;
        }
        String replace = StringUtil.replace(StringUtil.replace(StringUtil.replace(this.serverAddress, "${FROM}", str2), "${TO}", str3), "${USERNAMES}", URLEncoder.encode(str, "UTF-8"));
        SSODebug2.print("convertUrl:" + replace, this.debug);
        String httpResponseContent = getHttpResponseContent(replace);
        if (StringUtil.isNull(httpResponseContent) || httpResponseContent.startsWith("ERROR_")) {
            SSODebug2.print("转换用户时发生错误，不对用户进行转换，错误信息：" + httpResponseContent, this.debug);
            return str;
        }
        SSODebug2.print("convertresult:" + httpResponseContent, true);
        return httpResponseContent;
    }

    public URL getUserCredentialPage(HttpServletRequest httpServletRequest, String str) {
        if ("true".equals(CookieUtil.getCookie(httpServletRequest, "isInnerUser"))) {
            SSODebug2.print("getUserCredentialPage null", this.debug);
            return null;
        }
        SSODebug2.print("getUserCredentialPage:" + ssoServerAuth.getUserCredentialPage(httpServletRequest, str), this.debug);
        return ssoServerAuth.getUserCredentialPage(httpServletRequest, str);
    }

    private String checkForOIDEntry(String str) {
        SearchResult searchResult;
        String str2 = null;
        try {
            BasicAttributes basicAttributes = new BasicAttributes(true);
            basicAttributes.put("cn", str);
            NamingEnumeration search = this.ctx.search(this.OIDRootContext, basicAttributes);
            if (search.hasMore() && (searchResult = (SearchResult) search.next()) != null) {
                str2 = searchResult.getName().substring(searchResult.getName().indexOf("=") + 1);
            }
            return str2;
        } catch (NamingException e) {
            SSODebug2.print((Throwable) e, this.debug);
            return null;
        }
    }

    public String getConfigProperty(Properties properties, String str) throws ServletException {
        String property = properties.getProperty(str);
        if (property == null || "".equals(property)) {
            throw new ServletException("SSO客户端配置文件中，未配置" + str + "属性");
        }
        return property;
    }

    public String getHttpResponseContent(String str) throws IOException, HttpException, UnsupportedEncodingException {
        HttpClient httpClient = new HttpClient();
        GetMethod getMethod = new GetMethod(str);
        getMethod.getParams().setParameter("http.method.retry-handler", new DefaultHttpMethodRetryHandler());
        if (httpClient.executeMethod(getMethod) != 200) {
            SSODebug2.print("GET方法执行失败： " + getMethod.getStatusLine(), this.debug);
        }
        byte[] responseBody = getMethod.getResponseBody();
        getMethod.releaseConnection();
        String str2 = new String(responseBody, "UTF-8");
        if (str2 != null) {
            str2 = str2.trim();
        }
        return str2;
    }

    public String getOriginUrl(HttpServletRequest httpServletRequest) {
        SSODebug2.print("getOriginUrl", this.debug);
        try {
            String str = httpServletRequest.getParameterValues("site2pstoretoken")[0];
            SSODebug2.print("site2pstoretoken:" + str, this.debug);
            String siteID = PartnerTokenParser.getSiteID(str);
            SSODebug2.print(" Partner Site ID: " + siteID, true);
            SSODebug2.print(" AuthUtil.confReader: " + AuthUtil.confReader, true);
            String successUrl = AuthUtil.confReader.getPartnerConfiguration(siteID).getSuccessUrl();
            SSODebug2.print(" Created redirection URL: " + successUrl, true);
            return successUrl;
        } catch (ConfigurationException e) {
            e.printStackTrace();
            SSODebug2.print(e.getMessage(), true);
            return null;
        } catch (InvalidTokenException e2) {
            e2.printStackTrace();
            SSODebug2.print(e2.getMessage(), true);
            return null;
        }
    }

    public String getUrl(HttpServletRequest httpServletRequest) {
        return "http://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + "?" + httpServletRequest.getQueryString();
    }
}
