package org.bibsonomy.webapp.util.spring.security.rememberMeServices;

import gnu.dtools.ritopt.OptionMenu;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.util.JSONUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bibsonomy.util.ValidationUtils;
import org.bibsonomy.util.spring.security.UserAdapter;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.openid.OpenIDAuthenticationToken;
import org.springframework.security.openid.OpenIDConsumer;
import org.springframework.security.openid.OpenIDConsumerException;
import org.springframework.security.web.authentication.rememberme.InvalidCookieException;
import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;

/* loaded from: input_file:WEB-INF/classes/org/bibsonomy/webapp/util/spring/security/rememberMeServices/OpenIDRememberMeServices.class */
public class OpenIDRememberMeServices extends AbstractRememberMeServices {
    private static final Log log = LogFactory.getLog(OpenIDRememberMeServices.class);
    private OpenIDConsumer consumer;
    private String projectRoot;
    private String filterUrl;
    private Map<String, String> realmMapping = Collections.emptyMap();
    private Set<String> returnToUrlParameters = Collections.emptySet();
    private RequestCache requestCache = new HttpSessionRequestCache();

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    protected void onLoginSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        if (authentication instanceof OpenIDAuthenticationToken) {
            OpenIDAuthenticationToken openIDAuthenticationToken = (OpenIDAuthenticationToken) authentication;
            Object principal = openIDAuthenticationToken.getPrincipal();
            if (principal instanceof UserDetails) {
                String username = ((UserDetails) principal).getUsername();
                String identityUrl = openIDAuthenticationToken.getIdentityUrl();
                int tokenValiditySeconds = getTokenValiditySeconds();
                long calculateExpiryTime = calculateExpiryTime(tokenValiditySeconds);
                setCookie(new String[]{identityUrl, username, Long.toString(calculateExpiryTime), makeTokenSignature(new String[]{Long.toString(calculateExpiryTime), username, identityUrl})}, tokenValiditySeconds, httpServletRequest, httpServletResponse);
                if (log.isDebugEnabled()) {
                    log.debug("Added remember-me cookie for user '" + username + "', expiry: '" + new Date(calculateExpiryTime) + JSONUtils.SINGLE_QUOTE);
                }
            }
        }
    }

    @Override // org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices
    protected UserDetails processAutoLoginCookie(String[] strArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws RememberMeAuthenticationException, UsernameNotFoundException {
        if (strArr.length != 4) {
            throw new InvalidCookieException("Cookie token did not contain 4 tokens, but contained '" + Arrays.asList(strArr) + JSONUtils.SINGLE_QUOTE);
        }
        long expiryTime = getExpiryTime(strArr[2]);
        String str = strArr[1];
        String str2 = strArr[0];
        UserDetails loadUserByUsername = getUserDetailsService().loadUserByUsername(str);
        if (!ValidationUtils.present(loadUserByUsername) || !(loadUserByUsername instanceof UserAdapter)) {
            throw new AuthenticationServiceException("User or ID could not be found in database.");
        }
        String makeTokenSignature = makeTokenSignature(new String[]{Long.toString(expiryTime), str, ((UserAdapter) loadUserByUsername).getUser().getOpenID()});
        String str3 = strArr[3];
        if (!makeTokenSignature.equals(str3)) {
            throw new InvalidCookieException("Cookie token[3] contained signature '" + str3 + "' but expected '" + makeTokenSignature + JSONUtils.SINGLE_QUOTE);
        }
        String buildReturnToUrl = buildReturnToUrl(httpServletRequest);
        String lookupRealm = lookupRealm(buildReturnToUrl);
        String str4 = null;
        try {
            str4 = this.consumer.beginConsumption(httpServletRequest, str2, buildReturnToUrl, lookupRealm);
            if (log.isDebugEnabled()) {
                log.debug("return_to is '" + buildReturnToUrl + "', realm is '" + lookupRealm + JSONUtils.SINGLE_QUOTE);
                log.debug("Redirecting to " + str4);
            }
            this.requestCache.saveRequest(httpServletRequest, httpServletResponse);
            httpServletResponse.sendRedirect(str4);
        } catch (IOException e) {
            log.warn("could not set redirect url " + str4, e);
        } catch (OpenIDConsumerException e2) {
            log.debug("Failed to consume claimedIdentity: " + str2, e2);
            throw new AuthenticationServiceException("Unable to process claimed identity '" + str2 + JSONUtils.SINGLE_QUOTE);
        }
        throw new RememberMeAuthenticationException("redirect was sent");
    }

    protected String buildReturnToUrl(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder(this.projectRoot);
        sb.append(this.filterUrl.replaceFirst("\\/", ""));
        Iterator<String> it2 = this.returnToUrlParameters.iterator();
        boolean z = true;
        while (it2.hasNext()) {
            String next = it2.next();
            String parameter = httpServletRequest.getParameter(next);
            if (parameter != null) {
                if (z) {
                    sb.append(OptionMenu.HELP_COMMAND_CHAR);
                    z = false;
                }
                sb.append(next).append(OptionMenu.RUN_COMMAND_CHAR).append(parameter);
                if (it2.hasNext()) {
                    sb.append(BeanFactory.FACTORY_BEAN_PREFIX);
                }
            }
        }
        return sb.toString();
    }

    protected String lookupRealm(String str) {
        String str2 = this.realmMapping.get(str);
        if (str2 == null) {
            try {
                URL url = new URL(str);
                int port = url.getPort();
                StringBuilder append = new StringBuilder(str.length()).append(url.getProtocol()).append("://").append(url.getHost());
                if (port > 0) {
                    append.append(":").append(port);
                }
                append.append("/");
                str2 = append.toString();
            } catch (MalformedURLException e) {
                log.warn("returnToUrl was not a valid URL: [" + str + "]", e);
            }
        }
        return str2;
    }

    public void setConsumer(OpenIDConsumer openIDConsumer) {
        this.consumer = openIDConsumer;
    }

    public void setRealmMapping(Map<String, String> map) {
        this.realmMapping = map;
    }

    public void setReturnToUrlParameters(Set<String> set) {
        this.returnToUrlParameters = set;
    }

    public void setProjectRoot(String str) {
        this.projectRoot = str;
    }

    public void setFilterUrl(String str) {
        this.filterUrl = str;
    }

    public void setRequestCache(RequestCache requestCache) {
        this.requestCache = requestCache;
    }
}
