package com.indexdata.serviceproxy.plugins;

import com.indexdata.masterkey.auth.AuthUtils;
import com.indexdata.masterkey.auth.AuthenticationException;
import com.indexdata.masterkey.config.MissingMandatoryParameterException;
import com.indexdata.masterkey.pazpar2.proxy.Pazpar2ServiceDefinition;
import com.indexdata.rest.client.ResourceConnectionException;
import com.indexdata.rest.client.ResourceConnector;
import com.indexdata.serviceproxy.AbstractPlugin;
import com.indexdata.serviceproxy.ChainControl;
import com.indexdata.serviceproxy.ServiceRequest;
import com.indexdata.serviceproxy.ServiceResponse;
import com.indexdata.serviceproxy.exception.ErrorCode;
import com.indexdata.serviceproxy.exception.StandardServiceException;
import com.indexdata.torus.Record;
import com.indexdata.torus.Records;
import com.indexdata.torus.layer.IdentityTypeLayer;
import com.indexdata.utils.XmlUtils;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.w3c.dom.Element;

/* loaded from: input_file:com/indexdata/serviceproxy/plugins/AuthNTorusPlugin.class */
public class AuthNTorusPlugin extends AbstractPlugin {
    private static String idTorusURI;
    private static String masterTorusURI;
    private static Logger logger = Logger.getLogger("com.indexdata.masterkey.serviceproxy");

    /* renamed from: com.indexdata.serviceproxy.plugins.AuthNTorusPlugin$1, reason: invalid class name */
    /* loaded from: input_file:com/indexdata/serviceproxy/plugins/AuthNTorusPlugin$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action = new int[Action.values().length];

        static {
            try {
                $SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action[Action.CHECK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action[Action.IPAUTH.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action[Action.LOGIN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action[Action.LOGOUT.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/indexdata/serviceproxy/plugins/AuthNTorusPlugin$Action.class */
    public enum Action {
        CHECK,
        IPAUTH,
        LOGIN,
        LOGOUT
    }

    public void serve(ServiceRequest serviceRequest, ServiceResponse serviceResponse, ChainControl chainControl) throws StandardServiceException, IOException {
        try {
            idTorusURI = getConfig().getMandatory("TORUS_URL");
            masterTorusURI = getConfig().get("MASTER_TORUS_URL");
            HttpServletRequest httpServletRequest = (HttpServletRequest) serviceRequest.getRequest();
            HttpServletResponse response = serviceResponse.getResponse();
            HttpSession session = httpServletRequest.getSession();
            if (!httpServletRequest.getParameterMap().containsKey("action")) {
                logger.log(Level.ERROR, "No action parameter specified for the authentication command");
                response.getWriter().println("<response><status>FAIL</status>");
                response.getWriter().println("<message>missing parameter [action], " + getAvailableActions());
                response.getWriter().println("</message></response>");
                return;
            }
            HashMap hashMap = new HashMap(httpServletRequest.getParameterMap());
            hashMap.put("ip", new String[]{getRemoteIP(httpServletRequest)});
            try {
                try {
                    Action valueOf = Action.valueOf(hashMap.get("action")[0].toUpperCase());
                    IdentityTypeLayer identityTypeLayer = null;
                    switch (AnonymousClass1.$SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action[valueOf.ordinal()]) {
                        case Pazpar2ServiceDefinition.USES_XML /* 1 */:
                            identityTypeLayer = doCheck(session);
                            break;
                        case Pazpar2ServiceDefinition.USES_ID /* 2 */:
                            identityTypeLayer = doIpAuth(hashMap, session);
                            break;
                        case Pazpar2ServiceDefinition.USES_PZ2_DEFAULT /* 3 */:
                            identityTypeLayer = doLogin(hashMap, session);
                            break;
                        case 4:
                            doLogout(session);
                            break;
                    }
                    switch (AnonymousClass1.$SwitchMap$com$indexdata$serviceproxy$plugins$AuthNTorusPlugin$Action[valueOf.ordinal()]) {
                        case Pazpar2ServiceDefinition.USES_XML /* 1 */:
                        case Pazpar2ServiceDefinition.USES_ID /* 2 */:
                        case Pazpar2ServiceDefinition.USES_PZ2_DEFAULT /* 3 */:
                            response.getWriter().println("<response><status>OK</status>");
                            response.getWriter().println("<displayName>" + XmlUtils.escape(identityTypeLayer.getDisplayName()) + "</displayName>");
                            response.getWriter().println("<realm>" + XmlUtils.escape(identityTypeLayer.getRealm()) + "</realm>");
                            if (masterTorusURI.length() > 0) {
                                response.getWriter().println("<realmAttributes>" + retrieveMasterAttributes(masterTorusURI, identityTypeLayer.getRealm()) + "</realmAttributes>");
                            }
                            response.getWriter().println("<type>" + XmlUtils.escape(AuthUtils.getAuthType(session).name().toLowerCase()) + "</type>");
                            response.getWriter().println("<iconUrl>" + (identityTypeLayer.getIconUrl() != null ? XmlUtils.escape(identityTypeLayer.getIconUrl()) : "") + "</iconUrl>");
                            response.getWriter().println("<proxyPattern>" + (identityTypeLayer.getProxyPattern() != null ? XmlUtils.escape(identityTypeLayer.getProxyPattern()) : "") + "</proxyPattern>");
                            try {
                                response.getWriter().println("<proxyUrl>" + XmlUtils.escape(retrieveMasterProxy(getConfig().get("MASTER_TORUS_URL"), identityTypeLayer.getRealm())) + "</proxyUrl>");
                            } catch (Exception e) {
                                logger.log(Level.WARN, e.getMessage());
                            }
                            response.getWriter().println("</response>");
                            break;
                        case 4:
                            response.getWriter().println("<response><status>OK</status></response>");
                            break;
                    }
                } catch (IllegalArgumentException e2) {
                    response.getWriter().println("<response><status>FAIL</status>");
                    response.getWriter().println("<message>parameter [action] not understood, " + getAvailableActions());
                    response.getWriter().println("</message></response>");
                    logger.log(Level.INFO, "Authentication failure - " + e2.getMessage());
                    logger.log(Level.DEBUG, e2);
                }
            } catch (ResourceConnectionException e3) {
                response.getWriter().println("<response><status>FAIL</status><message>backend system down</message></response>");
                logger.log(Level.ERROR, "Identity torus connection failure.");
                logger.log(Level.DEBUG, e3);
            } catch (AuthenticationException e4) {
                response.getWriter().println("<response><status>FAIL</status><message>" + XmlUtils.escape(e4.getMessage()) + "</message></response>");
                logger.log(Level.INFO, "Authentication failure - " + e4.getMessage());
                logger.log(Level.DEBUG, e4);
            }
        } catch (MissingMandatoryParameterException e5) {
            throw new StandardServiceException(e5.getMessage(), ErrorCode.CONFIGURATION_ERROR);
        }
    }

    private IdentityTypeLayer doCheck(HttpSession httpSession) throws AuthenticationException {
        return AuthUtils.getIdentity(httpSession);
    }

    private IdentityTypeLayer doIpAuth(Map<String, String[]> map, HttpSession httpSession) throws MalformedURLException, ResourceConnectionException, AuthenticationException, UnsupportedEncodingException {
        String str = "ipRanges encloses/net.ipAddress \"" + map.get("ip")[0] + "\"";
        logger.log(Level.INFO, "Authentication query: " + str);
        IdentityTypeLayer retrieveIdentity = retrieveIdentity(URLEncoder.encode(str, "UTF-8"));
        logger.log(Level.INFO, "Retrieved identity's realm: " + retrieveIdentity.getRealm());
        AuthUtils.forget(httpSession);
        AuthUtils.setIdentity(httpSession, retrieveIdentity, AuthUtils.AuthType.IP);
        return retrieveIdentity;
    }

    private IdentityTypeLayer doLogin(Map<String, String[]> map, HttpSession httpSession) throws MalformedURLException, ResourceConnectionException, AuthenticationException, UnsupportedEncodingException {
        if (!map.containsKey("username") || !map.containsKey("password")) {
            throw new AuthenticationException("missing [username] or [password] parameters");
        }
        String str = "userName=" + map.get("username")[0] + " and password=" + map.get("password")[0];
        logger.log(Level.INFO, "Authentication query: " + str);
        IdentityTypeLayer retrieveIdentity = retrieveIdentity(URLEncoder.encode(str, "UTF-8"));
        logger.log(Level.INFO, "Retrieved realm: " + retrieveIdentity.getRealm());
        AuthUtils.forget(httpSession);
        AuthUtils.setIdentity(httpSession, retrieveIdentity, AuthUtils.AuthType.CREDENTIALS);
        return retrieveIdentity;
    }

    private void doLogout(HttpSession httpSession) {
        AuthUtils.forget(httpSession);
    }

    private String getAvailableActions() throws IOException {
        String str = "possible values: ";
        String str2 = "";
        for (Action action : Action.values()) {
            str = str + str2 + action.name().toLowerCase();
            str2 = ", ";
        }
        return str;
    }

    private String getRemoteIP(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("X-Forwarded-For");
        String str = header == null ? httpServletRequest.getRemoteAddr().split(", ")[0] : header.split(", ")[0];
        logger.debug("Remote IP: " + str);
        return str;
    }

    private IdentityTypeLayer retrieveIdentity(String str) throws MalformedURLException, ResourceConnectionException, AuthenticationException {
        String str2 = idTorusURI + "?query=" + str;
        logger.log(Level.INFO, "Connecting to the identity torus at " + str2);
        Records records = (Records) new ResourceConnector(new URL(str2), "com.indexdata.torus.layer:com.indexdata.torus").get();
        if (records.getRecords() == null || records.getRecords().isEmpty()) {
            throw new AuthenticationException("Credentials return empty identity list.");
        }
        return (IdentityTypeLayer) ((Record) records.getRecords().iterator().next()).getLayers().get(0);
    }

    private String retrieveMasterProxy(String str, String str2) throws MalformedURLException, ResourceConnectionException, AuthenticationException, UnsupportedEncodingException {
        String str3 = str + "?query=" + URLEncoder.encode("identityId=\"" + str2 + "\"", "UTF-8");
        logger.log(Level.INFO, "Connecting to the master (admin) identity torus at " + str3);
        Records records = (Records) new ResourceConnector(new URL(str3), "com.indexdata.torus.layer:com.indexdata.torus").get();
        if (records.getRecords() == null || records.getRecords().isEmpty()) {
            throw new AuthenticationException("Request for master data results in an empty list.");
        }
        for (Element element : ((IdentityTypeLayer) ((Record) records.getRecords().iterator().next()).getLayers().get(0)).getOtherElements()) {
            if ("proxyUrl".equals(element.getTagName())) {
                return element.getTextContent();
            }
        }
        return "";
    }

    private String retrieveMasterAttributes(String str, String str2) throws MalformedURLException, ResourceConnectionException, AuthenticationException, UnsupportedEncodingException {
        ArrayList arrayList = new ArrayList();
        logger.log(Level.INFO, "Connecting to the master (admin) identity torus at " + str);
        arrayList.add("identityId");
        arrayList.add("userName");
        arrayList.add("password");
        arrayList.add("displayName");
        arrayList.add("id");
        arrayList.add("identity");
        StringBuffer stringBuffer = new StringBuffer("");
        Records records = (Records) new ResourceConnector(new URL(masterTorusURI + "?query=" + URLEncoder.encode("identityId=\"" + str2 + "\"", "UTF-8")), "com.indexdata.torus.layer:com.indexdata.torus").get();
        if (records.getRecords() == null || records.getRecords().isEmpty()) {
            throw new AuthenticationException("Request for master data results in an empty list.");
        }
        for (Element element : ((IdentityTypeLayer) ((Record) records.getRecords().iterator().next()).getLayers().get(0)).getOtherElements()) {
            if (!arrayList.contains(element.getTagName())) {
                stringBuffer.append("<" + element.getTagName() + ">" + element.getTextContent() + "</" + element.getTagName() + ">" + System.getProperty("line.separator"));
            }
        }
        return stringBuffer.toString();
    }
}
