package com.alfaariss.oa.profile.aselect.logout;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.UserEvent;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.logging.IAuthority;
import com.alfaariss.oa.api.requestor.IRequestor;
import com.alfaariss.oa.api.session.SessionState;
import com.alfaariss.oa.api.tgt.ITGT;
import com.alfaariss.oa.api.tgt.ITGTListener;
import com.alfaariss.oa.api.tgt.TGTEventError;
import com.alfaariss.oa.api.tgt.TGTListenerEvent;
import com.alfaariss.oa.api.tgt.TGTListenerException;
import com.alfaariss.oa.engine.core.Engine;
import com.alfaariss.oa.engine.core.crypto.CryptoManager;
import com.alfaariss.oa.engine.core.requestor.factory.IRequestorPoolFactory;
import com.alfaariss.oa.engine.core.server.Server;
import com.alfaariss.oa.engine.core.tgt.factory.ITGTAliasStore;
import com.alfaariss.oa.profile.aselect.ASelectErrors;
import com.alfaariss.oa.profile.aselect.processor.ASelectProcessor;
import com.alfaariss.oa.util.logging.UserEventLogItem;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import java.util.Vector;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alfaariss/oa/profile/aselect/logout/LogoutManager.class */
public class LogoutManager implements ITGTListener, IAuthority {
    private static final String AUTHORITY_NAME = "ASelectProfileLogoutManager_";
    private static final String PROPERTY_LOGOUT_TARGET = ".logout.target";
    private static final String PROPERTY_LOGOUT_SIGNING = ".logout.signing";
    private static Log _logger;
    private static Log _eventLogger;
    private ITGTAliasStore _aliasStoreSPRole;
    private IRequestorPoolFactory _requestorPoolFactory;
    private CryptoManager _cryptoManager;
    private Server _server;
    private String _sProfileID;
    private HttpClient _httpClient;
    private boolean _bEnabled;

    /* renamed from: com.alfaariss.oa.profile.aselect.logout.LogoutManager$1, reason: invalid class name */
    /* loaded from: input_file:com/alfaariss/oa/profile/aselect/logout/LogoutManager$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$alfaariss$oa$api$tgt$TGTListenerEvent = new int[TGTListenerEvent.values().length];

        static {
            try {
                $SwitchMap$com$alfaariss$oa$api$tgt$TGTListenerEvent[TGTListenerEvent.ON_EXPIRE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$tgt$TGTListenerEvent[TGTListenerEvent.ON_REMOVE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public LogoutManager(String str, IConfigurationManager iConfigurationManager, Element element) throws OAException {
        String param;
        try {
            _logger = LogFactory.getLog(LogoutManager.class);
            _eventLogger = LogFactory.getLog("com.alfaariss.oa.EventLogger");
            this._bEnabled = true;
            if (element != null && (param = iConfigurationManager.getParam(element, "enabled")) != null) {
                if (param.equalsIgnoreCase("FALSE")) {
                    this._bEnabled = false;
                } else if (!param.equalsIgnoreCase("TRUE")) {
                    _logger.error("Unknown value in 'enabled' configuration item: " + param);
                    throw new OAException(17);
                }
            }
            if (this._bEnabled) {
                Engine engine = Engine.getInstance();
                this._aliasStoreSPRole = engine.getTGTFactory().getAliasStoreSP();
                this._requestorPoolFactory = engine.getRequestorPoolFactory();
                this._cryptoManager = engine.getCryptoManager();
                this._server = engine.getServer();
                this._sProfileID = str;
                this._httpClient = new HttpClient(new MultiThreadedHttpConnectionManager());
                if (element != null) {
                    Element section = iConfigurationManager.getSection(element, "http");
                    if (section != null) {
                        readHTTPConfig(iConfigurationManager, section);
                    } else {
                        _logger.info("No optional 'http' section configured, using default http connection settings");
                    }
                }
                _logger.info("Logout Manager: enabled");
            } else {
                _logger.info("Logout Manager: disabled");
            }
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Could not create logout manager", e2);
            throw new OAException(1);
        }
    }

    public void processTGTEvent(TGTListenerEvent tGTListenerEvent, ITGT itgt) throws TGTListenerException {
        if (this._bEnabled) {
            switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$api$tgt$TGTListenerEvent[tGTListenerEvent.ordinal()]) {
                case 1:
                case 2:
                    Vector vector = new Vector();
                    if (this._aliasStoreSPRole != null) {
                        vector.addAll(processRemove(itgt, tGTListenerEvent));
                    }
                    if (!vector.isEmpty()) {
                        throw new TGTListenerException(vector);
                    }
                    return;
                default:
                    return;
            }
        }
    }

    public boolean isEnabled() {
        return this._bEnabled;
    }

    public String getAuthority() {
        return AUTHORITY_NAME + this._sProfileID;
    }

    private List<TGTEventError> processRemove(ITGT itgt, TGTListenerEvent tGTListenerEvent) {
        String alias;
        Vector vector = new Vector();
        Vector<LogoutTarget> vector2 = new Vector();
        HashMap hashMap = new HashMap();
        for (String str : itgt.getRequestorIDs()) {
            IRequestor iRequestor = null;
            try {
                if (!hashMap.containsKey(str) && (alias = this._aliasStoreSPRole.getAlias("aselect_credentials", str, itgt.getId())) != null) {
                    IRequestor requestor = this._requestorPoolFactory.getRequestor(str);
                    String str2 = (String) requestor.getProperty(this._sProfileID + PROPERTY_LOGOUT_TARGET);
                    if (str2 != null) {
                        String str3 = (String) requestor.getProperty(this._sProfileID + PROPERTY_LOGOUT_SIGNING);
                        new URL(str2);
                        vector2.add(new LogoutTarget(requestor, generateSLogout(str2, alias, Boolean.valueOf(str3).booleanValue(), tGTListenerEvent), itgt));
                    }
                }
            } catch (OAException e) {
                vector.add(0 != 0 ? new TGTEventError(UserEvent.INTERNAL_ERROR, iRequestor.getFriendlyName()) : new TGTEventError(UserEvent.INTERNAL_ERROR));
                _eventLogger.info(new UserEventLogItem((String) null, itgt.getId(), (SessionState) null, UserEvent.INTERNAL_ERROR, itgt.getUser().getID(), itgt.getUser().getOrganization(), (String) null, str, this, (String) null));
            } catch (MalformedURLException e2) {
                vector.add(0 != 0 ? new TGTEventError(UserEvent.INTERNAL_ERROR, iRequestor.getFriendlyName()) : new TGTEventError(UserEvent.INTERNAL_ERROR));
                _eventLogger.info(new UserEventLogItem((String) null, itgt.getId(), (SessionState) null, UserEvent.INTERNAL_ERROR, itgt.getUser().getID(), itgt.getUser().getOrganization(), (String) null, str, this, (String) null));
            }
        }
        for (LogoutTarget logoutTarget : vector2) {
            UserEvent sendSLogout = sendSLogout(logoutTarget.getTargetURL());
            if (sendSLogout != UserEvent.USER_LOGGED_OUT) {
                vector.add(new TGTEventError(sendSLogout, logoutTarget.getRequestor().getFriendlyName()));
            }
            _eventLogger.info(new UserEventLogItem((String) null, logoutTarget.getTGTID(), (SessionState) null, sendSLogout, logoutTarget.getUserID(), logoutTarget.getUserOrganization(), (String) null, logoutTarget.getRequestor().getID(), this, (String) null));
        }
        return vector;
    }

    private String generateSLogout(String str, String str2, boolean z, TGTListenerEvent tGTListenerEvent) throws OAException {
        try {
            Map<String, String> hashMap = new HashMap<>();
            hashMap.put(ASelectProcessor.PARAM_LOCAL_IDP, this._server.getOrganization().getID());
            hashMap.put("aselect_credentials", str2);
            if (tGTListenerEvent == TGTListenerEvent.ON_EXPIRE) {
                hashMap.put(ASelectProcessor.PARAM_REASON, ASelectProcessor.VALUE_REASON_TIMEOUT);
            }
            if (z) {
                hashMap.put(ASelectProcessor.PARAM_SIGNATURE, createSignature(hashMap));
            }
            hashMap.put("request", "logout");
            StringBuffer stringBuffer = new StringBuffer(str);
            if (!str.contains("?")) {
                stringBuffer.append("?");
            }
            for (String str3 : hashMap.keySet()) {
                if (!stringBuffer.toString().endsWith("&") && !stringBuffer.toString().endsWith("?")) {
                    stringBuffer.append("&");
                }
                stringBuffer.append(str3);
                stringBuffer.append("=");
                stringBuffer.append(URLEncoder.encode(hashMap.get(str3), ASelectProcessor.CHARSET));
            }
            return stringBuffer.toString();
        } catch (Exception e) {
            _logger.error("Could not generate logout call", e);
            throw new OAException(1);
        } catch (OAException e2) {
            throw e2;
        }
    }

    private UserEvent sendSLogout(String str) {
        GetMethod getMethod = null;
        try {
            try {
                GetMethod getMethod2 = new GetMethod(str);
                _logger.debug("Sending message: " + str);
                if (this._httpClient.executeMethod(getMethod2) != 200) {
                    StringBuffer stringBuffer = new StringBuffer("Received invalid http status '");
                    stringBuffer.append(getMethod2.getStatusLine());
                    stringBuffer.append("' while sending: ");
                    stringBuffer.append(str);
                    _logger.warn(stringBuffer.toString());
                    throw new OAException(33);
                }
                byte[] responseBody = getMethod2.getResponseBody();
                if (responseBody != null) {
                    String trim = new String(responseBody).trim();
                    _logger.debug("Received response: " + trim);
                    String str2 = convertCGI(trim).get(ASelectProcessor.PARAM_RESULT_CODE);
                    if (str2 == null) {
                        _logger.debug("No result code in response, logout failed");
                        UserEvent userEvent = UserEvent.USER_LOGOUT_FAILED;
                        if (getMethod2 != null) {
                            try {
                                getMethod2.releaseConnection();
                            } catch (Exception e) {
                                _logger.error("Could not close the connection reader", e);
                            }
                        }
                        return userEvent;
                    }
                    if (!str2.equals(ASelectErrors.ERROR_ASELECT_SUCCESS)) {
                        if (str2.equals(ASelectErrors.ERROR_LOGOUT_PARTIALLY)) {
                            _logger.debug("Logout parially in response from server");
                            UserEvent userEvent2 = UserEvent.USER_LOGOUT_PARTIALLY;
                            if (getMethod2 != null) {
                                try {
                                    getMethod2.releaseConnection();
                                } catch (Exception e2) {
                                    _logger.error("Could not close the connection reader", e2);
                                }
                            }
                            return userEvent2;
                        }
                        _logger.debug("Logout failed, result code: " + str2);
                        UserEvent userEvent3 = UserEvent.USER_LOGOUT_FAILED;
                        if (getMethod2 != null) {
                            try {
                                getMethod2.releaseConnection();
                            } catch (Exception e3) {
                                _logger.error("Could not close the connection reader", e3);
                            }
                        }
                        return userEvent3;
                    }
                }
                if (getMethod2 != null) {
                    try {
                        getMethod2.releaseConnection();
                    } catch (Exception e4) {
                        _logger.error("Could not close the connection reader", e4);
                    }
                }
                return UserEvent.USER_LOGGED_OUT;
            } catch (OAException e5) {
                UserEvent userEvent4 = UserEvent.USER_LOGOUT_FAILED;
                if (0 != 0) {
                    try {
                        getMethod.releaseConnection();
                    } catch (Exception e6) {
                        _logger.error("Could not close the connection reader", e6);
                        return userEvent4;
                    }
                }
                return userEvent4;
            } catch (Exception e7) {
                _logger.warn("Could not send synchronous logout", e7);
                UserEvent userEvent5 = UserEvent.USER_LOGOUT_FAILED;
                if (0 != 0) {
                    try {
                        getMethod.releaseConnection();
                    } catch (Exception e8) {
                        _logger.error("Could not close the connection reader", e8);
                        return userEvent5;
                    }
                }
                return userEvent5;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    getMethod.releaseConnection();
                } catch (Exception e9) {
                    _logger.error("Could not close the connection reader", e9);
                    throw th;
                }
            }
            throw th;
        }
    }

    private void readHTTPConfig(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        String param = iConfigurationManager.getParam(element, "connection_timeout");
        if (param == null) {
            _logger.info("No 'connection_timeout' parameter found in configuration, using default");
        } else {
            try {
                this._httpClient.getParams().setParameter("http.connection.timeout", new Integer(Integer.parseInt(param)));
            } catch (NumberFormatException e) {
                _logger.error("Invalid 'connection_timeout' parameter found in configuration, not a number: " + param, e);
                throw new OAException(2);
            }
        }
        String param2 = iConfigurationManager.getParam(element, "socket_timeout");
        if (param2 == null) {
            _logger.info("No 'socket_timeout' parameter found in configuration, using an infinite timeout");
            return;
        }
        try {
            this._httpClient.getParams().setParameter("http.socket.timeout", new Integer(Integer.parseInt(param2)));
        } catch (NumberFormatException e2) {
            _logger.error("Invalid 'socket_timeout' parameter found in configuration, not a number: " + param2, e2);
            throw new OAException(2);
        }
    }

    private String createSignature(Map<String, String> map) throws OAException {
        try {
            if (this._cryptoManager == null) {
                _logger.warn("No crypto manager available");
                throw new OAException(1);
            }
            Signature signature = this._cryptoManager.getSignature();
            if (signature == null) {
                _logger.warn("No signature object found");
                throw new OAException(1);
            }
            StringBuffer stringBuffer = new StringBuffer();
            Iterator it = new TreeSet(map.keySet()).iterator();
            while (it.hasNext()) {
                stringBuffer.append(map.get((String) it.next()));
            }
            PrivateKey privateKey = this._cryptoManager.getPrivateKey();
            if (privateKey == null) {
                _logger.error("No private key available");
                throw new OAException(1);
            }
            signature.initSign(privateKey);
            signature.update(stringBuffer.toString().getBytes(ASelectProcessor.CHARSET));
            return new String(Base64.encodeBase64(signature.sign()), ASelectProcessor.CHARSET);
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Could not create signature for data: " + map, e2);
            throw new OAException(1);
        }
    }

    private Hashtable<String, String> convertCGI(String str) throws OAException {
        Hashtable<String, String> hashtable = new Hashtable<>();
        try {
            if (str.trim().length() == 0) {
                return hashtable;
            }
            for (String str2 : str.split("&")) {
                int indexOf = str2.indexOf(61);
                String trim = str2.substring(0, indexOf).trim();
                String decode = URLDecoder.decode(str2.substring(indexOf + 1).trim(), ASelectProcessor.CHARSET);
                if (hashtable.containsKey(trim)) {
                    _logger.error("Key is not unique in message: " + trim);
                    throw new OAException(1);
                }
                hashtable.put(trim, decode);
            }
            return hashtable;
        } catch (Exception e) {
            _logger.fatal("Internal error during conversion of message: " + str, e);
            throw new OAException(1);
        } catch (OAException e2) {
            throw e2;
        }
    }
}
