package com.alfaariss.oa.sso.web.profile.user;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.RequestorEvent;
import com.alfaariss.oa.UserEvent;
import com.alfaariss.oa.UserException;
import com.alfaariss.oa.api.IService;
import com.alfaariss.oa.api.attribute.IAttributes;
import com.alfaariss.oa.api.attribute.ISessionAttributes;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.logging.IAuthority;
import com.alfaariss.oa.api.requestor.IRequestor;
import com.alfaariss.oa.api.session.ISession;
import com.alfaariss.oa.api.session.SessionState;
import com.alfaariss.oa.api.sso.ISSOProfile;
import com.alfaariss.oa.api.tgt.ITGT;
import com.alfaariss.oa.api.tgt.TGTEventError;
import com.alfaariss.oa.engine.core.Engine;
import com.alfaariss.oa.engine.core.authentication.AuthenticationProfile;
import com.alfaariss.oa.engine.core.authentication.factory.IAuthenticationProfileFactory;
import com.alfaariss.oa.engine.core.requestor.RequestorPool;
import com.alfaariss.oa.engine.core.requestor.factory.IRequestorPoolFactory;
import com.alfaariss.oa.engine.core.session.factory.ISessionFactory;
import com.alfaariss.oa.engine.core.tgt.factory.ITGTFactory;
import com.alfaariss.oa.sso.web.WebSSOServlet;
import com.alfaariss.oa.sso.web.profile.logout.LogoutState;
import com.alfaariss.oa.sso.web.profile.user.info.UserAttribute;
import com.alfaariss.oa.sso.web.profile.user.info.UserInfo;
import com.alfaariss.oa.util.logging.RequestorEventLogItem;
import com.alfaariss.oa.util.logging.UserEventLogItem;
import com.alfaariss.oa.util.validation.SessionValidator;
import com.alfaariss.oa.util.validation.TGTValidator;
import com.alfaariss.oa.util.web.CookieTool;
import com.alfaariss.oa.util.web.HttpUtils;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alfaariss/oa/sso/web/profile/user/UserProfile.class */
public class UserProfile implements ISSOProfile, IService, IAuthority {
    public static final String PROFILE_ID = "user";
    private static final String AUTHORITY_NAME = "UserProfile";
    private static final String JSP_AUTHN_ENABLED = "authnEnabled";
    private static final String TARGET_AUTHN = "authn";
    private static final String TARGET_LOGOUT = "logout";
    private static final String DEFAULT_JSP_INDEX = "/ui/sso/user/index.jsp";
    private static final String DEFAULT_REQUESTOR_ID = "userpage";
    private static Log _logger;
    private static Log _eventLogger;
    private ITGTFactory<?> _tgtFactory;
    private ISessionFactory<?> _sessionFactory;
    private IRequestorPoolFactory _requestorPoolFactory;
    private IAuthenticationProfileFactory _authenticationProfileFactory;
    private CookieTool _cookieTool;
    private String _sRedirectURL;
    private String _sJSPUserIndex;
    private String _sUserPageRequestorId;
    private boolean _bAuthNEnabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.alfaariss.oa.sso.web.profile.user.UserProfile$1, reason: invalid class name */
    /* loaded from: input_file:com/alfaariss/oa/sso/web/profile/user/UserProfile$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$alfaariss$oa$api$session$SessionState = new int[SessionState.values().length];

        static {
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.AUTHN_FAILED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_CANCELLED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.POST_AUTHZ_FAILED.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.PRE_AUTHZ_FAILED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_BLOCKED.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_UNKNOWN.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.AUTHN_OK.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_PARTIAL.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_FAILED.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$api$session$SessionState[SessionState.USER_LOGOUT_SUCCESS.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
        }
    }

    public UserProfile() {
        _logger = LogFactory.getLog(UserProfile.class);
        _eventLogger = LogFactory.getLog("com.alfaariss.oa.EventLogger");
        this._cookieTool = null;
        this._sJSPUserIndex = null;
        this._sUserPageRequestorId = null;
        this._sRedirectURL = null;
        this._bAuthNEnabled = true;
    }

    public void destroy() {
        this._sJSPUserIndex = null;
        this._sUserPageRequestorId = null;
        this._sRedirectURL = null;
        this._cookieTool = null;
        this._bAuthNEnabled = true;
    }

    public String getID() {
        return PROFILE_ID;
    }

    public void init(ServletContext servletContext, IConfigurationManager iConfigurationManager, Element element, Element element2) throws OAException {
        Engine engine = Engine.getInstance();
        this._tgtFactory = engine.getTGTFactory();
        this._sessionFactory = engine.getSessionFactory();
        this._requestorPoolFactory = engine.getRequestorPoolFactory();
        this._authenticationProfileFactory = engine.getAuthenticationProfileFactory();
        this._cookieTool = new CookieTool(iConfigurationManager, element);
        readConfigRedirectURL(iConfigurationManager, element);
        Element section = iConfigurationManager.getSection(element, DEFAULT_REQUESTOR_ID);
        if (section == null) {
            _logger.warn("No 'userpage' section available in configuration, using defaults");
            this._sJSPUserIndex = DEFAULT_JSP_INDEX;
            this._sUserPageRequestorId = DEFAULT_REQUESTOR_ID;
            this._sRedirectURL = null;
            this._bAuthNEnabled = isSSOEnabledInWebSSO(iConfigurationManager, element);
            if (!this._bAuthNEnabled) {
                _logger.warn("Single Sign-On is disabled; Default setting is set to disabled for authentication within the user page");
            }
        } else {
            readConfig(iConfigurationManager, element, section);
        }
        _logger.info("Started User Profile: user");
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OAException {
        String parameter;
        try {
            HttpUtils.setDisableCachingHttpHeaders(httpServletRequest, httpServletResponse);
            ISession iSession = (ISession) httpServletRequest.getAttribute("asid");
            if (iSession == null && (parameter = httpServletRequest.getParameter("asid")) != null) {
                if (!SessionValidator.validateDefaultSessionId(parameter)) {
                    _logger.warn("Invalid session id in request: " + parameter);
                    throw new UserException(UserEvent.REQUEST_INVALID);
                }
                iSession = this._sessionFactory.retrieve(parameter);
            }
            String resolveTarget = resolveTarget(httpServletRequest);
            if (resolveTarget != null) {
                if (resolveTarget.equalsIgnoreCase(TARGET_AUTHN) && this._bAuthNEnabled) {
                    _logger.debug("Performing 'authn' request sent from IP: " + httpServletRequest.getRemoteAddr());
                    processAuthN(httpServletRequest, httpServletResponse, iSession);
                    return;
                } else if (resolveTarget.equalsIgnoreCase("logout")) {
                    _logger.debug("Performing 'logout' request sent from IP: " + httpServletRequest.getRemoteAddr());
                    processLogout(httpServletRequest, httpServletResponse, iSession);
                    return;
                }
            }
            _logger.debug("Performing 'info' request sent from IP: " + httpServletRequest.getRemoteAddr());
            processDefault(httpServletRequest, httpServletResponse, iSession);
        } catch (UserException e) {
            try {
                if (!httpServletResponse.isCommitted()) {
                    httpServletResponse.sendError(400);
                }
            } catch (IOException e2) {
                _logger.debug("Could not respond", e2);
                throw new OAException(1);
            }
        } catch (OAException e3) {
            if (0 != 0) {
                _eventLogger.info(new RequestorEventLogItem((ISession) null, httpServletRequest.getRemoteAddr(), RequestorEvent.INTERNAL_ERROR, this, (String) null));
            } else {
                _eventLogger.info(new RequestorEventLogItem((String) null, (String) null, (SessionState) null, RequestorEvent.INTERNAL_ERROR, (String) null, httpServletRequest.getRemoteAddr(), (String) null, this, (String) null));
            }
            throw e3;
        } catch (Exception e4) {
            if (0 != 0) {
                _eventLogger.info(new RequestorEventLogItem((ISession) null, httpServletRequest.getRemoteAddr(), RequestorEvent.INTERNAL_ERROR, this, (String) null));
            } else {
                _eventLogger.info(new RequestorEventLogItem((String) null, (String) null, (SessionState) null, RequestorEvent.INTERNAL_ERROR, (String) null, httpServletRequest.getRemoteAddr(), (String) null, this, (String) null));
            }
            _logger.fatal("Internal error during request processing", e4);
            throw new OAException(1);
        }
    }

    public String getAuthority() {
        return AUTHORITY_NAME;
    }

    private void readConfigRedirectURL(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        this._sRedirectURL = iConfigurationManager.getParam(element, "redirect_url");
        if (this._sRedirectURL == null) {
            _logger.info("No optional 'redirect_url' parameter found in configuration");
            return;
        }
        if (!this._sRedirectURL.endsWith("/")) {
            this._sRedirectURL += "/";
        }
        this._sRedirectURL += PROFILE_ID;
        try {
            new URL(this._sRedirectURL);
            _logger.info("Using configured 'redirect_url' parameter: " + this._sRedirectURL);
        } catch (MalformedURLException e) {
            _logger.error("The configured 'redirect_url' parameter isn't a valid URL: " + this._sRedirectURL, e);
            throw new OAException(1);
        }
    }

    private void readConfig(IConfigurationManager iConfigurationManager, Element element, Element element2) throws OAException {
        Element section = iConfigurationManager.getSection(element2, "jsp");
        if (section == null) {
            _logger.warn("No optional 'jsp' section found in 'userpage' section in configuration; using default");
            this._sJSPUserIndex = DEFAULT_JSP_INDEX;
        } else {
            this._sJSPUserIndex = iConfigurationManager.getParam(section, "path");
            if (this._sJSPUserIndex == null) {
                _logger.error("No 'path' parameter found in 'jsp' section in configuration");
                throw new OAException(17);
            }
        }
        _logger.info("Using user info jsp location: " + this._sJSPUserIndex);
        this._sUserPageRequestorId = iConfigurationManager.getParam(element2, "requestor");
        if (this._sUserPageRequestorId == null) {
            this._sUserPageRequestorId = DEFAULT_REQUESTOR_ID;
            _logger.warn("No optional 'requestor' parameter found in 'userpage' section in configuration");
        }
        _logger.info("Userpage will use requestor id: " + this._sUserPageRequestorId);
        this._bAuthNEnabled = isSSOEnabledInWebSSO(iConfigurationManager, element);
        if (!this._bAuthNEnabled) {
            _logger.warn("Single Sign-On is disabled; Default setting is set to disabled for authentication within the user page");
        }
        Element section2 = iConfigurationManager.getSection(element2, TARGET_AUTHN);
        if (section2 == null) {
            _logger.warn("No optional 'authn' section found in 'userpage' section in configuration; using authentication enabled: " + this._bAuthNEnabled);
        } else {
            String param = iConfigurationManager.getParam(section2, "enabled");
            if (param != null) {
                if (param.equalsIgnoreCase("FALSE")) {
                    this._bAuthNEnabled = false;
                } else {
                    if (!param.equalsIgnoreCase("TRUE")) {
                        _logger.error("Unknown value in 'enabled' configuration item: " + param);
                        throw new OAException(17);
                    }
                    this._bAuthNEnabled = true;
                }
            }
        }
        _logger.info("Authentication for Userpage is: " + (this._bAuthNEnabled ? "enabled" : "disabled"));
        if (this._bAuthNEnabled) {
            IRequestor requestor = this._requestorPoolFactory.getRequestor(this._sUserPageRequestorId);
            if (requestor == null) {
                _logger.warn("Unknown 'requestor' configured; Requestor is not available in any requestorpool: " + this._sUserPageRequestorId);
            } else {
                if (requestor.isEnabled()) {
                    return;
                }
                _logger.warn("Disabled 'requestor' configured; Requestor is disabled: " + this._sUserPageRequestorId);
            }
        }
    }

    private boolean isSSOEnabledInWebSSO(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        String param = iConfigurationManager.getParam(element, "single_sign_on");
        if (param == null) {
            return true;
        }
        if ("false".equalsIgnoreCase(param)) {
            _logger.info("Single sign-on is disabled in the Web SSO");
            return false;
        }
        if ("true".equalsIgnoreCase(param)) {
            return true;
        }
        _logger.error("Invalid value for 'single_sign_on' item found in websso configuration: " + param);
        throw new OAException(17);
    }

    private String resolveTarget(HttpServletRequest httpServletRequest) {
        int length;
        String requestURI = httpServletRequest.getRequestURI();
        if (!requestURI.endsWith("/")) {
            requestURI = requestURI + "/";
        }
        String lowerCase = requestURI.toLowerCase();
        int indexOf = lowerCase.indexOf("user/");
        if (indexOf <= -1 || lowerCase.length() <= (length = indexOf + PROFILE_ID.length() + "/".length())) {
            return null;
        }
        String substring = lowerCase.substring(length, lowerCase.length() - 1);
        if (substring.length() > 0) {
            return substring;
        }
        return null;
    }

    private void processDefault(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws OAException {
        ITGT retrieve;
        UserInfo userInfo;
        ITGT retrieve2;
        boolean z = this._bAuthNEnabled;
        Errors errors = null;
        Vector vector = new Vector();
        String cookieValue = this._cookieTool.getCookieValue(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest);
        if (iSession == null) {
            ITGT itgt = null;
            if (cookieValue != null) {
                if (TGTValidator.validateDefaultTGTId(cookieValue)) {
                    itgt = this._tgtFactory.retrieve(cookieValue);
                } else {
                    _logger.debug("TGT cookie contains invalid TGT ID: " + cookieValue);
                    this._cookieTool.removeCookie(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest, httpServletResponse);
                    _logger.debug("TGT cookie removed");
                }
            }
            if (itgt == null) {
                errors = Errors.NO_TGT;
            } else if (itgt.isExpired()) {
                itgt.persist();
                errors = Errors.NO_TGT;
            } else {
                if (z) {
                    if (verifyRequestorEnabled(itgt)) {
                        _logger.debug("Valid TGT available, but no session available with user attributes");
                        processAuthN(httpServletRequest, httpServletResponse, null);
                        return;
                    }
                    z = false;
                }
                UserInfo userInfo2 = getUserInfo(iSession, itgt);
                if (userInfo2 != null) {
                    httpServletRequest.setAttribute(UserInfo.USER_INFO_NAME, userInfo2);
                }
            }
        } else if (cookieValue != null || iSession.getState() == SessionState.USER_LOGOUT_SUCCESS) {
            switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$api$session$SessionState[iSession.getState().ordinal()]) {
                case 7:
                    String tGTId = iSession.getTGTId();
                    if (tGTId != null && (retrieve = this._tgtFactory.retrieve(tGTId)) != null && !retrieve.isExpired() && (userInfo = getUserInfo(iSession, retrieve)) != null) {
                        httpServletRequest.setAttribute(UserInfo.USER_INFO_NAME, userInfo);
                        break;
                    } else {
                        errors = Errors.NO_TGT;
                        iSession.expire();
                        iSession.persist();
                        break;
                    }
                case 8:
                case 9:
                    ISessionAttributes attributes = iSession.getAttributes();
                    if (attributes.contains(LogoutState.class, LogoutState.SESSION_LOGOUT_RESULTS) && attributes.contains(LogoutState.class, LogoutState.SESSION_LOGOUT_RESULTS)) {
                        List list = (List) attributes.get(LogoutState.class, LogoutState.SESSION_LOGOUT_RESULTS);
                        for (int i = 0; i < list.size(); i++) {
                            TGTEventError tGTEventError = (TGTEventError) list.get(i);
                            if (tGTEventError.getCode() != UserEvent.USER_LOGGED_OUT) {
                                vector.add(tGTEventError);
                            }
                        }
                    }
                    z = false;
                    errors = iSession.getState();
                    _eventLogger.info(new UserEventLogItem(iSession, httpServletRequest.getRemoteAddr(), UserEvent.USER_LOGOUT_FAILED, this, (String) null));
                    if (iSession.getId() != null) {
                        iSession.expire();
                        iSession.persist();
                        break;
                    }
                    break;
                case 10:
                    _eventLogger.info(new UserEventLogItem(iSession, httpServletRequest.getRemoteAddr(), UserEvent.USER_LOGGED_OUT, this, (String) null));
                    z = false;
                    errors = iSession.getState();
                    iSession.expire();
                    iSession.persist();
                    break;
                default:
                    errors = iSession.getState();
                    _eventLogger.info(new UserEventLogItem(iSession, httpServletRequest.getRemoteAddr(), UserEvent.INTERNAL_ERROR, this, "invalid state"));
                    iSession.expire();
                    iSession.persist();
                    break;
            }
        } else {
            String tGTId2 = iSession.getTGTId();
            if (tGTId2 != null && (retrieve2 = this._tgtFactory.retrieve(tGTId2)) != null && !retrieve2.isExpired()) {
                retrieve2.expire();
                retrieve2.persist();
                _logger.debug("Removed TGT: " + tGTId2);
            }
            switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$api$session$SessionState[iSession.getState().ordinal()]) {
                case 1:
                case 2:
                case 3:
                case 4:
                    errors = iSession.getState();
                    break;
                case 5:
                case 6:
                    errors = SessionState.AUTHN_FAILED;
                    break;
                default:
                    errors = Errors.NO_TGT;
                    break;
            }
            iSession.expire();
            iSession.persist();
            _logger.debug("Removed session: " + iSession.getId());
        }
        forwardToIndex(httpServletRequest, httpServletResponse, errors, vector, z, iSession);
    }

    private void processLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws OAException {
        try {
            if (this._cookieTool.getCookieValue(WebSSOServlet.TGT_COOKIE_NAME, httpServletRequest) == null) {
                _logger.debug("No TGT cookie found, user already loggedout");
                if (iSession != null) {
                    iSession.expire();
                    iSession.persist();
                }
                processDefault(httpServletRequest, httpServletResponse, null);
                return;
            }
            String servletPath = httpServletRequest.getServletPath();
            if (iSession == null) {
                String str = this._sRedirectURL;
                if (str == null) {
                    str = httpServletRequest.getRequestURL().toString();
                    if (str.endsWith("/")) {
                        str = str.substring(0, str.length() - 1);
                    }
                    if (str.endsWith("user/logout")) {
                        str = str.substring(0, str.length() - "logout".length());
                    }
                }
                iSession = this._sessionFactory.createSession(this._sUserPageRequestorId);
                iSession.persist();
                StringBuilder sb = new StringBuilder(str);
                if (!str.endsWith("/")) {
                    sb.append("/");
                }
                sb.append("?");
                sb.append("asid");
                sb.append("=");
                sb.append(iSession.getId());
                iSession.setProfileURL(sb.toString());
            }
            _logger.debug("Starting logout");
            iSession.persist();
            httpServletRequest.setAttribute("asid", iSession);
            StringBuilder sb2 = new StringBuilder(servletPath);
            if (!servletPath.endsWith("/")) {
                sb2.append("/");
            }
            sb2.append("logout");
            RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(sb2.toString());
            if (requestDispatcher == null) {
                _logger.warn("There is no requestor dispatcher supported with name: " + sb2.toString());
                throw new OAException(1);
            }
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            _logger.fatal("Internal error during logout", e);
            throw new OAException(1);
        } catch (OAException e2) {
            throw e2;
        }
    }

    private void processAuthN(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws OAException {
        try {
            if (iSession != null) {
                processDefault(httpServletRequest, httpServletResponse, iSession);
            } else {
                String str = this._sRedirectURL;
                if (str == null) {
                    str = httpServletRequest.getRequestURL().toString();
                    if (str.endsWith("/")) {
                        str = str.substring(0, str.length() - 1);
                    }
                    if (str.endsWith("user/authn")) {
                        str = str.substring(0, str.length() - TARGET_AUTHN.length());
                    }
                }
                ISession createSession = this._sessionFactory.createSession(this._sUserPageRequestorId);
                createSession.persist();
                StringBuilder sb = new StringBuilder(str);
                if (!str.endsWith("/")) {
                    sb.append("/");
                }
                sb.append("?");
                sb.append("asid");
                sb.append("=");
                sb.append(createSession.getId());
                createSession.setProfileURL(sb.toString());
                httpServletRequest.setAttribute("asid", createSession);
                _logger.debug("Starting authentication");
                String servletPath = httpServletRequest.getServletPath();
                RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(servletPath);
                if (requestDispatcher == null) {
                    _logger.warn("There is no requestor dispatcher supported with name: " + servletPath);
                    throw new OAException(1);
                }
                requestDispatcher.forward(httpServletRequest, httpServletResponse);
            }
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            _logger.fatal("Internal error during authentication", e2);
            throw new OAException(1);
        }
    }

    private UserInfo getUserInfo(ISession iSession, ITGT itgt) throws OAException {
        Vector vector = new Vector();
        Iterator it = itgt.getAuthNProfileIDs().iterator();
        while (it.hasNext()) {
            AuthenticationProfile profile = this._authenticationProfileFactory.getProfile((String) it.next());
            if (profile != null) {
                vector.add(profile);
            }
        }
        Vector vector2 = new Vector();
        List requestorIDs = itgt.getRequestorIDs();
        for (int size = requestorIDs.size() - 1; size >= 0; size--) {
            IRequestor requestor = this._requestorPoolFactory.getRequestor((String) requestorIDs.get(size));
            if (requestor != null && !vector2.contains(requestor)) {
                vector2.add(requestor);
            }
        }
        Vector vector3 = new Vector();
        if (iSession != null) {
            IAttributes attributes = iSession.getUser().getAttributes();
            Enumeration names = attributes.getNames();
            while (names.hasMoreElements()) {
                String str = (String) names.nextElement();
                vector3.add(new UserAttribute(str, attributes.get(str)));
            }
        }
        return new UserInfo(itgt, vector, vector2, vector3);
    }

    private void forwardToIndex(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Enum r7, List<TGTEventError> list, boolean z, ISession iSession) throws OAException {
        if (z) {
            try {
                IRequestor requestor = this._requestorPoolFactory.getRequestor(this._sUserPageRequestorId);
                if (requestor == null || !requestor.isEnabled()) {
                    z = false;
                } else {
                    RequestorPool requestorPool = this._requestorPoolFactory.getRequestorPool(this._sUserPageRequestorId);
                    if (requestorPool == null || !requestorPool.isEnabled()) {
                        z = false;
                    }
                }
            } catch (Exception e) {
                _logger.fatal("Internal error during jsp forward", e);
                throw new OAException(1);
            } catch (OAException e2) {
                throw e2;
            }
        }
        if (iSession != null) {
            httpServletRequest.setAttribute("asid", iSession.getId());
        }
        if (z) {
            httpServletRequest.setAttribute(JSP_AUTHN_ENABLED, Boolean.valueOf(z));
        }
        if (r7 != null) {
            httpServletRequest.setAttribute("userEvent", r7);
        }
        if (list != null) {
            httpServletRequest.setAttribute("details", list);
        }
        httpServletRequest.setAttribute("serverInfo", Engine.getInstance().getServer());
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this._sJSPUserIndex);
        if (requestDispatcher != null) {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        } else {
            _logger.fatal("Forward request not supported");
            throw new OAException(1);
        }
    }

    private boolean verifyRequestorEnabled(ITGT itgt) throws OAException {
        RequestorPool requestorPool = this._requestorPoolFactory.getRequestorPool(this._sUserPageRequestorId);
        if (requestorPool == null) {
            _logger.debug("Requestor not available in a requestorpool: " + this._sUserPageRequestorId);
            return false;
        }
        if (!requestorPool.isEnabled()) {
            _logger.debug("Requestorpool disabled: " + requestorPool.getID());
            return false;
        }
        IRequestor requestor = this._requestorPoolFactory.getRequestor(this._sUserPageRequestorId);
        if (requestor == null) {
            _logger.debug("Requestor not available: " + this._sUserPageRequestorId);
            return false;
        }
        if (!requestor.isEnabled()) {
            _logger.debug("Requestor disabled: " + this._sUserPageRequestorId);
            return false;
        }
        List authenticationProfileIDs = requestorPool.getAuthenticationProfileIDs();
        if (authenticationProfileIDs.isEmpty()) {
            _logger.debug("Requestorpool doesn't contains authN profiles: " + requestorPool.getID());
            return false;
        }
        boolean z = false;
        Iterator it = itgt.getAuthNProfileIDs().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (authenticationProfileIDs.contains((String) it.next())) {
                z = true;
                break;
            }
        }
        if (!z) {
            _logger.debug("Requestorpool (" + requestorPool.getID() + ") doesn't have any authN Profiles available that are available in TGT: " + itgt.getId());
        }
        return z;
    }
}
