package com.alfaariss.oa.sso.authentication.web;

import com.alfaariss.oa.OAException;
import com.alfaariss.oa.UserEvent;
import com.alfaariss.oa.api.IComponent;
import com.alfaariss.oa.api.attribute.ISessionAttributes;
import com.alfaariss.oa.api.authentication.IAuthenticationMethod;
import com.alfaariss.oa.api.authentication.IAuthenticationProfile;
import com.alfaariss.oa.api.configuration.IConfigurationManager;
import com.alfaariss.oa.api.session.ISession;
import com.alfaariss.oa.api.session.SessionState;
import com.alfaariss.oa.engine.core.authentication.AuthenticationMethod;
import com.alfaariss.oa.sso.SSOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alfaariss/oa/sso/authentication/web/AuthenticationManager.class */
public class AuthenticationManager implements IComponent {
    private static final String ATTRIBUTE_CURRENT_METHOD = "CURRENT_METHOD";
    private IConfigurationManager _configManager;
    private Log _logger = LogFactory.getLog(AuthenticationManager.class);
    private Map<String, IWebAuthenticationMethod> _mapAuthenticationMethods = new HashMap();

    /* renamed from: com.alfaariss.oa.sso.authentication.web.AuthenticationManager$1, reason: invalid class name */
    /* loaded from: input_file:com/alfaariss/oa/sso/authentication/web/AuthenticationManager$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$alfaariss$oa$UserEvent = new int[UserEvent.values().length];

        static {
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.AUTHN_METHOD_SUCCESSFUL.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.AUTHN_METHOD_IN_PROGRESS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_UNKNOWN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_DISABLED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.USER_CANCELLED.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.AUTHN_METHOD_NOT_REGISTERED.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.AUTHN_METHOD_NOT_SUPPORTED.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$com$alfaariss$oa$UserEvent[UserEvent.REQUEST_INVALID.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
        }
    }

    public void authenticate(IAuthenticationProfile iAuthenticationProfile, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ISession iSession) throws SSOException, OAException {
        IAuthenticationMethod iAuthenticationMethod;
        try {
            if (iAuthenticationProfile == null) {
                throw new IllegalArgumentException("No selected authN profile supplied");
            }
            if (!iAuthenticationProfile.isEnabled()) {
                this._logger.error("Authentication profile is disabled: " + iAuthenticationProfile.getID());
                throw new SSOException(1);
            }
            List<IAuthenticationMethod> authenticationMethods = iAuthenticationProfile.getAuthenticationMethods();
            ISessionAttributes attributes = iSession.getAttributes();
            SessionState state = iSession.getState();
            if (state == SessionState.AUTHN_SELECTION_OK) {
                iAuthenticationMethod = getAuthenticationMethod(authenticationMethods, null, iAuthenticationProfile.getID());
                attributes.put(AuthenticationManager.class, ATTRIBUTE_CURRENT_METHOD, iAuthenticationMethod);
                iSession.setState(SessionState.AUTHN_IN_PROGRESS);
            } else {
                if (state != SessionState.AUTHN_IN_PROGRESS) {
                    this._logger.error("Session state invalid: " + state);
                    throw new SSOException(1);
                }
                iAuthenticationMethod = (AuthenticationMethod) attributes.get(AuthenticationManager.class, ATTRIBUTE_CURRENT_METHOD);
            }
            IWebAuthenticationMethod iWebAuthenticationMethod = this._mapAuthenticationMethods.get(iAuthenticationMethod.getID());
            if (iWebAuthenticationMethod == null) {
                this._logger.error("No authentication method found with id: " + iAuthenticationMethod.getID());
                throw new SSOException(1);
            }
            while (iSession.getState() == SessionState.AUTHN_IN_PROGRESS) {
                if (!iWebAuthenticationMethod.isEnabled()) {
                    this._logger.error("Authentication method is disabled: " + iWebAuthenticationMethod.getID());
                    throw new SSOException(1);
                }
                switch (AnonymousClass1.$SwitchMap$com$alfaariss$oa$UserEvent[iWebAuthenticationMethod.authenticate(httpServletRequest, httpServletResponse, iSession).ordinal()]) {
                    case 1:
                        iAuthenticationMethod = getAuthenticationMethod(authenticationMethods, iAuthenticationMethod, iAuthenticationProfile.getID());
                        if (iAuthenticationMethod == null) {
                            iSession.setState(SessionState.AUTHN_OK);
                            break;
                        } else {
                            attributes.put(AuthenticationManager.class, ATTRIBUTE_CURRENT_METHOD, iAuthenticationMethod);
                            if (!this._mapAuthenticationMethods.containsKey(iAuthenticationMethod.getID())) {
                                this._logger.error("Authentication method not available: " + iAuthenticationMethod.getID());
                                throw new SSOException(1);
                            }
                            iWebAuthenticationMethod = this._mapAuthenticationMethods.get(iAuthenticationMethod.getID());
                            break;
                        }
                    case 2:
                        return;
                    case 3:
                        iSession.setState(SessionState.USER_UNKNOWN);
                        break;
                    case 4:
                        iSession.setState(SessionState.USER_BLOCKED);
                        break;
                    case 5:
                        iSession.setState(SessionState.USER_CANCELLED);
                        break;
                    case 6:
                    case 7:
                        iSession.setState(SessionState.AUTHN_NOT_SUPPORTED);
                        break;
                    case 8:
                    default:
                        iSession.setState(SessionState.AUTHN_FAILED);
                        break;
                }
            }
        } catch (OAException e) {
            throw e;
        } catch (Exception e2) {
            this._logger.error("Internal error during authentication", e2);
            throw new SSOException(1);
        }
    }

    public void restart(Element element) throws OAException {
        synchronized (this) {
            stop();
            start(this._configManager, element);
        }
    }

    public void start(IConfigurationManager iConfigurationManager, Element element) throws OAException {
        try {
            this._configManager = iConfigurationManager;
            Element section = this._configManager.getSection(element, "methods");
            if (section == null) {
                this._logger.error("No 'methods' section found in configuration");
                throw new OAException(17);
            }
            Element section2 = this._configManager.getSection(section, "method");
            while (section2 != null) {
                IWebAuthenticationMethod createAuthenticationMethod = createAuthenticationMethod(section2);
                if (!createAuthenticationMethod.isEnabled()) {
                    this._logger.debug("Authentication method is disabled: " + createAuthenticationMethod.getID());
                } else {
                    if (this._mapAuthenticationMethods.containsKey(createAuthenticationMethod.getID())) {
                        this._logger.error("Authentication method is not unique: " + createAuthenticationMethod.getID());
                        throw new OAException(17);
                    }
                    this._mapAuthenticationMethods.put(createAuthenticationMethod.getID(), createAuthenticationMethod);
                }
                section2 = this._configManager.getNextSection(section2);
            }
        } catch (Exception e) {
            this._logger.fatal("Internal error during object creation", e);
            throw new OAException(1);
        } catch (OAException e2) {
            throw e2;
        }
    }

    public void stop() {
        if (this._mapAuthenticationMethods != null) {
            Iterator<IWebAuthenticationMethod> it = this._mapAuthenticationMethods.values().iterator();
            while (it.hasNext()) {
                it.next().stop();
            }
            this._mapAuthenticationMethods.clear();
        }
    }

    public Map<String, IWebAuthenticationMethod> getAuthenticationMethods() {
        return Collections.unmodifiableMap(this._mapAuthenticationMethods);
    }

    private IWebAuthenticationMethod createAuthenticationMethod(Element element) throws SSOException {
        try {
            String param = this._configManager.getParam(element, "class");
            if (param == null) {
                this._logger.error("No 'class' item found in 'methods' section found in configuration");
                throw new SSOException(17);
            }
            try {
                try {
                    IWebAuthenticationMethod iWebAuthenticationMethod = (IWebAuthenticationMethod) Class.forName(param).newInstance();
                    iWebAuthenticationMethod.start(this._configManager, element);
                    return iWebAuthenticationMethod;
                } catch (Exception e) {
                    this._logger.error("Could not create instance of " + param, e);
                    throw new SSOException(17);
                }
            } catch (Exception e2) {
                this._logger.error("Class not found: " + param, e2);
                throw new SSOException(17);
            }
        } catch (SSOException e3) {
            throw e3;
        } catch (Exception e4) {
            this._logger.fatal("Internal error during object creation", e4);
            throw new SSOException(1);
        }
    }

    private IAuthenticationMethod getAuthenticationMethod(List<IAuthenticationMethod> list, IAuthenticationMethod iAuthenticationMethod, String str) throws SSOException {
        IAuthenticationMethod iAuthenticationMethod2 = null;
        int i = 0;
        int size = list.size();
        if (size == 0) {
            this._logger.error("No authentication methods available in pool: " + str);
            throw new SSOException(1);
        }
        if (iAuthenticationMethod != null) {
            int indexOf = list.indexOf(iAuthenticationMethod);
            if (indexOf == -1) {
                this._logger.error("Current authentication method unavailable: " + iAuthenticationMethod.getID());
                throw new SSOException(1);
            }
            i = indexOf + 1;
        }
        if (i < size) {
            iAuthenticationMethod2 = list.get(i);
        }
        return iAuthenticationMethod2;
    }
}
