package com.ibm.ws.security.common.web;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.common.TraceConstants;
import com.ibm.ws.webcontainer.security.ReferrerURLCookieHandler;
import com.ibm.ws.webcontainer.security.WebAppSecurityCollaboratorImpl;
import com.ibm.ws.webcontainer.security.WebAppSecurityConfig;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Iterator;
import java.util.Map;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/common/web/WebSSOUtils.class */
public class WebSSOUtils {
    public static final TraceComponent tc = Tr.register(WebSSOUtils.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    static final long serialVersionUID = -339802536750556077L;

    public String getRequestUrlWithEncodedQueryString(HttpServletRequest httpServletRequest) {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?");
            requestURL.append(getUrlEncodedQueryString(httpServletRequest));
        }
        return requestURL.toString();
    }

    public String getUrlEncodedQueryString(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        if (!parameterMap.isEmpty()) {
            sb.append(getUrlEncodedQueryStringFromParameterMap(parameterMap));
        }
        return sb.toString();
    }

    public String getUrlEncodedQueryStringFromParameterMap(Map<String, String[]> map) {
        StringBuilder sb = new StringBuilder();
        Iterator<Map.Entry<String, String[]>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, String[]> next = it.next();
            sb.append(getUrlEncodedParameterAndValues(next.getKey(), next.getValue()));
            if (it.hasNext() && sb.charAt(sb.length() - 1) != '&') {
                sb.append("&");
            }
        }
        return sb.toString();
    }

    public String getUrlEncodedParameterAndValues(String str, String[] strArr) {
        StringBuilder sb = new StringBuilder();
        sb.append(WebUtils.urlEncode(str));
        if (strArr != null && strArr.length > 0) {
            for (int i = 0; i < strArr.length; i++) {
                sb.append("=" + WebUtils.urlEncode(strArr[i]));
                if (i < strArr.length - 1) {
                    sb.append("&" + WebUtils.urlEncode(str));
                }
            }
        }
        return sb.toString();
    }

    public ReferrerURLCookieHandler getCookieHandler() {
        WebAppSecurityConfig webAppSecurityConfig = getWebAppSecurityConfig();
        return webAppSecurityConfig != null ? webAppSecurityConfig.createReferrerURLCookieHandler() : new ReferrerURLCookieHandler(webAppSecurityConfig);
    }

    public Cookie createCookie(String str, @Sensitive String str2, HttpServletRequest httpServletRequest) {
        return createCookie(str, str2, -1, httpServletRequest);
    }

    public Cookie createCookie(String str, @Sensitive String str2, int i, HttpServletRequest httpServletRequest) {
        Cookie createCookie = getCookieHandler().createCookie(str, str2, httpServletRequest);
        String ssoDomain = getSsoDomain(httpServletRequest);
        if (ssoDomain != null && !ssoDomain.isEmpty()) {
            createCookie.setDomain(ssoDomain);
        }
        createCookie.setMaxAge(i);
        return createCookie;
    }

    public String getSsoDomain(HttpServletRequest httpServletRequest) {
        WebAppSecurityConfig webAppSecurityConfig = getWebAppSecurityConfig();
        return webAppSecurityConfig.createSSOCookieHelper().getSSODomainName(httpServletRequest, webAppSecurityConfig.getSSODomainList(), webAppSecurityConfig.getSSOUseDomainFromURL());
    }

    WebAppSecurityConfig getWebAppSecurityConfig() {
        return WebAppSecurityCollaboratorImpl.getGlobalWebAppSecurityConfig();
    }
}
