package com.ibm.ws.security.social.web.utils;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.common.web.WebUtils;
import com.ibm.ws.security.social.error.SocialLoginException;
import com.ibm.ws.security.social.internal.utils.ClientConstants;
import com.ibm.ws.webcontainer.security.CookieHelper;
import com.ibm.ws.webcontainer.security.PostParameterHelper;
import com.ibm.ws.webcontainer.security.ReferrerURLCookieHandler;
import com.ibm.ws.webcontainer.security.WebAppSecurityCollaboratorImpl;
import com.ibm.ws.webcontainer.security.WebAppSecurityConfig;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/social/web/utils/SocialWebUtils.class */
public class SocialWebUtils {
    public static final TraceComponent tc = Tr.register(SocialWebUtils.class, "SOCIAL", "com.ibm.ws.security.social.resources.SocialMessages");
    static final long serialVersionUID = -8572482189033500801L;

    protected ReferrerURLCookieHandler getCookieHandler() {
        WebAppSecurityConfig webAppSecurityConfig = getWebAppSecurityConfig();
        return webAppSecurityConfig != null ? webAppSecurityConfig.createReferrerURLCookieHandler() : new ReferrerURLCookieHandler(webAppSecurityConfig);
    }

    WebAppSecurityConfig getWebAppSecurityConfig() {
        return WebAppSecurityCollaboratorImpl.getGlobalWebAppSecurityConfig();
    }

    public void doClientSideRedirect(HttpServletResponse httpServletResponse, String str, String str2) throws SocialLoginException {
        httpServletResponse.setStatus(200);
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            writer.println("<html xmlns=\"http://www.w3.org/1999/xhtml\">");
            writer.println("<head>");
            writer.println(createJavaScriptForRedirect(str, str2));
            writer.println("<title>Redirect To OP</title> ");
            writer.println("</head>");
            writer.println("<body></body>");
            writer.println("</html>");
            httpServletResponse.setHeader("Cache-Control", "no-cache, no-store, must-revalidate, private, max-age=0");
            httpServletResponse.setHeader("Pragma", "no-cache");
            httpServletResponse.setDateHeader("Expires", 0L);
            httpServletResponse.setContentType("text/html; charset=UTF-8");
            writer.close();
        } catch (IOException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.social.web.utils.SocialWebUtils", "58", this, new Object[]{httpServletResponse, str, str2});
            throw new SocialLoginException(e);
        }
    }

    protected String createJavaScriptForRedirect(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        sb.append("<script type=\"text/javascript\" language=\"javascript\">").append("var loc=window.location.href;").append("document.cookie=\"").append(str).append("=\"").append("+encodeURI(loc)+").append("\"; path=/;");
        WebAppSecurityConfig webAppSecurityConfig = getWebAppSecurityConfig();
        if (webAppSecurityConfig != null && webAppSecurityConfig.getSSORequiresSSL()) {
            sb.append(" secure;");
        }
        sb.append("\"</script>");
        sb.append("<script type=\"text/javascript\" language=\"javascript\">").append("window.location.replace(\"" + str2 + "\")").append("</script>");
        String sb2 = sb.toString();
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "createJavaScriptForRedirect returns [" + sb2 + "]", new Object[0]);
        }
        return sb2;
    }

    @Sensitive
    public String getAndClearCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        String cookieValue = CookieHelper.getCookieValue(cookies, str);
        CookieHelper.clearCookie(httpServletRequest, httpServletResponse, str, cookies);
        return cookieValue;
    }

    public String getRequestUrlWithEncodedQueryString(HttpServletRequest httpServletRequest) {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?");
            requestURL.append(getUrlEncodedQueryString(httpServletRequest));
        }
        return requestURL.toString();
    }

    public String getUrlEncodedQueryString(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        if (!parameterMap.isEmpty()) {
            sb.append(getUrlEncodedQueryStringFromParameterMap(parameterMap));
        }
        return sb.toString();
    }

    public String getUrlEncodedQueryStringFromParameterMap(Map<String, String[]> map) {
        StringBuilder sb = new StringBuilder();
        Iterator<Map.Entry<String, String[]>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, String[]> next = it.next();
            sb.append(getUrlEncodedParameterAndValues(next.getKey(), next.getValue()));
            if (it.hasNext() && sb.charAt(sb.length() - 1) != '&') {
                sb.append("&");
            }
        }
        return sb.toString();
    }

    public String getUrlEncodedParameterAndValues(String str, String[] strArr) {
        StringBuilder sb = new StringBuilder();
        sb.append(WebUtils.urlEncode(str));
        if (strArr != null && strArr.length > 0) {
            for (int i = 0; i < strArr.length; i++) {
                sb.append("=" + WebUtils.urlEncode(strArr[i]));
                if (i < strArr.length - 1) {
                    sb.append("&" + WebUtils.urlEncode(str));
                }
            }
        }
        return sb.toString();
    }

    public String getLoginHint(HttpServletRequest httpServletRequest) {
        String loginHintFromHeader = getLoginHintFromHeader(httpServletRequest);
        if (loginHintFromHeader != null && !loginHintFromHeader.isEmpty()) {
            return loginHintFromHeader;
        }
        String loginHintFromCookie = getLoginHintFromCookie(httpServletRequest);
        if (loginHintFromCookie != null && !loginHintFromCookie.isEmpty()) {
            return loginHintFromCookie;
        }
        String loginHintFromParameter = getLoginHintFromParameter(httpServletRequest);
        return (loginHintFromParameter == null || loginHintFromParameter.isEmpty()) ? loginHintFromParameter : loginHintFromParameter;
    }

    String getLoginHintFromHeader(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(ClientConstants.LOGIN_HINT);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "specifiedService(header) id:" + header, new Object[0]);
        }
        return header;
    }

    String getLoginHintFromCookie(HttpServletRequest httpServletRequest) {
        String str = null;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (ClientConstants.LOGIN_HINT.equals(cookie.getName())) {
                    str = cookie.getValue();
                }
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "specifiedService(cookie) id:" + str, new Object[0]);
        }
        return str;
    }

    String getLoginHintFromParameter(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(ClientConstants.LOGIN_HINT);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "specifiedService(param) id:" + parameter, new Object[0]);
        }
        return parameter;
    }

    public void saveRequestUrlAndParameters(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletResponse.addCookie(getCookieHandler().createCookie("WASReqURL", getRequestUrlWithEncodedQueryString(httpServletRequest), httpServletRequest));
        savePostParameters(httpServletRequest, httpServletResponse);
    }

    void savePostParameters(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        new PostParameterHelper(getWebAppSecurityConfig()).save(httpServletRequest, httpServletResponse);
    }

    public void removeRequestUrlAndParameters(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        getCookieHandler().invalidateReferrerURLCookie(httpServletRequest, httpServletResponse, "WASReqURL");
        WebAppSecurityConfig webAppSecurityConfig = getWebAppSecurityConfig();
        if (isPostDataSavedInCookie(webAppSecurityConfig)) {
            deleteCookie(httpServletRequest, httpServletResponse, "WASPostParam", webAppSecurityConfig);
        } else {
            removePostParameterSessionAttributes(httpServletRequest);
        }
    }

    boolean isPostDataSavedInCookie(WebAppSecurityConfig webAppSecurityConfig) {
        return "Cookie".equals(webAppSecurityConfig.getPostParamSaveMethod());
    }

    public void deleteCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, WebAppSecurityConfig webAppSecurityConfig) {
        getCookieHandler().clearReferrerURLCookie(httpServletRequest, httpServletResponse, str);
        httpServletResponse.addCookie(createExpiredCookie(httpServletRequest, str, webAppSecurityConfig));
    }

    Cookie createExpiredCookie(HttpServletRequest httpServletRequest, String str, WebAppSecurityConfig webAppSecurityConfig) {
        Cookie cookie = new Cookie(str, "");
        cookie.setPath(httpServletRequest.getRequestURI());
        cookie.setMaxAge(0);
        return setCookieFlagsBasedOnWebAppConfig(cookie, webAppSecurityConfig);
    }

    Cookie setCookieFlagsBasedOnWebAppConfig(Cookie cookie, WebAppSecurityConfig webAppSecurityConfig) {
        if (webAppSecurityConfig.getHttpOnlyCookies()) {
            cookie.setHttpOnly(true);
        }
        if (webAppSecurityConfig.getSSORequiresSSL()) {
            cookie.setSecure(true);
        }
        return cookie;
    }

    void removePostParameterSessionAttributes(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.removeAttribute("INITIAL_URL");
            session.removeAttribute("PARAM_VALUES");
            session.removeAttribute("PARAM_NAMES");
        }
    }
}
