package com.ibm.ws.webcontainer.security;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.webcontainer.security.internal.CertificateLoginAuthenticator;
import com.ibm.ws.webcontainer.security.metadata.FormLoginConfiguration;
import com.ibm.ws.webcontainer.security.metadata.LoginConfiguration;
import com.ibm.ws.webcontainer.security.metadata.MatchResponse;
import com.ibm.ws.webcontainer.security.metadata.SecurityMetadata;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@InjectedFFDC
@TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.webcontainer.security_1.0.11.jar:com/ibm/ws/webcontainer/security/WebRequestImpl.class */
public class WebRequestImpl implements WebRequest {
    private final HttpServletRequest request;
    private final HttpServletResponse response;
    private final String appName;
    private final WebSecurityContext webSecurityContext;
    private final MatchResponse matchResponse;
    private final SecurityMetadata securityMetadata;
    private final WebAppSecurityConfig config;
    private boolean formLoginRedirect;
    private boolean callAfterSSO;
    private boolean unprotectedURI;
    private boolean specialUnprotectedURI;
    private Map<String, Object> propMap;
    static final long serialVersionUID = 4913278820787590755L;
    private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(WebRequestImpl.class);

    public WebRequestImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SecurityMetadata securityMetadata, WebAppSecurityConfig webAppSecurityConfig) {
        this(httpServletRequest, httpServletResponse, null, null, securityMetadata, null, webAppSecurityConfig);
    }

    public WebRequestImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, WebSecurityContext webSecurityContext, SecurityMetadata securityMetadata, MatchResponse matchResponse, WebAppSecurityConfig webAppSecurityConfig) {
        this.formLoginRedirect = true;
        this.callAfterSSO = true;
        this.unprotectedURI = false;
        this.specialUnprotectedURI = false;
        this.propMap = null;
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        this.appName = str;
        this.webSecurityContext = webSecurityContext;
        this.matchResponse = matchResponse;
        this.securityMetadata = securityMetadata;
        this.config = webAppSecurityConfig;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public HttpServletRequest getHttpServletRequest() {
        return this.request;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public HttpServletResponse getHttpServletResponse() {
        return this.response;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public String getApplicationName() {
        return this.appName;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public WebSecurityContext getWebSecurityContext() {
        return this.webSecurityContext;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean isFormLoginRedirectEnabled() {
        return this.formLoginRedirect;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public List<String> getRequiredRoles() {
        return this.matchResponse.getRoles();
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean isSSLRequired() {
        return this.matchResponse.isSSLRequired();
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean isAccessPrecluded() {
        return this.matchResponse.isAccessPrecluded();
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public SecurityMetadata getSecurityMetadata() {
        return this.securityMetadata;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public LoginConfiguration getLoginConfig() {
        return this.securityMetadata != null ? this.securityMetadata.getLoginConfiguration() : null;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public FormLoginConfiguration getFormLoginConfiguration() {
        return this.securityMetadata.getLoginConfiguration().getFormLoginConfiguration();
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public MatchResponse getMatchResponse() {
        return this.matchResponse;
    }

    private boolean determineIfRequestHasAuthenticationData() {
        boolean z = this.request.getHeader("Authorization") != null;
        X509Certificate[] x509CertificateArr = (X509Certificate[]) this.request.getAttribute(CertificateLoginAuthenticator.PEER_CERTIFICATES);
        boolean z2 = (x509CertificateArr == null || x509CertificateArr.length == 0) ? false : true;
        boolean z3 = false;
        Cookie[] cookies = this.request.getCookies();
        if (cookies == null) {
            z3 = false;
        } else {
            String sSOCookieName = this.config.getSSOCookieName();
            String[] cookieValues = CookieHelper.getCookieValues(cookies, sSOCookieName);
            if (cookieValues == null && !"LtpaToken2".equalsIgnoreCase(sSOCookieName)) {
                cookieValues = CookieHelper.getCookieValues(cookies, "LtpaToken2");
            }
            if (cookieValues != null) {
                z3 = true;
            }
        }
        return z || z2 || z3;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean hasAuthenticationData() {
        return determineIfRequestHasAuthenticationData();
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean isUnprotectedURI() {
        return this.unprotectedURI;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public void setUnprotectedURI(boolean z) {
        this.unprotectedURI = z;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public void disableFormLoginRedirect() {
        this.formLoginRedirect = false;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean isProviderSpecialUnprotectedURI() {
        return this.specialUnprotectedURI;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public void setProviderSpecialUnprotectedURI(boolean z) {
        this.specialUnprotectedURI = z;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public void setCallAfterSSO(boolean z) {
        this.callAfterSSO = z;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public boolean isCallAfterSSO() {
        return this.callAfterSSO;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public Map<String, Object> getProperties() {
        return this.propMap;
    }

    @Override // com.ibm.ws.webcontainer.security.WebRequest
    public void setProperties(Map<String, Object> map) {
        this.propMap = map;
    }
}
