package org.apache.jetspeed.sso.impl;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.security.auth.Subject;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.components.dao.InitablePersistenceBrokerDaoSupport;
import org.apache.jetspeed.security.BasePrincipal;
import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
import org.apache.jetspeed.security.impl.UserPrincipalImpl;
import org.apache.jetspeed.security.om.InternalCredential;
import org.apache.jetspeed.security.om.InternalGroupPrincipal;
import org.apache.jetspeed.security.om.InternalUserPrincipal;
import org.apache.jetspeed.security.om.impl.InternalCredentialImpl;
import org.apache.jetspeed.security.om.impl.InternalUserPrincipalImpl;
import org.apache.jetspeed.sso.SSOContext;
import org.apache.jetspeed.sso.SSOException;
import org.apache.jetspeed.sso.SSOPrincipal;
import org.apache.jetspeed.sso.SSOProvider;
import org.apache.jetspeed.sso.SSOSite;
import org.apache.ojb.broker.query.Criteria;
import org.apache.ojb.broker.query.QueryFactory;
import org.springframework.beans.PropertyAccessor;

/* loaded from: input_file:installpack.zip:webapps/jetspeed.war:WEB-INF/lib/jetspeed-sso-2.0.jar:org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.class */
public class PersistenceBrokerSSOProvider extends InitablePersistenceBrokerDaoSupport implements SSOProvider {
    private static final Log log;
    private Hashtable mapSite;
    private Hashtable clientProxy;
    private String USER_PATH;
    private String GROUP_PATH;
    static char[] scrambler;
    static Class class$org$apache$jetspeed$sso$impl$PersistenceBrokerSSOProvider;
    static Class class$org$apache$jetspeed$security$UserPrincipal;
    static Class class$org$apache$jetspeed$sso$impl$SSOCookieImpl;
    static Class class$org$apache$jetspeed$sso$impl$SSOSiteImpl;
    static Class class$org$apache$jetspeed$security$spi$impl$DefaultPasswordCredentialImpl;
    static Class class$org$apache$jetspeed$sso$impl$SSOPrincipalImpl;
    static Class class$org$apache$jetspeed$security$om$impl$InternalGroupPrincipalImpl;

    public PersistenceBrokerSSOProvider(String str) throws ClassNotFoundException {
        super(str);
        this.mapSite = new Hashtable();
        this.clientProxy = new Hashtable();
        this.USER_PATH = BasePrincipal.PREFS_USER_ROOT;
        this.GROUP_PATH = BasePrincipal.PREFS_GROUP_ROOT;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public String useSSO(Subject subject, String str, String str2, boolean z) throws SSOException {
        Class cls;
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String stringBuffer = new StringBuffer().append(((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath()).append("_").append(str2).toString();
        SSOSite sSOSiteObject = getSSOSiteObject(str2);
        if (sSOSiteObject != null) {
            return getContentFromURL(stringBuffer, str, new SSOSite[]{sSOSiteObject}, z);
        }
        log.error(new StringBuffer().append("SSO component -- useSSO can't retrive SSO credential because SSOSite [").append(str2).append("] doesn't exist").toString());
        return getContentFromURL(stringBuffer, str, new SSOSite[0], z);
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public String useSSO(Subject subject, String str, boolean z) throws SSOException {
        Class cls;
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath();
        Collection<SSOSite> sitesForPrincipal = getSitesForPrincipal(fullPath);
        if (sitesForPrincipal == null) {
            String stringBuffer = new StringBuffer().append("SSO Component useSSO -- Couldn't find any SSO sites for user [").append(fullPath).append(PropertyAccessor.PROPERTY_KEY_SUFFIX).toString();
            log.error(stringBuffer);
            throw new SSOException(stringBuffer);
        }
        int i = 0;
        SSOSite[] sSOSiteArr = new SSOSite[sitesForPrincipal.size()];
        for (SSOSite sSOSite : sitesForPrincipal) {
            if (sSOSite != null) {
                sSOSiteArr[i] = sSOSite;
                i++;
            }
        }
        return getContentFromURL(fullPath, str, sSOSiteArr, z);
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public Collection getCookiesForUser(String str) {
        Class cls;
        SSOPrincipal sSOPrincipal = getSSOPrincipal(str);
        new Criteria();
        Vector vector = new Vector();
        for (InternalUserPrincipal internalUserPrincipal : sSOPrincipal.getRemotePrincipals()) {
            if (internalUserPrincipal != null) {
                vector.add(internalUserPrincipal.getFullPath());
            }
        }
        if (vector.size() <= 0) {
            return null;
        }
        Criteria criteria = new Criteria();
        criteria.addIn("remotePrincipals.fullPath", vector);
        if (class$org$apache$jetspeed$sso$impl$SSOCookieImpl == null) {
            cls = class$("org.apache.jetspeed.sso.impl.SSOCookieImpl");
            class$org$apache$jetspeed$sso$impl$SSOCookieImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$SSOCookieImpl;
        }
        return getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria));
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public Collection getCookiesForUser(Subject subject) {
        Class cls;
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        return getCookiesForUser(((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath());
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void setRealmForSite(String str, String str2) throws SSOException {
        SSOSite sSOSiteObject = getSSOSiteObject(str);
        if (sSOSiteObject != null) {
            try {
                sSOSiteObject.setRealm(str2);
                getPersistenceBrokerTemplate().store(sSOSiteObject);
            } catch (Exception e) {
                throw new SSOException(new StringBuffer().append("Failed to set the realm for site [").append(str).append("] Error").append(e).toString());
            }
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public String getRealmForSite(String str) throws SSOException {
        SSOSite sSOSiteObject = getSSOSiteObject(str);
        if (sSOSiteObject != null) {
            return sSOSiteObject.getRealm();
        }
        return null;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public Collection getSitesForPrincipal(String str) {
        Class cls;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("principals.fullPath", str);
        if (class$org$apache$jetspeed$sso$impl$SSOSiteImpl == null) {
            cls = class$("org.apache.jetspeed.sso.impl.SSOSiteImpl");
            class$org$apache$jetspeed$sso$impl$SSOSiteImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$SSOSiteImpl;
        }
        return getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria));
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public Iterator getSites(String str) {
        Class cls;
        Criteria criteria = new Criteria();
        if (class$org$apache$jetspeed$sso$impl$SSOSiteImpl == null) {
            cls = class$("org.apache.jetspeed.sso.impl.SSOSiteImpl");
            class$org$apache$jetspeed$sso$impl$SSOSiteImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$SSOSiteImpl;
        }
        return getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria)).iterator();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v14, types: [org.apache.jetspeed.security.impl.GroupPrincipalImpl] */
    @Override // org.apache.jetspeed.sso.SSOProvider
    public void addCredentialsForSite(String str, String str2, String str3, String str4) throws SSOException {
        UserPrincipalImpl groupPrincipalImpl = str.indexOf(BasePrincipal.PREFS_GROUP_ROOT) > -1 ? new GroupPrincipalImpl(str.substring(this.GROUP_PATH.length())) : new UserPrincipalImpl(str.substring(this.USER_PATH.length()));
        HashSet hashSet = new HashSet();
        hashSet.add(groupPrincipalImpl);
        addCredentialsForSite(new Subject(true, hashSet, new HashSet(), new HashSet()), str2, str3, str4);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v14, types: [org.apache.jetspeed.security.impl.GroupPrincipalImpl] */
    @Override // org.apache.jetspeed.sso.SSOProvider
    public void removeCredentialsForSite(String str, String str2) throws SSOException {
        UserPrincipalImpl groupPrincipalImpl = str.indexOf(BasePrincipal.PREFS_GROUP_ROOT) > -1 ? new GroupPrincipalImpl(str.substring(this.GROUP_PATH.length())) : new UserPrincipalImpl(str.substring(this.USER_PATH.length()));
        HashSet hashSet = new HashSet();
        hashSet.add(groupPrincipalImpl);
        removeCredentialsForSite(new Subject(true, hashSet, new HashSet(), new HashSet()), str2);
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public String getSiteURL(String str) {
        return str;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public String getSiteName(String str) {
        SSOSite sSOSiteObject = getSSOSiteObject(str);
        if (sSOSiteObject != null) {
            return sSOSiteObject.getName();
        }
        return null;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public boolean hasSSOCredentials(Subject subject, String str) {
        Class cls;
        Collection remotePrincipalsForPrincipal;
        SSOSite sSOSiteObject = getSSOSiteObject(str);
        if (sSOSiteObject == null) {
            return false;
        }
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath();
        Collection remotePrincipals = sSOSiteObject.getRemotePrincipals();
        Collection principals = sSOSiteObject.getPrincipals();
        return (principals == null || remotePrincipals == null || (remotePrincipalsForPrincipal = getRemotePrincipalsForPrincipal(principals, fullPath)) == null || findRemoteMatch(remotePrincipalsForPrincipal, remotePrincipals) == null) ? false : true;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public SSOContext getCredentials(Subject subject, String str) throws SSOException {
        Class cls;
        SSOSite sSOSiteObject = getSSOSiteObject(str);
        if (sSOSiteObject == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        SSOContext credential = getCredential(sSOSiteObject, ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath());
        if (credential == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        return credential;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void addCredentialsForSite(Subject subject, String str, String str2, String str3) throws SSOException {
        Class cls;
        Class cls2;
        Collection remotePrincipalsForPrincipal;
        Class cls3;
        SSOSite sSOSiteObject = getSSOSiteObject(str2);
        if (sSOSiteObject == null) {
            sSOSiteObject = new SSOSiteImpl();
            sSOSiteObject.setSiteURL(str2);
            sSOSiteObject.setName(str2);
            sSOSiteObject.setCertificateRequired(false);
            sSOSiteObject.setAllowUserSet(true);
            sSOSiteObject.setChallengeResponseAuthentication(true);
            sSOSiteObject.setFormAuthentication(false);
            try {
                getPersistenceBrokerTemplate().store(sSOSiteObject);
            } catch (Exception e) {
                e.printStackTrace();
                throw new SSOException(new StringBuffer().append(SSOException.FAILED_STORING_SITE_INFO_IN_DB).append(e.toString()).toString());
            }
        }
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath();
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls2 = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls2;
        } else {
            cls2 = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String name = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls2)).getName();
        SSOPrincipal principalForSite = getPrincipalForSite(sSOSiteObject, fullPath);
        if (principalForSite == null) {
            principalForSite = getSSOPrincipal(fullPath);
            sSOSiteObject.addPrincipal(principalForSite);
        } else {
            Collection remotePrincipals = sSOSiteObject.getRemotePrincipals();
            Collection principals = sSOSiteObject.getPrincipals();
            if (remotePrincipals != null && principals != null && (remotePrincipalsForPrincipal = getRemotePrincipalsForPrincipal(principals, fullPath)) != null && findRemoteMatch(remotePrincipalsForPrincipal, remotePrincipals) != null) {
                throw new SSOException(SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
            }
        }
        if (principalForSite == null) {
            throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
        }
        InternalUserPrincipalImpl internalUserPrincipalImpl = new InternalUserPrincipalImpl(str);
        if (fullPath.indexOf(BasePrincipal.PREFS_GROUP_ROOT) > -1) {
            internalUserPrincipalImpl.setFullPath(new StringBuffer().append("/sso/").append(sSOSiteObject.getSiteId()).append(BasePrincipal.PREFS_GROUP_ROOT).append(name).append("/").append(str).toString());
        } else {
            internalUserPrincipalImpl.setFullPath(new StringBuffer().append("/sso/").append(sSOSiteObject.getSiteId()).append(BasePrincipal.PREFS_USER_ROOT).append(name).append("/").append(str).toString());
        }
        long principalId = internalUserPrincipalImpl.getPrincipalId();
        String scramble = scramble(str3);
        if (class$org$apache$jetspeed$security$spi$impl$DefaultPasswordCredentialImpl == null) {
            cls3 = class$("org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialImpl");
            class$org$apache$jetspeed$security$spi$impl$DefaultPasswordCredentialImpl = cls3;
        } else {
            cls3 = class$org$apache$jetspeed$security$spi$impl$DefaultPasswordCredentialImpl;
        }
        InternalCredentialImpl internalCredentialImpl = new InternalCredentialImpl(principalId, scramble, 0, cls3.getName());
        if (internalUserPrincipalImpl.getCredentials() == null) {
            internalUserPrincipalImpl.setCredentials(new ArrayList(0));
        }
        internalUserPrincipalImpl.getCredentials().add(internalCredentialImpl);
        principalForSite.addRemotePrincipal(internalUserPrincipalImpl);
        sSOSiteObject.getRemotePrincipals().add(internalUserPrincipalImpl);
        try {
            getPersistenceBrokerTemplate().store(sSOSiteObject);
            getPersistenceBrokerTemplate().store(principalForSite);
            this.mapSite.put(str2, sSOSiteObject);
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new SSOException(new StringBuffer().append(SSOException.FAILED_STORING_SITE_INFO_IN_DB).append(e2.toString()).toString());
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void removeCredentialsForSite(Subject subject, String str) throws SSOException {
        Class cls;
        SSOSite sSOSiteObject = getSSOSiteObject(str);
        if (sSOSiteObject == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath();
        try {
            Collection principals = sSOSiteObject.getPrincipals();
            Collection remotePrincipals = sSOSiteObject.getRemotePrincipals();
            if (principals == null || remotePrincipals == null) {
                throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
            }
            Collection remotePrincipalsForPrincipal = getRemotePrincipalsForPrincipal(principals, fullPath);
            if (remotePrincipalsForPrincipal == null) {
                throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
            }
            InternalUserPrincipal findRemoteMatch = findRemoteMatch(remotePrincipalsForPrincipal, remotePrincipals);
            if (findRemoteMatch == null) {
                throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
            }
            sSOSiteObject.getRemotePrincipals().remove(findRemoteMatch);
            if (remotePrincipalsForPrincipal.remove(findRemoteMatch)) {
                getPersistenceBrokerTemplate().store(sSOSiteObject);
            }
            getPersistenceBrokerTemplate().delete(findRemoteMatch);
            try {
                getPersistenceBrokerTemplate().store(sSOSiteObject);
            } catch (Exception e) {
                e.printStackTrace();
                throw new SSOException(new StringBuffer().append(SSOException.FAILED_STORING_SITE_INFO_IN_DB).append(e.toString()).toString());
            }
        } catch (SSOException e2) {
            throw new SSOException(e2);
        } catch (Exception e3) {
            e3.printStackTrace();
            throw new SSOException(new StringBuffer().append(SSOException.FAILED_STORING_SITE_INFO_IN_DB).append(e3.toString()).toString());
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void updateCredentialsForSite(Subject subject, String str, String str2, String str3) throws SSOException {
        Class cls;
        Class cls2;
        SSOSite sSOSiteObject = getSSOSiteObject(str2);
        if (sSOSiteObject == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls;
        } else {
            cls = class$org$apache$jetspeed$security$UserPrincipal;
        }
        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls)).getFullPath();
        if (class$org$apache$jetspeed$security$UserPrincipal == null) {
            cls2 = class$("org.apache.jetspeed.security.UserPrincipal");
            class$org$apache$jetspeed$security$UserPrincipal = cls2;
        } else {
            cls2 = class$org$apache$jetspeed$security$UserPrincipal;
        }
        ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, cls2)).getName();
        Collection principals = sSOSiteObject.getPrincipals();
        Collection remotePrincipals = sSOSiteObject.getRemotePrincipals();
        if (principals == null || remotePrincipals == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        Collection remotePrincipalsForPrincipal = getRemotePrincipalsForPrincipal(principals, fullPath);
        if (remotePrincipalsForPrincipal == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        InternalUserPrincipal findRemoteMatch = findRemoteMatch(remotePrincipalsForPrincipal, remotePrincipals);
        if (findRemoteMatch == null) {
            throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE);
        }
        InternalCredential internalCredential = (InternalCredential) findRemoteMatch.getCredentials().iterator().next();
        if (internalCredential != null) {
            internalCredential.setValue(scramble(str3));
        }
        try {
            getPersistenceBrokerTemplate().store(internalCredential);
        } catch (Exception e) {
            e.printStackTrace();
            throw new SSOException(new StringBuffer().append(SSOException.FAILED_STORING_SITE_INFO_IN_DB).append(e.toString()).toString());
        }
    }

    private SSOSite getSSOSiteObject(String str) {
        Class cls;
        SSOSite sSOSite = null;
        if (this.mapSite.containsKey(str)) {
            sSOSite = (SSOSite) this.mapSite.get(str);
        } else {
            Criteria criteria = new Criteria();
            criteria.addEqualTo("siteURL", str);
            if (class$org$apache$jetspeed$sso$impl$SSOSiteImpl == null) {
                cls = class$("org.apache.jetspeed.sso.impl.SSOSiteImpl");
                class$org$apache$jetspeed$sso$impl$SSOSiteImpl = cls;
            } else {
                cls = class$org$apache$jetspeed$sso$impl$SSOSiteImpl;
            }
            Collection collectionByQuery = getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria));
            if (collectionByQuery == null || collectionByQuery.isEmpty()) {
                return null;
            }
            Iterator it = collectionByQuery.iterator();
            if (it.hasNext()) {
                sSOSite = (SSOSite) it.next();
            }
            this.mapSite.put(str, sSOSite);
        }
        return sSOSite;
    }

    private SSOContext getCredential(SSOSite sSOSite, String str) {
        Collection remotePrincipalsForPrincipal;
        InternalUserPrincipal findRemoteMatch;
        InternalCredential internalCredential = null;
        Collection principals = sSOSite.getPrincipals();
        Collection remotePrincipals = sSOSite.getRemotePrincipals();
        if (principals == null || remotePrincipals == null || (remotePrincipalsForPrincipal = getRemotePrincipalsForPrincipal(principals, str)) == null || (findRemoteMatch = findRemoteMatch(remotePrincipalsForPrincipal, remotePrincipals)) == null) {
            return null;
        }
        if (findRemoteMatch.getCredentials() != null) {
            internalCredential = (InternalCredential) findRemoteMatch.getCredentials().iterator().next();
        }
        if (internalCredential != null) {
            return new SSOContextImpl(internalCredential.getPrincipalId(), stripPrincipalName(findRemoteMatch.getFullPath()), unscramble(internalCredential.getValue()));
        }
        System.out.println(new StringBuffer().append("Warning: Remote User ").append(findRemoteMatch.getFullPath()).append(" doesn't have a credential").toString());
        return null;
    }

    private String stripPrincipalName(String str) {
        int lastIndexOf = str.lastIndexOf(47);
        return lastIndexOf != -1 ? str.substring(lastIndexOf + 1) : new String(str);
    }

    private Collection getRemotePrincipalsForPrincipal(SSOSite sSOSite, String str) {
        Collection<SSOPrincipal> principals = sSOSite.getPrincipals();
        if (principals == null) {
            return null;
        }
        for (SSOPrincipal sSOPrincipal : principals) {
            if (sSOPrincipal != null && sSOPrincipal.getFullPath().compareToIgnoreCase(str) == 0) {
                return sSOPrincipal.getRemotePrincipals();
            }
        }
        return null;
    }

    private SSOPrincipal getPrincipalForSite(SSOSite sSOSite, String str) {
        SSOPrincipal sSOPrincipal = null;
        Collection principals = sSOSite.getPrincipals();
        if (principals != null) {
            Iterator it = principals.iterator();
            while (it.hasNext() && sSOPrincipal == null) {
                SSOPrincipal sSOPrincipal2 = (SSOPrincipal) it.next();
                if (sSOPrincipal2 != null && sSOPrincipal2.getFullPath().compareToIgnoreCase(str) == 0) {
                    sSOPrincipal = sSOPrincipal2;
                }
            }
        }
        return sSOPrincipal;
    }

    private SSOPrincipal getSSOPrincipal(String str) {
        Class cls;
        SSOPrincipal sSOPrincipal = null;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("fullPath", str);
        if (class$org$apache$jetspeed$sso$impl$SSOPrincipalImpl == null) {
            cls = class$("org.apache.jetspeed.sso.impl.SSOPrincipalImpl");
            class$org$apache$jetspeed$sso$impl$SSOPrincipalImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$SSOPrincipalImpl;
        }
        Collection collectionByQuery = getPersistenceBrokerTemplate().getCollectionByQuery(QueryFactory.newQuery(cls, criteria));
        if (collectionByQuery != null && !collectionByQuery.isEmpty()) {
            Iterator it = collectionByQuery.iterator();
            if (it.hasNext()) {
                sSOPrincipal = (SSOPrincipal) it.next();
            }
        }
        return sSOPrincipal;
    }

    private InternalUserPrincipal removeRemotePrincipalForPrincipal(SSOSite sSOSite, String str) throws SSOException {
        Collection remotePrincipals;
        if (sSOSite.getPrincipals() != null) {
            for (SSOPrincipal sSOPrincipal : sSOSite.getPrincipals()) {
                if (sSOPrincipal.getFullPath().compareToIgnoreCase(str) == 0 && (remotePrincipals = sSOPrincipal.getRemotePrincipals()) != null) {
                    Iterator it = remotePrincipals.iterator();
                    if (it.hasNext()) {
                        InternalUserPrincipal internalUserPrincipal = (InternalUserPrincipal) it.next();
                        remotePrincipals.remove(internalUserPrincipal);
                        return internalUserPrincipal;
                    }
                }
            }
        }
        throw new SSOException(SSOException.REQUESTED_PRINCIPAL_DOES_NOT_EXIST);
    }

    private InternalUserPrincipal findRemoteMatch(Collection collection, Collection collection2) {
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            InternalUserPrincipal internalUserPrincipal = (InternalUserPrincipal) it.next();
            Iterator it2 = collection2.iterator();
            while (it2.hasNext()) {
                if (((InternalUserPrincipal) it2.next()).getPrincipalId() == internalUserPrincipal.getPrincipalId()) {
                    return internalUserPrincipal;
                }
            }
        }
        return null;
    }

    private Collection getRemotePrincipalsForPrincipal(Collection collection, String str) {
        if (collection == null) {
            return null;
        }
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            SSOPrincipal sSOPrincipal = (SSOPrincipal) it.next();
            String fullPath = sSOPrincipal.getFullPath();
            if (fullPath.indexOf(BasePrincipal.PREFS_GROUP_ROOT) == -1) {
                if (fullPath.compareToIgnoreCase(str) == 0) {
                    return sSOPrincipal.getRemotePrincipals();
                }
            } else {
                if (fullPath.compareToIgnoreCase(str) == 0) {
                    return sSOPrincipal.getRemotePrincipals();
                }
                InternalGroupPrincipal groupPrincipals = getGroupPrincipals(fullPath);
                if (groupPrincipals != null) {
                    Iterator it2 = groupPrincipals.getUserPrincipals().iterator();
                    while (it2.hasNext()) {
                        if (((InternalUserPrincipal) it2.next()).getFullPath().compareToIgnoreCase(str) == 0) {
                            return sSOPrincipal.getRemotePrincipals();
                        }
                    }
                } else {
                    continue;
                }
            }
        }
        return null;
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public SSOSite getSite(String str) {
        Class cls;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("url", str);
        if (class$org$apache$jetspeed$sso$impl$SSOSiteImpl == null) {
            cls = class$("org.apache.jetspeed.sso.impl.SSOSiteImpl");
            class$org$apache$jetspeed$sso$impl$SSOSiteImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$SSOSiteImpl;
        }
        return (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(QueryFactory.newQuery(cls, criteria));
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void updateSite(SSOSite sSOSite) throws SSOException {
        try {
            getPersistenceBrokerTemplate().store(sSOSite);
            this.mapSite.put(sSOSite.getName(), sSOSite);
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Unable to remove SSO Site: ").append(sSOSite.getName()).toString();
            this.logger.error(stringBuffer, e);
            throw new SSOException(stringBuffer, e);
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void addSiteFormAuthenticated(String str, String str2, String str3, String str4, String str5) throws SSOException {
        try {
            SSOSiteImpl sSOSiteImpl = new SSOSiteImpl();
            sSOSiteImpl.setSiteURL(str2);
            sSOSiteImpl.setName(str);
            sSOSiteImpl.setCertificateRequired(false);
            sSOSiteImpl.setAllowUserSet(true);
            sSOSiteImpl.setRealm(str3);
            sSOSiteImpl.setFormAuthentication(true);
            sSOSiteImpl.setFormUserField(str4);
            sSOSiteImpl.setFormPwdField(str5);
            getPersistenceBrokerTemplate().store(sSOSiteImpl);
            this.mapSite.put(str, sSOSiteImpl);
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Unable to add SSO Site: ").append(str).toString();
            this.logger.error(stringBuffer, e);
            throw new SSOException(stringBuffer, e);
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void addSiteChallengeResponse(String str, String str2, String str3) throws SSOException {
        try {
            SSOSiteImpl sSOSiteImpl = new SSOSiteImpl();
            sSOSiteImpl.setSiteURL(str2);
            sSOSiteImpl.setName(str);
            sSOSiteImpl.setCertificateRequired(false);
            sSOSiteImpl.setAllowUserSet(true);
            sSOSiteImpl.setRealm(str3);
            sSOSiteImpl.setChallengeResponseAuthentication(true);
            getPersistenceBrokerTemplate().store(sSOSiteImpl);
            this.mapSite.put(str, sSOSiteImpl);
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Unable to add SSO Site: ").append(str).toString();
            this.logger.error(stringBuffer, e);
            throw new SSOException(stringBuffer, e);
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void addSite(String str, String str2) throws SSOException {
        try {
            SSOSiteImpl sSOSiteImpl = new SSOSiteImpl();
            sSOSiteImpl.setSiteURL(str2);
            sSOSiteImpl.setName(str);
            sSOSiteImpl.setCertificateRequired(false);
            sSOSiteImpl.setAllowUserSet(true);
            getPersistenceBrokerTemplate().store(sSOSiteImpl);
            this.mapSite.put(str, sSOSiteImpl);
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Unable to remove SSO Site: ").append(str).toString();
            this.logger.error(stringBuffer, e);
            throw new SSOException(stringBuffer, e);
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public void removeSite(SSOSite sSOSite) throws SSOException {
        try {
            getPersistenceBrokerTemplate().delete(sSOSite);
            this.mapSite.remove(sSOSite);
        } catch (Exception e) {
            String stringBuffer = new StringBuffer().append("Unable to remove SSO Site: ").append(sSOSite.getName()).toString();
            this.logger.error(stringBuffer, e);
            throw new SSOException(stringBuffer, e);
        }
    }

    @Override // org.apache.jetspeed.sso.SSOProvider
    public List getPrincipalsForSite(SSOSite sSOSite) {
        ArrayList arrayList = new ArrayList();
        for (InternalUserPrincipal internalUserPrincipal : sSOSite.getRemotePrincipals()) {
            internalUserPrincipal.getFullPath();
            Iterator it = internalUserPrincipal.getCredentials().iterator();
            while (it.hasNext()) {
                arrayList.add(new SSOContextImpl(internalUserPrincipal.getPrincipalId(), stripPrincipalName(internalUserPrincipal.getFullPath()), ((InternalCredential) it.next()).getValue(), stripPortalPrincipalName(internalUserPrincipal.getFullPath())));
            }
        }
        return arrayList;
    }

    private String stripPortalPrincipalName(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, "/");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.equals("user") || nextToken.equals("group")) {
                if (stringTokenizer.hasMoreTokens()) {
                    return stringTokenizer.nextToken();
                }
            }
        }
        return str;
    }

    private InternalGroupPrincipal getGroupPrincipals(String str) {
        Class cls;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("fullPath", str);
        if (class$org$apache$jetspeed$security$om$impl$InternalGroupPrincipalImpl == null) {
            cls = class$("org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl");
            class$org$apache$jetspeed$security$om$impl$InternalGroupPrincipalImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$security$om$impl$InternalGroupPrincipalImpl;
        }
        return (InternalGroupPrincipal) getPersistenceBrokerTemplate().getObjectByQuery(QueryFactory.newQuery(cls, criteria));
    }

    private SSOSite getSiteForRemoteUser(String str) {
        Class cls;
        Criteria criteria = new Criteria();
        criteria.addEqualTo("remotePrincipals.fullPath", str);
        if (class$org$apache$jetspeed$sso$impl$SSOSiteImpl == null) {
            cls = class$("org.apache.jetspeed.sso.impl.SSOSiteImpl");
            class$org$apache$jetspeed$sso$impl$SSOSiteImpl = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$SSOSiteImpl;
        }
        return (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(QueryFactory.newQuery(cls, criteria));
    }

    private String getContentFromURL(String str, String str2, SSOSite[] sSOSiteArr, boolean z) throws SSOException {
        new StringBuffer().append("SSO Component Error. Failed to get content for URL ").append(str2).toString();
        try {
            URL url = new URL(str2);
            HttpClient httpClient = (HttpClient) this.clientProxy.get(str);
            if (z || httpClient == null) {
                if (log.isInfoEnabled()) {
                    log.info(new StringBuffer().append("SSO Component -- Create new HTTP Client object for Principal/URL [").append(str).append(PropertyAccessor.PROPERTY_KEY_SUFFIX).toString());
                }
                httpClient = new HttpClient();
                httpClient.getState().setCookiePolicy(0);
                int length = sSOSiteArr.length;
                for (SSOSite sSOSite : sSOSiteArr) {
                    if (sSOSite != null) {
                        for (InternalUserPrincipal internalUserPrincipal : sSOSite.getRemotePrincipals()) {
                            if (internalUserPrincipal != null) {
                                InternalCredential internalCredential = internalUserPrincipal.getCredentials() != null ? (InternalCredential) internalUserPrincipal.getCredentials().iterator().next() : null;
                                if (internalCredential == null) {
                                    continue;
                                } else {
                                    if (log.isInfoEnabled()) {
                                        log.info(new StringBuffer().append("SSOComponent -- Remote Principal [").append(stripPrincipalName(internalUserPrincipal.getFullPath())).append("] has credential [").append(unscramble(internalCredential.getValue())).append(PropertyAccessor.PROPERTY_KEY_SUFFIX).toString());
                                    }
                                    httpClient.getState().setCredentials(sSOSite.getRealm(), url.getHost(), new UsernamePasswordCredentials(stripPrincipalName(internalUserPrincipal.getFullPath()), unscramble(internalCredential.getValue())));
                                    StringBuffer stringBuffer = new StringBuffer(sSOSite.getSiteURL());
                                    if (sSOSite.isFormAuthentication()) {
                                        stringBuffer.append("?").append(sSOSite.getFormUserField()).append("=").append(stripPrincipalName(internalUserPrincipal.getFullPath())).append("&").append(sSOSite.getFormPwdField()).append("=").append(unscramble(internalCredential.getValue()));
                                    }
                                    GetMethod getMethod = new GetMethod(stringBuffer.toString());
                                    getMethod.setDoAuthentication(true);
                                    try {
                                        int executeMethod = httpClient.executeMethod(getMethod);
                                        if (log.isInfoEnabled()) {
                                            log.info(new StringBuffer().append("Accessing site [").append(sSOSite.getSiteURL()).append("]. HTTP Status [").append(executeMethod).append(PropertyAccessor.PROPERTY_KEY_SUFFIX).toString());
                                        }
                                        if (str2.compareTo(sSOSite.getSiteURL()) == 0 && length == 1) {
                                            if (log.isInfoEnabled()) {
                                                log.info("SSO Component --SSO Site and destination URL match. Go and get the content.");
                                            }
                                            String responseBodyAsString = getMethod.getResponseBodyAsString();
                                            getMethod.releaseConnection();
                                            this.clientProxy.put(str, httpClient);
                                            return responseBodyAsString;
                                        }
                                    } catch (Exception e) {
                                        log.error(new StringBuffer().append("Exception while authentication. Error: ").append(e).toString());
                                    }
                                    getMethod.releaseConnection();
                                }
                            }
                        }
                    }
                }
                this.clientProxy.put(str, httpClient);
            } else if (log.isInfoEnabled()) {
                log.info(new StringBuffer().append("SSO Component -- Use cached HTTP Client object for Principal/URL [").append(str).append(PropertyAccessor.PROPERTY_KEY_SUFFIX).toString());
            }
            GetMethod getMethod2 = new GetMethod(str2);
            try {
                log.info(new StringBuffer().append("Accessing site [").append(str2).append("]. HTTP Status [").append(httpClient.executeMethod(getMethod2)).append(PropertyAccessor.PROPERTY_KEY_SUFFIX).toString());
            } catch (Exception e2) {
                log.error(new StringBuffer().append("Exception while authentication. Error: ").append(e2).toString());
            }
            String responseBodyAsString2 = getMethod2.getResponseBodyAsString();
            getMethod2.releaseConnection();
            return responseBodyAsString2;
        } catch (MalformedURLException e3) {
            String stringBuffer2 = new StringBuffer().append("Error -- Malformed URL [").append(str2).append("] for SSO authenticated destination").toString();
            log.error(stringBuffer2);
            throw new SSOException(stringBuffer2, e3);
        }
    }

    private String scramble(String str) {
        return new String(xor(str.toCharArray(), scrambler));
    }

    private String unscramble(String str) {
        return new String(xor(str.toCharArray(), scrambler));
    }

    private char[] xor(char[] cArr, char[] cArr2) {
        int min = Math.min(cArr.length, cArr2.length);
        char[] cArr3 = new char[min];
        for (int i = 0; i < min; i++) {
            cArr3[i] = (char) (cArr[i] ^ cArr2[i]);
        }
        return cArr3;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$apache$jetspeed$sso$impl$PersistenceBrokerSSOProvider == null) {
            cls = class$("org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider");
            class$org$apache$jetspeed$sso$impl$PersistenceBrokerSSOProvider = cls;
        } else {
            cls = class$org$apache$jetspeed$sso$impl$PersistenceBrokerSSOProvider;
        }
        log = LogFactory.getLog(cls);
        scrambler = "Jestspeed-2 is getting ready for release".toCharArray();
    }
}
