package org.apache.jetspeed.login;

import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.PortalReservedParameters;
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
import org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider;
import org.apache.jetspeed.security.activeauthentication.IdentityToken;

/* loaded from: input_file:tomcat-portal.zip:webapps/jetspeed/WEB-INF/lib/jetspeed-portal-2.2.0.jar:org/apache/jetspeed/login/LoginProxyServlet.class */
public class LoginProxyServlet extends HttpServlet {
    private boolean credentialsFromRequest = true;

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        String initParameter = servletConfig.getInitParameter("credentialsFromRequest");
        if (initParameter != null) {
            this.credentialsFromRequest = initParameter.equalsIgnoreCase("true");
        }
    }

    @Override // javax.servlet.http.HttpServlet
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String str;
        httpServletRequest.setCharacterEncoding("UTF-8");
        HttpSession session = httpServletRequest.getSession(true);
        String parameter = httpServletRequest.getParameter(LoginConstants.DESTINATION);
        if (parameter != null) {
            session.setAttribute(LoginConstants.DESTINATION, parameter);
        } else {
            session.removeAttribute(LoginConstants.DESTINATION);
        }
        if (this.credentialsFromRequest) {
            str = httpServletRequest.getParameter(LoginConstants.USERNAME);
            if (str != null) {
                session.setAttribute(LoginConstants.USERNAME, str);
            } else {
                session.removeAttribute(LoginConstants.USERNAME);
            }
            String parameter2 = httpServletRequest.getParameter(LoginConstants.PASSWORD);
            if (parameter2 != null) {
                session.setAttribute(LoginConstants.PASSWORD, parameter2);
            } else {
                session.removeAttribute(LoginConstants.PASSWORD);
            }
        } else {
            str = (String) session.getAttribute(LoginConstants.USERNAME);
        }
        if (httpServletRequest.getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE) != null) {
            session.setAttribute(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE, httpServletRequest.getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE));
        }
        Boolean valueOf = Boolean.valueOf((String) httpServletRequest.getAttribute(PortalReservedParameters.PORTAL_FILTER_ATTRIBUTE));
        PortalAuthenticationConfiguration portalAuthenticationConfiguration = (PortalAuthenticationConfiguration) Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration");
        if (valueOf.booleanValue() || !portalAuthenticationConfiguration.isCreateNewSessionOnLogin()) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeURL(httpServletRequest.getContextPath() + "/login/redirector"));
            return;
        }
        ActiveAuthenticationIdentityProvider activeAuthenticationIdentityProvider = (ActiveAuthenticationIdentityProvider) Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider");
        IdentityToken createIdentityToken = activeAuthenticationIdentityProvider.createIdentityToken(str);
        saveState(session, createIdentityToken, activeAuthenticationIdentityProvider.getSessionAttributeNames());
        httpServletRequest.getSession().invalidate();
        restoreState(httpServletRequest.getSession(true), createIdentityToken);
        httpServletResponse.sendRedirect(httpServletResponse.encodeURL(httpServletRequest.getContextPath() + "/login/redirector?token=") + createIdentityToken.getToken());
    }

    protected void saveState(HttpSession httpSession, IdentityToken identityToken, List list) {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            identityToken.setAttribute(str, httpSession.getAttribute(str));
        }
    }

    protected void restoreState(HttpSession httpSession, IdentityToken identityToken) {
        Iterator attributeNames = identityToken.getAttributeNames();
        while (attributeNames.hasNext()) {
            String str = (String) attributeNames.next();
            httpSession.setAttribute(str, identityToken.getAttribute(str));
        }
    }

    @Override // javax.servlet.http.HttpServlet
    public final void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        doGet(httpServletRequest, httpServletResponse);
    }
}
