package com.geolives.ssoclient.ssoapi;

import com.geolives.libs.util.GLog;
import com.geolives.ssoclient.entities.AuthenticationRequest;
import com.geolives.ssoclient.entities.AuthenticationResult;
import com.geolives.ssoclient.sityapi.RolesGroup;
import com.geolives.ssoclient.utils.Redirect;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: classes2.dex */
public class SSORequestHandler {
    boolean mApiKeyAllowed;
    private AuthenticationRequest mAuthRequest;
    boolean mCheckSession;
    private SSOAPIClient mClient;
    boolean mCreateSession;
    String mFinalAppKey;
    String mFinalAppRoles;
    RolesGroup mNeededRoles;
    String mPage;
    boolean mRedirectAllowed;
    private HttpServletRequest mRequest;
    private HttpServletResponse mResponse;

    /* loaded from: classes2.dex */
    public static class Builder {
        private SSORequestHandler mInstance;

        public Builder(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationRequest authenticationRequest, SSOAPIClient sSOAPIClient) {
            SSORequestHandler sSORequestHandler = new SSORequestHandler();
            this.mInstance = sSORequestHandler;
            sSORequestHandler.mAuthRequest = authenticationRequest;
            this.mInstance.mRequest = httpServletRequest;
            this.mInstance.mResponse = httpServletResponse;
            this.mInstance.mClient = sSOAPIClient;
        }

        public Builder(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationRequest authenticationRequest, String str) {
            SSORequestHandler sSORequestHandler = new SSORequestHandler();
            this.mInstance = sSORequestHandler;
            sSORequestHandler.mAuthRequest = authenticationRequest;
            this.mInstance.mRequest = httpServletRequest;
            this.mInstance.mResponse = httpServletResponse;
            this.mInstance.mPage = "";
            SSOAPIClient sSOAPIClient = new SSOAPIClient();
            sSOAPIClient.setAppKey(str);
            this.mInstance.mClient = sSOAPIClient;
        }

        public SSORequestHandler build() {
            return this.mInstance;
        }

        public Builder flagSessionCheck() {
            this.mInstance.mCheckSession = true;
            return this;
        }

        public Builder flagSessionCreation() {
            this.mInstance.mCreateSession = true;
            return this;
        }

        public Builder setApiKeyAllowed(boolean z) {
            this.mInstance.mApiKeyAllowed = z;
            return this;
        }

        public Builder setAppKeyVerification(String str, String str2) {
            this.mInstance.mFinalAppKey = str;
            this.mInstance.mFinalAppRoles = str2;
            return this;
        }

        public Builder setNeededRoles(RolesGroup rolesGroup) {
            this.mInstance.mNeededRoles = rolesGroup;
            return this;
        }

        public Builder setPage(String str) {
            this.mInstance.mPage = str;
            return this;
        }

        public Builder setRedirectAllowed(boolean z) {
            this.mInstance.mRedirectAllowed = z;
            return this;
        }
    }

    protected SSORequestHandler() {
    }

    private AuthenticationResult authenticateWithApiKey(HttpSession httpSession, String str) throws SSOAPIException, IOException {
        try {
            return new AuthenticationResult(checkRolesFromSsoMap(checkApiKey(str.trim(), 30)));
        } catch (SSOAPIException unused) {
            if (this.mRedirectAllowed) {
                Redirect.redirectToLoginAndJS(this.mRequest, this.mResponse, this.mAuthRequest, this.mPage, "&error_code=BAD_API_KEY");
                return null;
            }
            triggerError(403, "API KEY VERIFICATION FAILURE");
            return null;
        }
    }

    private AuthenticationResult authenticateWithAppKey() throws SSOAPIException, IOException {
        try {
            this.mClient.verifyApp(this.mFinalAppKey, this.mFinalAppRoles, 30);
            return null;
        } catch (SSOAPIException unused) {
            triggerError(403, "APP KEY VERIFICATION FAILURE");
            return null;
        }
    }

    private AuthenticationResult authenticateWithToken(HttpSession httpSession, String str) throws SSOAPIException, IOException {
        try {
            String trim = str.trim();
            if (httpSession == null) {
                GLog.v("Checking sso token for no session");
            } else {
                GLog.v("Checking sso token for session " + httpSession.getId());
            }
            Map<String, Object> checkSSOToken = checkSSOToken(trim, 30);
            GLog.v("SSOMAP " + checkSSOToken);
            if (httpSession != null) {
                GLog.v("Setting " + trim + " for session " + httpSession.getId());
                httpSession.setAttribute("ssotoken", trim);
            }
            return new AuthenticationResult(checkRolesFromSsoMap(checkSSOToken));
        } catch (SSOAPIException unused) {
            if (this.mRedirectAllowed) {
                Redirect.redirectToLoginAndJS(this.mRequest, this.mResponse, this.mAuthRequest, this.mPage, "&error_code=BAD_TOKEN");
                return null;
            }
            triggerError(403, "AUTHENTICATION FAILURE");
            return null;
        }
    }

    private Map<String, Object> checkApiKey(String str, int i) throws SSOAPIException {
        if (str == null) {
            return null;
        }
        try {
            return this.mClient.checkApiKey(str, this.mFinalAppKey, this.mFinalAppRoles, 30);
        } catch (SSOAPIException e) {
            throw e;
        } catch (Exception unused) {
            throw new SSOAPIException(403, "SSOFAILURE error checking sso API KEY");
        }
    }

    private Map<String, Object> checkRolesFromSsoMap(Map<String, Object> map) throws SSOAPIException, IOException {
        if (this.mNeededRoles.check((String) map.get("ROLES"))) {
            return map;
        }
        if (this.mRedirectAllowed) {
            Redirect.redirectToLoginAndJS(this.mRequest, this.mResponse, this.mAuthRequest, this.mPage, "&error_code=MISSING_ROLE");
            return null;
        }
        triggerError(403, "MISSING ROLE");
        return null;
    }

    private Map<String, Object> checkSSOToken(String str, int i) throws SSOAPIException {
        try {
            return this.mClient.checkSSOToken(str, this.mFinalAppKey, this.mFinalAppRoles, 30).asMap();
        } catch (SSOAPIException e) {
            throw e;
        } catch (Exception unused) {
            throw new SSOAPIException(403, "SSOFAILURE error checking sso token");
        }
    }

    private String getNeededRolesUrl() {
        if (this.mNeededRoles == null) {
            return "";
        }
        return "role=" + this.mNeededRoles;
    }

    private boolean mustCheckAppKey() {
        String str;
        String str2 = this.mFinalAppKey;
        return (str2 == null || str2.isEmpty() || (str = this.mFinalAppRoles) == null || str.isEmpty()) ? false : true;
    }

    private void triggerError(int i, String str) throws SSOAPIException, IOException {
        HttpServletResponse httpServletResponse = this.mResponse;
        if (httpServletResponse == null) {
            throw new SSOAPIException(i, str);
        }
        httpServletResponse.sendError(i, str);
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x008e  */
    /* JADX WARN: Removed duplicated region for block: B:13:0x0093  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.geolives.ssoclient.entities.AuthenticationResult handleRequest() throws com.geolives.ssoclient.ssoapi.SSOAPIException, java.io.IOException {
        /*
            r7 = this;
            boolean r0 = r7.mCheckSession
            r1 = 0
            if (r0 == 0) goto Le
            javax.servlet.http.HttpServletRequest r0 = r7.mRequest
            boolean r2 = r7.mCreateSession
            javax.servlet.http.HttpSession r0 = r0.getSession(r2)
            goto Lf
        Le:
            r0 = r1
        Lf:
            javax.servlet.http.HttpServletRequest r2 = r7.mRequest
            java.lang.String r3 = "ssotoken"
            java.lang.String r2 = r2.getParameter(r3)
            java.lang.String r4 = ""
            if (r2 == 0) goto L36
            javax.servlet.http.HttpServletRequest r2 = r7.mRequest
            java.lang.String r2 = r2.getParameter(r3)
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            java.lang.String r5 = "Found a ssotoken in the request: "
            r3.<init>(r5)
            r3.append(r2)
            java.lang.String r3 = r3.toString()
            com.geolives.libs.util.GLog.v(r7, r3)
        L32:
            r6 = r4
            r4 = r2
            r2 = r6
            goto L88
        L36:
            boolean r2 = r7.mApiKeyAllowed
            if (r2 == 0) goto L5c
            javax.servlet.http.HttpServletRequest r2 = r7.mRequest
            java.lang.String r5 = "apikey"
            java.lang.String r2 = r2.getParameter(r5)
            if (r2 == 0) goto L5c
            javax.servlet.http.HttpServletRequest r2 = r7.mRequest
            java.lang.String r2 = r2.getParameter(r5)
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            java.lang.String r5 = "Found an apikey in the request: "
            r3.<init>(r5)
            r3.append(r2)
            java.lang.String r3 = r3.toString()
            com.geolives.libs.util.GLog.v(r7, r3)
            goto L88
        L5c:
            if (r0 == 0) goto L7c
            java.lang.Object r2 = r0.getAttribute(r3)
            if (r2 == 0) goto L7c
            java.lang.Object r2 = r0.getAttribute(r3)
            java.lang.String r2 = (java.lang.String) r2
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            java.lang.String r5 = "Found a ssotoken in the session: "
            r3.<init>(r5)
            r3.append(r2)
            java.lang.String r3 = r3.toString()
            com.geolives.libs.util.GLog.v(r7, r3)
            goto L32
        L7c:
            boolean r2 = r7.mustCheckAppKey()
            if (r2 == 0) goto Lc3
            java.lang.String r2 = "Only check app key"
            com.geolives.libs.util.GLog.v(r7, r2)
            r2 = r4
        L88:
            boolean r3 = r4.isEmpty()
            if (r3 != 0) goto L93
            com.geolives.ssoclient.entities.AuthenticationResult r0 = r7.authenticateWithToken(r0, r4)
            return r0
        L93:
            boolean r3 = r2.isEmpty()
            if (r3 != 0) goto L9e
            com.geolives.ssoclient.entities.AuthenticationResult r0 = r7.authenticateWithApiKey(r0, r2)
            return r0
        L9e:
            boolean r0 = r7.mustCheckAppKey()
            if (r0 == 0) goto La9
            com.geolives.ssoclient.entities.AuthenticationResult r0 = r7.authenticateWithAppKey()
            return r0
        La9:
            boolean r0 = r7.mRedirectAllowed
            if (r0 == 0) goto Lbb
            javax.servlet.http.HttpServletRequest r0 = r7.mRequest
            javax.servlet.http.HttpServletResponse r2 = r7.mResponse
            com.geolives.ssoclient.entities.AuthenticationRequest r3 = r7.mAuthRequest
            java.lang.String r4 = r7.mPage
            java.lang.String r5 = "&error_code=BAD_REQUEST"
            com.geolives.ssoclient.utils.Redirect.redirectToLoginAndJS(r0, r2, r3, r4, r5)
            return r1
        Lbb:
            r0 = 400(0x190, float:5.6E-43)
            java.lang.String r2 = "BAD REQUEST"
            r7.triggerError(r0, r2)
            return r1
        Lc3:
            boolean r0 = r7.mRedirectAllowed
            if (r0 == 0) goto Ld3
            javax.servlet.http.HttpServletRequest r0 = r7.mRequest
            javax.servlet.http.HttpServletResponse r2 = r7.mResponse
            com.geolives.ssoclient.entities.AuthenticationRequest r3 = r7.mAuthRequest
            java.lang.String r5 = r7.mPage
            com.geolives.ssoclient.utils.Redirect.redirectToLoginAndJS(r0, r2, r3, r5, r4)
            goto Lda
        Ld3:
            r0 = 403(0x193, float:5.65E-43)
            java.lang.String r2 = "BAD AUTHENTICATION"
            r7.triggerError(r0, r2)
        Lda:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.geolives.ssoclient.ssoapi.SSORequestHandler.handleRequest():com.geolives.ssoclient.entities.AuthenticationResult");
    }
}
