package com.sun.identity.federation.services.fednsso;

import com.iplanet.sso.SSOToken;
import com.sun.identity.federation.alliance.FSAllianceManager;
import com.sun.identity.federation.alliance.FSProviderDescriptor;
import com.sun.identity.federation.common.FSException;
import com.sun.identity.federation.common.FSUtils;
import com.sun.identity.federation.message.FSAssertion;
import com.sun.identity.federation.message.FSAuthnRequest;
import com.sun.identity.federation.message.FSAuthnResponse;
import com.sun.identity.federation.services.util.FSServiceUtils;
import com.sun.identity.saml.assertion.NameIdentifier;
import com.sun.identity.saml.common.SAMLUtils;
import com.sun.identity.saml.common.XMLUtils;
import com.sun.identity.saml.xmlsig.XMLSignatureManager;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.w3c.dom.Document;
import sun.misc.BASE64Encoder;

/* JADX WARN: Classes with same name are omitted:
  input_file:117586-20/SUNWamclt/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/federation/services/fednsso/FSSSOBrowserPostProfileHandler.class
 */
/* loaded from: input_file:117586-20/SUNWamsdk/reloc/$PRODUCT_DIR/lib/am_services.jar:com/sun/identity/federation/services/fednsso/FSSSOBrowserPostProfileHandler.class */
public class FSSSOBrowserPostProfileHandler extends FSSSOAndFedHandler {
    protected FSSSOBrowserPostProfileHandler() {
    }

    public FSSSOBrowserPostProfileHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FSAuthnRequest fSAuthnRequest, FSProviderDescriptor fSProviderDescriptor, String str) {
        super(httpServletRequest, httpServletResponse, fSAuthnRequest, fSProviderDescriptor, str);
        FSUtils.debug.message("FSSSOBrowserPostProfileHandler: Handler created to handle AuthnRequest");
    }

    @Override // com.sun.identity.federation.services.fednsso.FSSSOAndFedHandler
    protected void sendAuthnResponse(FSAuthnResponse fSAuthnResponse) {
        FSUtils.debug.message("FSSSOBrowserPostProfileHandler.sendAuthnResponse: Called");
        try {
            fSAuthnResponse.setProviderId(this.hostProviderId);
            Document dOMDocument = XMLUtils.toDOMDocument(fSAuthnResponse.toXMLString(true, true));
            if (FSServiceUtils.isSigningOn()) {
                if (FSUtils.debug.messageEnabled()) {
                    FSUtils.debug.message("FSSSOBrowserPostProfileHandler.sendAuthnResponse: start signing assertions");
                }
                List assertion = fSAuthnResponse.getAssertion();
                if (assertion != null) {
                    Iterator it = assertion.iterator();
                    while (it.hasNext()) {
                        String id = ((FSAssertion) it.next()).getID();
                        FSUtils.debug.message(new StringBuffer().append("FSSSOBrowserPostProfileHandler.sendAuthnResponse: id attr is").append(id).toString());
                        FSAllianceManager allianceInstance = FSServiceUtils.getAllianceInstance();
                        if (allianceInstance == null) {
                            FSUtils.debug.error("FSSSOBrowserPostProfileHandler.doSingleSignOn: could not create alliance instance");
                            return;
                        }
                        String keyInfo = allianceInstance.getProvider(this.hostProviderId).getKeyInfo();
                        if (keyInfo == null) {
                            FSUtils.debug.error("SOAPReceiver.onMessage: couldn't obtain this site's cert alias.");
                            return;
                        } else {
                            FSUtils.debug.message(new StringBuffer().append("FSSSOBrowserPostProfileHandler.sendAuthnResponse: Site's certAlias is ").append(keyInfo).toString());
                            XMLSignatureManager.getInstance().signXML(dOMDocument, keyInfo, SAMLUtils.bundle.getString("xmlsigalgorithm"), id);
                            FSUtils.debug.message("FSSSOBrowserPostProfileHandler.sendAuthnResponse: SignatureManager finished signing ");
                        }
                    }
                }
            }
            String printDocument = FSServiceUtils.printDocument(dOMDocument);
            FSUtils.debug.message(new StringBuffer().append("FSSSOBrowserPostProfileHandler.sendAuthnResponse: Signed AuthnResponse: ").append(printDocument).toString());
            String encode = new BASE64Encoder().encode(printDocument.getBytes());
            String assertionConsumerServiceID = this.authnRequest.getAssertionConsumerServiceID();
            if (assertionConsumerServiceID == null || assertionConsumerServiceID.equals("")) {
                assertionConsumerServiceID = this.spDescriptor.getAssertionConsumerServiceURL();
            }
            this.response.setContentType("text/html");
            PrintWriter writer = this.response.getWriter();
            writer.println("<HTML>");
            writer.println("<BODY Onload=\"document.Response.submit()\">");
            writer.println(new StringBuffer().append("<FORM NAME=\"Response\" METHOD=\"POST\" ACTION=\"").append(assertionConsumerServiceID).append("\">").toString());
            writer.println(new StringBuffer().append("<INPUT TYPE=\"HIDDEN\" NAME=\"LARES\" VALUE=\"").append(encode).append("\"/>").toString());
            writer.println("</FORM>");
            writer.println("</BODY></HTML>");
            writer.close();
            if (FSUtils.debug.messageEnabled()) {
                FSUtils.debug.message(new StringBuffer().append("FSSSOBrowserPostProfileHandler:sendAuthnResponse: AuthnResponse sent successfully to: ").append(assertionConsumerServiceID).toString());
            }
        } catch (Exception e) {
            FSUtils.debug.error("FSSSOBrowserPostProfileHandler:sendAuthnResponse:", e);
        }
    }

    @Override // com.sun.identity.federation.services.fednsso.FSSSOAndFedHandler
    protected boolean doSingleSignOn(SSOToken sSOToken, String str, NameIdentifier nameIdentifier, NameIdentifier nameIdentifier2) {
        FSUtils.debug.message("FSSSOBrowserPostProfileHandler.doSingleSignOn: Called");
        FSAuthnResponse createAuthnResponse = createAuthnResponse(sSOToken, str, nameIdentifier, nameIdentifier2);
        try {
            FSUtils.debug.message(new StringBuffer().append("FSSSOBrowserPostProfileHandler.doSingleSignOn: AuthnResponse created: ").append(createAuthnResponse.toXMLString()).toString());
            if (createAuthnResponse == null) {
                FSUtils.debug.error("FSSSOBrowserPostProfileHandler.doSingleSignOn: No valid AuthnResponse could be created. Sending error AuthnResponse");
                return false;
            }
            sendAuthnResponse(createAuthnResponse);
            return true;
        } catch (FSException e) {
            FSUtils.debug.error(new StringBuffer().append("FSSSOBrowserPostProfileHandler.doSingleSignOn: Created AuthnResponse is not valid: ").append(e.getMessage()).toString());
            return false;
        }
    }
}
