package fr.edu.lyon.nuxeo.cleartrust;

import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPluginLogoutExtension;

/* loaded from: input_file:fr/edu/lyon/nuxeo/cleartrust/ClearTrustAuthenticator.class */
public class ClearTrustAuthenticator implements NuxeoAuthenticationPlugin, NuxeoAuthenticationPluginLogoutExtension {
    protected String mappingUid = "";
    protected String cleartrustLogoutUrl = "";
    protected static final String CLEARTRUST_COOKIE_SESSION_A = "ACTSESSION";
    protected static final String CLEARTRUST_COOKIE_SESSION = "CTSESSION";
    private static final Log log = LogFactory.getLog(ClearTrustAuthenticator.class);

    public List<String> getUnAuthenticatedURLPrefix() {
        return null;
    }

    public Boolean handleLoginPrompt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        return false;
    }

    public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("handleRetrieveIdentity ...");
        String header = httpServletRequest.getHeader(this.mappingUid);
        if (header == null) {
            return null;
        }
        UserIdentificationInfo userIdentificationInfo = new UserIdentificationInfo(header, "No password for ClearTrust");
        log.debug("handleRetrieveIdentity userName = " + header);
        return userIdentificationInfo;
    }

    public Boolean needLoginPrompt(HttpServletRequest httpServletRequest) {
        return false;
    }

    public void initPlugin(Map<String, String> map) {
        if (map.containsKey(ClearTrustParameters.CLEARTRUST_MAPPING_UID)) {
            this.mappingUid = map.get(ClearTrustParameters.CLEARTRUST_MAPPING_UID);
        }
        if (map.containsKey(ClearTrustParameters.CLEARTRUST_LOGOUT_URL)) {
            this.cleartrustLogoutUrl = map.get(ClearTrustParameters.CLEARTRUST_LOGOUT_URL);
        }
    }

    public Boolean handleLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("handleLogout ...");
        expireCookie(CLEARTRUST_COOKIE_SESSION, httpServletRequest, httpServletResponse);
        expireCookie(CLEARTRUST_COOKIE_SESSION_A, httpServletRequest, httpServletResponse);
        if (this.cleartrustLogoutUrl == null || "".equals(this.cleartrustLogoutUrl)) {
            return false;
        }
        try {
            log.debug("Redirecting to logoutUrl = [" + this.cleartrustLogoutUrl + "] ...");
            httpServletResponse.sendRedirect(this.cleartrustLogoutUrl);
            log.debug("handleLogout DONE!");
            return true;
        } catch (IOException e) {
            log.error("Unable to redirect to the logout URL [" + this.cleartrustLogoutUrl + "] :", e);
            return false;
        }
    }

    private void expireCookie(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        log.debug("expiring cookie [" + str + "]  ...");
        Cookie cookie = new Cookie(str, "");
        cookie.setMaxAge(0);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
    }
}
