package net.java.dev.sommer.foafssl.login;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.java.dev.sommer.foafssl.principals.FoafSslPrincipal;
import net.java.dev.sommer.foafssl.verifier.DereferencingFoafSslVerifier;

/* loaded from: input_file:WEB-INF/classes/net/java/dev/sommer/foafssl/login/InsecureLogin.class */
public class InsecureLogin extends HttpServlet {
    public static final transient Logger log = Logger.getLogger(InsecureLogin.class.getName());

    protected void processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("return_to");
        URL url = null;
        if (parameter != null && parameter.length() > 0) {
            try {
                url = new URL(parameter);
            } catch (MalformedURLException e) {
                log.info("request had malformed return_to url:" + parameter);
            }
        }
        if (url == null) {
            url = getReferer(httpServletRequest);
        }
        X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
        if (x509CertificateArr == null) {
            try {
                url = new URL(url.getProtocol(), url.getHost(), url.getPort(), url.getPath() + "?failure=nocert");
            } catch (MalformedURLException e2) {
                log.info("cannot build failure url for " + url);
            }
        } else {
            try {
                for (FoafSslPrincipal foafSslPrincipal : new DereferencingFoafSslVerifier().verifyFoafSslCertificate(x509CertificateArr[0])) {
                    if (foafSslPrincipal != null) {
                        try {
                            url = new URL(url.getProtocol(), url.getHost(), url.getPort(), url.getPath() + "?webid=" + URLEncoder.encode(foafSslPrincipal.getUri().toString(), "UTF-8"));
                            break;
                        } catch (MalformedURLException e3) {
                            log.info("cannot build failure url for " + url + " responding with webid=" + foafSslPrincipal);
                        }
                    }
                }
            } catch (Exception e4) {
                log.log(Level.INFO, "exception trying to login client", (Throwable) e4);
            }
        }
        httpServletResponse.sendRedirect(url.toExternalForm());
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    public String getServletInfo() {
        return "A simple Insecure login service. \n Initial request should have a return_to=${ResponseUrl} attribute value.\n On successful authentication the  client browser will be redirected to ${ResponseUrl}?webid=${webid}.\n On failre the client will be redirected to ${ResponseUrl}?failure \n The service is insecure because there is a risk of man in the middle attacks in the response.";
    }

    private URL getReferer(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Referer");
        try {
            return new URL(header);
        } catch (MalformedURLException e) {
            log.log(Level.INFO, "malformed referer url:" + header, (Throwable) e);
            return null;
        }
    }
}
