package org.apache.jetspeed.portlets.security.sso;

import java.io.IOException;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Collection;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletConfig;
import javax.portlet.PortletException;
import javax.portlet.PortletMode;
import javax.portlet.PortletRequest;
import javax.portlet.PortletResponse;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.jetspeed.portlets.sso.SSOReverseProxyIFramePortlet;
import org.apache.jetspeed.security.JSSubject;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.sso.SSOException;
import org.apache.jetspeed.sso.SSOManager;
import org.apache.jetspeed.sso.SSOSite;
import org.apache.jetspeed.sso.SSOUser;
import org.apache.portals.applications.gems.browser.BrowserPortlet;
import org.apache.portals.applications.gems.browser.DatabaseBrowserIterator;
import org.apache.portals.applications.gems.browser.StatusMessage;
import org.apache.portals.messaging.PortletMessaging;
import org.apache.velocity.context.Context;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/org/apache/jetspeed/portlets/security/sso/SSOChangePasswordPortlet.class */
public class SSOChangePasswordPortlet extends BrowserPortlet {
    static final Logger logger = LoggerFactory.getLogger(SSOChangePasswordPortlet.class);
    private SSOManager sso;
    private UserManager userManager;

    @Override // org.apache.portals.applications.gems.browser.BrowserPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void init(PortletConfig portletConfig) throws PortletException {
        super.init(portletConfig);
        this.sso = (SSOManager) getPortletContext().getAttribute("cps:SSO");
        if (null == this.sso) {
            throw new PortletException("Failed to find the SSO Provider on portlet initialization");
        }
        this.userManager = (UserManager) getPortletContext().getAttribute("cps:UserManager");
        if (null == this.userManager) {
            throw new PortletException("Failed to find the User Manager on portlet initialization");
        }
    }

    @Override // org.apache.portals.applications.gems.browser.BrowserPortlet, org.apache.portals.applications.gems.browser.Browser
    public void getRows(RenderRequest renderRequest, String str, int i) throws Exception {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        try {
            Collection<SSOSite> sites = this.sso.getSites("");
            arrayList2.add(String.valueOf(12));
            arrayList2.add(String.valueOf(12));
            arrayList.add(0, "URL");
            arrayList.add(1, "Site");
            ArrayList arrayList3 = new ArrayList();
            if (sites != null) {
                for (SSOSite sSOSite : sites) {
                    ArrayList arrayList4 = new ArrayList(2);
                    arrayList4.add(0, sSOSite.getURL());
                    arrayList4.add(1, sSOSite.getName());
                    arrayList3.add(arrayList4);
                }
            }
            DatabaseBrowserIterator databaseBrowserIterator = new DatabaseBrowserIterator(arrayList3, arrayList, arrayList2, i);
            setBrowserIterator(renderRequest, databaseBrowserIterator);
            databaseBrowserIterator.sort("Site");
        } catch (Exception e) {
            logger.error("Exception in getRows: ", (Throwable) e);
            throw e;
        }
    }

    @Override // org.apache.portals.applications.gems.browser.BrowserPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void doView(RenderRequest renderRequest, RenderResponse renderResponse) throws PortletException, IOException {
        String str = (String) PortletMessaging.receive(renderRequest, "SSOChangePassword", "selectedName");
        if (str != null) {
            Context context = getContext(renderRequest);
            context.put("currentName", str);
            context.put("currentUrl", (String) PortletMessaging.receive(renderRequest, "SSOChangePassword", "selectedUrl"));
            context.put("ssoUsername", (String) PortletMessaging.receive(renderRequest, "SSOChangePassword", "ssoUsername"));
        }
        StatusMessage statusMessage = (StatusMessage) PortletMessaging.consume(renderRequest, "SSOChangePassword", "status");
        if (statusMessage != null) {
            getContext(renderRequest).put("statusMsg", statusMessage);
        }
        super.doView(renderRequest, renderResponse);
    }

    protected void clearPortletMessages(PortletRequest portletRequest, PortletResponse portletResponse) {
        PortletMessaging.cancel(portletRequest, "SSOChangePassword", "selectedName");
        PortletMessaging.cancel(portletRequest, "SSOChangePassword", "selectedUrl");
        PortletMessaging.cancel(portletRequest, "SSOChangePassword", "ssoUsername");
    }

    protected void setPortletMessage(PortletRequest portletRequest, String str, String str2) throws IOException {
        if (StringUtils.isNotEmpty(str2)) {
            PortletMessaging.publish(portletRequest, "SSOChangePassword", str, str2);
        } else {
            PortletMessaging.cancel(portletRequest, "SSOChangePassword", str);
        }
    }

    @Override // org.apache.portals.applications.gems.browser.BrowserPortlet, org.apache.portals.bridges.velocity.GenericVelocityPortlet
    public void processAction(ActionRequest actionRequest, ActionResponse actionResponse) throws PortletException, IOException {
        SSOSite siteByName;
        SSOSite siteByName2;
        if (actionRequest.getPortletMode() == PortletMode.VIEW) {
            String parameter = actionRequest.getParameter("ssoSite");
            if (parameter != null && (siteByName2 = this.sso.getSiteByName(parameter)) != null) {
                setPortletMessage(actionRequest, "selectedUrl", siteByName2.getURL());
                setPortletMessage(actionRequest, "selectedName", siteByName2.getName());
                setPortletMessage(actionRequest, "change", parameter);
                setPortletMessage(actionRequest, "ssoUsername", getRemoteUserName(actionRequest, siteByName2));
            }
            String parameter2 = actionRequest.getParameter("sso.refresh");
            String parameter3 = actionRequest.getParameter("sso.save");
            String parameter4 = actionRequest.getParameter("sso.delete");
            if (parameter2 != null) {
                clearBrowserIterator(actionRequest);
            } else if (parameter4 != null) {
                String parameter5 = actionRequest.getParameter("site.name");
                if (!StringUtils.isEmpty(parameter5) && (siteByName = this.sso.getSiteByName(parameter5)) != null) {
                    removeRemoteUser(actionRequest, siteByName);
                    clearBrowserIterator(actionRequest);
                    clearPortletMessages(actionRequest, actionResponse);
                }
            } else if (parameter3 != null) {
                String parameter6 = actionRequest.getParameter("site.name");
                String parameter7 = actionRequest.getParameter("site.url");
                String parameter8 = actionRequest.getParameter("ssoUsername");
                String parameter9 = actionRequest.getParameter("ssoPassword");
                if (!StringUtils.isEmpty(parameter6) && !StringUtils.isEmpty(parameter7) && !StringUtils.isEmpty(parameter8) && !StringUtils.isEmpty(parameter9)) {
                    String str = (String) PortletMessaging.receive(actionRequest, "site", "selectedName");
                    addOrUpdateRemoteUser(actionRequest, this.sso.getSiteByName(str != null ? str : parameter6), parameter8, parameter9);
                    clearBrowserIterator(actionRequest);
                    PortletMessaging.publish(actionRequest, "SSOChangePassword", "selectedName", parameter6);
                    PortletMessaging.publish(actionRequest, "SSOChangePassword", "selectedUrl", parameter7);
                    PortletMessaging.publish(actionRequest, "SSOChangePassword", "ssoUsername", parameter8);
                }
            }
        }
        actionRequest.getPortletSession().removeAttribute(SSOReverseProxyIFramePortlet.SUBJECT_SSO_SITE_CREDS, 1);
        super.processAction(actionRequest, actionResponse);
    }

    private String getRemoteUserName(PortletRequest portletRequest, SSOSite sSOSite) {
        String str = null;
        try {
            Collection remoteUsers = this.sso.getRemoteUsers(sSOSite, JSSubject.getSubject(AccessController.getContext()));
            if (remoteUsers != null && !remoteUsers.isEmpty()) {
                str = ((SSOUser) remoteUsers.iterator().next()).getName();
            }
        } catch (SSOException e) {
            publishStatusMessage(portletRequest, "SSOChangePassword", "status", e, "Could not retrieve sso user name");
        }
        return str;
    }

    private void removeRemoteUser(PortletRequest portletRequest, SSOSite sSOSite) {
        try {
            Collection remoteUsers = this.sso.getRemoteUsers(sSOSite, JSSubject.getSubject(AccessController.getContext()));
            if (remoteUsers != null && !remoteUsers.isEmpty()) {
                this.sso.removeUser((SSOUser) remoteUsers.iterator().next());
            }
        } catch (SSOException e) {
            publishStatusMessage(portletRequest, "SSOChangePassword", "status", e, "Could not remove sso user");
        }
    }

    private void addOrUpdateRemoteUser(PortletRequest portletRequest, SSOSite sSOSite, String str, String str2) {
        try {
            Collection remoteUsers = this.sso.getRemoteUsers(sSOSite, JSSubject.getSubject(AccessController.getContext()));
            if (remoteUsers == null || remoteUsers.isEmpty()) {
                this.sso.addUser(sSOSite, this.userManager.getUser(portletRequest.getUserPrincipal().getName()), str, str2);
            } else {
                SSOUser sSOUser = (SSOUser) remoteUsers.iterator().next();
                if (!StringUtils.equals(sSOUser.getName(), str)) {
                    sSOUser.setName(str);
                    this.sso.updateUser(sSOUser);
                }
                this.sso.setPassword(sSOUser, str2);
            }
        } catch (SecurityException e) {
            publishStatusMessage(portletRequest, "SSOChangePassword", "status", e, "Could not retrieve jetspeed user");
        } catch (SSOException e2) {
            publishStatusMessage(portletRequest, "SSOChangePassword", "status", e2, "Could not remove sso user");
        }
    }
}
