package com.other;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.TimeZone;
import java.util.Vector;
import java.util.zip.DataFormatException;
import java.util.zip.Deflater;
import java.util.zip.DeflaterOutputStream;
import java.util.zip.Inflater;
import java.util.zip.InflaterInputStream;
import java.util.zip.ZipException;
import javax.xml.parsers.DocumentBuilderFactory;
import microsoft.exchange.webservices.data.XmlElementNames;
import net.n3.nanoxml.IXMLElement;
import net.n3.nanoxml.IXMLParser;
import net.n3.nanoxml.StdXMLReader;
import net.n3.nanoxml.XMLParserFactory;
import net.n3.nanoxml.XMLWriter;
import org.apache.commons.codec.binary.Base64;
import org.jfree.chart.urls.StandardXYURLGenerator;
import org.joda.time.DateTime;
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.common.SAMLVersion;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeStatement;
import org.opensaml.saml2.core.Audience;
import org.opensaml.saml2.core.AudienceRestriction;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.AuthnRequest;
import org.opensaml.saml2.core.Issuer;
import org.opensaml.saml2.core.NameIDPolicy;
import org.opensaml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml2.core.Response;
import org.opensaml.saml2.core.impl.AuthnContextClassRefBuilder;
import org.opensaml.saml2.core.impl.AuthnRequestBuilder;
import org.opensaml.saml2.core.impl.IssuerBuilder;
import org.opensaml.saml2.core.impl.NameIDPolicyBuilder;
import org.opensaml.saml2.core.impl.RequestedAuthnContextBuilder;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.x509.BasicX509Credential;
import org.opensaml.xml.signature.Signature;
import org.opensaml.xml.signature.SignatureValidator;
import org.opensaml.xml.util.XMLHelper;
import org.w3c.dom.Element;
import org.xml.sax.InputSource;

/* loaded from: input_file:com/other/SamlHandler.class */
public class SamlHandler implements Action, SecurityOverride {
    public static final String DESTINATION = "destination";
    public static final String AUDIENCE = "audience";
    public static final String ISSUER = "issuer";
    public static final String REDIRECT_URL = "redirectUrl";
    public static final String RELAY = "relay";
    public static final String ERROR_NO_SIGNATURE = "ERROR_NO_SIGNATURE";
    public static final String ERROR_KEY_NO_MATCH = "ERROR_KEY_NO_MATCH";
    public static final String ERROR_WRONG_DESTINATION = "ERROR_WRONG_DESTINATION";
    public static final String ERROR_WRONG_ISSUER = "ERROR_WRONG_ISSUER";
    public static final String ERROR_WRONG_AUDIENCE = "ERROR_WRONG_AUDIENCE";
    public static final String ERROR_MISSING_NOTONORAFTER_OR_NOTBEFORE = "ERROR_MISSING_NOTONORAFTER_OR_NOTBEFORE";
    public static final String ERROR_OLD_NOTBEFORE_OR_NOTONORAFTER = "ERROR_OLD_NOTBEFORE_OR_NOTONORAFTER";
    public static final String ERROR_MISSING_OR_WRONG_NAMEID = "ERROR_MISSING_OR_WRONG_NAMEID";
    public static final String ERROR_MISSING_OR_WRONG_ASSERTION_ID = "ERROR_MISSING_OR_WRONG_ASSERTION_ID";
    public static final String ERROR_STATUSCODE_FAILURE = "ERROR_STATUSCODE_FAILURE";
    public static final SimpleDateFormat SAML_DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
    public static String mFitUrl = "TEMP URL";
    public static long mCertLastModified = -1;
    public static String mCertificate = null;
    public static String mRedirectUrl = "https://fittrackingsolutions.okta.com/app/alcea_fitsaml_1/exk1aa1zprDLaF4gy0x7/sso/saml";
    public static String mDestination = "http://135.23.92.27:22022/saml2/sso";
    public static String mAudience = "http://135.23.92.27:22022/saml2/sso";
    public static String mIssuer = "http://www.okta.com/exk1aa1zprDLaF4gy0x7";
    public static String mRelay = null;
    public static long mConfigLastModified = -1;
    public static boolean mBootstrapped = false;

    public static void init() {
        File file = new File("saml.cfg");
        if (!file.exists()) {
            BugTrack.mSamlEnabled = false;
            return;
        }
        if (file.lastModified() == mConfigLastModified) {
            return;
        }
        try {
            mDestination = null;
            mIssuer = null;
            mAudience = null;
            mRedirectUrl = null;
            mRelay = null;
            DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
            for (String readLine = dataInputStream.readLine(); readLine != null; readLine = dataInputStream.readLine()) {
                String substring = readLine.substring(readLine.indexOf(44) + 1);
                if (readLine.startsWith(DESTINATION)) {
                    mDestination = substring;
                }
                if (readLine.startsWith(AUDIENCE)) {
                    mAudience = substring;
                }
                if (readLine.startsWith(ISSUER)) {
                    mIssuer = substring;
                }
                if (readLine.startsWith(RELAY)) {
                    mRelay = substring;
                }
                if (readLine.startsWith(REDIRECT_URL)) {
                    mRedirectUrl = substring;
                }
            }
            dataInputStream.close();
            mConfigLastModified = file.lastModified();
            if (mAudience == null) {
                mAudience = mDestination;
            }
            if (mDestination == null || mRedirectUrl == null || mIssuer == null) {
                BugTrack.mSamlEnabled = false;
            } else {
                BugTrack.mSamlEnabled = true;
            }
        } catch (Exception e) {
            ExceptionHandler.handleException(e);
            BugTrack.mSamlEnabled = false;
        }
        if (!BugTrack.mSamlEnabled || mBootstrapped) {
            return;
        }
        try {
            DefaultBootstrap.bootstrap();
        } catch (Exception e2) {
            ExceptionHandler.handleException(e2);
            BugTrack.mSamlEnabled = false;
        }
    }

    public static void main(String[] strArr) {
    }

    public static void testBuilder(String str) {
        try {
            DefaultBootstrap.bootstrap();
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            System.out.println(newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str))).getDocumentElement().getTagName());
        } catch (Exception e) {
            ExceptionHandler.handleException(e);
        }
    }

    public static void getSamlErrorResponse(Request request, String str) {
        log(str);
        request.mCurrent.put("RAW", "HTTP/1.1 400\r\n" + WriteWorker.secureHeaders() + "Content-Type: text/html\r\n\r\n" + str);
    }

    public static void readInCertificate() {
        File file = new File("okta.cert");
        if (file.exists()) {
            if (mCertificate == null || file.lastModified() != mCertLastModified) {
                try {
                    mCertificate = "";
                    DataInputStream dataInputStream = new DataInputStream(new FileInputStream(file));
                    for (String readLine = dataInputStream.readLine(); readLine != null; readLine = dataInputStream.readLine()) {
                        mCertificate += (mCertificate.length() == 0 ? "" : "\r\n") + readLine;
                    }
                    dataInputStream.close();
                    mCertLastModified = file.lastModified();
                } catch (Exception e) {
                }
            }
        }
    }

    public void openSamlProcess(Request request, String str) {
        String str2;
        Base64 base64 = new Base64();
        org.opensaml.xml.util.Base64.decode(str);
        String str3 = new String(org.opensaml.xml.util.Base64.decode(str));
        try {
            new ByteArrayInputStream(base64.decode(str.getBytes("UTF-8")));
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Element documentElement = newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str3))).getDocumentElement();
            Response unmarshall = Configuration.getUnmarshallerFactory().getUnmarshaller(documentElement).unmarshall(documentElement);
            Assertion assertion = (Assertion) unmarshall.getAssertions().get(0);
            String value = assertion.getSubject().getNameID().getValue();
            assertion.getIssuer().getValue();
            ((Audience) ((AudienceRestriction) assertion.getConditions().getAudienceRestrictions().get(0)).getAudiences().get(0)).getAudienceURI();
            String value2 = unmarshall.getStatus().getStatusCode().getValue();
            Signature signature = unmarshall.getSignature();
            String id = unmarshall.getID();
            String str4 = null;
            String str5 = "";
            String str6 = "";
            Hashtable hashtable = new Hashtable();
            for (Attribute attribute : ((AttributeStatement) assertion.getAttributeStatements().get(0)).getAttributes()) {
                String lowerCase = attribute.getName().toLowerCase();
                Iterator it = attribute.getAttributeValues().iterator();
                while (it.hasNext()) {
                    String textContent = ((XMLObject) it.next()).getDOM().getTextContent();
                    log("SAML att: " + lowerCase + " - " + textContent);
                    if (lowerCase.endsWith("email") || lowerCase.endsWith("emailaddress")) {
                        str4 = textContent;
                    } else if (lowerCase.endsWith("firstname") || lowerCase.endsWith("givenname")) {
                        str5 = textContent;
                    } else if (lowerCase.endsWith("lastname") || lowerCase.endsWith("surname")) {
                        str6 = textContent;
                    }
                    hashtable.put(lowerCase, textContent);
                }
            }
            String str7 = str5 + " " + str6;
            if (str5.length() == 0) {
                str7 = str6;
            }
            if (str6.length() == 0) {
                str7 = str5;
            }
            log("Subject:" + value);
            if (value.indexOf("@") > 0) {
                value = value.substring(0, value.indexOf("@"));
            } else if (str4 != null && str4.indexOf("@") > 0 && ContextManager.getGlobalProperties(0).get("samlSubjectUseNameId") == null) {
                value = str4.substring(0, str4.indexOf("@"));
            }
            String str8 = (String) ContextManager.getGlobalProperties(0).get("samlSubjectUseProperty");
            if (str8 != null && (str2 = (String) hashtable.get(str8)) != null) {
                value = str2;
            }
            log("ID:" + id);
            log("User ID:" + value);
            log("Status Code:" + value2);
            BasicX509Credential basicX509Credential = new BasicX509Credential();
            File file = new File("saml.cer");
            if (!file.exists()) {
                request.mCurrent.put(ERROR_KEY_NO_MATCH, "1");
                return;
            }
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            FileInputStream fileInputStream = new FileInputStream(file);
            X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(fileInputStream);
            fileInputStream.close();
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(x509Certificate.getPublicKey().getEncoded()));
            if (generatePublic != null) {
                basicX509Credential.setPublicKey(generatePublic);
                if (signature == null) {
                    signature = assertion.getSignature();
                }
                if (signature != null) {
                    log("Validating signature... " + signature);
                    new SignatureValidator(basicX509Credential).validate(signature);
                    log("Signature validated.");
                } else {
                    log("Skipped signature validation, signature was empty??");
                }
            }
            request.mLongTerm.put(Login.BYPASS_LOGIN, value);
            ClientStruct clientStruct = (ClientStruct) request.mCurrent.get("ClientStruct");
            clientStruct.mSamlUserId = value;
            String str9 = (String) request.mCurrent.get("RelayState");
            if (str9 != null && str9.length() > 0) {
                HttpHandler.getRequestFromString(str9, request, clientStruct);
                if (ContextManager.getGlobalProperties(0).get("samlOverrideMainMenuRelay") != null) {
                    log("RelayState changed (" + str9 + "):" + request.getAttribute("page"));
                }
            }
            String[] strArr = {"No Access", "Contributors"};
            boolean z = ContextManager.getGlobalProperties(0).get("enableSamlAutoAddUsers") != null;
            Enumeration contextList = ContextManager.getContextList();
            while (contextList.hasMoreElements() && z) {
                int intValue = ((Integer) contextList.nextElement()).intValue();
                BugManager bugManager = ContextManager.getBugManager(intValue);
                Hashtable hashtable2 = ContextManager.getConfigInfo(intValue).getHashtable(ConfigInfo.USERS);
                if (Login.getUserIgnoreCase(value, hashtable2) == null) {
                    AdminUsers.addUser(request, hashtable2, value, AdminUsers.AUTH_DEF, "RANDOM_PASSWORD", str7, str4, "", strArr, value, bugManager);
                } else {
                    UserProfile userProfile = bugManager.getUserProfile(value);
                    if (userProfile == null) {
                        userProfile = new UserProfile(bugManager.mContextId);
                        userProfile.init(value);
                    }
                    if (str4 != null && !str4.equals(userProfile.es1.recipient)) {
                        userProfile.es1.recipient = str4;
                    }
                    if (!str7.equals(userProfile.mUserTag)) {
                        userProfile.mUserTag = str7;
                    }
                    bugManager.storeUser(userProfile);
                }
            }
            clientStruct.mRedirect = null;
        } catch (Exception e) {
            ExceptionHandler.handleException(e);
        }
    }

    public static void log(String str) {
        if (ContextManager.getGlobalProperties(0).get("enableSamlLogging") != null) {
            SamlExceptionHandler.addMessage(str);
        }
    }

    public static String checkSession(Request request) {
        return checkSession(request.mSessionId);
    }

    public static String checkSession(String str) {
        String str2;
        SessionTable.getInstance();
        String str3 = "Checking session ID " + str + ": ";
        try {
            Hashtable hashtable = (Hashtable) SessionTable.mSessionTable.get(str);
            if (hashtable != null) {
                str2 = str3 + "mLongTerm found...";
                if (hashtable.get("VALIDSESSION") != null) {
                    str2 = str2 + "VALIDSESSION OK...";
                } else {
                    SamlExceptionHandler.handleException(new Exception("VALIDSESSION LOST!!!"));
                }
            } else {
                str2 = str3 + "mLongTerm not found...";
                SamlExceptionHandler.handleException(new Exception("VALIDSESSION LOST!!!"));
            }
        } catch (Exception e) {
            str2 = str3 + " checkSession failed.";
            SamlExceptionHandler.handleException(e);
        }
        return str2;
    }

    @Override // com.other.Action
    public void process(Request request) {
        String myByteArrayOutputStream;
        String str;
        SAML_DATE_FORMAT.setTimeZone(TimeZone.getTimeZone("UTC"));
        log("SamlHandler process");
        ClientStruct clientStruct = (ClientStruct) request.mCurrent.get("ClientStruct");
        String str2 = clientStruct.mUrl;
        try {
            myByteArrayOutputStream = clientStruct.mInBuffer.toString("UTF-8");
        } catch (Exception e) {
            ExceptionHandler.handleException(e);
            myByteArrayOutputStream = clientStruct.mInBuffer.toString();
        }
        if ((str2 != null && str2.indexOf("samlRedirect") > 0) || request.mCurrent.get("samlRedirect") != null) {
            String str3 = "?page=com.other.MainMenu";
            if (str2 != null) {
                str3 = clientStruct.mUrl;
            } else if (mRelay != null) {
                str3 = mRelay;
            }
            if (ContextManager.getGlobalProperties(0).get("samlOverrideMainMenuRelay") != null) {
                log("RelayState changed:" + mRelay + ", orig: " + clientStruct.mUrl);
                str3 = mRelay;
            }
            if (ContextManager.getGlobalProperties(0).get("samlRedirectRequestTest") != null) {
            }
            String str4 = "?RelayState=" + LocalURLEncoder.encode(str3) + "";
            if (str3.length() == 0) {
                str4 = "";
            }
            String str5 = HttpHandler.HTTP_FOUND + "Location: " + mRedirectUrl + str4 + "\r\n\r\n";
            if (ContextManager.getGlobalProperties(0).get("samlRedirectIncludeRequest") != null && (str = HttpHandler.HTTP_FOUND + "Location: " + buildAuthnRequest(request) + "\r\n\r\n") != null && str.length() > 0) {
                str5 = str;
            }
            if (ContextManager.getGlobalProperties(0).get("logSamlRedirects") != null) {
                SamlExceptionHandler.handleException(new Exception("SAML Redirect for page: " + request.getAttribute("page")));
                try {
                    clientStruct.mInBuffer.mMoveToLogsOnCleanup = true;
                    log("Storing request for session " + request.mSessionId + " that caused SAML redirect in logs folder... " + checkSession(request));
                } catch (Exception e2) {
                    ExceptionHandler.handleException(e2);
                }
            }
            log("Sending SAML redirect : " + str5 + ", Request: \r\n" + clientStruct.mInBuffer.toString());
            request.mCurrent.put("RAW", str5);
            return;
        }
        String substring = myByteArrayOutputStream.substring(0, myByteArrayOutputStream.indexOf(32));
        log("SamlHandler " + substring + ": " + str2 + ", Request: \r\n" + clientStruct.mInBuffer.toString());
        String str6 = ", \"fitReceived\" : \"RestHandler " + substring + ": " + str2;
        myByteArrayOutputStream.substring(myByteArrayOutputStream.indexOf("\r\n\r\n") + 4);
        if (request.mCurrent.get("SAMLResponse") != null) {
            String str7 = (String) request.mCurrent.get("SAMLResponse");
            populateRequest(request, new String(org.opensaml.xml.util.Base64.decode(str7)), str7);
            if (request.mCurrent.get(ERROR_MISSING_OR_WRONG_ASSERTION_ID) != null) {
                getSamlErrorResponse(request, "Request is missing assertion ID.");
                return;
            }
            if (request.mCurrent.get(ERROR_MISSING_OR_WRONG_NAMEID) != null) {
                getSamlErrorResponse(request, "Request NameID is missing or incorrect.");
                return;
            }
            if (request.mCurrent.get(ERROR_NO_SIGNATURE) != null) {
                getSamlErrorResponse(request, "Request is missing signature.");
                return;
            }
            if (request.mCurrent.get(ERROR_WRONG_DESTINATION) != null) {
                getSamlErrorResponse(request, "Request specifies an incorrect destination.");
                return;
            }
            if (request.mCurrent.get(ERROR_STATUSCODE_FAILURE) != null) {
                getSamlErrorResponse(request, "Request StatusCode is 'Failure' or 'urn:oasis:names:tc:SAML:2.0:status:Requester'.");
                return;
            }
            if (request.mCurrent.get(ERROR_MISSING_NOTONORAFTER_OR_NOTBEFORE) != null) {
                getSamlErrorResponse(request, "Request is missing NotBefore and/or NotOnOrAfter attribute.");
                return;
            }
            if (request.mCurrent.get(ERROR_OLD_NOTBEFORE_OR_NOTONORAFTER) != null) {
                getSamlErrorResponse(request, "Request NotBefore or NotOnOrAfter attribute too far in the past.");
                return;
            }
            if (request.mCurrent.get(ERROR_WRONG_ISSUER) != null) {
                getSamlErrorResponse(request, "Request specifies an incorrect issuer.");
                return;
            }
            if (request.mCurrent.get(ERROR_WRONG_AUDIENCE) != null) {
                getSamlErrorResponse(request, "Request specifies an incorrect audience.");
                return;
            }
            if (1 != 0) {
                openSamlProcess(request, str7);
            }
            if (request.mCurrent.get(ERROR_KEY_NO_MATCH) != null) {
                getSamlErrorResponse(request, "Request certificate does not match expected certificate.");
                return;
            } else if (1 != 0) {
                return;
            }
        }
        System.currentTimeMillis();
        String str8 = "<form method=\"post\" action=\"http://idp.oktadev.com\"><input type=\"hidden\" name=\"SAMLRequest\" value=\"" + new String(org.opensaml.xml.util.Base64.encodeBytes("  <samlp:AuthnRequestxmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\"ID=\"identifier_1\"Version=\"2.0\"IssueInstant=\"2015-07-27T17:32:30\"AssertionConsumerServiceIndex=\"0\"><saml:Issuer>https://sp.example.com/SAML2</saml:Issuer><samlp:NameIDPolicy  AllowCreate=\"true\"  Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:transient\"/></samlp:AuthnRequest>".getBytes(), 8)) + "\" /><input type=\"hidden\" name=\"RelayState\" value=\"fit_token\" /><input type=\"submit\" value=\"Submit\" /></form>";
        request.mCurrent.put("page", "com.other.MainMenu");
        HttpHandler.getInstance().processChain(request);
    }

    public void populateRequest(Request request, String str, String str2) {
        String str3;
        IXMLElement iXMLElement;
        request.mCurrent.put(ERROR_MISSING_OR_WRONG_ASSERTION_ID, "1");
        request.mCurrent.put(ERROR_MISSING_OR_WRONG_NAMEID, "1");
        request.mCurrent.put(ERROR_NO_SIGNATURE, "1");
        request.mCurrent.put(ERROR_WRONG_DESTINATION, "1");
        request.mCurrent.put(ERROR_WRONG_ISSUER, "1");
        request.mCurrent.put(ERROR_WRONG_AUDIENCE, "1");
        log("SAML request:\n" + str);
        try {
            IXMLParser createDefaultXMLParser = XMLParserFactory.createDefaultXMLParser();
            int indexOf = str.toLowerCase().indexOf("<?xml");
            if (indexOf == -1) {
                indexOf = 0;
            }
            createDefaultXMLParser.setReader(StdXMLReader.stringReader(str.substring(indexOf)));
            try {
                iXMLElement = (IXMLElement) createDefaultXMLParser.parse();
            } catch (Exception e) {
                log("SAML request is compressed...\n");
                byte[] decode = new Base64().decode(str2.getBytes("UTF-8"));
                try {
                    str3 = new String(inflate(decode, true));
                } catch (ZipException e2) {
                    str3 = new String(inflate(decode, false));
                }
                log("Inflated request: \n" + str3);
                createDefaultXMLParser.setReader(StdXMLReader.stringReader(str3));
                iXMLElement = (IXMLElement) createDefaultXMLParser.parse();
            }
            IXMLElement iXMLElement2 = iXMLElement;
            if (iXMLElement2 == null || iXMLElement2.isLeaf()) {
                log("SAMLResponse empty?");
            }
            processNode(iXMLElement2, iXMLElement2, request, null);
        } catch (Exception e3) {
            ExceptionHandler.handleException(e3);
        }
    }

    private static byte[] inflate(byte[] bArr, boolean z) throws IOException {
        Inflater inflater = null;
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            inflater = new Inflater(z);
            inflater.setInput(bArr);
            byteArrayOutputStream = new ByteArrayOutputStream(bArr.length);
            byte[] bArr2 = new byte[1024];
            while (!inflater.finished()) {
                try {
                    try {
                        int inflate = inflater.inflate(bArr2);
                        byteArrayOutputStream.write(bArr2, 0, inflate);
                        if (inflate == 0) {
                            byte[] altInflate = altInflate(bArr);
                            if (inflater != null) {
                                inflater.end();
                            }
                            if (byteArrayOutputStream != null) {
                                try {
                                    byteArrayOutputStream.close();
                                } catch (IOException e) {
                                }
                            }
                            return altInflate;
                        }
                    } catch (Exception e2) {
                        ExceptionHandler.handleException(e2);
                        System.out.println("Unexpected Exception while inflating " + e2);
                        byte[] altInflate2 = altInflate(bArr);
                        if (inflater != null) {
                            inflater.end();
                        }
                        if (byteArrayOutputStream != null) {
                            try {
                                byteArrayOutputStream.close();
                            } catch (IOException e3) {
                                return altInflate2;
                            }
                        }
                        return altInflate2;
                    }
                } catch (DataFormatException e4) {
                    ExceptionHandler.handleException(e4);
                    System.out.println("DataFormatException while inflating " + e4);
                    byte[] altInflate3 = altInflate(bArr);
                    if (inflater != null) {
                        inflater.end();
                    }
                    if (byteArrayOutputStream != null) {
                        try {
                            byteArrayOutputStream.close();
                        } catch (IOException e5) {
                            return altInflate3;
                        }
                    }
                    return altInflate3;
                } catch (Throwable th) {
                    System.out.println("Unexpected Throwable while inflating " + th);
                    byte[] altInflate4 = altInflate(bArr);
                    if (inflater != null) {
                        inflater.end();
                    }
                    if (byteArrayOutputStream != null) {
                        try {
                            byteArrayOutputStream.close();
                        } catch (IOException e6) {
                            return altInflate4;
                        }
                    }
                    return altInflate4;
                }
            }
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            if (inflater != null) {
                inflater.end();
            }
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e7) {
                }
            }
            return byteArray;
        } catch (Throwable th2) {
            if (inflater != null) {
                inflater.end();
            }
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e8) {
                    throw th2;
                }
            }
            throw th2;
        }
    }

    protected static byte[] altInflate(byte[] bArr) throws IOException {
        log("AltInflate Processing... ");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        InflaterInputStream inflaterInputStream = null;
        byte[] bArr2 = new byte[1024];
        try {
            try {
                inflaterInputStream = new InflaterInputStream(new ByteArrayInputStream(bArr));
                byte[] bArr3 = new byte[1024];
                for (int read = inflaterInputStream.read(bArr3); read != -1; read = inflaterInputStream.read(bArr3)) {
                    byteArrayOutputStream.write(bArr3, 0, read);
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                if (inflaterInputStream != null) {
                    try {
                        inflaterInputStream.close();
                    } catch (IOException e) {
                    }
                }
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (IOException e2) {
                    }
                }
                return byteArray;
            } catch (IOException e3) {
                ExceptionHandler.handleException(e3);
                throw e3;
            }
        } catch (Throwable th) {
            if (inflaterInputStream != null) {
                try {
                    inflaterInputStream.close();
                } catch (IOException e4) {
                }
            }
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e5) {
                }
            }
            throw th;
        }
    }

    public static void checkOldDates(Request request, String str) {
        if (str != null) {
            try {
                if (SAML_DATE_FORMAT.parse(str).getTime() < new Date().getTime() - 7200000) {
                    request.mCurrent.put(ERROR_OLD_NOTBEFORE_OR_NOTONORAFTER, 1);
                }
            } catch (Exception e) {
                ExceptionHandler.handleException(e);
            }
        }
    }

    private static void processNode(IXMLElement iXMLElement, IXMLElement iXMLElement2, Request request, String str) {
        String attribute;
        String name = iXMLElement2.getName();
        String content = iXMLElement2.getContent();
        if (iXMLElement2.getAttribute("id") == null || str != null) {
            if (name != null) {
                if (content == null) {
                    content = "";
                }
                String fixLineTerminators = SoapHandler.fixLineTerminators(content);
                if (name.toLowerCase().indexOf("statuscode") >= 0 || name.toLowerCase().indexOf("asdasdasd509") >= 0) {
                    log("SamlHandler found key: " + name + " " + iXMLElement2.getAttributes() + " val=" + fixLineTerminators.substring(0, fixLineTerminators.length() <= 150 ? fixLineTerminators.length() : 150));
                }
                if ("response".equals(name.toLowerCase())) {
                    String attribute2 = iXMLElement2.getAttribute("Destination");
                    if (mDestination.equals(attribute2)) {
                        request.mCurrent.remove(ERROR_WRONG_DESTINATION);
                    } else {
                        log("Wrong destination: " + attribute2);
                        log("Expected: " + mDestination);
                        try {
                            StringWriter stringWriter = new StringWriter();
                            new XMLWriter(stringWriter).write(iXMLElement);
                            log(stringWriter.toString());
                        } catch (Exception e) {
                        }
                    }
                }
                if ("subjectconfirmationdata".equals(name.toLowerCase()) || "conditions".equals(name.toLowerCase())) {
                    String attribute3 = iXMLElement2.getAttribute("NotOnOrAfter");
                    if (attribute3 != null) {
                        checkOldDates(request, attribute3);
                    } else {
                        request.mCurrent.put(ERROR_MISSING_NOTONORAFTER_OR_NOTBEFORE, "1");
                    }
                    if ("conditions".equals(name.toLowerCase())) {
                        String attribute4 = iXMLElement2.getAttribute("NotBefore");
                        if (attribute4 != null) {
                            checkOldDates(request, attribute4);
                        } else {
                            request.mCurrent.put(ERROR_MISSING_NOTONORAFTER_OR_NOTBEFORE, "1");
                        }
                    }
                }
                if (ISSUER.equals(name.toLowerCase()) && mIssuer.equals(fixLineTerminators)) {
                    request.mCurrent.remove(ERROR_WRONG_ISSUER);
                }
                if ("statuscode".equals(name.toLowerCase()) && (((attribute = iXMLElement2.getAttribute("Value")) != null && "Failure".equals(attribute)) || "urn:oasis:names:tc:SAML:2.0:status:Requester".equals(attribute))) {
                    request.mCurrent.put(ERROR_STATUSCODE_FAILURE, "1");
                }
                if (AUDIENCE.equals(name.toLowerCase()) && mAudience.equals(fixLineTerminators)) {
                    request.mCurrent.remove(ERROR_WRONG_AUDIENCE);
                }
                if ("signature".equals(name.toLowerCase())) {
                    request.mCurrent.remove(ERROR_NO_SIGNATURE);
                }
                if ("assertion".equals(name.toLowerCase()) && iXMLElement2.getAttribute(XmlElementNames.ID) != null) {
                    request.mCurrent.remove(ERROR_MISSING_OR_WRONG_ASSERTION_ID);
                }
                if ("nameid".equals(name.toLowerCase()) && fixLineTerminators != null && fixLineTerminators.trim().length() > 0) {
                    request.mCurrent.remove(ERROR_MISSING_OR_WRONG_NAMEID);
                }
                if (str != null && iXMLElement2.getParent().getName().equals("Array")) {
                    name = str;
                } else if (name.toLowerCase().equals(StandardXYURLGenerator.DEFAULT_ITEM_PARAMETER)) {
                    name = iXMLElement2.getParent().getName();
                }
                if (request.mCurrent.get(name) != null) {
                    Vector vector = (Vector) request.mCurrent.get("INTERNALV:" + name);
                    if (vector == null) {
                        vector = new Vector();
                        vector.addElement(request.mCurrent.get(name));
                    }
                    vector.addElement(fixLineTerminators);
                    request.mCurrent.put("INTERNALV:" + name, vector);
                }
                request.mCurrent.put(name, fixLineTerminators);
            }
            if (iXMLElement2.hasChildren()) {
                Enumeration enumerateChildren = iXMLElement2.enumerateChildren();
                while (enumerateChildren.hasMoreElements()) {
                    processNode(iXMLElement, (IXMLElement) enumerateChildren.nextElement(), request, str);
                }
            }
        }
    }

    public String buildAuthnRequest(Request request) {
        try {
            try {
                Configuration.getBuilderFactory();
                String str = "id" + new Date().getTime();
                log("Random ID: " + str);
                Issuer buildObject = new IssuerBuilder().buildObject("urn:oasis:names:tc:SAML:2.0:assertion", "Issuer", "samlp");
                buildObject.setValue(mDestination);
                NameIDPolicy buildObject2 = new NameIDPolicyBuilder().buildObject();
                buildObject2.setFormat("urn:oasis:names:tc:SAML:2.0:nameid-format:persistent");
                if (ContextManager.getGlobalProperties(0).get("samlEnableSPNameQualifier") != null) {
                    String str2 = mDestination;
                    String str3 = (String) ContextManager.getGlobalProperties(0).get("samlEnableSPNameQualifier");
                    if (str3.length() > 1) {
                        str2 = str3;
                    }
                    buildObject2.setSPNameQualifier(str2);
                }
                buildObject2.setAllowCreate(true);
                AuthnContextClassRef buildObject3 = new AuthnContextClassRefBuilder().buildObject("urn:oasis:names:tc:SAML:2.0:assertion", "AuthnContextClassRef", "saml");
                if (ContextManager.getGlobalProperties(0).get("disablePasswordProtectedTransport") == null) {
                    buildObject3.setAuthnContextClassRef("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
                } else {
                    log("Disabled SAML PPT");
                }
                RequestedAuthnContext buildObject4 = new RequestedAuthnContextBuilder().buildObject();
                buildObject4.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
                buildObject4.getAuthnContextClassRefs().add(buildObject3);
                DateTime dateTime = new DateTime();
                AuthnRequest buildObject5 = new AuthnRequestBuilder().buildObject("urn:oasis:names:tc:SAML:2.0:protocol", "AuthnRequest", "samlp");
                buildObject5.setForceAuthn(false);
                buildObject5.setIsPassive(false);
                buildObject5.setIssueInstant(dateTime);
                buildObject5.setProtocolBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
                buildObject5.setAssertionConsumerServiceURL(mDestination);
                buildObject5.setIssuer(buildObject);
                if (ContextManager.getGlobalProperties(0).get("samlDisableNameIDPolicy") == null) {
                    buildObject5.setNameIDPolicy(buildObject2);
                }
                if (ContextManager.getGlobalProperties(0).get("disablePasswordProtectedTransport") == null) {
                    log("Enabled SAML PPT");
                    buildObject5.setRequestedAuthnContext(buildObject4);
                } else {
                    log("Disabled SAML PPT");
                }
                buildObject5.setID(str);
                buildObject5.setVersion(SAMLVersion.VERSION_20);
                log("New AuthnRequestImpl: " + buildObject5.toString());
                log("Assertion Consumer Service URL: " + buildObject5.getAssertionConsumerServiceURL());
                Element marshall = Configuration.getMarshallerFactory().getMarshaller(buildObject5).marshall(buildObject5);
                StringWriter stringWriter = new StringWriter();
                XMLHelper.writeNode(marshall, stringWriter);
                String stringWriter2 = stringWriter.toString();
                log("buildAuthnRequest: " + stringWriter2);
                Deflater deflater = new Deflater(8, true);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(byteArrayOutputStream, deflater);
                deflaterOutputStream.write(stringWriter2.getBytes());
                deflaterOutputStream.close();
                String encodeBytes = org.opensaml.xml.util.Base64.encodeBytes(byteArrayOutputStream.toByteArray(), 8);
                new String(byteArrayOutputStream.toByteArray());
                String encode = URLEncoder.encode(encodeBytes);
                String str4 = mFitUrl;
                log("Converted AuthRequest: " + stringWriter2);
                String str5 = mRelay != null ? mRelay : "?page=com.other.MainMenu";
                ClientStruct clientStruct = (ClientStruct) request.mCurrent.get("ClientStruct");
                String str6 = null;
                if (clientStruct != null) {
                    str6 = clientStruct.mUrl;
                }
                if (str6 == null || (str6.indexOf("samlRedirect") <= 0 && request.mCurrent.get("samlRedirect") == null)) {
                    log("SAML request using default relay " + str5);
                } else {
                    str5 = str6;
                    log("SAML request using relay " + str5);
                }
                String str7 = (mRedirectUrl.contains("?") ? "&" : "?") + "SAMLRequest=" + encode + "&RelayState=" + LocalURLEncoder.encode(str5);
                if (ContextManager.getGlobalProperties(0).get("samlDisableSamlRequest") != null) {
                    str7 = "";
                }
                return mRedirectUrl + str7;
            } catch (UnsupportedEncodingException e) {
                ExceptionHandler.handleException(e);
                return "";
            }
        } catch (IOException e2) {
            ExceptionHandler.handleException(e2);
            return "";
        } catch (MarshallingException e3) {
            ExceptionHandler.handleException(e3);
            return "";
        }
    }
}
