package ru.org.openam.web;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.apache.batik.constants.XMLConstants;
import org.apache.commons.lang3.StringUtils;
import org.forgerock.openam.authentication.service.protocol.RemoteCookie;
import org.forgerock.openam.authentication.service.protocol.RemoteHttpServletResponse;
import org.ntlmv2.liferay.util.HttpHeaders;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.org.openam.xss.XSSRequestWrapper;

/* loaded from: input_file:WEB-INF/lib/web-14.8.1.0.jar:ru/org/openam/web/UIResponseWrapper.class */
public class UIResponseWrapper extends HttpServletResponseWrapper {
    static final Logger logger = LoggerFactory.getLogger(UIResponseWrapper.class.getName());
    final HttpServletRequest request;
    final UIFilter filter;
    public final HashMap<String, Cookie> cookies;
    boolean isAuthz;

    public UIResponseWrapper(UIFilter uIFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        super(httpServletResponse);
        this.cookies = new HashMap<>();
        this.isAuthz = false;
        this.request = httpServletRequest;
        this.filter = uIFilter;
        Version.getRevision(httpServletRequest, httpServletResponse);
    }

    public static UIResponseWrapper get(HttpServletRequest httpServletRequest) {
        return (UIResponseWrapper) httpServletRequest.getAttribute(UIResponseWrapper.class.getName());
    }

    public static void replayCookies(HttpServletResponse httpServletResponse, HttpServletResponse httpServletResponse2) {
        RemoteHttpServletResponse remoteHttpServletResponse;
        if (!(httpServletResponse instanceof RemoteHttpServletResponse) || (remoteHttpServletResponse = (RemoteHttpServletResponse) httpServletResponse) == null) {
            return;
        }
        if (remoteHttpServletResponse.getCookies() != null) {
            for (RemoteCookie remoteCookie : remoteHttpServletResponse.getCookies()) {
                Cookie cookie = new Cookie(remoteCookie.getName(), remoteCookie.getValue());
                cookie.setComment(remoteCookie.getComment());
                if (remoteCookie.getDomain() != null) {
                    cookie.setDomain(remoteCookie.getDomain());
                }
                cookie.setMaxAge(remoteCookie.getMaxAge());
                cookie.setPath(remoteCookie.getPath());
                cookie.setSecure(remoteCookie.getSecure());
                cookie.setVersion(remoteCookie.getVersion());
                httpServletResponse2.addCookie(cookie);
            }
        }
        if (remoteHttpServletResponse.getHeaders() != null) {
            for (String str : remoteHttpServletResponse.getHeaders().keySet()) {
                if (StringUtils.equalsIgnoreCase("set-cookie", str)) {
                    Object obj = remoteHttpServletResponse.getHeaders().get(str);
                    if (obj instanceof String) {
                        httpServletResponse2.addHeader(str, (String) obj);
                    } else if ((remoteHttpServletResponse.getHeaders().get(str) instanceof Set) || (remoteHttpServletResponse.getHeaders().get(str) instanceof List)) {
                        Iterator it = new HashSet((Collection) remoteHttpServletResponse.getHeaders().get(str)).iterator();
                        while (it.hasNext()) {
                            httpServletResponse2.addHeader(str, (String) it.next());
                        }
                    } else {
                        logger.warn("unknown header type {} {}", str, ((List) remoteHttpServletResponse.getHeaders().get(str)).getClass().getName());
                    }
                }
            }
        }
    }

    public void resetBuffer() {
        if (isCommitted()) {
            return;
        }
        super.resetBuffer();
    }

    public void addCookie(Cookie cookie) {
        this.cookies.put(cookie.getName(), cookie);
        getResponse().addCookie(cookie);
    }

    public void addHeader(String str, String str2) {
        try {
            if (str.equalsIgnoreCase("SET-COOKIE")) {
                try {
                    String[] split = str2.split(";")[0].split(XMLConstants.XML_EQUAL_SIGN);
                    this.cookies.put(split[0], new Cookie(split[0], split[1]));
                } catch (Throwable th) {
                    logger.warn("error parse {}={}: {}", str, str2, th.toString());
                }
            }
            getResponse().addHeader(str.replace("SET-COOKIE", "Set-Cookie"), str2);
        } catch (Throwable th2) {
            logger.error("addHeader", th2);
        }
    }

    public void setHeader(String str, String str2) {
        if (StringUtils.equalsIgnoreCase("WWW-Authenticate", str)) {
            this.isAuthz = true;
        }
        super.setHeader(str, str2);
    }

    public void sendRedirect(String str) throws IOException {
        if (isCommitted() || getResponse().isCommitted()) {
            return;
        }
        resetBuffer();
        String safeURL = this.request.getAttribute("SafeURL.ignore") != null ? str : XSSRequestWrapper.getSafeURL(this.request, "sendRedirect", str);
        if (logger.isDebugEnabled()) {
            logger.debug("sendRedirect: {}", safeURL);
        }
        if (safeURL == null) {
            safeURL = this.request.getContextPath() == null ? "/" : this.request.getContextPath();
        }
        setContentType("text/html; charset=utf-8");
        PrintWriter writer = getWriter();
        writer.println("<html><head><meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\"><noscript><meta http-equiv=\"refresh\" content=\"1; url=" + safeURL + "\"></noscript><title>Переадресация</title></head>");
        writer.println("<body><script id=\"redirect\" type=\"text/javascript\">");
        writer.println("<!--");
        writer.println("location.href=\"" + safeURL + "\";");
        writer.println("//-->");
        writer.println("</script><a href=\"" + safeURL + "\">Нажмите на ссылку, если переход не произошел автоматически</a></body></html>");
        writer.close();
        setHeader("Cache-Control", "no-cache, no-store");
        setHeader("Pragma", HttpHeaders.PRAGMA_NO_CACHE_VALUE);
        setDateHeader("Expires", -1L);
        setHeader("Location", safeURL);
        if (!this.filter.client302 || safeURL.contains("/cdcservlet")) {
            super.setStatus(302);
        }
    }
}
