package sirrus.portalserver.iplanet.authentication;

import com.iplanet.portalserver.auth.server.LoginException;
import java.util.HashMap;
import java.util.Map;
import sirrus.portalserver.iplanet.authorization.CTAuthReplicator;
import sirrus.portalserver.iplanet.common.ClearTrustLogin;
import sirrus.portalserver.iplanet.exception.CTAuthorizationException;

/* loaded from: input_file:sirrus/portalserver/iplanet/authentication/ClearTrustSecurID.class */
public class ClearTrustSecurID extends ClearTrustLogin {
    public ClearTrustSecurID() throws LoginException {
        super("SC_SECURID");
    }

    public void validate() throws LoginException {
        logMessage("Calling SecurID authentication");
        int currentState = getCurrentState();
        logMessage(new StringBuffer().append("Current state is: ").append(currentState).toString());
        if (currentState == 1) {
            String token = getToken(1);
            logMessage(new StringBuffer().append("Request for authenticating user: ").append(token).append(", state: ").append(currentState).toString());
            Map userMap = getUserMap(token, "CREDENTIALS", getToken(2), getHttpServletRequest().getRemoteAddr());
            logMessage(new StringBuffer().append("Authenticating user: ").append(token).toString());
            new HashMap();
            try {
                Map authenticate = ClearTrustLogin.runtimeAPI.authenticate(userMap);
                String str = (String) authenticate.get("AUTHENTICATION_RESULT");
                logMessage(new StringBuffer().append("Authentication result for user \"").append(token).append("\": ").append(str).toString());
                if ("NEW_PIN_REQUIRED".equalsIgnoreCase(str)) {
                    logMessage("New pin required. Moving to second screen");
                    setNextScreen(2);
                } else if ("NEXT_CODE_REQUIRED".equalsIgnoreCase(str)) {
                    logMessage("Next code required. Moving to third screen");
                    setNextScreen(3);
                } else {
                    if (!"VALID_USER".equalsIgnoreCase(str)) {
                        logMessage(new StringBuffer().append("Authentication failed: ").append(str).toString(), "Error");
                        throw new LoginException(new StringBuffer().append("<ClearTrust PAM> Authentication failed.\n").append(str).toString());
                    }
                    setNextScreen(-1);
                    handleSuccessfulAuth(token, authenticate);
                }
                this.authenticatedUser = token;
                return;
            } catch (Exception e) {
                logMessage(new StringBuffer().append("Error authenticating user and password information\n").append(e.getMessage()).toString(), "Error");
                e.printStackTrace();
                throw new LoginException(new StringBuffer().append("<ClearTrust PAM> Error authenticating.\n").append(e.getMessage()).toString());
            }
        }
        if (currentState != 2) {
            if (currentState != 3) {
                String str2 = new String(new StringBuffer().append("Invalid state: ").append(currentState).toString());
                logMessage(str2, "Error");
                throw new LoginException(new StringBuffer().append("<ClearTrust PAM> ").append(str2).toString());
            }
            logMessage(new StringBuffer().append("Request for authenticating user: ").append(this.authenticatedUser).append(", state: ").append(currentState).toString());
            Map userMap2 = getUserMap(this.authenticatedUser, "SC_SECURID_NEXT_CODE", getToken(1), getHttpServletRequest().getRemoteAddr());
            logMessage(new StringBuffer().append("Authenticating user: ").append(this.authenticatedUser).toString());
            new HashMap();
            try {
                Map authenticate2 = ClearTrustLogin.runtimeAPI.authenticate(userMap2);
                String str3 = (String) authenticate2.get("AUTHENTICATION_RESULT");
                logMessage(new StringBuffer().append("Authentication result for user \"").append(this.authenticatedUser).append("\": ").append(str3).toString());
                if ("NEW_PIN_REQUIRED".equalsIgnoreCase(str3)) {
                    logMessage("New pin required. Moving to second screen");
                    setNextScreen(2);
                    return;
                } else {
                    if (!"VALID_USER".equalsIgnoreCase(str3) && !"NEXT_CODE_ACCEPTED".equalsIgnoreCase(str3)) {
                        logMessage(new StringBuffer().append("Authentication failed: ").append(str3).toString(), "Error");
                        throw new LoginException(new StringBuffer().append("<ClearTrust PAM> Authentication failed.\n").append(str3).toString());
                    }
                    setNextScreen(-1);
                    handleSuccessfulAuth(this.authenticatedUser, authenticate2);
                    return;
                }
            } catch (Exception e2) {
                logMessage(new StringBuffer().append("Error authenticating user and new pin information\n").append(e2.getMessage()).toString(), "Error");
                e2.printStackTrace();
                throw new LoginException(new StringBuffer().append("<ClearTrust PAM> Error authenticating.\n").append(e2.getMessage()).toString());
            }
        }
        String token2 = getToken(1);
        String token3 = getToken(2);
        boolean z = false;
        try {
            Integer.parseInt(token2);
            Integer.parseInt(token3);
        } catch (NumberFormatException e3) {
            z = true;
        }
        if (token2 == null || token3 == null || token2.length() > 8 || !token2.equalsIgnoreCase(token3) || z) {
            logMessage("Invalid new pin or new pins does not match", "Error");
            throw new LoginException(new StringBuffer().append("<ClearTrust PAM> ").append("Invalid new pin or new pins does not match").toString());
        }
        logMessage(new StringBuffer().append("Request for authenticating user: ").append(this.authenticatedUser).append(", state: ").append(currentState).toString());
        Map userMap3 = getUserMap(this.authenticatedUser, "SC_SECURID_NEW_PIN", token2, getHttpServletRequest().getRemoteAddr());
        logMessage(new StringBuffer().append("Authenticating user: ").append(this.authenticatedUser).toString());
        new HashMap();
        try {
            Map authenticate3 = ClearTrustLogin.runtimeAPI.authenticate(userMap3);
            String str4 = (String) authenticate3.get("AUTHENTICATION_RESULT");
            logMessage(new StringBuffer().append("Authentication result for user \"").append(this.authenticatedUser).append("\": ").append(str4).toString());
            if ("NEXT_CODE_REQUIRED".equalsIgnoreCase(str4)) {
                logMessage("Next code required. Moving to third screen");
                setNextScreen(3);
            } else {
                if (!"VALID_USER".equalsIgnoreCase(str4) && !"NEW_PIN_ACCEPTED".equalsIgnoreCase(str4)) {
                    logMessage(new StringBuffer().append("Authentication failed: ").append(str4).toString(), "Error");
                    throw new LoginException(new StringBuffer().append("<ClearTrust PAM> Authentication failed.\n").append(str4).toString());
                }
                setNextScreen(-1);
                handleSuccessfulAuth(this.authenticatedUser, authenticate3);
            }
        } catch (Exception e4) {
            logMessage(new StringBuffer().append("Error authenticating user and new pin information\n").append(e4.getMessage()).toString(), "Error");
            e4.printStackTrace();
            throw new LoginException(new StringBuffer().append("<ClearTrust PAM> Error authenticating.\n").append(e4.getMessage()).toString());
        }
    }

    private Map getUserMap(String str, String str2, String str3, String str4) {
        HashMap hashMap = new HashMap();
        hashMap.put("SC_USER_ID", str);
        hashMap.put(str2, str3);
        hashMap.put("AUTHENTICATION_TYPE", "SC_SECURID");
        hashMap.put("SC_END_USER_IP", str4);
        hashMap.put("SC_IS_VALID", "true");
        return hashMap;
    }

    private void handleSuccessfulAuth(String str, Map map) throws LoginException {
        logMessage(new StringBuffer().append("Authentication succeeded for user: ").append(str).toString());
        this.authenticatedUser = str;
        if (ClearTrustLogin.ssoEnabled) {
            String str2 = (String) map.get("SC_TOKEN");
            if (str2 != null) {
                super.setCookie(str2);
            } else {
                logMessage(new String("Invalid token returned by the Runtime API"), "Error");
            }
        }
        if (ClearTrustLogin.authorizeFromCT) {
            try {
                logMessage(new StringBuffer().append("Replicating user: ").append(this.authenticatedUser).toString());
                new CTAuthReplicator().replicateUser(this.authenticatedUser);
            } catch (CTAuthorizationException e) {
                e.printStackTrace();
                logMessage(new StringBuffer().append("Error replicating user: ").append(e.getMessage()).toString());
                throw new LoginException(e.getMessage());
            }
        }
    }
}
