package com.ibm.ws.webcontainer.security;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.common.internal.encoder.Base64Coder;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.webcontainer.security.internal.AuthenticationResult;
import com.ibm.ws.webcontainer.security.internal.StringUtil;
import com.ibm.wsspi.webcontainer.servlet.IExtendedRequest;
import com.ibm.wsspi.webcontainer.servlet.IServletRequest;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@TraceOptions(traceGroups = {TraceConstants.TRACE_GROUP}, traceGroup = "", messageBundle = TraceConstants.MESSAGE_BUNDLE, traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:resources/server_runtime/lib/com.ibm.ws.webcontainer.security_1.0.2.jar:com/ibm/ws/webcontainer/security/PostParameterHelper.class */
public class PostParameterHelper {
    private static final TraceComponent tc = Tr.register(PostParameterHelper.class);
    public static final String INITIAL_URL = "INITIAL_URL";
    public static final String PARAM_NAMES = "PARAM_NAMES";
    public static final String PARAM_VALUES = "PARAM_VALUES";
    public static final String POSTPARAM_COOKIE = "WASPostParam";
    private static final String POSTPARAM_FAILED = "NO_PARAMETER";
    private static final String POSTPARAM_URL = "U";
    private static final String POSTPARAM_PARAM = "P";
    private final WebAppSecurityConfig webAppSecurityConfig;
    static final long serialVersionUID = -3241159358145426988L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public PostParameterHelper(WebAppSecurityConfig webAppSecurityConfig) {
        this.webAppSecurityConfig = webAppSecurityConfig;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public void save(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationResult authenticationResult) {
        if (!(httpServletRequest instanceof IServletRequest)) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "It is not an IServletRequest object", new Object[0]);
                return;
            }
            return;
        }
        if (httpServletRequest.getMethod().equalsIgnoreCase("POST")) {
            String requestURI = httpServletRequest.getRequestURI();
            IServletRequest iServletRequest = (IServletRequest) httpServletRequest;
            try {
                HashMap inputStreamData = iServletRequest.getInputStreamData();
                String postParamSaveMethod = this.webAppSecurityConfig.getPostParamSaveMethod();
                if (postParamSaveMethod.equalsIgnoreCase("Cookie")) {
                    saveToCookie(inputStreamData, requestURI, authenticationResult);
                } else if (postParamSaveMethod.equalsIgnoreCase(WebAppSecurityConfig.POST_PARAM_SAVE_TO_SESSION)) {
                    saveToSession(httpServletRequest, requestURI, inputStreamData);
                }
            } catch (IOException e) {
                FFDCFilter.processException(e, "com.ibm.ws.webcontainer.security.PostParameterHelper", "90", this, new Object[]{httpServletRequest, httpServletResponse, authenticationResult});
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "IO Exception storing POST parameters onto a cookie or session: ", iServletRequest);
                }
            }
        }
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private void saveToCookie(Map map, String str, AuthenticationResult authenticationResult) {
        Hashtable hashtable = new Hashtable();
        hashtable.put(POSTPARAM_URL, str);
        hashtable.put(POSTPARAM_PARAM, map);
        String str2 = null;
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ObjectOutputStream(byteArrayOutputStream).writeObject(hashtable);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            int postParamCookieSize = this.webAppSecurityConfig.getPostParamCookieSize();
            if (byteArray == null || byteArray.length >= postParamCookieSize) {
                Tr.warning(tc, "SEC_FORM_POST_NULL_OR_TOO_LARGE", new Object[0]);
            } else {
                byte[] base64Encode = Base64Coder.base64Encode(byteArray);
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "encoded length:" + base64Encode.length, new Object[0]);
                }
                str2 = StringUtil.toString(base64Encode);
            }
        } catch (IOException e) {
            FFDCFilter.processException(e, "com.ibm.ws.webcontainer.security.PostParameterHelper", "124", this, new Object[]{map, str, authenticationResult});
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception storing POST parameters onto a cookie: ", null);
            }
        }
        if (str2 != null) {
            Cookie cookie = new Cookie(POSTPARAM_COOKIE, str2);
            cookie.setMaxAge(-1);
            cookie.setPath(str);
            authenticationResult.setCookie(cookie);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "encoded POST parameters: " + str2, new Object[0]);
        }
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private void saveToSession(HttpServletRequest httpServletRequest, String str, Map map) {
        HttpSession session = httpServletRequest.getSession(true);
        if (session == null || httpServletRequest.getParameterNames() == null) {
            return;
        }
        session.setAttribute(INITIAL_URL, str);
        session.setAttribute(PARAM_NAMES, null);
        session.setAttribute(PARAM_VALUES, map);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "URL saved: " + str.toString(), new Object[0]);
        }
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public void restore(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!(httpServletRequest instanceof IExtendedRequest)) {
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "It is not an IExtendedRequest object", new Object[0]);
                return;
            }
            return;
        }
        if (httpServletRequest.getMethod().equalsIgnoreCase("GET")) {
            String requestURI = httpServletRequest.getRequestURI();
            IExtendedRequest iExtendedRequest = (IExtendedRequest) httpServletRequest;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, " method : " + httpServletRequest.getMethod() + " URL:" + requestURI, new Object[0]);
            }
            String postParamSaveMethod = this.webAppSecurityConfig.getPostParamSaveMethod();
            if (postParamSaveMethod.equalsIgnoreCase("Cookie")) {
                restoreFromCookie(iExtendedRequest, httpServletResponse, requestURI);
            } else if (postParamSaveMethod.equalsIgnoreCase(WebAppSecurityConfig.POST_PARAM_SAVE_TO_SESSION)) {
                restoreFromSession(iExtendedRequest, httpServletRequest, requestURI);
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [boolean] */
    /* JADX WARN: Type inference failed for: r0v16 */
    /* JADX WARN: Type inference failed for: r0v30, types: [com.ibm.wsspi.webcontainer.servlet.IExtendedRequest] */
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private void restoreFromSession(IExtendedRequest iExtendedRequest, HttpServletRequest httpServletRequest, String str) {
        ?? equals;
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return;
        }
        String str2 = (String) session.getAttribute(INITIAL_URL);
        if (str2 != null && (equals = str2.equals(str)) != 0) {
            try {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Found the session, restoring POST parameters.", new Object[0]);
                }
                iExtendedRequest.setMethod("POST");
                Map map = (Map) session.getAttribute(PARAM_VALUES);
                if (map != null && !map.isEmpty()) {
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "Restoring POST paramameters for URL : " + str, new Object[0]);
                    }
                    equals = iExtendedRequest;
                    equals.setInputStreamData((HashMap) map);
                }
            } catch (IOException e) {
                FFDCFilter.processException(e, "com.ibm.ws.webcontainer.security.PostParameterHelper", "215", this, new Object[]{iExtendedRequest, httpServletRequest, str});
                Object obj = equals;
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "IOException restoring POST parameters onto a cookie: ", obj);
                }
            }
        } else if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Parameters NOT restored. Original URL : " + str2 + " req. URL : " + str, new Object[0]);
        }
        session.setAttribute(INITIAL_URL, null);
        session.setAttribute(PARAM_NAMES, null);
        session.setAttribute(PARAM_VALUES, null);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private void restoreFromCookie(IExtendedRequest iExtendedRequest, HttpServletResponse httpServletResponse, String str) {
        byte[] cookieValueAsBytes = iExtendedRequest.getCookieValueAsBytes(POSTPARAM_COOKIE);
        if (cookieValueAsBytes == null) {
            return;
        }
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Found the cookie, restoring POST parameters: " + new String(cookieValueAsBytes), new Object[0]);
        }
        IExtendedRequest iExtendedRequest2 = iExtendedRequest;
        iExtendedRequest2.setMethod("POST");
        try {
            Hashtable hashtable = (Hashtable) new ObjectInputStream(new ByteArrayInputStream(Base64Coder.base64Decode(cookieValueAsBytes))).readObject();
            if (hashtable != null && hashtable.get(POSTPARAM_URL).equals(str)) {
                if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                    Tr.debug(tc, "Restored POST paramameter for original URL:" + hashtable.get(POSTPARAM_URL), new Object[0]);
                }
                Map map = (Map) hashtable.get(POSTPARAM_PARAM);
                iExtendedRequest2 = iExtendedRequest;
                iExtendedRequest2.setInputStreamData((HashMap) map);
            }
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.webcontainer.security.PostParameterHelper", "256", this, new Object[]{iExtendedRequest, httpServletResponse, str});
            IExtendedRequest iExtendedRequest3 = iExtendedRequest2;
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception restoring POST parameters from the cookie: ", iExtendedRequest3);
            }
        }
        Cookie cookie = new Cookie(POSTPARAM_COOKIE, POSTPARAM_FAILED);
        cookie.setPath(str);
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
    }
}
