package com.trs.idm.client.servlet;

import com.trs.idm.client.actor.FormValues;
import com.trs.idm.client.actor.SSOUser;
import com.trs.idm.exception.IdMException;
import com.trs.idm.interact.agent.AgentFactory;
import com.trs.idm.interact.agent.AgentUtil;
import com.trs.idm.interact.agent.IAgent;
import com.trs.idm.interact.agent.LoginResult;
import com.trs.idm.interact.protocol.ProtocolConst;
import com.trs.idm.model.sso.samedomain.SameDomainSSOHelper;
import com.trs.idm.system.ClientConst;
import com.trs.idm.system.SSOConst;
import com.trs.idm.util.Base64Util;
import com.trs.idm.util.CookieHelper;
import com.trs.idm.util.LoginEncoder;
import com.trs.idm.util.RequestUtil;
import com.trs.idm.util.StringHelper;
import com.trs.idm.util.UrlUtil;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.ebookdroid.core.AbstractViewController;

/* loaded from: classes.dex */
public class LoginProxyServlet extends HttpServlet {
    public static final String CK_LOGIN_INFO = "com.trs.ids.app.lInfo";
    public static final String CK_POST_PARAM = "com.trs.ids.app.postParam";
    public static final String FORWARD_FOR_FAIL = "afterLoginFail.gotoType";
    public static final String FORWARD_FOR_OK = "afterLoginOk.gotoType";
    private static final Logger LOG = Logger.getLogger(LoginProxyServlet.class);
    public static final String LOGIN_FAIL_URL = "afterLoginFail.gotoUrl";
    public static final String LOGIN_OK_URL = "afterLoginOk.gotoUrl";
    public static final String SESS_ATTRS_PASSWD = "com.trs.ids.sessAttrs.passwd";
    public static final String SESS_ATTRS_USERNAME = "com.trs.ids.sessAttrs.username";
    public static final String SESS_ATTR_SOURCENAME = "com.trs.ids.sessAttrs.sourcename";
    private static final long serialVersionUID = 1;
    private IAgent agent;
    private int domainLevel;
    private boolean forwardForFail;
    private boolean forwardForOk;
    private String loginFailUrl;
    private String loginOkUrl;

    private String buildNotifyMessage(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("用户在IDS上不存在! <br><br>");
        stringBuffer.append("根据系统设定，IDS将会把您的用户名密码提交到应用的登录页面进行尝试登录，");
        stringBuffer.append("但这可能造成您仅仅能登录" + str + "应用，无法登录IDS和其他应用。<br><br>");
        stringBuffer.append("您确定继续吗？<br>");
        return stringBuffer.toString();
    }

    private String decry(String str) {
        return str;
    }

    private String getAskFromUrl(IAgent iAgent, HttpServletRequest httpServletRequest) {
        if (!RequestUtil.isReverseProxyRequest(httpServletRequest, iAgent.getOriginalHostHttpHeader())) {
            return httpServletRequest.getRequestURL().toString();
        }
        String originalUrlWithParam = RequestUtil.getOriginalUrlWithParam(httpServletRequest, iAgent.getOriginalHostHttpHeader());
        LOG.info("This is an reverse proxy proxy, current requestURL: " + RequestUtil.getFullGetStr(httpServletRequest) + " ,originalURL: " + originalUrlWithParam);
        return originalUrlWithParam;
    }

    private String getAskGSessIdUrl(String str) {
        StringBuffer stringBuffer = new StringBuffer(256);
        stringBuffer.append(this.agent.getGlobalLoginUrl());
        stringBuffer.append('?').append("askFrom").append('=').append(str);
        stringBuffer.append('&').append("askGlobalSess").append('=').append('1');
        if (LOG.isDebugEnabled()) {
            LOG.debug("askUrl: " + ((Object) stringBuffer));
        }
        return stringBuffer.toString();
    }

    private String getLoginFailReturnUrl(HttpServletRequest httpServletRequest) {
        String parameterSafe = RequestUtil.getParameterSafe(httpServletRequest, "afterLoginFail.gotoUrl");
        return StringHelper.isEmpty(parameterSafe) ? this.loginFailUrl : parameterSafe;
    }

    private String getLoginOkReturnUrl(HttpServletRequest httpServletRequest) {
        String parameterSafe = RequestUtil.getParameterSafe(httpServletRequest, LOGIN_OK_URL);
        if (StringHelper.isEmpty(parameterSafe)) {
            parameterSafe = this.loginOkUrl;
        }
        return StringHelper.isEmpty(parameterSafe) ? RequestUtil.getReferUrl(httpServletRequest) : parameterSafe;
    }

    private void goToReturlUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, String str4, String str5) throws ServletException, IOException {
        if (this.forwardForOk) {
            LOG.info("Self Page Login success, About to forward to:  " + str);
            httpServletRequest.setAttribute("usr", str3);
            httpServletRequest.setAttribute("pwd", str4);
            httpServletRequest.setAttribute("url", str2);
            httpServletRequest.setAttribute("loginResultMsg", UrlUtil.encode(Base64Util.encode(str5, ProtocolConst.PACKET_BODY_CHARSET)));
            httpServletRequest.getRequestDispatcher(str).forward(httpServletRequest, httpServletResponse);
            return;
        }
        boolean idsServerSupportSameDomainSSO = this.agent.idsServerSupportSameDomainSSO();
        boolean supportSameDomainSSO = this.agent.supportSameDomainSSO();
        LOG.info("IDS SupportSameDomainSSO: " + idsServerSupportSameDomainSSO + "; appSupportSameDomainSSO: " + supportSameDomainSSO);
        LOG.info("Self Page Login success, About to redirect to:  " + str);
        if (!idsServerSupportSameDomainSSO || supportSameDomainSSO) {
            if (StringHelper.isEmpty(str5)) {
                httpServletResponse.sendRedirect(str);
                return;
            }
            httpServletRequest.setAttribute("actualRedirectURL", str);
            httpServletRequest.setAttribute("loginResultMsg", UrlUtil.encode(Base64Util.encode(str5, ProtocolConst.PACKET_BODY_CHARSET)));
            httpServletRequest.getRequestDispatcher(ClientConst.IDSAGENT_JSP_PREFIX + this.agent.getProperty("loginInfo.uri", "loginInfo.jsp")).forward(httpServletRequest, httpServletResponse);
            return;
        }
        String str6 = String.valueOf(this.agent.getGlobalLoginUrl()) + "?coAppName=" + Base64Util.encode(this.agent.getAgentName()) + "&surl=" + Base64Util.encode(str) + "&type=simpleRedirect";
        LOG.info("Because IDS Support same domain SSO, but app does not support , so redirect to IDS Server to plant same domain Cookie, redirect URL: " + str6);
        if (StringHelper.isEmpty(str5)) {
            httpServletResponse.sendRedirect(str6);
            return;
        }
        httpServletRequest.setAttribute("actualRedirectURL", str6);
        httpServletRequest.setAttribute("loginResultMsg", UrlUtil.encode(Base64Util.encode(str5, ProtocolConst.PACKET_BODY_CHARSET)));
        httpServletRequest.getRequestDispatcher(ClientConst.IDSAGENT_JSP_PREFIX + this.agent.getProperty("loginInfo.uri", "loginInfo.jsp")).forward(httpServletRequest, httpServletResponse);
    }

    private void handleLoginFail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, LoginResult loginResult, String str, String str2, String str3, String str4) throws ServletException, IOException {
        String loginFailReturnUrl = getLoginFailReturnUrl(httpServletRequest);
        LOG.info("loginFail! (user, sessId, gSessId)=" + str2 + ", " + str4 + ", " + str + ". pwd=******" + (this.forwardForFail ? ", forward to " : ", redirect to ") + this.loginFailUrl + ", returnUrl =" + loginFailReturnUrl + "; (failCode=" + loginResult.getFailCode() + "(failInfo:" + loginResult.getFailCode() + ");" + loginResult.getFailInfo() + " ); (failInfoCode, failInfoMessage):(" + loginResult.getFailInfoCode() + ", " + loginResult.getFailInfoMessage() + ")");
        httpServletRequest.setAttribute(this.agent.getCoAppSelfLoginUserNameField(), str2);
        if (StringHelper.isEmpty(loginResult.getFailInfoMessage())) {
            httpServletRequest.setAttribute("ids.ssoLogin.failInfo", loginResult.getFailInfo());
        } else {
            httpServletRequest.setAttribute("ids.ssoLogin.failInfo", loginResult.getFailInfoMessage());
            httpServletRequest.setAttribute("ids.ssoLogin.failInfoCode", loginResult.getFailInfoCode());
            httpServletRequest.setAttribute("ids.ssoLogin.failInfoMessage", loginResult.getFailInfoMessage());
        }
        if ("2006".equals(loginResult.getFailInfoCode())) {
            String str5 = String.valueOf(this.agent.getGlobalLoginUrl()) + "?errCode=" + loginResult.getFailInfoCode() + "&coAppName=" + Base64Util.encode(this.agent.getAgentName()) + "&surl=" + Base64Util.encode("account/errorInfo.jsp?errCode=" + loginResult.getFailInfoCode()) + "&type=simpleRedirect";
            LOG.info("login fail because of user necessary attribute is empty with errCode[" + loginResult.getFailInfoCode() + "], userName[" + str2 + "], so need to redirect to ids url[" + str5 + "] and edit user info!");
            httpServletResponse.sendRedirect(str5);
            return;
        }
        if (!this.agent.continueLocalLoginIfUserNotFoundOnIDS() || !new Integer(1011).toString().equals(loginResult.getFailInfoCode())) {
            httpServletRequest.setAttribute("ids.ssoLogin.referURL", loginFailReturnUrl);
            RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher("/WEB-INF/idsAgentPages/loginFail.jsp");
            if (requestDispatcher != null) {
                requestDispatcher.forward(httpServletRequest, httpServletResponse);
                return;
            } else {
                httpServletResponse.sendError(AbstractViewController.DOUBLE_TAP_TIME, "login fail! and returnUrl not found: " + loginFailReturnUrl);
                return;
            }
        }
        String coAppSelfLoginActionURL = this.agent.getCoAppSelfLoginActionURL();
        if (StringHelper.isEmpty(coAppSelfLoginActionURL)) {
            coAppSelfLoginActionURL = this.agent.getLoginActionURIs()[0];
        }
        LOG.info("user[" + str2 + "] not exist in IDS, but agent.continueLocalLoginIfUserNotFoundOnIDS is true, so forwad to: " + coAppSelfLoginActionURL + " directly!");
        httpServletRequest.setAttribute(ClientConst.AUTOSUBMIT_PRAMA_MESSAGE, buildNotifyMessage(this.agent.getAgentName()));
        httpServletRequest.setAttribute("targetUrl", String.valueOf(RequestUtil.getAppBaseURL(httpServletRequest)) + coAppSelfLoginActionURL);
        httpServletRequest.setAttribute(ClientConst.AUTOSUBMIT_FIElD_USERNAME, this.agent.getCoAppSelfLoginUserNameField());
        httpServletRequest.setAttribute(ClientConst.AUTOSUBMIT_FIElD_PASSWORD, this.agent.getCoAppSelfLoginPagePasswordField());
        CookieHelper cookieHelper = new CookieHelper(httpServletRequest, httpServletResponse, this.agent.getRequestServerName(httpServletRequest), this.domainLevel);
        boolean needSavePostParamAndPostBack = this.agent.needSavePostParamAndPostBack();
        LOG.debug("needPostBackAfterLoginOK: " + needSavePostParamAndPostBack + "; hasPostParamInCookie: " + AgentUtil.havePostParamInCookie(cookieHelper));
        if (needSavePostParamAndPostBack) {
            AgentUtil.forwardToAutosubmitPageWithPostParam(httpServletRequest, httpServletResponse, cookieHelper, String.valueOf(RequestUtil.getAppBaseURL(httpServletRequest)) + coAppSelfLoginActionURL);
        } else {
            httpServletRequest.getRequestDispatcher(ClientConst.DEF_AGENT_AUTOSUBMIT_PAGE).forward(httpServletRequest, httpServletResponse);
        }
    }

    private void handleLoginOK(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, LoginResult loginResult) throws ServletException, IOException {
        String loginOkReturnUrl = getLoginOkReturnUrl(httpServletRequest);
        String referUrl = RequestUtil.getReferUrl(httpServletRequest);
        LOG.info("localLogin OK,about to go to return url: " + loginOkReturnUrl);
        goToReturlUrl(httpServletRequest, httpServletResponse, loginOkReturnUrl, referUrl, str, str2, loginResult != null ? loginResult.getFailInfoMessage() : "");
    }

    private void processCrossDomainSSOSelfPageLoginRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String extractUserName;
        String extractUserPwd;
        String referUrl = RequestUtil.getReferUrl(httpServletRequest);
        String sessionId = this.agent.getServletAppActorV2().getSessionId(httpServletRequest, httpServletResponse, true);
        CookieHelper cookieHelper = new CookieHelper(httpServletRequest, httpServletResponse, this.agent.getRequestServerName(httpServletRequest), this.domainLevel);
        String str = null;
        String bindSSOId = AgentUtil.getBindSSOId(cookieHelper, this.agent);
        FormValues extractExtraInput = this.agent.getServletAppActorV2().extractExtraInput(httpServletRequest, httpServletResponse);
        if (bindSSOId == null) {
            String askFromUrl = getAskFromUrl(this.agent, httpServletRequest);
            String parameter = httpServletRequest.getParameter("com.trs.idm.gSessionId");
            if (parameter == null) {
                String extractUserName2 = this.agent.getServletAppActorV2().extractUserName(httpServletRequest, httpServletResponse);
                String extractUserPwd2 = this.agent.getServletAppActorV2().extractUserPwd(httpServletRequest, httpServletResponse);
                if (extractExtraInput != null) {
                    str = extractExtraInput.getParamValue(ClientConst.USERPROPS_SOURCENAME);
                    if (StringHelper.isEmpty(str)) {
                        str = "ids_internal";
                    }
                    cookieHelper.addCookie(SESS_ATTR_SOURCENAME, UrlUtil.encode(LoginEncoder.encode(str), "UTF-8"));
                }
                if (this.agent.needSavePostParamAndPostBack()) {
                    AgentUtil.savePostParamInCookie(httpServletRequest, cookieHelper);
                }
                cookieHelper.addCookie(CK_LOGIN_INFO, UrlUtil.encode(LoginEncoder.encodeInfo(extractUserName2, extractUserPwd2), "UTF-8"));
                LOG.info("user login info saved before redirect. (user, sourceName, coSessionId)=" + extractUserName2 + "," + str + "," + sessionId);
                httpServletResponse.sendRedirect(getAskGSessIdUrl(askFromUrl));
                return;
            }
            bindSSOId = decry(parameter);
            AgentUtil.saveSSOId(bindSSOId, cookieHelper, this.agent);
            LOG.info("saved gSessId: " + bindSSOId + ". coSessionId=" + sessionId);
        }
        if (httpServletRequest.getParameter("com.trs.idm.gSessionId") != null) {
            String decode = UrlUtil.decode(cookieHelper.getValue(CK_LOGIN_INFO), "UTF-8");
            extractUserName = LoginEncoder.decodeUser(decode);
            extractUserPwd = LoginEncoder.decodePwd(decode);
            str = LoginEncoder.decode(UrlUtil.decode(cookieHelper.getValue(SESS_ATTR_SOURCENAME), "UTF-8"));
            LOG.info("load user login info from cookie or session. (user, sourcename, sessId, gSessId)=" + extractUserName + ", " + str + ", " + sessionId + ", " + bindSSOId + ",ckLoginInfo in cookie:" + decode + ", all cookie in http request:" + httpServletRequest.getHeader("Cookie"));
        } else {
            extractUserName = this.agent.getServletAppActorV2().extractUserName(httpServletRequest, httpServletResponse);
            extractUserPwd = this.agent.getServletAppActorV2().extractUserPwd(httpServletRequest, httpServletResponse);
            if (extractExtraInput != null) {
                str = extractExtraInput.getParamValue(ClientConst.USERPROPS_SOURCENAME);
                cookieHelper.addCookie(SESS_ATTR_SOURCENAME, UrlUtil.encode(LoginEncoder.encode(str), "UTF-8"));
            }
            LOG.info("load user and pwd from request params. (user, sessId, gSessId)=" + extractUserName + ", " + sessionId + ", " + bindSSOId);
        }
        LoginResult loginUser = this.agent.loginUser(bindSSOId, sessionId, extractUserName, extractUserPwd, str, RequestUtil.getRemoteAddr(httpServletRequest, this.agent.getOriginalClientIPHttpHeader()), extractExtraInput);
        if (!loginUser.isSuccess()) {
            handleLoginFail(httpServletRequest, httpServletResponse, loginUser, bindSSOId, extractUserName, extractUserPwd, sessionId);
            return;
        }
        cookieHelper.removeCookie(CK_LOGIN_INFO);
        cookieHelper.removeCookie(SESS_ATTR_SOURCENAME);
        AgentUtil.removeSSOBind(cookieHelper, this.agent);
        if (this.agent.idsServerSupportSameDomainSSO()) {
            SameDomainSSOHelper.isSDTokenValid(loginUser.getSdToken());
        }
        SSOUser sSOUser = loginUser.getSSOUser();
        LOG.info("Login finish, SSOUser is: " + sSOUser);
        if (sSOUser == null) {
            try {
                sSOUser = this.agent.findLoginSSOUser(bindSSOId, sessionId);
            } catch (Exception e) {
                LOG.warn("load login user fail! (user, sessId, gSessId)=" + extractUserName + ", " + sessionId + ", " + bindSSOId, e);
            }
        }
        if (sSOUser != null) {
            try {
                if (!this.agent.getServletAppActorV2().userExist(httpServletRequest, httpServletResponse, sSOUser)) {
                    this.agent.getServletAppActorV2().addUser(httpServletRequest, httpServletResponse, sSOUser);
                    if (httpServletResponse.isCommitted()) {
                        return;
                    }
                }
                this.agent.getServletAppActorV2().loadLoginUser(httpServletRequest, httpServletResponse, sSOUser);
            } catch (RuntimeException e2) {
                LOG.error(String.valueOf(this.agent.getAgentName()) + " actor addUser/loadLoginUser fail! sessId=" + sessionId + ", user=" + sSOUser.getUserName(), e2);
            }
        } else {
            LOG.error("agent.findLoginSSOUser(" + sessionId + ") == null! ssoSessionId=" + bindSSOId);
        }
        if (httpServletResponse.isCommitted()) {
            return;
        }
        String loginOkReturnUrl = getLoginOkReturnUrl(httpServletRequest);
        boolean needSavePostParamAndPostBack = this.agent.needSavePostParamAndPostBack();
        LOG.debug("needPostBackAfterLoginOK: " + needSavePostParamAndPostBack + "; hasPostParamInCookie: " + AgentUtil.havePostParamInCookie(cookieHelper));
        if (needSavePostParamAndPostBack) {
            AgentUtil.forwardToAutosubmitPageWithPostParam(httpServletRequest, httpServletResponse, cookieHelper, loginOkReturnUrl);
            return;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("loginOK! (user, sessId, gSessId)=" + extractUserName + ", " + sessionId + ", " + bindSSOId + (this.forwardForOk ? ", forward to " : ", redirect to ") + loginOkReturnUrl);
        }
        goToReturlUrl(httpServletRequest, httpServletResponse, loginOkReturnUrl, referUrl, extractUserName, extractUserPwd, loginUser.getFailInfoMessage());
    }

    private void processSameDomainSSOSelfPageLoginRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        LOG.debug("This is a same domain anonymous app, and this is a self page login request");
        String sessionId = this.agent.getServletAppActorV2().getSessionId(httpServletRequest, httpServletResponse, true);
        CookieHelper cookieHelper = new CookieHelper(httpServletRequest, httpServletResponse, this.agent.getRequestServerName(httpServletRequest), this.domainLevel);
        String value = cookieHelper.getValue(SSOConst.SDSSO_COOKIE_NAME);
        if (!StringHelper.isEmpty(value)) {
            LOG.debug("SDToken in Cookie: " + value);
            String sSOIdFromSDToken = SameDomainSSOHelper.getSSOIdFromSDToken(value);
            boolean z = System.currentTimeMillis() >= SameDomainSSOHelper.getValidTimeFromSDToken(value);
            if (!z) {
                SSOUser sSOUser = null;
                try {
                    sSOUser = this.agent.findSSOUser(sSOIdFromSDToken, sessionId, RequestUtil.getRemoteAddr(httpServletRequest, this.agent.getOriginalClientIPHttpHeader()));
                } catch (IdMException e) {
                    LOG.error("Find SSOUser from IDS by SameDomain SSOSessionID error", e);
                }
                LOG.info("SSOUser found by SSOId[" + sSOIdFromSDToken + "] in SDToken from IDS Server: " + sSOUser);
                if (sSOUser != null) {
                    if (!this.agent.getServletAppActorV2().userExist(httpServletRequest, httpServletResponse, sSOUser)) {
                        this.agent.getServletAppActorV2().addUser(httpServletRequest, httpServletResponse, sSOUser);
                    }
                    SameDomainSSOHelper.plantAppCurrentLoginedSSOIDCookie(httpServletRequest, httpServletResponse, true, sSOIdFromSDToken, this.agent.getSDSSOCookieDomain(), this.agent.getSDSSOIDSCookiePath(), this.agent.getAgentName());
                    this.agent.getServletAppActorV2().loadLoginUser(httpServletRequest, httpServletResponse, sSOUser);
                    LOG.info("User SSOUser[" + sSOUser.getUserName() + "] to do localLogin by actor.loadLoginUser finished");
                    handleLoginOK(httpServletRequest, httpServletResponse, sSOUser.getUserName(), sSOUser.getProperty(ClientConst.USERPROPS_PLAINUSERPWD), null);
                    return;
                }
                LOG.info("Can not find SSOUser by SDToken in Cookie: " + value + ", so clear same domain cookie");
            }
            if (z) {
                LOG.info("SDToken[" + value + "] in Cookie is time out");
            }
            LOG.info("About to remove Same Domain Cookie, sdToken: " + value);
            cookieHelper.removeCookie(SSOConst.SDSSO_COOKIE_NAME, this.agent.getSDSSOCookiePath(), this.agent.getSDSSOCookieDomain());
        }
        String extractUserName = this.agent.getServletAppActorV2().extractUserName(httpServletRequest, httpServletResponse);
        String extractUserPwd = this.agent.getServletAppActorV2().extractUserPwd(httpServletRequest, httpServletResponse);
        String str = null;
        String str2 = null;
        FormValues extractExtraInput = this.agent.getServletAppActorV2().extractExtraInput(httpServletRequest, httpServletResponse);
        if (extractExtraInput != null) {
            str = extractExtraInput.getParamValue(ClientConst.USERPROPS_SOURCENAME);
            if (StringHelper.isEmpty(str)) {
                str = "ids_internal";
            }
            str2 = extractExtraInput.getParamValue("isAutoLogin");
        }
        String value2 = cookieHelper.getValue(SSOConst.IDS_COOKIE_NAME);
        LoginResult loginResult = new LoginResult();
        if (!StringHelper.isEmpty(value2)) {
            LOG.info("Using SSOID[" + value2 + "] in IDS Cookie for globalLogin");
            loginResult = this.agent.loginUser(value2, sessionId, extractUserName, extractUserPwd, str, RequestUtil.getRemoteAddr(httpServletRequest, this.agent.getOriginalClientIPHttpHeader()), extractExtraInput);
        }
        LOG.info("LoginResut : " + loginResult);
        if (!loginResult.isSuccess() || loginResult.getFailCode() == 10) {
            LOG.info("Using loginUserForSameDomainSSO method for globalLogin, will create a ssoSession in IDS first and excute global login");
            loginResult = this.agent.loginUserForSameDomainSSO(extractUserName, extractUserPwd, str, sessionId, RequestUtil.getRemoteAddr(httpServletRequest, this.agent.getOriginalClientIPHttpHeader()), extractExtraInput);
        }
        if (!loginResult.isSuccess()) {
            LOG.info("Self page login in same domain sso app fail");
            handleLoginFail(httpServletRequest, httpServletResponse, loginResult, null, extractUserName, extractUserPwd, sessionId);
            return;
        }
        String sdToken = loginResult.getSdToken();
        String sSOIdFromSDToken2 = SameDomainSSOHelper.getSSOIdFromSDToken(sdToken);
        LOG.info("User[" + extractUserName + "] login in IDS ok, SDToken: " + sdToken + "; ssoId: " + sSOIdFromSDToken2);
        SameDomainSSOHelper.plantSameDomainCookie(httpServletRequest, httpServletResponse, sdToken, true, this.agent.getSDSSOCookieDomain(), this.agent.getSDSSOCookiePath(), this.agent.getOriginalHostHttpHeader());
        SameDomainSSOHelper.plantIDSCookie(httpServletRequest, httpServletResponse, true, sSOIdFromSDToken2, this.agent.getSDSSOCookieDomain(), this.agent.getSDSSOIDSCookiePath(), this.agent.getOriginalHostHttpHeader());
        String encodeInfo = LoginEncoder.encodeInfo(extractUserName, extractUserPwd);
        if ("true".equals(str2)) {
            SameDomainSSOHelper.plantAutoLoginCookie(httpServletRequest, httpServletResponse, encodeInfo, str, 864000, this.agent.getSDSSOCookieDomain(), this.agent.getSDSSOIDSCookiePath());
        }
        SSOUser sSOUser2 = loginResult.getSSOUser();
        if (sSOUser2 == null) {
            LOG.error("Login in IDS OK, but SSOUser from IDS is null!");
            handleLoginFail(httpServletRequest, httpServletResponse, loginResult, null, extractUserName, extractUserPwd, sessionId);
        } else {
            SameDomainSSOHelper.plantAppCurrentLoginedSSOIDCookie(httpServletRequest, httpServletResponse, true, sSOIdFromSDToken2, this.agent.getSDSSOCookieDomain(), this.agent.getSDSSOIDSCookiePath(), this.agent.getAgentName());
            this.agent.getServletAppActorV2().loadLoginUser(httpServletRequest, httpServletResponse, sSOUser2);
            LOG.info("localLogin by actor done");
            handleLoginOK(httpServletRequest, httpServletResponse, extractUserName, extractUserPwd, loginResult);
        }
    }

    public void destroy() {
        LOG.info(String.valueOf(getServletName()) + " destroying...");
        super.destroy();
    }

    public void init() throws ServletException {
        super.init();
        this.agent = AgentFactory.getInstance().initAndStart();
        if (this.agent == null) {
            LOG.error("get agent is null while LoginProxyServlet init!");
            return;
        }
        this.agent.setServerInfo(RequestUtil.getServletContainerInfo(getServletContext()));
        this.loginOkUrl = this.agent.getProperty(LOGIN_OK_URL);
        this.forwardForOk = "forward".equalsIgnoreCase(this.agent.getProperty(FORWARD_FOR_OK));
        this.loginFailUrl = this.agent.getProperty("afterLoginFail.gotoUrl");
        this.forwardForFail = "forward".equalsIgnoreCase(this.agent.getProperty(FORWARD_FOR_FAIL, "forward"));
        this.domainLevel = Integer.parseInt(this.agent.getProperty("cookie.domain.level", "0"));
        LOG.info("forward: (ok, fail)=" + this.forwardForOk + ", " + this.forwardForFail + ". url: (ok, fail)=" + this.loginOkUrl + ", " + this.loginFailUrl + ", domainLevel:" + this.domainLevel);
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (this.agent.isSocketAlive()) {
            if (this.agent.isAllowAnonymous() && this.agent.supportSameDomainSSO()) {
                processSameDomainSSOSelfPageLoginRequest(httpServletRequest, httpServletResponse);
                return;
            } else {
                processCrossDomainSSOSelfPageLoginRequest(httpServletRequest, httpServletResponse);
                return;
            }
        }
        httpServletRequest.setAttribute("ids.ssoLogin.failInfo", "系统暂时无法提供认证服务，请稍候重试!");
        RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this.loginFailUrl);
        if (requestDispatcher != null) {
            requestDispatcher.forward(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.sendError(AbstractViewController.DOUBLE_TAP_TIME, "cannot login, because agent not connected to ids!");
        }
    }
}
