package com.liferay.saml.addon.keep.alive.web.internal.struts.action;

import com.liferay.portal.kernel.struts.BaseStrutsAction;
import com.liferay.portal.kernel.struts.StrutsAction;
import com.liferay.portal.kernel.util.Base64;
import com.liferay.portal.kernel.util.CookieKeys;
import com.liferay.portal.kernel.util.HtmlUtil;
import com.liferay.portal.kernel.util.Http;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.saml.addon.keep.alive.web.internal.constants.SamlKeepAliveConstants;
import com.liferay.saml.persistence.model.SamlIdpSpSession;
import com.liferay.saml.persistence.model.SamlIdpSsoSession;
import com.liferay.saml.persistence.service.SamlIdpSpConnectionLocalService;
import com.liferay.saml.persistence.service.SamlIdpSpSessionLocalService;
import com.liferay.saml.persistence.service.SamlIdpSsoSessionLocalService;
import com.liferay.saml.runtime.configuration.SamlProviderConfigurationHelper;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(immediate = true, property = {"path=/portal/saml/keep_alive"}, service = {StrutsAction.class})
/* loaded from: input_file:com/liferay/saml/addon/keep/alive/web/internal/struts/action/KeepAliveAction.class */
public class KeepAliveAction extends BaseStrutsAction {
    private static final String _BASE64_1x1_GIF = "R0lGODdhAQABAIAAAP///////ywAAAAAAQABAAACAkQBADs=";

    @Reference
    private Http _http;

    @Reference
    private SamlIdpSpConnectionLocalService _samlIdpSpConnectionLocalService;

    @Reference
    private SamlIdpSpSessionLocalService _samlIdpSpSessionLocalService;

    @Reference
    private SamlIdpSsoSessionLocalService _samlIdpSsoSessionLocalService;

    @Reference
    private SamlProviderConfigurationHelper _samlProviderConfigurationHelper;

    public String execute(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (!this._samlProviderConfigurationHelper.isEnabled()) {
            return "/common/referer_js.jsp";
        }
        if (this._samlProviderConfigurationHelper.isRoleIdp()) {
            executeIdpKeepAlive(httpServletRequest, httpServletResponse);
            return null;
        }
        if (!this._samlProviderConfigurationHelper.isRoleSp()) {
            return null;
        }
        executeSpKeepAlive(httpServletRequest, httpServletResponse);
        return null;
    }

    protected void executeIdpKeepAlive(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletResponse.addHeader("Cache-Control", "private, no-cache, no-store, must-revalidate");
        httpServletResponse.addHeader("Pragma", "no-cache");
        httpServletResponse.setContentType("text/javascript");
        String randomString = StringUtil.randomString();
        PrintWriter writer = httpServletResponse.getWriter();
        Iterator<String> it = getSPsKeepAliveURLs(httpServletRequest).iterator();
        while (it.hasNext()) {
            String addParameter = this._http.addParameter(it.next(), "r", randomString);
            writer.write("document.write('<img alt=\"\" src=\"");
            writer.write(HtmlUtil.escapeJS(HtmlUtil.escapeHREF(addParameter)));
            writer.write("\"/>');");
        }
    }

    protected void executeSpKeepAlive(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletResponse.setHeader("Cache-Control", "private, no-cache, no-store, must-revalidate");
        httpServletResponse.setHeader("Pragma", "no-cache");
        httpServletResponse.setContentType("image/gif");
        httpServletResponse.getOutputStream().write(Base64.decode(_BASE64_1x1_GIF));
    }

    protected List<String> getSPsKeepAliveURLs(HttpServletRequest httpServletRequest) throws Exception {
        SamlIdpSsoSession fetchSamlIdpSso = this._samlIdpSsoSessionLocalService.fetchSamlIdpSso(CookieKeys.getCookie(httpServletRequest, "SAML_SSO_SESSION_ID"));
        if (fetchSamlIdpSso == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        String string = ParamUtil.getString(httpServletRequest, "entityId");
        for (SamlIdpSpSession samlIdpSpSession : this._samlIdpSpSessionLocalService.getSamlIdpSpSessions(fetchSamlIdpSso.getSamlIdpSsoSessionId())) {
            if (!string.equals(samlIdpSpSession.getSamlSpEntityId())) {
                String str = (String) this._samlIdpSpConnectionLocalService.getSamlIdpSpConnection(samlIdpSpSession.getCompanyId(), samlIdpSpSession.getSamlSpEntityId()).getExpandoBridge().getAttribute(SamlKeepAliveConstants.EXPANDO_COLUMN_NAME_KEEP_ALIVE_URL);
                if (!Validator.isBlank(str) && !str.equals(SamlKeepAliveConstants.EXPANDO_COLUMN_NAME_KEEP_ALIVE_URL)) {
                    arrayList.add(str);
                }
            }
        }
        return arrayList;
    }
}
