package com.citrix.auth.impl;

import android.text.TextUtils;
import com.citrix.auth.AMUrl;
import com.citrix.auth.AuthRequirementsFulfiller;
import com.citrix.auth.GatewayInfo;
import com.citrix.auth.exceptions.AuthManException;
import com.citrix.auth.impl.VpnSupport;
import java.net.HttpCookie;
import java.util.ArrayList;
import java.util.List;
import javax.xml.namespace.NamespaceContext;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpHead;
import org.apache.http.message.BasicHeader;
import org.w3c.dom.Document;
import org.w3c.dom.Node;

/* loaded from: classes.dex */
public class AGFormsAuthImpl {
    public static final String AGFormsProtocolName = "AGForms";
    public static final String DefaultGatewayFormsPath = "/cgi/authenticate";
    public static final String FormsStartHeaderName = "X-Citrix-Forms-Start";
    public static final String GatewaySessionFormsResponseContentType = "application/vnd.citrix.gatewaysession-1+xml";
    public static final String GatewaySessionResponseNamespace = "http://citrix.com/gateway/session/1";
    public static final String GatewaySessionResponsePrefix = "p";
    public static final String RewriteRuleEntCvpn = "entcvpn";
    public static final String RewriteRuleSG = "sg";
    public static final NamespaceContext s_gatewayresponseNamespaceContextMapper;

    static {
        NamespaceContextMapperBuilder namespaceContextMapperBuilder = new NamespaceContextMapperBuilder();
        namespaceContextMapperBuilder.add(GatewaySessionResponseNamespace, "p");
        s_gatewayresponseNamespaceContextMapper = namespaceContextMapperBuilder.createNamespaceContext();
    }

    private AGFormsAuthImpl() {
    }

    private static GatewayProxyMode ParseUrlRewriteRule(String str) throws AuthManException {
        if (RewriteRuleEntCvpn.compareToIgnoreCase(str) == 0) {
            return GatewayProxyMode.ENTCVPN;
        }
        if (RewriteRuleSG.compareToIgnoreCase(str) == 0) {
            return GatewayProxyMode.SG;
        }
        throw AuthManException.protocolError("Failed to parse the Gateway session document's UrlRewriteRule '%s'", str);
    }

    public static AgAuthenticationData authenticate(GatewayInfo gatewayInfo, InternalRequestParams internalRequestParams, AuthRequirementsFulfiller authRequirementsFulfiller, String str) throws AuthManException {
        try {
            try {
                Utils.amLog("AGFormsAuthImpl.authenticate starts");
                AMUrl logonPointUrl = gatewayInfo.getLogonPointUrl();
                AMUrl constructUrlFromHostRelativePath = (str == null || str.length() <= 0) ? AuthHttpUtils.constructUrlFromHostRelativePath(logonPointUrl, DefaultGatewayFormsPath) : AuthHttpUtils.constructUrlFromHostRelativePath(logonPointUrl, str);
                List<Header> commonHeaders = getCommonHeaders(internalRequestParams.getDependencies(), logonPointUrl);
                HttpResponse requestInitialForm = requestInitialForm(internalRequestParams, constructUrlFromHostRelativePath, commonHeaders);
                CommonFormsAuth commonFormsAuth = new CommonFormsAuth(AGFormsProtocolName, internalRequestParams, authRequirementsFulfiller, commonHeaders);
                AgAuthenticationData parseAGSuccessResponse = parseAGSuccessResponse(constructUrlFromHostRelativePath, commonFormsAuth.execute(constructUrlFromHostRelativePath, requestInitialForm, GatewaySessionFormsResponseContentType));
                parseAGSuccessResponse.m_passwordLogon = commonFormsAuth.getPasswordUsed();
                if (parseAGSuccessResponse.m_vpnCapable) {
                    VpnSupport.VpnInfo vPNConfiguration = getVPNConfiguration(internalRequestParams, constructUrlFromHostRelativePath, parseAGSuccessResponse.m_sessionCookies);
                    parseAGSuccessResponse.m_vpnCapable = vPNConfiguration.m_vpnCapable;
                    parseAGSuccessResponse.m_vpnConfigFileLocation = vPNConfiguration.m_vpnConfigFileLocation;
                }
                Utils.amLog("AGFormsAuthImpl.authenticate succeeded. Session data is: %s", parseAGSuccessResponse);
                return parseAGSuccessResponse;
            } catch (AuthManException e) {
                Utils.amLog("AGFormsAuthImpl.authenticate FAILED. Caught AuthManException: %s", e);
                throw e;
            } catch (Throwable th) {
                Utils.amLog("AGFormsAuthImpl.authenticate FAILED. Caught throwable: %s", th);
                throw AuthManException.systemError(th, "AGFormsAuthImpl.authenticate FAILED");
            }
        } finally {
            Utils.amLog("AGFormsAuthImpl.authenticate finishes");
        }
    }

    public static void destroySession(HttpTransaction httpTransaction, AMUrl aMUrl, Header[] headerArr, FancyCookieStore fancyCookieStore) throws AuthManException {
        httpTransaction.setRequest(new HttpGet(aMUrl.getCanonicalURL()));
        httpTransaction.addHeaders(headerArr);
        try {
            try {
                httpTransaction.sendAndReceive();
            } catch (AuthManException e) {
                Utils.amLog("AGFormsAuthImpl.destroySession failed due to exception: %s" + e.getMessage());
                throw e;
            }
        } finally {
            fancyCookieStore.clearForHost(aMUrl.getHostName());
        }
    }

    public static FormsProbeResult doFormsSupportProbe(InternalRequestParams internalRequestParams, AMUrl aMUrl) {
        Utils.amLog("doFormsSupportProbe starts");
        FormsProbeResult formsProbeResult = new FormsProbeResult();
        formsProbeResult.probeWasSuccessful = false;
        formsProbeResult.supportsForms = false;
        try {
            try {
                AMUrl constructUrlFromHostRelativePath = AuthHttpUtils.constructUrlFromHostRelativePath(aMUrl, "");
                AMUrl constructUrlFromHostRelativePath2 = AuthHttpUtils.constructUrlFromHostRelativePath(constructUrlFromHostRelativePath, DefaultGatewayFormsPath);
                HttpTransaction httpTransaction = new HttpTransaction(internalRequestParams);
                List<Header> commonHeaders = getCommonHeaders(internalRequestParams.getDependencies(), constructUrlFromHostRelativePath);
                if (doHttpHead(httpTransaction, constructUrlFromHostRelativePath2, (Header[]) commonHeaders.toArray(new Header[commonHeaders.size()]), "application/vnd.citrix.authenticateresponse-1+xml, application/vnd.citrix.gatewaysession-1+xml") != 200) {
                    Utils.amLog("doFormsSupportProbe finishes with result: %s", formsProbeResult);
                } else if (httpTransaction.doesContentHeaderContainType(ChimeraForm.ContentType)) {
                    formsProbeResult.supportsForms = true;
                    String responseHeaderValue = httpTransaction.getResponseHeaderValue(FormsStartHeaderName);
                    if (responseHeaderValue.length() > 0) {
                        formsProbeResult.optionalFormsStartPath = responseHeaderValue;
                    }
                    formsProbeResult.probeWasSuccessful = true;
                    Utils.amLog("doFormsSupportProbe finishes with result: %s", formsProbeResult);
                } else {
                    Utils.amLog("doFormsSupportProbe finishes with result: %s", formsProbeResult);
                }
            } catch (AuthManException e) {
                Utils.amLog("AGFormsAuthImpl.doFormsSupportProbe caught AuthManException: %s" + e);
                Utils.amLog("doFormsSupportProbe finishes with result: %s", formsProbeResult);
            }
            return formsProbeResult;
        } catch (Throwable th) {
            Utils.amLog("doFormsSupportProbe finishes with result: %s", formsProbeResult);
            throw th;
        }
    }

    private static int doHttpHead(HttpTransaction httpTransaction, AMUrl aMUrl, Header[] headerArr, String str) throws AuthManException {
        httpTransaction.resetButRetainCookieJar();
        httpTransaction.setRequest(new HttpHead(aMUrl.toURI()));
        httpTransaction.addHeaders(headerArr);
        if (str != null) {
            httpTransaction.setAcceptType(str);
        }
        httpTransaction.sendAndReceive(true);
        return httpTransaction.getResponseStatusCode();
    }

    private static String getAcceptedMimeTypes() {
        return "application/vnd.citrix.authenticateresponse-1+xml, application/vnd.citrix.gatewaysession-1+xml";
    }

    private static List<Header> getCommonHeaders(AuthManDependencies authManDependencies, AMUrl aMUrl) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(authManDependencies.getRequirementCapabilityHeaders());
        arrayList.addAll(Gateway.getCommonGatewayHeadersList(aMUrl));
        return arrayList;
    }

    private static VpnSupport.VpnInfo getVPNConfiguration(InternalRequestParams internalRequestParams, AMUrl aMUrl, String str) throws AuthManException {
        return internalRequestParams.getVpnSupport().getVpnInfo(aMUrl, str, "");
    }

    public static AgAuthenticationData parseAGSuccessResponse(AMUrl aMUrl, HttpResponse httpResponse) throws AuthManException {
        try {
            try {
                AgAuthenticationData agAuthenticationData = new AgAuthenticationData();
                agAuthenticationData.m_agProtocolType = AGAuthProtocolType.Forms;
                agAuthenticationData.m_sessionGateway = AuthHttpUtils.constructUrlFromHostRelativePath(aMUrl, "/");
                agAuthenticationData.m_passwordLogon = false;
                HttpCookie tryExtractCookieFromResponse = AuthHttpUtils.tryExtractCookieFromResponse(AgeeLogon.AGSessionCookieName, httpResponse);
                if (tryExtractCookieFromResponse == null || TextUtils.isEmpty(tryExtractCookieFromResponse.getValue()) || !AuthHttpUtils.isSessionCookie(tryExtractCookieFromResponse)) {
                    throw AuthManException.protocolError("The %s cookie was not present as expected in the gateway response.", AgeeLogon.AGSessionCookieName);
                }
                agAuthenticationData.m_sessionCookies = AuthHttpUtils.cookieToHeaderValue(tryExtractCookieFromResponse);
                Document parseXmlResponseUsingNamespaces = XmlUtils.parseXmlResponseUsingNamespaces(httpResponse);
                XPath newXPath = XPathFactory.newInstance().newXPath();
                newXPath.setNamespaceContext(s_gatewayresponseNamespaceContextMapper);
                Node node = (Node) newXPath.evaluate("p:GatewaySession/p:SessionInformation", parseXmlResponseUsingNamespaces, XPathConstants.NODE);
                agAuthenticationData.m_proxyMode = ParseUrlRewriteRule((String) newXPath.evaluate("p:UrlRewriteRule", node, XPathConstants.STRING));
                agAuthenticationData.m_secureBrowsePrefix = (String) newXPath.evaluate("p:SecureBrowsePrefix", node, XPathConstants.STRING);
                agAuthenticationData.m_vpnCapable = parseBool((String) newXPath.evaluate("p:FullVpn", node, XPathConstants.STRING));
                agAuthenticationData.m_formsLogoffUrl = AuthHttpUtils.constructUrlFromHostRelativePath(aMUrl, (String) newXPath.evaluate("p:LogOff", node, XPathConstants.STRING));
                return agAuthenticationData;
            } catch (XPathExpressionException e) {
                throw AuthManException.protocolError("Failed to parse the Gateway session document due to %s", e.getMessage());
            }
        } finally {
            AuthHttpUtils.consumeResponse(httpResponse);
        }
    }

    private static boolean parseBool(String str) {
        return "true".compareToIgnoreCase(str) == 0;
    }

    private static HttpResponse requestInitialForm(InternalRequestParams internalRequestParams, AMUrl aMUrl, List<Header> list) throws AuthManException {
        HttpGet httpGet = new HttpGet(aMUrl.getCanonicalURL());
        httpGet.setHeaders((Header[]) list.toArray(new Header[list.size()]));
        httpGet.setHeader(new BasicHeader("Accept", getAcceptedMimeTypes()));
        return HttpClientWrapper.executeRequest(internalRequestParams, httpGet, "IOException during CommonFormsAuth while posting a form");
    }
}
