package org.apache.impala.authentication.saml;

import com.google.common.base.Preconditions;
import org.apache.impala.util.MetaStoreUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/impala/authentication/saml/HiveSamlHttpServlet.class */
public class HiveSamlHttpServlet {
    private static final Logger LOG = LoggerFactory.getLogger(HiveSamlHttpServlet.class);
    private final AuthTokenGenerator tokenGenerator = HiveSamlAuthTokenGenerator.get();
    ImpalaSamlClient samlClient;

    public HiveSamlHttpServlet(ImpalaSamlClient impalaSamlClient) {
        this.samlClient = impalaSamlClient;
    }

    public void doPost(WrappedWebContext wrappedWebContext) {
        try {
            String relayStateInfo = HiveSamlRelayStateStore.get().getRelayStateInfo(wrappedWebContext);
            int port = HiveSamlRelayStateStore.get().getRelayStateInfo(relayStateInfo).getPort();
            try {
                LOG.debug("RelayState port is " + port);
                String validateAuthnResponseInner = this.samlClient.validateAuthnResponseInner(wrappedWebContext);
                Preconditions.checkState(validateAuthnResponseInner != null);
                LOG.debug("Successfully validated saml response. Forwarding the token to port " + port);
                generateFormData(wrappedWebContext, "http://127.0.0.1:" + port, this.tokenGenerator.get(validateAuthnResponseInner, relayStateInfo), true, MetaStoreUtil.DEFAULT_HIVE_METASTORE_URIS);
            } catch (HttpSamlAuthenticationException e) {
                if (e instanceof HttpSamlNoGroupsMatchedException) {
                    LOG.error("Could not authenticate user since the groups didn't match", e);
                } else {
                    LOG.error("SAML response could not be validated", e);
                }
                generateFormData(wrappedWebContext, "http://127.0.0.1:" + port, null, false, "SAML assertion could not be validated. Check server logs for more details.");
            }
        } catch (HttpSamlAuthenticationException e2) {
            LOG.error("Invalid relay state", e2);
            wrappedWebContext.setResponseStatusCode(401);
        }
    }

    private void generateFormData(WrappedWebContext wrappedWebContext, String str, String str2, boolean z, String str3) {
        wrappedWebContext.setResponseContent("text/html;charset=utf-8", "<html><body onload='document.forms[\"form\"].submit()'>" + String.format("<form name='form' action='%s' method='POST'>", str) + String.format("<input type='hidden' name='%s' value='%s'/>", HiveSamlUtils.TOKEN_KEY, str2) + String.format("<input type='hidden' name='%s' value='%s'/>", "status", Boolean.valueOf(z)) + String.format("<input type='hidden' name='%s' value='%s'/>", HiveSamlUtils.MESSAGE_KEY, str3) + "</form></body></html>");
    }
}
