package com.sun.s1peqe.security.ssl;

import java.io.IOException;
import java.io.PrintWriter;
import java.security.Principal;
import java.security.cert.X509Certificate;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:sec-httpsclientauth-web.war:WEB-INF/classes/com/sun/s1peqe/security/ssl/ClientCertServlet.class */
public class ClientCertServlet extends HttpServlet {
    private String userRole = "EMPLOYEE";
    private String managerRole = "MANAGER";

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        defaultAction(httpServletRequest, httpServletResponse);
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        defaultAction(httpServletRequest, httpServletResponse);
    }

    public void defaultAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html");
        PrintWriter writer = httpServletResponse.getWriter();
        try {
            writer.println("<html><head><title>Certificate Authorization Servlet</title></head>");
            writer.println("<body><center><h3>Certificate Authorization Servlet</h3></center><hr>");
            Principal userPrincipal = httpServletRequest.getUserPrincipal();
            if (userPrincipal != null) {
                writer.println("<b>getUserPrincipal():</b>" + userPrincipal.getName() + "<br>");
            } else {
                writer.println("<b>getUserPrincipal():</b> ERROR, principal is null.  This should be set as Authentication is required to access this Servlet.<br>");
            }
            X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
            if (x509CertificateArr != null) {
                writer.println("<b>getAttribute():</b> returns correct value.<br>");
                System.out.println("<<Client>>==>Certificate attibutes:");
                StringBuffer stringBuffer = new StringBuffer();
                for (int i = 0; i < x509CertificateArr.length; i++) {
                    stringBuffer.append("\n\tCert[" + i + "]:");
                    stringBuffer.append("\n\t Issuer=" + x509CertificateArr[i].getIssuerDN().getName());
                    stringBuffer.append("\n\t subject=" + x509CertificateArr[i].getSubjectDN().getName());
                    stringBuffer.append("\n\t Version=" + x509CertificateArr[i].getVersion());
                    System.out.println(stringBuffer.toString());
                }
            } else {
                writer.println("<b>getAttribute():</b> returns null value.<br>");
            }
            if (httpServletRequest.isUserInRole(this.managerRole)) {
                writer.println("<b>isUserInRole(\"" + this.managerRole + "\"):</b> True.  The user belongs to the Role that is Authorized to access this Servlet.<br>");
            } else {
                writer.println("<b>isUserInRole(\"" + this.managerRole + "\"):</b> False, ERROR.  The user is not a member of the Role " + this.managerRole + ", whose members are the only users allowed to access this Servlet.<br>");
                if (httpServletRequest.isUserInRole(this.userRole)) {
                    writer.println("<b>isUserInRole(\"" + this.userRole + "\"):</b> True, ERROR.  The user is a member of a Role that does not have access to this Servlet.<br>");
                }
            }
        } catch (Exception e) {
            System.out.println("=== iASsecsslsvl.defaultAction(): ");
            e.printStackTrace(System.out);
        }
        writer.println("</body>");
        writer.println("</html>");
        writer.close();
    }
}
