package com.erudika.para.server.security.filters;

import com.erudika.para.core.App;
import com.erudika.para.core.User;
import com.erudika.para.core.utils.Para;
import com.erudika.para.server.security.AuthenticatedUserDetails;
import com.erudika.para.server.security.SecurityUtils;
import com.erudika.para.server.security.UserAuthentication;
import java.io.IOException;
import javax.naming.LimitExceededException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;

/* loaded from: input_file:WEB-INF/lib/para-server-1.46.3.jar:com/erudika/para/server/security/filters/PasswordAuthFilter.class */
public class PasswordAuthFilter extends AbstractAuthenticationProcessingFilter {
    private static final String PASSWORD = "password";
    private static final String EMAIL = "email";
    public static final String PASSWORD_ACTION = "password_auth";

    public PasswordAuthFilter(String str) {
        super(str);
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        App app;
        UserAuthentication userAuthentication = null;
        User user = null;
        if (httpServletRequest.getRequestURI().endsWith(PASSWORD_ACTION)) {
            user = new User();
            user.setIdentifier(httpServletRequest.getParameter("email"));
            user.setPassword(httpServletRequest.getParameter("password"));
            String appidFromAuthRequest = SecurityUtils.getAppidFromAuthRequest(httpServletRequest);
            if (!App.isRoot(appidFromAuthRequest) && (app = (App) Para.getDAO().read(App.id(appidFromAuthRequest))) != null) {
                user.setAppid(app.getAppIdentifier());
            }
            try {
                if (User.passwordMatches(user) && StringUtils.contains(user.getIdentifier(), "@")) {
                    user = User.readUserForIdentifier(user);
                    userAuthentication = new UserAuthentication(new AuthenticatedUserDetails(user));
                }
            } catch (LimitExceededException e) {
                throw new LockedException("Too many attempts - account " + user.getId() + " (" + user.getAppid() + "/" + user.getIdentifier() + ") is locked.");
            }
        }
        return SecurityUtils.checkIfActive(userAuthentication, user, true);
    }

    public UserAuthentication getOrCreateUser(App app, String str) {
        UserAuthentication userAuthentication = null;
        User user = new User();
        if (str != null && str.contains(Para.getConfig().separator())) {
            String[] split = str.split(Para.getConfig().separator(), 3);
            String str2 = split[0];
            String trimToEmpty = StringUtils.trimToEmpty(split[1]);
            String str3 = split.length > 2 ? split[2] : "";
            String appIdentifier = app == null ? null : app.getAppIdentifier();
            User user2 = new User();
            user2.setAppid(appIdentifier);
            user2.setIdentifier(str2);
            user2.setPassword(str3);
            user2.setEmail(str2);
            user = User.readUserForIdentifier(user2);
            try {
                if (user == null) {
                    user = new User();
                    user.setActive(Boolean.valueOf(Boolean.parseBoolean(Para.getConfig().getSettingForApp(app, "security.allow_unverified_emails", Boolean.toString(Para.getConfig().allowUnverifiedEmails())))));
                    user.setAppid(appIdentifier);
                    user.setName(trimToEmpty);
                    user.setIdentifier(str2);
                    user.setEmail(str2);
                    user.setPassword(str3);
                    if (user.create() != null) {
                        userAuthentication = new UserAuthentication(new AuthenticatedUserDetails(user));
                    }
                } else if (User.passwordMatches(user2)) {
                    userAuthentication = new UserAuthentication(new AuthenticatedUserDetails(user));
                }
            } catch (LimitExceededException e) {
                throw new LockedException("Too many attempts - account " + user.getId() + " (" + user.getAppid() + "/" + user.getIdentifier() + ") is locked.");
            }
        }
        return SecurityUtils.checkIfActive(userAuthentication, user, false);
    }
}
