package fi.foyt.fni.view.users;

import fi.foyt.fni.auth.AuthenticationController;
import fi.foyt.fni.auth.AuthenticationStrategy;
import fi.foyt.fni.auth.ConfigurationErrorException;
import fi.foyt.fni.auth.EmailDoesNotMatchLoggedUserException;
import fi.foyt.fni.auth.ExternalLoginFailedException;
import fi.foyt.fni.auth.IdentityBelongsToAnotherUserException;
import fi.foyt.fni.auth.InternalAuthenticationStrategy;
import fi.foyt.fni.auth.InvalidCredentialsException;
import fi.foyt.fni.auth.MultipleEmailAccountsException;
import fi.foyt.fni.auth.OAuthAuthenticationStrategy;
import fi.foyt.fni.auth.UserNotConfirmedException;
import fi.foyt.fni.mail.Mailer;
import fi.foyt.fni.persistence.model.auth.AuthSource;
import fi.foyt.fni.persistence.model.system.SystemSettingKey;
import fi.foyt.fni.persistence.model.users.PasswordResetKey;
import fi.foyt.fni.persistence.model.users.User;
import fi.foyt.fni.persistence.model.users.UserProfileImageSource;
import fi.foyt.fni.persistence.model.users.UserToken;
import fi.foyt.fni.persistence.model.users.UserVerificationKey;
import fi.foyt.fni.session.SessionController;
import fi.foyt.fni.system.SystemSettingsController;
import fi.foyt.fni.users.UserController;
import fi.foyt.fni.utils.faces.FacesUtils;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Date;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ejb.Stateful;
import javax.enterprise.context.RequestScoped;
import javax.enterprise.inject.Any;
import javax.enterprise.inject.Instance;
import javax.faces.application.FacesMessage;
import javax.faces.context.ExternalContext;
import javax.faces.context.FacesContext;
import javax.inject.Inject;
import javax.inject.Named;
import javax.mail.MessagingException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.error.OAuthError;
import org.ocpsoft.rewrite.annotation.Join;
import org.ocpsoft.rewrite.annotation.Parameter;
import org.ocpsoft.rewrite.annotation.RequestAction;
import org.ocpsoft.rewrite.faces.annotation.Deferred;

@Stateful
@Join(path = "/login/", to = "/users/login.jsf")
@Named
@RequestScoped
/* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/view/users/LoginBackingBean.class */
public class LoginBackingBean {

    @Parameter("return")
    private String returnParam;

    @Parameter
    private String error;

    @Parameter
    private String loginMethod;

    @Parameter
    private String redirectUrl;

    @Inject
    private Logger logger;

    @Inject
    private UserController userController;

    @Inject
    private SessionController sessionController;

    @Inject
    @Any
    private Instance<AuthenticationStrategy> authenticationStrategies;

    @Inject
    private AuthenticationController authenticationController;

    @Inject
    private SystemSettingsController systemSettingsController;

    @Inject
    private Mailer mailer;

    @Inject
    private HttpServletRequest request;
    private String loginEmail;
    private String loginPassword;
    private String registerFirstName;
    private String registerLastName;
    private String registerEmail;
    private String registerPassword1;
    private String registerPassword2;
    private String forgotPasswordEmail;

    @RequestAction
    @Deferred
    public void init() throws UnsupportedEncodingException {
        if (StringUtils.isNotBlank(this.redirectUrl)) {
            this.sessionController.setRedirectUrl(this.redirectUrl);
        }
        if (!StringUtils.isNotBlank(this.loginMethod)) {
            if (this.systemSettingsController.getSiteHost().equals(this.request.getServerName())) {
                return;
            }
            handleExternalLogin(AuthSource.ILLUSION_INTERNAL);
        } else {
            AuthSource valueOf = AuthSource.valueOf(this.loginMethod);
            if (valueOf != null) {
                handleExternalLogin(valueOf);
            }
        }
    }

    public String getLoginEmail() {
        return this.loginEmail;
    }

    public void setLoginEmail(String str) {
        this.loginEmail = str;
    }

    public String getLoginPassword() {
        return this.loginPassword;
    }

    public void setLoginPassword(String str) {
        this.loginPassword = str;
    }

    public void login() {
        AuthenticationStrategy strategy = getStrategy(AuthSource.INTERNAL);
        if (strategy == null) {
            this.logger.severe("Could not find internal authentication strategy");
            return;
        }
        try {
            if (strategy instanceof InternalAuthenticationStrategy) {
                Locale locale = this.sessionController.getLocale();
                HashMap hashMap = new HashMap();
                hashMap.put(OAuth.OAUTH_USERNAME, new String[]{getLoginEmail()});
                hashMap.put(OAuth.OAUTH_PASSWORD, new String[]{getLoginPassword()});
                UserToken accessToken = strategy.accessToken(locale, hashMap);
                if (accessToken != null) {
                    login(accessToken);
                } else {
                    FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.invalidCredentials"));
                }
            }
        } catch (EmailDoesNotMatchLoggedUserException e) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.userConflictEmailDoesNotMatchLoggedUser"));
        } catch (ExternalLoginFailedException e2) {
            this.logger.log(Level.SEVERE, "Login with external authentication source failed", (Throwable) e2);
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.externalLoginFailed"));
        } catch (IdentityBelongsToAnotherUserException e3) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.userConflictIdentityBelongsToAnotherUser"));
        } catch (InvalidCredentialsException e4) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.invalidCredentials"));
        } catch (MultipleEmailAccountsException e5) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.userConflictMultipleEmailAccounts"));
        } catch (UserNotConfirmedException e6) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.userNotVerified"));
        } catch (IOException e7) {
            this.logger.log(Level.SEVERE, "Login redirect failed because of malformed url", (Throwable) e7);
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, "Internal Error");
        }
    }

    public String getRegisterFirstName() {
        return this.registerFirstName;
    }

    public void setRegisterFirstName(String str) {
        this.registerFirstName = str;
    }

    public String getRegisterLastName() {
        return this.registerLastName;
    }

    public void setRegisterLastName(String str) {
        this.registerLastName = str;
    }

    public String getRegisterEmail() {
        return this.registerEmail;
    }

    public void setRegisterEmail(String str) {
        this.registerEmail = str;
    }

    public String getRegisterPassword1() {
        return this.registerPassword1;
    }

    public void setRegisterPassword1(String str) {
        this.registerPassword1 = str;
    }

    public String getRegisterPassword2() {
        return this.registerPassword2;
    }

    public void setRegisterPassword2(String str) {
        this.registerPassword2 = str;
    }

    public void register() {
        boolean z = true;
        if (StringUtils.isBlank(getRegisterPassword1())) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.registerPasswordRequired"));
            z = false;
        }
        if (z && !getRegisterPassword1().equals(getRegisterPassword2())) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.registrationPasswordsDontMatch"));
            z = false;
        }
        if (z) {
            if (this.userController.findUserByEmail(getRegisterEmail()) != null) {
                FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.registrationUserWithSpecifiedEmailAlreadyExists"));
                return;
            }
            User createUser = this.userController.createUser(getRegisterFirstName(), getRegisterLastName(), null, this.sessionController.getLocale(), new Date(), UserProfileImageSource.GRAVATAR);
            this.userController.createUserEmail(createUser, getRegisterEmail(), Boolean.TRUE);
            String md5Hex = DigestUtils.md5Hex(getRegisterPassword1());
            UserVerificationKey createVerificationKey = this.authenticationController.createVerificationKey(createUser, getRegisterEmail());
            this.authenticationController.createInternalAuth(createUser, md5Hex);
            ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
            String str = externalContext.getRequestScheme() + "://" + externalContext.getRequestServerName() + ":" + externalContext.getRequestServerPort() + externalContext.getRequestContextPath() + ("/users/verify/" + createVerificationKey.getValue());
            String localizedValue = FacesUtils.getLocalizedValue("users.login.verificationEmailTitle");
            String localizedValue2 = FacesUtils.getLocalizedValue("users.login.verificationEmailContent", str);
            try {
                String setting = this.systemSettingsController.getSetting(SystemSettingKey.SYSTEM_MAILER_NAME);
                String setting2 = this.systemSettingsController.getSetting(SystemSettingKey.SYSTEM_MAILER_MAIL);
                if (StringUtils.isNotBlank(setting2) && StringUtils.isNotBlank(setting2)) {
                    this.mailer.sendMail(setting2, setting, getRegisterEmail(), createUser.getFullName(), localizedValue, localizedValue2, "text/plain");
                    FacesUtils.addMessage(FacesMessage.SEVERITY_INFO, FacesUtils.getLocalizedValue("users.login.verificationEmailSent"));
                } else {
                    FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.verificationSendingFailed"));
                    this.logger.log(Level.SEVERE, "Could not send verification mail because system mailer settings were missing");
                }
            } catch (MessagingException e) {
                FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.verificationSendingFailed"));
                this.logger.log(Level.SEVERE, "Could not send verification mail", e);
            }
        }
    }

    public String getForgotPasswordEmail() {
        return this.forgotPasswordEmail;
    }

    public void setForgotPasswordEmail(String str) {
        this.forgotPasswordEmail = str;
    }

    public void forgotPassword() {
        if (StringUtils.isBlank(getForgotPasswordEmail())) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.resetPasswordEmail"));
            return;
        }
        User findUserByEmail = this.userController.findUserByEmail(getForgotPasswordEmail());
        if (findUserByEmail == null) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.resetPasswordUserNotFound"));
            return;
        }
        PasswordResetKey generatePasswordResetKey = this.authenticationController.generatePasswordResetKey(findUserByEmail);
        ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
        String str = externalContext.getRequestScheme() + "://" + externalContext.getRequestServerName() + ":" + externalContext.getRequestServerPort() + externalContext.getRequestContextPath() + ("/users/resetpassword/" + generatePasswordResetKey.getValue());
        try {
            this.mailer.sendMail(this.systemSettingsController.getSetting(SystemSettingKey.SYSTEM_MAILER_MAIL), this.systemSettingsController.getSetting(SystemSettingKey.SYSTEM_MAILER_NAME), getForgotPasswordEmail(), findUserByEmail.getFullName(), FacesUtils.getLocalizedValue("users.login.resetPasswordEmailTitle"), FacesUtils.getLocalizedValue("users.login.resetPasswordEmailContent", str), "text/html");
            FacesUtils.addMessage(FacesMessage.SEVERITY_INFO, FacesUtils.getLocalizedValue("users.login.resetPasswordEmailSent", getForgotPasswordEmail()));
        } catch (MessagingException e) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.resetPasswordSendingFailed"));
        }
    }

    private void handleExternalLogin(AuthSource authSource) {
        ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
        Map<String, String[]> requestParameterValuesMap = externalContext.getRequestParameterValuesMap();
        AuthenticationStrategy strategy = getStrategy(authSource);
        if (strategy == null) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.invalidAuthenticationStrategy"));
            return;
        }
        try {
            if (strategy instanceof OAuthAuthenticationStrategy) {
                OAuthAuthenticationStrategy oAuthAuthenticationStrategy = (OAuthAuthenticationStrategy) strategy;
                if (!strategy.getSupportLogin() && !this.sessionController.isLoggedIn()) {
                    FacesUtils.addMessage(FacesMessage.SEVERITY_ERROR, FacesUtils.getLocalizedValue("users.login.authenticationStrategyDoesNotSupportLogginIn"));
                } else if (!"1".equals(this.returnParam)) {
                    externalContext.redirect(oAuthAuthenticationStrategy.authorize(requestParameterValuesMap.get("extraScopes")));
                } else if (StringUtils.isBlank(this.error)) {
                    UserToken accessToken = oAuthAuthenticationStrategy.accessToken(externalContext.getRequestLocale(), requestParameterValuesMap);
                    if (accessToken != null) {
                        login(accessToken);
                    } else {
                        FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.externalLoginFailed"));
                    }
                } else if (OAuthError.CodeResponse.ACCESS_DENIED.equals(this.error)) {
                    FacesUtils.addMessage(FacesMessage.SEVERITY_WARN, FacesUtils.getLocalizedValue("users.login.noGrant"));
                } else {
                    FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, this.error);
                }
            }
        } catch (ConfigurationErrorException e) {
            this.logger.log(Level.SEVERE, "Login failed because of configuration error", (Throwable) e);
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("generic.configurationError"));
        } catch (EmailDoesNotMatchLoggedUserException e2) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.userConflictEmailDoesNotMatchLoggedUser"));
        } catch (ExternalLoginFailedException e3) {
            this.logger.log(Level.SEVERE, "Login with external authentication source failed", (Throwable) e3);
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.externalLoginFailed"));
        } catch (IdentityBelongsToAnotherUserException e4) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.userConflictIdentityBelongsToAnotherUser"));
        } catch (MultipleEmailAccountsException e5) {
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("users.login.userConflictMultipleEmailAccounts"));
        } catch (IOException e6) {
            this.logger.log(Level.SEVERE, "Login redirect failed because of malformed url", (Throwable) e6);
            FacesUtils.addMessage(FacesMessage.SEVERITY_FATAL, FacesUtils.getLocalizedValue("generic.configurationError"));
        }
    }

    public String getReturnParam() {
        return this.returnParam;
    }

    public void setReturnParam(String str) {
        this.returnParam = str;
    }

    public String getRedirectUrl() {
        return this.redirectUrl;
    }

    public void setRedirectUrl(String str) {
        this.redirectUrl = str;
    }

    public String getLoginMethod() {
        return this.loginMethod;
    }

    public void setLoginMethod(String str) {
        this.loginMethod = str;
    }

    public String getError() {
        return this.error;
    }

    public void setError(String str) {
        this.error = str;
    }

    private void login(UserToken userToken) throws IOException {
        this.sessionController.login(userToken);
        ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
        String requestContextPath = externalContext.getRequestContextPath();
        String redirectUrl = this.sessionController.getRedirectUrl();
        if (StringUtils.isBlank(redirectUrl)) {
            redirectUrl = requestContextPath + "/";
        }
        User user = userToken.getUserIdentifier().getUser();
        if (StringUtils.isBlank(user.getFirstName()) || StringUtils.isBlank(user.getLastName())) {
            redirectUrl = requestContextPath + "/editprofile?redirectUrl=" + URLEncoder.encode(redirectUrl, "UTF-8");
        }
        externalContext.redirect(redirectUrl);
    }

    private AuthenticationStrategy getStrategy(AuthSource authSource) {
        for (AuthenticationStrategy authenticationStrategy : this.authenticationStrategies) {
            if (authenticationStrategy.getAuthSource().equals(authSource)) {
                return authenticationStrategy;
            }
        }
        return null;
    }
}
