package pl.edu.icm.yadda.desklight.services.security.aas;

import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.lite.xacml.ctx.DecisionType;
import pl.edu.icm.yadda.aas.client.LoginResult;
import pl.edu.icm.yadda.aas.client.SecuritySessionImpl;
import pl.edu.icm.yadda.aas.client.authn.IAuthenticationManager;
import pl.edu.icm.yadda.aas.usercatalog.service.IUserCatalogFacade;
import pl.edu.icm.yadda.aas.usercatalog.service.IUserEditorFacade;
import pl.edu.icm.yadda.desklight.services.RepositoryException;
import pl.edu.icm.yadda.desklight.services.security.AccessControl;
import pl.edu.icm.yadda.desklight.services.security.AccessValidator;
import pl.edu.icm.yadda.desklight.services.security.SecurityContext;
import pl.edu.icm.yadda.desklight.ui.context.SecurityManagementContext;
import pl.edu.icm.yadda.desklight.ui.context.SecurityManagementContext2;
import pl.edu.icm.yadda.desklight.ui.context.security2.SecurityManagementContext2Impl;
import pl.edu.icm.yadda.service2.aas.AAError;
import pl.edu.icm.yadda.service2.user.token.IpAwareLoginPasswordToken;
import pl.edu.icm.yadda.service2.user.token.LoginPasswordToken;
import pl.edu.icm.yadda.service2.usersession.ISessionService;

/* loaded from: input_file:pl/edu/icm/yadda/desklight/services/security/aas/AASSecurityContext.class */
public class AASSecurityContext implements SecurityContext {
    private static final Log log = LogFactory.getLog(AASSecurityContext.class);
    IAuthenticationManager authnManager;
    ISessionService sessionService;
    IUserEditorFacade userEditorFacade;
    IUserCatalogFacade userCatalogFacade;
    IUserEditorFacade webUserEditorFacade;
    IUserCatalogFacade webUserCatalogFacade;
    SecurityManagementContext2 securityManagementContext2;
    String login = null;
    protected String domain;
    protected AASBasedAccessControl av;

    public AASSecurityContext() {
    }

    public AASSecurityContext(IAuthenticationManager iAuthenticationManager, ISessionService iSessionService) {
        this.authnManager = iAuthenticationManager;
        this.sessionService = iSessionService;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public boolean isEnabled() {
        return true;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public boolean login(String str, String str2) throws RepositoryException {
        this.sessionService.bind("AasSecuritySession", new SecuritySessionImpl(this.sessionService.getSessionId(), (String) null, "10.0.0.1"));
        LoginResult login = this.authnManager.login(new IpAwareLoginPasswordToken(str, str2, "10.0.0.1", this.domain));
        if (!login.getErrors().isEmpty()) {
            log.warn("Login failed due to the following errors.");
            for (AAError aAError : login.getErrors()) {
                log.warn("AAerror:" + aAError, aAError.getThrowable());
            }
            throw new RepositoryException(((AAError) login.getErrors().get(0)).toString(), ((AAError) login.getErrors().get(0)).getThrowable());
        }
        if (!DecisionType.DECISION.Permit.equals(login.getDecition())) {
            log.info("Failed to log in. Decision: " + login.getDecition());
            return false;
        }
        this.av.invalidate();
        this.login = str;
        log.info("Sucecssfully logged in as " + this.login + ".");
        return true;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public boolean checkPassword(String str, String str2) {
        boolean z = false;
        LoginResult login = this.authnManager.login(new LoginPasswordToken(str, str2, this.domain));
        if (login.getErrors().isEmpty() && DecisionType.DECISION.Permit.equals(login.getDecition())) {
            z = true;
        }
        return z;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public void logout() {
        this.login = null;
        this.authnManager.logout();
        this.av.invalidate();
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public boolean isLoggedIn() {
        return AASLogonHelper.isLoggedIn(this.sessionService);
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public String getUserLogin() {
        return this.login;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public String getUserDescription() {
        return this.login;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public boolean hasRole(String str) {
        return this.av.hasRole(str);
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public Set<String> getRoles() {
        return this.av.getRoles();
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public AccessControl getAccessControl() {
        return this.av;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public AccessValidator getAccessValidator() {
        return this.av;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public SecurityManagementContext getSecurityManagementContext() {
        return null;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public SecurityManagementContext2 getSecurityManagementContext2() {
        return getSecurityManagementContext2(SecurityManagementContext2.CatalogDomain.DL);
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public SecurityManagementContext2 getSecurityManagementContext2(SecurityManagementContext2.CatalogDomain catalogDomain) {
        if (this.userCatalogFacade == null || this.webUserCatalogFacade == null) {
            throw new IllegalStateException("User catalog facade not set");
        }
        if (this.userEditorFacade == null || this.webUserEditorFacade == null) {
            throw new IllegalStateException("User editor facade not set");
        }
        if (this.securityManagementContext2 == null || !this.securityManagementContext2.getCatalogDomain().equals(catalogDomain)) {
            this.securityManagementContext2 = new SecurityManagementContext2Impl(catalogDomain == SecurityManagementContext2.CatalogDomain.DL ? this.userCatalogFacade : this.webUserCatalogFacade, catalogDomain == SecurityManagementContext2.CatalogDomain.DL ? this.userEditorFacade : this.webUserEditorFacade, catalogDomain);
        }
        return this.securityManagementContext2;
    }

    public void setUserEditorFacade(IUserEditorFacade iUserEditorFacade) {
        this.userEditorFacade = iUserEditorFacade;
    }

    public void setUserCatalogFacade(IUserCatalogFacade iUserCatalogFacade) {
        this.userCatalogFacade = iUserCatalogFacade;
    }

    public void setWebUserCatalogFacade(IUserCatalogFacade iUserCatalogFacade) {
        this.webUserCatalogFacade = iUserCatalogFacade;
    }

    public void setWebUserEditorFacade(IUserEditorFacade iUserEditorFacade) {
        this.webUserEditorFacade = iUserEditorFacade;
    }

    public void setAuthnManager(IAuthenticationManager iAuthenticationManager) {
        this.authnManager = iAuthenticationManager;
    }

    public void setSessionService(ISessionService iSessionService) {
        this.sessionService = iSessionService;
    }

    public void setAv(AASBasedAccessControl aASBasedAccessControl) {
        this.av = aASBasedAccessControl;
    }

    @Override // pl.edu.icm.yadda.desklight.services.security.SecurityContext
    public boolean isAASEnabled() {
        return true;
    }

    public void setDomain(String str) {
        this.domain = str;
    }
}
