package pl.edu.icm.yadda.process.aas;

import org.opensaml.lite.xacml.ctx.DecisionType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.yadda.aas.client.ISecuritySession;
import pl.edu.icm.yadda.aas.client.LoginResult;
import pl.edu.icm.yadda.aas.client.SecuritySessionImpl;
import pl.edu.icm.yadda.aas.client.authn.IAuthenticationManager;
import pl.edu.icm.yadda.process.AbstractSingleTargetNode;
import pl.edu.icm.yadda.process.Element;
import pl.edu.icm.yadda.process.IProcess;
import pl.edu.icm.yadda.process.ProcessContext;
import pl.edu.icm.yadda.process.harvester.Constants;
import pl.edu.icm.yadda.service2.aas.AAError;
import pl.edu.icm.yadda.service2.user.token.IpAwareLoginPasswordToken;
import pl.edu.icm.yadda.service2.usersession.ISessionService;

/* loaded from: input_file:WEB-INF/lib/bwmeta-process-4.4.10-SNAPSHOT.jar:pl/edu/icm/yadda/process/aas/AuthorizeNode.class */
public class AuthorizeNode<T> extends AbstractSingleTargetNode<T, T> {
    protected Logger log = LoggerFactory.getLogger(getClass());
    protected ISessionService sessionService;
    protected IAuthenticationManager authnManager;
    protected boolean authenticationFailure;

    /* loaded from: input_file:WEB-INF/lib/bwmeta-process-4.4.10-SNAPSHOT.jar:pl/edu/icm/yadda/process/aas/AuthorizeNode$Process.class */
    protected class Process extends AbstractSingleTargetNode<T, T>.SingleTargetProcess {
        protected Process(ProcessContext processContext, IProcess<T, ?> iProcess) {
            super(processContext, iProcess);
        }

        @Override // pl.edu.icm.yadda.process.AbstractProcess
        protected void processElement(Element<T> element) throws Exception {
            if (AuthorizeNode.this.authenticationFailure) {
                AuthorizeNode.this.log.error("We do not perform processing because authentication has failed");
            } else if (this.target == null || element == null) {
                this.context.getListener().sinkOutput(element.getVolume());
            } else {
                this.target.process((Element<O>) element);
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // pl.edu.icm.yadda.process.AbstractSingleTargetNode.SingleTargetProcess, pl.edu.icm.yadda.process.AbstractProcess
        public void finishTargets() {
            super.finishTargets();
        }
    }

    @Override // pl.edu.icm.yadda.process.AbstractSingleTargetNode
    protected IProcess<T, T> newProcess(ProcessContext processContext, IProcess<T, ?> iProcess) {
        return new Process(processContext, iProcess);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pl.edu.icm.yadda.process.AbstractSingleTargetNode
    public void finishProcess(ProcessContext processContext) {
        super.finishProcess(processContext);
        if ((((String) processContext.get(Constants.PARAM_AUTH_LOGIN)) == null && ((String) processContext.get("password")) == null && ((String) processContext.get(Constants.PARAM_AUTH_IP)) == null) ? false : true) {
            this.authnManager.logout();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pl.edu.icm.yadda.process.AbstractSingleTargetNode
    public void initProcess(ProcessContext processContext) {
        String str = (String) processContext.get(Constants.PARAM_AUTH_LOGIN);
        String str2 = (String) processContext.get("password");
        String str3 = (String) processContext.get(Constants.PARAM_AUTH_IP);
        String str4 = (String) processContext.get("domain");
        boolean z = (str == null && str2 == null && str3 == null) ? false : true;
        this.authenticationFailure = false;
        if (z) {
            this.sessionService.bind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME, new SecuritySessionImpl(this.sessionService.getSessionId(), (String) null, str3));
            LoginResult login = this.authnManager.login(new IpAwareLoginPasswordToken(str, str2, str3, str4));
            if (login.getDecition() != DecisionType.DECISION.Permit) {
                this.log.error("Authentication for user " + str + (str3 != null ? "@" + str3 : "") + " decision is" + login.getDecition());
                this.log.error("The following errors occurred:");
                for (AAError aAError : login.getErrors()) {
                    this.log.error(aAError.toString());
                    if (aAError.getThrowable() != null && this.log.isDebugEnabled()) {
                        this.log.debug("Exception caught", aAError.getThrowable());
                    }
                }
                this.authenticationFailure = true;
            }
        }
        super.initProcess(processContext);
    }

    @Required
    public void setSessionService(ISessionService iSessionService) {
        this.sessionService = iSessionService;
    }

    @Required
    public void setAuthnManager(IAuthenticationManager iAuthenticationManager) {
        this.authnManager = iAuthenticationManager;
    }
}
