package pl.edu.icm.yadda.remoting.watchdog.impl;

import org.opensaml.lite.xacml.ctx.DecisionType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.edu.icm.yadda.aas.client.ISecuritySession;
import pl.edu.icm.yadda.aas.client.LoginResult;
import pl.edu.icm.yadda.aas.client.SecuritySessionImpl;
import pl.edu.icm.yadda.aas.client.authn.IAuthenticationManager;
import pl.edu.icm.yadda.remoting.watchdog.IValidator;
import pl.edu.icm.yadda.remoting.watchdog.ValidationIssue;
import pl.edu.icm.yadda.service2.aas.AAError;
import pl.edu.icm.yadda.service2.user.UserCatalogConstants;
import pl.edu.icm.yadda.service2.user.token.AnonymousToken;
import pl.edu.icm.yadda.service2.user.token.IpAwareLoginPasswordToken;
import pl.edu.icm.yadda.service2.usersession.ISessionService;

/* loaded from: input_file:WEB-INF/classes/pl/edu/icm/yadda/remoting/watchdog/impl/AuthenticateValidator.class */
public class AuthenticateValidator implements IValidator<YaddaRepositoryContext> {
    protected String login;
    protected String password;
    protected String domain;
    protected boolean anonymous;
    protected Logger log = LoggerFactory.getLogger(getClass());
    protected String ipAddress = "127.0.0.1";

    protected String getDomain(YaddaRepositoryContext yaddaRepositoryContext) {
        if (this.domain != null) {
            return this.domain;
        }
        String str = yaddaRepositoryContext.discoverer.getProperties().get(UserCatalogConstants.DOMAIN_ROOT_PROPERTY);
        if (str != null) {
            return str + UserCatalogConstants.DL_DOMAIN_SUFFIX;
        }
        return null;
    }

    @Override // pl.edu.icm.yadda.remoting.watchdog.IValidator
    public ValidationIssue[] validate(YaddaRepositoryContext yaddaRepositoryContext) {
        ISessionService sessionService = yaddaRepositoryContext.getSessionService();
        IAuthenticationManager authenticationManager = yaddaRepositoryContext.getAuthenticationManager();
        try {
            sessionService.bind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME, new SecuritySessionImpl("wathchdog", this.ipAddress));
            LoginResult login = this.anonymous ? authenticationManager.login(new AnonymousToken(this.ipAddress)) : authenticationManager.login(new IpAwareLoginPasswordToken(this.login, this.password, this.ipAddress, getDomain(yaddaRepositoryContext)));
            if (login.getDecition() == DecisionType.DECISION.Permit) {
                return null;
            }
            ValidationIssue[] validationIssueArr = new ValidationIssue[login.getErrors().size() + 1];
            int i = 0 + 1;
            validationIssueArr[0] = new ValidationIssue(ValidationIssue.Level.FAILURE, "Authentication failed. Decision is " + login.getDecition());
            for (AAError aAError : login.getErrors()) {
                int i2 = i;
                i++;
                validationIssueArr[i2] = new ValidationIssue(ValidationIssue.Level.FAILURE, "Authentication error " + aAError.toString(), aAError.getThrowable());
            }
            return validationIssueArr;
        } catch (Exception e) {
            return new ValidationIssue[]{new ValidationIssue(ValidationIssue.Level.FAILURE, "Exception thrown during authentication", e)};
        }
    }

    public void setLogin(String str) {
        this.login = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setIpAddress(String str) {
        this.ipAddress = str;
    }

    public void setAnonymous(boolean z) {
        this.anonymous = z;
    }

    public void setDomain(String str) {
        this.domain = str;
    }
}
