package pl.edu.icm.yadda.aas.client;

import org.opensaml.lite.xacml.ctx.DecisionType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.yadda.aas.client.ISubstitueUser;
import pl.edu.icm.yadda.aas.client.authn.IAuthenticationManager;
import pl.edu.icm.yadda.service2.aas.AAError;
import pl.edu.icm.yadda.service2.user.token.IpAwareLoginPasswordToken;
import pl.edu.icm.yadda.service2.usersession.ISessionService;

/* loaded from: input_file:WEB-INF/lib/yadda-aas2-common-4.4.17-SNAPSHOT.jar:pl/edu/icm/yadda/aas/client/SubstituteUserImpl.class */
public class SubstituteUserImpl implements ISubstitueUser {
    protected Logger log = LoggerFactory.getLogger(getClass());
    protected ISessionService sessionService;
    protected IAuthenticationManager authnManager;
    protected String predefinedDomain;

    @Override // pl.edu.icm.yadda.aas.client.ISubstitueUser
    public <R> R su(String str, String str2, String str3, ISubstitueUser.Callback<R> callback) throws Exception {
        String sessionId = this.sessionService.getSessionId();
        ISecuritySession iSecuritySession = (ISecuritySession) this.sessionService.get(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME);
        this.sessionService.unbind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME);
        try {
            this.sessionService.bind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME, new SecuritySessionImpl(sessionId + "#su", str3));
            LoginResult login = this.authnManager.login(new IpAwareLoginPasswordToken(str, str2, str3, this.predefinedDomain));
            if (login.getDecition() == DecisionType.DECISION.Permit) {
                R run = callback.run();
                this.sessionService.bind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME, iSecuritySession);
                return run;
            }
            this.log.error("Authentication for user " + str + (str3 != null ? "@" + str3 : "") + " decision is" + login.getDecition());
            this.log.error("The following errors occurred:");
            for (AAError aAError : login.getErrors()) {
                this.log.error(aAError.toString());
                if (aAError.getThrowable() != null && this.log.isDebugEnabled()) {
                    this.log.debug("Exception caught", aAError.getThrowable());
                }
            }
            return null;
        } finally {
            this.sessionService.bind(ISecuritySession.SECURITY_SESSION_ATTRIBUTE_NAME, iSecuritySession);
        }
    }

    @Required
    public void setSessionService(ISessionService iSessionService) {
        this.sessionService = iSessionService;
    }

    @Required
    public void setAuthnManager(IAuthenticationManager iAuthenticationManager) {
        this.authnManager = iAuthenticationManager;
    }

    public void setPredefinedDomain(String str) {
        this.predefinedDomain = str;
    }
}
