package pl.edu.icm.yadda.aal.authentication;

import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import pl.edu.icm.model.bwmeta.desklight.ExternalReference;
import pl.edu.icm.yadda.aal.AalException;
import pl.edu.icm.yadda.aal.AalSession;
import pl.edu.icm.yadda.aal.Authentication;
import pl.edu.icm.yadda.aal.AuthenticationRequest;
import pl.edu.icm.yadda.aal.dao2.IAuthenticationDAO;
import pl.edu.icm.yadda.aal.model2.Group;
import pl.edu.icm.yadda.aal.model2.Role;
import pl.edu.icm.yadda.aal.model2.User;
import pl.edu.icm.yadda.bean.Configurable;
import pl.edu.icm.yadda.bean.ConfigurableUtitlities;
import pl.edu.icm.yadda.bean.Problem;
import pl.edu.icm.yadda.tools.encoding.MockPasswordEncoder;
import pl.edu.icm.yadda.tools.encoding.PasswordEncoder;

@Deprecated
/* loaded from: input_file:WEB-INF/lib/yadda-aal-4.4.22.jar:pl/edu/icm/yadda/aal/authentication/Service2LoginPasswordModule.class */
public class Service2LoginPasswordModule extends AbstractAuthenticationModule implements AuthenticationModule, Configurable {
    private static final int EXPIRATION_TIME = 60480000;
    public static final String MODE_OUT = "logout";
    public static final String LOGIN = "LOGIN";
    public static final String PASSWORD = "PASSWORD";
    private PasswordEncoder encoder = new MockPasswordEncoder();
    protected IAuthenticationDAO authenticationDAO;
    protected static final Logger log = LoggerFactory.getLogger(Service2LoginPasswordModule.class);
    public static final String MODE_IN = "login/password";
    private static final String[] modes = {MODE_IN, "logout"};

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/yadda-aal-4.4.22.jar:pl/edu/icm/yadda/aal/authentication/Service2LoginPasswordModule$NonFatalException.class */
    public class NonFatalException extends Exception {
        private static final long serialVersionUID = -7530785693721369434L;

        public NonFatalException(String str) {
            super(str);
        }
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public boolean authenticate(AalSession aalSession, AuthenticationRequest authenticationRequest) throws AalException {
        try {
            if (MODE_IN.equals(authenticationRequest.getMode())) {
                authenticateLogin(aalSession, authenticationRequest);
            } else if ("logout".equals(authenticationRequest.getMode())) {
                authenticateLogout(aalSession, authenticationRequest);
            }
            return true;
        } catch (NonFatalException e) {
            log.warn(e.getMessage());
            makeProblem(aalSession, authenticationRequest, new AalException(e.getMessage()));
            return true;
        }
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public boolean reauthenticate(AalSession aalSession, Authentication authentication) {
        if (aalSession == null || authentication == null) {
            return true;
        }
        try {
            if (!authentication.containsKey("LOGIN")) {
                throw new NonFatalException("Login not defined");
            }
            User fetchUser = fetchUser((String) authentication.get("LOGIN"));
            if (fetchUser == null) {
                throw new NonFatalException("Authentication error - cannot obtain user for login");
            }
            populateAuthorities(aalSession, fetchUser);
            return true;
        } catch (NonFatalException e) {
            log.warn(e.getMessage());
            makeProblem(aalSession, new AalException(e.getMessage()));
            return false;
        }
    }

    protected void authenticateLogin(AalSession aalSession, AuthenticationRequest authenticationRequest) throws NonFatalException {
        aalSession.setLogin(null);
        if (!authenticationRequest.containsKey("LOGIN")) {
            throw new NonFatalException("Login not defined");
        }
        if (!authenticationRequest.containsKey(PASSWORD)) {
            throw new NonFatalException("Password not defined");
        }
        String str = (String) authenticationRequest.get("LOGIN");
        String str2 = (String) authenticationRequest.get(PASSWORD);
        User fetchUser = fetchUser(str);
        if (fetchUser == null) {
            throw new NonFatalException("Authentication error - cannot obtain user for login " + str);
        }
        if (!fetchUser.isActivated()) {
            throw new NonFatalException("Account for login " + str + " is not active");
        }
        if (fetchUser.isDeleted()) {
            throw new NonFatalException("Account for login " + str + " is marked as deleted");
        }
        if (!passwordValid(fetchUser.getPassword(), str2)) {
            throw new NonFatalException("Authentication error - pair login/password not matched for user " + str);
        }
        aalSession.getAuthentications().add(buildAuthentication(str));
        populateAuthorities(aalSession, fetchUser);
    }

    protected boolean passwordValid(String str, String str2) {
        if (str == null) {
            return false;
        }
        return this.encoder.isPasswordValid(str2, str, null);
    }

    protected Authentication buildAuthentication(String str) {
        Authentication authentication = new Authentication();
        long currentTimeMillis = System.currentTimeMillis();
        authentication.setCreationTime(currentTimeMillis);
        authentication.setMode(MODE_IN);
        authentication.put("LOGIN", str);
        authentication.setExpireTime(currentTimeMillis + 60480000);
        return authentication;
    }

    protected void populateAuthorities(AalSession aalSession, User user) throws NonFatalException {
        aalSession.setLogin(user.getLogin());
        try {
            for (Group group : this.authenticationDAO.getGroupsOfUser(user.getLogin())) {
                aalSession.getGroups().add(group.getName(), MODE_IN);
                Iterator<ExternalReference<Role>> it = group.getRoles().iterator();
                while (it.hasNext()) {
                    aalSession.getRoles().add(this.authenticationDAO.getRoleById(it.next().getExtId()).getName(), MODE_IN);
                }
            }
            Iterator<ExternalReference<Role>> it2 = user.getRoles().iterator();
            while (it2.hasNext()) {
                aalSession.getRoles().add(this.authenticationDAO.getRoleById(it2.next().getExtId()).getName(), MODE_IN);
            }
        } catch (Exception e) {
            log.error("Exception when fetching user data", (Throwable) e);
            throw new NonFatalException("Exception when fetching user data");
        }
    }

    protected User fetchUser(String str) throws NonFatalException {
        try {
            return this.authenticationDAO.getUserByLogin(str);
        } catch (Exception e) {
            log.error("Exception when fetching user data", (Throwable) e);
            throw new NonFatalException("Exception when fetching user data");
        }
    }

    protected void authenticateLogout(AalSession aalSession, AuthenticationRequest authenticationRequest) throws NonFatalException {
        aalSession.setLogin(null);
        aalSession.getGroups().clear(MODE_IN);
        aalSession.getRoles().clear(MODE_IN);
        clearAuthentications(aalSession);
    }

    private void clearAuthentications(AalSession aalSession) {
        for (Authentication authentication : aalSession.getAuthentications()) {
            if (MODE_IN.equals(authentication.getMode())) {
                authentication.setDeleted(true);
            }
        }
    }

    @Override // pl.edu.icm.yadda.bean.Configurable
    public Problem[] isPrepared() {
        return ConfigurableUtitlities.arePrepared(new Object[]{this.authenticationDAO});
    }

    @Override // pl.edu.icm.yadda.bean.Configurable
    public void prepare() throws Exception {
        ConfigurableUtitlities.prepare(new Object[]{this.authenticationDAO});
    }

    @Override // pl.edu.icm.yadda.bean.Configurable
    public void destroy() throws Exception {
        ConfigurableUtitlities.destroy(new Object[]{this.authenticationDAO});
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String[] getDependencies() {
        return null;
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String getDescription() {
        return "Yadda2 Catalog based login/password authentication module";
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String[] getModes() {
        return modes;
    }

    @Override // pl.edu.icm.yadda.aal.authentication.AuthenticationModule
    public String getName() {
        return "Service2LoginPassword";
    }

    @Required
    public void setAuthenticationDAO(IAuthenticationDAO iAuthenticationDAO) {
        this.authenticationDAO = iAuthenticationDAO;
    }

    public void setEncoder(PasswordEncoder passwordEncoder) {
        this.encoder = passwordEncoder;
    }
}
