package rapture.kernel;

import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import rapture.common.CallingContext;
import rapture.common.exception.RaptureException;
import rapture.common.exception.RaptureExceptionFactory;
import rapture.common.exception.RaptureExceptionFormatter;
import rapture.common.impl.jackson.JacksonUtil;
import rapture.common.impl.jackson.MD5Utils;
import rapture.common.model.ContextResponseData;
import rapture.common.model.RaptureUser;
import rapture.common.model.RaptureUserStorage;
import rapture.common.version.ApiVersion;
import rapture.common.version.ApiVersionComparator;
import rapture.server.ServerApiVersion;
import rapture.util.IDGenerator;

/* loaded from: input_file:rapture/kernel/Login.class */
public class Login extends KernelBase {
    private static Logger log = Logger.getLogger(Login.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:rapture/kernel/Login$KernelInfo.class */
    public class KernelInfo {
        private String version = "0.1";
        private String applicationName = "Rapture";

        KernelInfo() {
        }

        public String getApplicationName() {
            return this.applicationName;
        }

        public String getVersion() {
            return this.version;
        }

        public void setApplicationName(String str) {
            this.applicationName = str;
        }

        public void setVersion(String str) {
            this.version = str;
        }
    }

    public Login(Kernel kernel) {
        super(kernel);
    }

    public CallingContext checkLogin(String str, String str2, String str3, ApiVersion apiVersion) {
        long currentTimeMillis = System.currentTimeMillis();
        String str4 = "session/" + str;
        if (!ApiVersionComparator.INSTANCE.isCompatible(apiVersion)) {
            throw RaptureExceptionFactory.create(400, String.format("Client API Version (%s) does not match server API Version (%s)", apiVersion, ServerApiVersion.getApiVersion()));
        }
        CallingContext callingContext = (CallingContext) JacksonUtil.objectFromJson(getEphemeralRepo().getDocument(str4), CallingContext.class);
        RaptureUser user = Kernel.getAdmin().getUser(ContextFactory.getKernelUser(), str2);
        String format = String.format("username or password invalid (attempted username '%s')", str2);
        if (user == null) {
            throw RaptureExceptionFactory.create(401, format);
        }
        if (str2.equals(callingContext.getUser())) {
            if (user.getInactive().booleanValue()) {
                throw RaptureExceptionFactory.create(401, "Cannot login as an inactive user");
            }
            if (!user.getVerified().booleanValue()) {
                throw RaptureExceptionFactory.create(401, "This account has not yet been verified. Please check your email at " + user.getEmailAddress() + " for the verification link.-");
            }
            if (user.getApiKey().booleanValue()) {
                callingContext.setValid(true);
            } else {
                if (!MD5Utils.hash16(user.getHashPassword() + ":" + callingContext.getSalt()).equals(str3)) {
                    RaptureException create = RaptureExceptionFactory.create(401, format);
                    log.info(RaptureExceptionFormatter.getExceptionMessage(create, "Passwords do not match"));
                    throw create;
                }
                callingContext.setValid(true);
                String str5 = "User " + str2 + " logged in";
                log.info(str5);
                Kernel.writeComment(str5);
            }
        }
        getEphemeralRepo().addToStage("official", str4, JacksonUtil.jsonFromObject(callingContext), false);
        getEphemeralRepo().commitStage("official", "admin", "session validation");
        Kernel.getAudit().getTrusted().writeAuditEntry(callingContext, "log://kernel", "login", 0, String.format("User [%s] has logged in", str2));
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.checkLogin.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return callingContext;
    }

    public ContextResponseData getContextForUser(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        log.info("Checking user " + str + " exists.");
        RaptureUser user = Kernel.getAdmin().getUser(ContextFactory.getKernelUser(), str);
        if (user == null) {
            throw RaptureExceptionFactory.create(401, String.format("No such user: '%s'", str));
        }
        log.info("Found user " + user.getUsername());
        String uuid = IDGenerator.getUUID();
        log.info("Context id is " + uuid);
        ContextResponseData contextResponseData = new ContextResponseData();
        contextResponseData.setContextId(uuid);
        contextResponseData.setSalt(IDGenerator.getUUID());
        CallingContext callingContext = new CallingContext();
        callingContext.setContext(uuid);
        callingContext.setSalt(contextResponseData.getSalt());
        callingContext.setUser(str);
        getEphemeralRepo().addToStage("official", "session/" + uuid, JacksonUtil.jsonFromObject(callingContext), false);
        getEphemeralRepo().commitStage("official", "admin", "session creation");
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.getContextForUser.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return contextResponseData;
    }

    public KernelInfo getInfo() {
        return new KernelInfo();
    }

    public CallingContext loginWithHash(String str, String str2) {
        return loginWithHash(str, str2, null);
    }

    public CallingContext loginWithHash(String str, String str2, ApiVersion apiVersion) {
        long currentTimeMillis = System.currentTimeMillis();
        if (str2 == null) {
            throw new IllegalArgumentException("Password cannot be null");
        }
        if (str == null) {
            throw new IllegalArgumentException("Username cannot be null");
        }
        ContextResponseData contextForUser = getContextForUser(str);
        CallingContext checkLogin = checkLogin(contextForUser.getContextId(), str, MD5Utils.hash16(str2 + ":" + contextForUser.getSalt()), apiVersion);
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.loginWithHash.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return checkLogin;
    }

    public CallingContext login(String str, String str2) {
        return login(str, str2, null);
    }

    public CallingContext login(String str, String str2, ApiVersion apiVersion) {
        long currentTimeMillis = System.currentTimeMillis();
        if (str2 == null) {
            throw new IllegalArgumentException("Password cannot be null");
        }
        if (str == null) {
            throw new IllegalArgumentException("Username cannot be null");
        }
        ContextResponseData contextForUser = getContextForUser(str);
        CallingContext checkLogin = checkLogin(contextForUser.getContextId(), str, MD5Utils.hash16(MD5Utils.hash16(str2) + ":" + contextForUser.getSalt()), apiVersion);
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.login.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return checkLogin;
    }

    public String createRegistrationToken(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        String createRegistrationToken = Kernel.getAdmin().createRegistrationToken(ContextFactory.getKernelUser(), str);
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.login.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return createRegistrationToken;
    }

    public String createPasswordResetToken(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        String createPasswordResetToken = Kernel.getAdmin().createPasswordResetToken(ContextFactory.getKernelUser(), str);
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.login.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
        return createPasswordResetToken;
    }

    public void cancelPasswordResetToken(String str) {
        long currentTimeMillis = System.currentTimeMillis();
        Kernel.getAdmin().cancelPasswordResetToken(ContextFactory.getKernelUser(), str);
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.login.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
    }

    public void resetPassword(String str, String str2, String str3) {
        long currentTimeMillis = System.currentTimeMillis();
        CallingContext kernelUser = ContextFactory.getKernelUser();
        RaptureUser user = Kernel.getAdmin().getUser(kernelUser, str);
        if (StringUtils.isBlank(user.getPasswordResetToken()) || !str3.equals(user.getPasswordResetToken())) {
            throw RaptureExceptionFactory.create("Invalid password reset token");
        }
        if (user.getTokenExpirationTime().longValue() <= System.currentTimeMillis()) {
            throw RaptureExceptionFactory.create("Password reset token has expired");
        }
        user.setHashPassword(str2);
        RaptureUserStorage.add(user, str, "Reset password for user " + str);
        Kernel.getAdmin().cancelPasswordResetToken(kernelUser, str);
        Kernel.getMetricsService().recordTimeDifference("apiMetrics.loginApi.login.fullFunctionTime.succeeded", Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
    }
}
