package org.codehaus.plexus.redback.xwork.action;

import com.opensymphony.xwork.Action;
import java.util.ArrayList;
import org.codehaus.plexus.redback.authentication.AuthenticationDataSource;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.codehaus.plexus.redback.authentication.TokenBasedAuthenticationDataSource;
import org.codehaus.plexus.redback.configuration.UserConfiguration;
import org.codehaus.plexus.redback.keys.AuthenticationKey;
import org.codehaus.plexus.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.redback.users.UserQuery;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.redback.xwork.util.AutoLoginCookies;
import org.codehaus.plexus.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/redback-xwork-integration-1.0.3.jar:org/codehaus/plexus/redback/xwork/action/LoginAction.class */
public class LoginAction extends AbstractSecurityAction implements CancellableAction {
    private static final String LOGIN_SUCCESS = "security-login-success";
    private static final String PASSWORD_CHANGE = "security-must-change-password";
    private static final String ACCOUNT_LOCKED = "security-login-locked";
    protected SecuritySystem securitySystem;
    private String username;
    private String password;
    private String validateMe;
    private String resetPassword;
    private boolean rememberMe;
    private AutoLoginCookies autologinCookies;
    private UserConfiguration config;

    public String show() {
        return Action.INPUT;
    }

    public String login() {
        if (StringUtils.isNotEmpty(this.validateMe)) {
            return validated();
        }
        if (StringUtils.isNotEmpty(this.resetPassword)) {
            return resetPassword();
        }
        if (StringUtils.isEmpty(this.username)) {
            addFieldError(UserQuery.ORDER_BY_USERNAME, getText("username.required"));
            return "error";
        }
        PasswordBasedAuthenticationDataSource passwordBasedAuthenticationDataSource = new PasswordBasedAuthenticationDataSource();
        passwordBasedAuthenticationDataSource.setPrincipal(this.username);
        passwordBasedAuthenticationDataSource.setPassword(this.password);
        return webLogin(passwordBasedAuthenticationDataSource, this.rememberMe);
    }

    public String resetPassword() {
        if (StringUtils.isEmpty(this.resetPassword)) {
            addActionError(getText("reset.password.missing"));
            return "error";
        }
        try {
            AuthenticationKey findKey = this.securitySystem.getKeyManager().findKey(this.resetPassword);
            User findUser = this.securitySystem.getUserManager().findUser(findKey.getForPrincipal());
            findUser.setPasswordChangeRequired(true);
            findUser.setEncodedPassword("");
            TokenBasedAuthenticationDataSource tokenBasedAuthenticationDataSource = new TokenBasedAuthenticationDataSource();
            tokenBasedAuthenticationDataSource.setPrincipal(findUser.getPrincipal().toString());
            tokenBasedAuthenticationDataSource.setToken(findKey.getKey());
            this.securitySystem.getUserManager().updateUser(findUser);
            return webLogin(tokenBasedAuthenticationDataSource, false);
        } catch (KeyNotFoundException e) {
            getLogger().info("Invalid key requested: " + this.resetPassword);
            addActionError(getText("cannot.find.key"));
            return "error";
        } catch (KeyManagerException e2) {
            addActionError(getText("cannot.find.key.at.the.moment"));
            getLogger().warn("Key Manager error: ", e2);
            return "error";
        } catch (UserNotFoundException e3) {
            addActionError(getText("cannot.find.user"));
            return "error";
        }
    }

    public String validated() {
        if (StringUtils.isEmpty(this.validateMe)) {
            addActionError(getText("validation.failure.key.missing"));
            return "error";
        }
        try {
            AuthenticationKey findKey = this.securitySystem.getKeyManager().findKey(this.validateMe);
            User findUser = this.securitySystem.getUserManager().findUser(findKey.getForPrincipal());
            findUser.setValidated(true);
            findUser.setLocked(false);
            findUser.setPasswordChangeRequired(true);
            findUser.setEncodedPassword("");
            TokenBasedAuthenticationDataSource tokenBasedAuthenticationDataSource = new TokenBasedAuthenticationDataSource();
            tokenBasedAuthenticationDataSource.setPrincipal(findUser.getPrincipal().toString());
            tokenBasedAuthenticationDataSource.setToken(findKey.getKey());
            this.securitySystem.getUserManager().updateUser(findUser);
            return webLogin(tokenBasedAuthenticationDataSource, false);
        } catch (KeyNotFoundException e) {
            getLogger().info("Invalid key requested: " + this.validateMe);
            addActionError(getText("cannot.find.key"));
            return "error";
        } catch (KeyManagerException e2) {
            addActionError(getText("cannot.find.key.at.the.momment"));
            return "error";
        } catch (UserNotFoundException e3) {
            addActionError(getText("cannot.find.user"));
            return "error";
        }
    }

    @Override // org.codehaus.plexus.redback.xwork.action.CancellableAction
    public String cancel() {
        return CancellableAction.CANCEL;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getValidateMe() {
        return this.validateMe;
    }

    public void setValidateMe(String str) {
        this.validateMe = str;
    }

    @Override // org.codehaus.plexus.redback.xwork.action.AbstractSecurityAction
    public SecureActionBundle initSecureActionBundle() throws SecureActionException {
        return SecureActionBundle.OPEN;
    }

    public String getResetPassword() {
        return this.resetPassword;
    }

    public void setResetPassword(String str) {
        this.resetPassword = str;
    }

    public boolean isRememberMe() {
        return this.rememberMe;
    }

    public void setRememberMe(boolean z) {
        this.rememberMe = z;
    }

    private String webLogin(AuthenticationDataSource authenticationDataSource, boolean z) {
        setAuthTokens(null);
        clearErrorsAndMessages();
        try {
            SecuritySession authenticate = this.securitySystem.authenticate(authenticationDataSource);
            if (authenticate.getAuthenticationResult().isAuthenticated()) {
                setAuthTokens(authenticate);
                if (this.securitySystem.getPolicy().getUserValidationSettings().isEmailValidationRequired() && !authenticate.getUser().getUsername().equals(this.config.getString("redback.default.admin")) && !authenticate.getUser().isValidated()) {
                    setAuthTokens(null);
                    addActionError(getText("account.validation.required"));
                    return "error";
                }
                if (z) {
                    this.autologinCookies.setRememberMeCookie(authenticationDataSource.getPrincipal());
                }
                this.autologinCookies.setSignonCookie(authenticationDataSource.getPrincipal());
                return authenticate.getUser().isLocked() ? ACCOUNT_LOCKED : authenticate.getUser().isPasswordChangeRequired() ? PASSWORD_CHANGE : LOGIN_SUCCESS;
            }
            getLogger().debug("Login Action failed against principal : " + authenticate.getAuthenticationResult().getPrincipal(), authenticate.getAuthenticationResult().getException());
            AuthenticationResult authenticationResult = authenticate.getAuthenticationResult();
            if (authenticationResult.getExceptionsMap() == null || authenticationResult.getExceptionsMap().isEmpty()) {
                addActionError(getText("authentication.failed"));
                return "error";
            }
            if (authenticationResult.getExceptionsMap().get("1") != null) {
                addActionError(getText("incorrect.username.password"));
                return "error";
            }
            addActionError(getText("authentication.failed"));
            return "error";
        } catch (AuthenticationException e) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(e.getMessage());
            addActionError(getText("authentication.exception", arrayList));
            return "error";
        } catch (AccountLockedException e2) {
            addActionError(getText("account.locked"));
            return ACCOUNT_LOCKED;
        } catch (UserNotFoundException e3) {
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(this.username);
            arrayList2.add(e3.getMessage());
            addActionError(getText("user.not.found.exception", arrayList2));
            return "error";
        }
    }
}
