package org.apache.archiva.redback.rest.services;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
import java.util.TimeZone;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.AuthenticationFailureCause;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.keys.jdo.JdoAuthenticationKey;
import org.apache.archiva.redback.keys.memory.MemoryAuthenticationKey;
import org.apache.archiva.redback.keys.memory.MemoryKeyManager;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.rest.api.model.ErrorMessage;
import org.apache.archiva.redback.rest.api.model.LoginRequest;
import org.apache.archiva.redback.rest.api.model.User;
import org.apache.archiva.redback.rest.api.services.LoginService;
import org.apache.archiva.redback.rest.api.services.RedbackServiceException;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.UserManagerException;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("loginService#rest")
/* loaded from: input_file:WEB-INF/lib/redback-rest-services-2.3.jar:org/apache/archiva/redback/rest/services/DefaultLoginService.class */
public class DefaultLoginService implements LoginService {
    private Logger log = LoggerFactory.getLogger(getClass());
    private SecuritySystem securitySystem;
    private HttpAuthenticator httpAuthenticator;

    @Context
    private HttpServletRequest httpServletRequest;

    @Inject
    public DefaultLoginService(SecuritySystem securitySystem, @Named("httpAuthenticator#basic") HttpAuthenticator httpAuthenticator) {
        this.securitySystem = securitySystem;
        this.httpAuthenticator = httpAuthenticator;
    }

    @Override // org.apache.archiva.redback.rest.api.services.LoginService
    public String addAuthenticationKey(String str, String str2, String str3, int i) throws RedbackServiceException {
        KeyManager keyManager = this.securitySystem.getKeyManager();
        AuthenticationKey memoryAuthenticationKey = keyManager instanceof MemoryKeyManager ? new MemoryAuthenticationKey() : new JdoAuthenticationKey();
        memoryAuthenticationKey.setKey(str);
        memoryAuthenticationKey.setForPrincipal(str2);
        memoryAuthenticationKey.setPurpose(str3);
        memoryAuthenticationKey.setDateCreated(getNowGMT().getTime());
        if (i >= 0) {
            Calendar nowGMT = getNowGMT();
            nowGMT.add(12, i);
            memoryAuthenticationKey.setDateExpires(nowGMT.getTime());
        }
        keyManager.addKey(memoryAuthenticationKey);
        return memoryAuthenticationKey.getKey();
    }

    @Override // org.apache.archiva.redback.rest.api.services.LoginService
    public Boolean ping() throws RedbackServiceException {
        return Boolean.TRUE;
    }

    @Override // org.apache.archiva.redback.rest.api.services.LoginService
    public Boolean pingWithAutz() throws RedbackServiceException {
        return Boolean.TRUE;
    }

    @Override // org.apache.archiva.redback.rest.api.services.LoginService
    public User logIn(LoginRequest loginRequest) throws RedbackServiceException {
        PasswordBasedAuthenticationDataSource passwordBasedAuthenticationDataSource = new PasswordBasedAuthenticationDataSource(loginRequest.getUsername(), loginRequest.getPassword());
        try {
            SecuritySession authenticate = this.securitySystem.authenticate(passwordBasedAuthenticationDataSource);
            if (authenticate.getAuthenticationResult().isAuthenticated()) {
                org.apache.archiva.redback.users.User user = authenticate.getUser();
                if (!user.isValidated()) {
                    this.log.info("user {} not validated", user.getUsername());
                    return null;
                }
                User buildRestUser = buildRestUser(user);
                buildRestUser.setReadOnly(this.securitySystem.userManagerReadOnly());
                this.httpAuthenticator.authenticate(passwordBasedAuthenticationDataSource, this.httpServletRequest.getSession(true));
                return buildRestUser;
            }
            if (authenticate.getAuthenticationResult() == null || authenticate.getAuthenticationResult().getAuthenticationFailureCauses() == null) {
                return null;
            }
            ArrayList arrayList = new ArrayList();
            for (AuthenticationFailureCause authenticationFailureCause : authenticate.getAuthenticationResult().getAuthenticationFailureCauses()) {
                if (authenticationFailureCause.getCause() == 1) {
                    arrayList.add(new ErrorMessage("incorrect.username.password"));
                } else {
                    arrayList.add(new ErrorMessage().message(authenticationFailureCause.getMessage()));
                }
            }
            throw new RedbackServiceException(arrayList);
        } catch (AuthenticationException e) {
            throw new RedbackServiceException(e.getMessage(), Response.Status.FORBIDDEN.getStatusCode());
        } catch (AccountLockedException e2) {
            throw new RedbackServiceException(e2.getMessage());
        } catch (MustChangePasswordException e3) {
            return buildRestUser(e3.getUser());
        } catch (UserNotFoundException e4) {
            throw new RedbackServiceException(e4.getMessage());
        } catch (UserManagerException e5) {
            this.log.info("UserManagerException: {}", e5.getMessage());
            throw new RedbackServiceException((List<ErrorMessage>) Arrays.asList(new ErrorMessage().message("UserManagerException: " + e5.getMessage())));
        }
    }

    @Override // org.apache.archiva.redback.rest.api.services.LoginService
    public User isLogged() throws RedbackServiceException {
        SecuritySession securitySession = this.httpAuthenticator.getSecuritySession(this.httpServletRequest.getSession(true));
        Boolean valueOf = Boolean.valueOf(securitySession != null);
        this.log.debug("isLogged {}", valueOf);
        if (!valueOf.booleanValue() || securitySession.getUser() == null) {
            return null;
        }
        return buildRestUser(securitySession.getUser());
    }

    @Override // org.apache.archiva.redback.rest.api.services.LoginService
    public Boolean logout() throws RedbackServiceException {
        HttpSession session = this.httpServletRequest.getSession();
        if (session != null) {
            session.invalidate();
        }
        return Boolean.TRUE;
    }

    private Calendar getNowGMT() {
        return Calendar.getInstance(TimeZone.getTimeZone("GMT"));
    }

    private User buildRestUser(org.apache.archiva.redback.users.User user) {
        User user2 = new User();
        user2.setEmail(user.getEmail());
        user2.setUsername(user.getUsername());
        user2.setPasswordChangeRequired(user.isPasswordChangeRequired());
        user2.setLocked(user.isLocked());
        user2.setValidated(user.isValidated());
        user2.setFullName(user.getFullName());
        return user2;
    }
}
