package org.apache.clerezza.platform.security.auth.cookie;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
import org.apache.clerezza.jaxrs.utils.RedirectUtil;
import org.apache.clerezza.jaxrs.utils.TrailingSlash;
import org.apache.clerezza.platform.security.auth.AuthenticationService;
import org.apache.clerezza.platform.security.auth.LoginListener;
import org.apache.clerezza.platform.security.auth.NoSuchAgent;
import org.apache.clerezza.platform.security.auth.cookie.onotology.LOGIN;
import org.apache.clerezza.platform.typerendering.RenderletManager;
import org.apache.clerezza.platform.typerendering.scalaserverpages.ScalaServerPagesRenderlet;
import org.apache.clerezza.rdf.core.BNode;
import org.apache.clerezza.rdf.core.UriRef;
import org.apache.clerezza.rdf.core.impl.PlainLiteralImpl;
import org.apache.clerezza.rdf.core.impl.SimpleMGraph;
import org.apache.clerezza.rdf.ontologies.RDF;
import org.apache.clerezza.rdf.utils.GraphNode;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wymiwyg.commons.util.Base64;

@Path("login/")
/* loaded from: input_file:org/apache/clerezza/platform/security/auth/cookie/CookieLogin.class */
public class CookieLogin {
    public static final String AUTH_COOKIE_NAME = "auth";
    private final Logger logger = LoggerFactory.getLogger(CookieLogin.class);
    private final Set<LoginListener> loginListenerSet = Collections.synchronizedSet(new HashSet());
    private RenderletManager renderletManager;
    AuthenticationService authenticationService;

    protected void activate(ComponentContext componentContext) {
        componentContext.getBundleContext().getBundle();
        getClass().getResource("staticweb");
        this.renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), new UriRef(getClass().getResource("login.ssp").toString()), LOGIN.LoginPage, (String) null, MediaType.APPLICATION_XHTML_XML_TYPE, true);
        this.renderletManager.registerRenderlet(ScalaServerPagesRenderlet.class.getName(), new UriRef(getClass().getResource("login_naked.ssp").toString()), LOGIN.LoginPage, "naked", MediaType.APPLICATION_XHTML_XML_TYPE, true);
        this.logger.info("Cookie Login activated.");
    }

    private String getUserName() {
        final AccessControlContext context = AccessController.getContext();
        Subject subject = (Subject) AccessController.doPrivileged(new PrivilegedAction<Subject>() { // from class: org.apache.clerezza.platform.security.auth.cookie.CookieLogin.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Subject run() {
                return Subject.getSubject(context);
            }
        });
        if (subject == null) {
            return null;
        }
        Iterator<Principal> it = subject.getPrincipals().iterator();
        String str = null;
        if (it.hasNext()) {
            str = it.next().getName();
        }
        return str;
    }

    @GET
    public GraphNode loginPage(@Context UriInfo uriInfo, @QueryParam("referer") String str, @QueryParam("cause") Integer num) {
        TrailingSlash.enforceNotPresent(uriInfo);
        GraphNode graphNode = new GraphNode(new BNode(), new SimpleMGraph());
        graphNode.addProperty(RDF.type, LOGIN.LoginPage);
        graphNode.addProperty(LOGIN.refererUri, new UriRef(str));
        String userName = getUserName();
        if (!userName.equals("anonymous") && num != null && num.equals(1)) {
            try {
                graphNode.addProperty(LOGIN.message, new PlainLiteralImpl("The user " + userName + " does not have the required permissions to view this page (" + URLDecoder.decode(str, "UTF-8") + "). Please log in as another user."));
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeException(e);
            }
        }
        return graphNode;
    }

    @POST
    public Object login(@FormParam("user") final String str, @FormParam("pass") final String str2, @FormParam("referer") final String str3, @FormParam("stayloggedin") @DefaultValue("false") final Boolean bool, @Context final UriInfo uriInfo) {
        return AccessController.doPrivileged(new PrivilegedAction<Object>() { // from class: org.apache.clerezza.platform.security.auth.cookie.CookieLogin.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                HashSet hashSet;
                GraphNode graphNode = new GraphNode(new BNode(), new SimpleMGraph());
                graphNode.addProperty(RDF.type, LOGIN.LoginPage);
                PlainLiteralImpl plainLiteralImpl = new PlainLiteralImpl("Username name or password are wrong");
                try {
                    if (!CookieLogin.this.authenticationService.authenticateUser(str, str2)) {
                        graphNode.addProperty(LOGIN.message, plainLiteralImpl);
                        graphNode.addProperty(LOGIN.refererUri, new UriRef(str3));
                        return graphNode;
                    }
                    synchronized (CookieLogin.this.loginListenerSet) {
                        hashSet = new HashSet(CookieLogin.this.loginListenerSet);
                    }
                    Iterator it = hashSet.iterator();
                    while (it.hasNext()) {
                        ((LoginListener) it.next()).userLoggedIn(str);
                    }
                    Response.ResponseBuilder fromResponse = Response.fromResponse(RedirectUtil.createSeeOtherResponse(str3, uriInfo));
                    fromResponse.header("Set-Cookie", CookieLogin.getLoginCookie(str, str2, bool));
                    return fromResponse.build();
                } catch (NoSuchAgent e) {
                    graphNode.addProperty(LOGIN.message, plainLiteralImpl);
                    graphNode.addProperty(LOGIN.refererUri, new UriRef(str3));
                    return graphNode;
                }
            }
        });
    }

    public static NewCookie getLoginCookie(String str, String str2, Boolean bool) {
        String str3 = str + ":" + str2;
        int i = -1;
        if (bool.booleanValue()) {
            i = Integer.MAX_VALUE;
        }
        return new NewCookie(AUTH_COOKIE_NAME, Base64.encode(str3.getBytes()), "/", (String) null, (String) null, i, false);
    }

    protected void bindLoginListener(LoginListener loginListener) {
        this.loginListenerSet.add(loginListener);
    }

    protected void unbindLoginListener(LoginListener loginListener) {
        this.loginListenerSet.remove(loginListener);
    }

    protected void bindRenderletManager(RenderletManager renderletManager) {
        this.renderletManager = renderletManager;
    }

    protected void unbindRenderletManager(RenderletManager renderletManager) {
        if (this.renderletManager == renderletManager) {
            this.renderletManager = null;
        }
    }

    protected void bindAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    protected void unbindAuthenticationService(AuthenticationService authenticationService) {
        if (this.authenticationService == authenticationService) {
            this.authenticationService = null;
        }
    }
}
