package org.apache.isis.viewer.html.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.isis.core.commons.authentication.AuthenticationSession;
import org.apache.isis.core.runtime.authentication.AuthenticationRequestPassword;
import org.apache.isis.core.runtime.authentication.standard.RegistrationDetailsPassword;
import org.apache.isis.runtimes.dflt.monitoring.servermonitor.Monitor;
import org.apache.isis.runtimes.dflt.runtime.authentication.exploration.AuthenticationRequestExploration;
import org.apache.isis.runtimes.dflt.runtime.runner.Constants;
import org.apache.isis.runtimes.dflt.runtime.system.DeploymentType;
import org.apache.isis.runtimes.dflt.webapp.IsisSessionFilter;
import org.apache.isis.runtimes.dflt.webapp.auth.AuthenticationSessionStrategy;
import org.apache.isis.viewer.html.action.Welcome;
import org.apache.isis.viewer.html.component.html.HtmlComponentFactory;
import org.apache.isis.viewer.html.context.Context;
import org.apache.log4j.Logger;
import org.mortbay.jetty.MimeTypes;

/* loaded from: input_file:org/apache/isis/viewer/html/servlet/LogonServlet.class */
public class LogonServlet extends AbstractHtmlViewerServlet {
    private static final long serialVersionUID = 1;
    private static final Logger LOG = Logger.getLogger(LogonServlet.class);
    private AuthenticationSessionStrategy authenticationSessionStrategy;

    public void init() throws ServletException {
        this.authenticationSessionStrategy = IsisSessionFilter.lookup(getServletConfig().getInitParameter(IsisSessionFilter.AUTHENTICATION_SESSION_STRATEGY_KEY));
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        AuthenticationSession lookupValid = this.authenticationSessionStrategy.lookupValid(httpServletRequest, httpServletResponse);
        if (lookupValid != null) {
            redirectToStartPage(httpServletResponse, lookupValid.getUserName());
            return;
        }
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter(Constants.PASSWORD_LONG_OPT);
        if (parameter == null && !getDeploymentType().isExploring()) {
            renderPrompt(httpServletResponse, "", "", null);
            return;
        }
        AuthenticationSession authenticate = authenticate(parameter, parameter2);
        if (authenticate == null) {
            renderPrompt(httpServletResponse, parameter, parameter2, "user/password invalid");
            return;
        }
        this.authenticationSessionStrategy.bind(httpServletRequest, httpServletResponse, authenticate);
        Context context = new Context(getHtmlComponentFactory());
        context.setSession(authenticate);
        authenticate.setAttribute("isis-context", context);
        LOG.info("created session");
        redirectToStartPage(httpServletResponse, parameter);
    }

    protected HtmlComponentFactory getHtmlComponentFactory() {
        return new HtmlComponentFactory(getPathBuilder());
    }

    private void redirectToStartPage(HttpServletResponse httpServletResponse, String str) throws IOException {
        Monitor.addEvent("Web", "Logon - " + str);
        httpServletResponse.sendRedirect(pathTo(Welcome.COMMAND));
    }

    private void renderPrompt(HttpServletResponse httpServletResponse, String str, String str2, String str3) throws IOException {
        httpServletResponse.setContentType(MimeTypes.TEXT_HTML);
        getHtmlComponentFactory().createLogonPage(str, str2, getAuthenticationManager().supportsRegistration(RegistrationDetailsPassword.class), str3).write(httpServletResponse.getWriter());
    }

    protected AuthenticationSession authenticate(String str, String str2) {
        return getAuthenticationManager().authenticate(getDeploymentType() == DeploymentType.EXPLORATION ? new AuthenticationRequestExploration() : new AuthenticationRequestPassword(str, str2));
    }
}
