package org.apache.james.imap.processor;

import com.google.common.base.Preconditions;
import java.util.Optional;
import org.apache.james.core.Username;
import org.apache.james.imap.api.ImapConstants;
import org.apache.james.imap.api.display.HumanReadableText;
import org.apache.james.imap.api.message.request.ImapRequest;
import org.apache.james.imap.api.message.response.StatusResponseFactory;
import org.apache.james.imap.api.process.ImapProcessor;
import org.apache.james.imap.api.process.ImapSession;
import org.apache.james.imap.main.PathConverter;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
import org.apache.james.mailbox.exception.BadCredentialsException;
import org.apache.james.mailbox.exception.MailboxException;
import org.apache.james.mailbox.exception.MailboxExistsException;
import org.apache.james.mailbox.exception.NotAdminException;
import org.apache.james.mailbox.exception.UserDoesNotExistException;
import org.apache.james.mailbox.model.MailboxPath;
import org.apache.james.metrics.api.MetricFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/apache/james/imap/processor/AbstractAuthProcessor.class */
public abstract class AbstractAuthProcessor<R extends ImapRequest> extends AbstractMailboxProcessor<R> {
    private static final Logger LOGGER = LoggerFactory.getLogger(AbstractAuthProcessor.class);
    private static final String ATTRIBUTE_NUMBER_OF_FAILURES = "org.apache.james.imap.processor.imap4rev1.NUMBER_OF_FAILURES";
    private static final int MAX_FAILURES = 3;

    /* loaded from: input_file:org/apache/james/imap/processor/AbstractAuthProcessor$AuthenticationAttempt.class */
    protected static class AuthenticationAttempt {
        private final Optional<Username> delegateUserName;
        private final Username authenticationId;
        private final String password;

        public AuthenticationAttempt(Optional<Username> optional, Username username, String str) {
            this.delegateUserName = optional;
            this.authenticationId = username;
            this.password = str;
        }

        public boolean isDelegation() {
            return this.delegateUserName.isPresent() && !this.delegateUserName.get().equals(this.authenticationId);
        }

        public Optional<Username> getDelegateUserName() {
            return this.delegateUserName;
        }

        public Username getAuthenticationId() {
            return this.authenticationId;
        }

        public String getPassword() {
            return this.password;
        }
    }

    public AbstractAuthProcessor(Class<R> cls, ImapProcessor imapProcessor, MailboxManager mailboxManager, StatusResponseFactory statusResponseFactory, MetricFactory metricFactory) {
        super(cls, imapProcessor, mailboxManager, statusResponseFactory, metricFactory);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doAuth(AuthenticationAttempt authenticationAttempt, ImapSession imapSession, ImapRequest imapRequest, ImapProcessor.Responder responder, HumanReadableText humanReadableText) {
        Preconditions.checkArgument(!authenticationAttempt.isDelegation());
        try {
            boolean z = false;
            if (authenticationAttempt.getAuthenticationId() == null) {
                z = true;
            }
            if (!z) {
                MailboxManager mailboxManager = getMailboxManager();
                try {
                    MailboxSession login = mailboxManager.login(authenticationAttempt.getAuthenticationId(), authenticationAttempt.getPassword());
                    imapSession.authenticated();
                    imapSession.setMailboxSession(login);
                    provisionInbox(imapSession, mailboxManager, login);
                    okComplete(imapRequest, responder);
                    imapSession.stopDetectingCommandInjection();
                } catch (BadCredentialsException e) {
                    z = true;
                }
            }
            if (z) {
                manageFailureCount(imapSession, imapRequest, responder, humanReadableText);
            }
        } catch (MailboxException e2) {
            LOGGER.error("Error encountered while login", e2);
            no(imapRequest, responder, HumanReadableText.GENERIC_FAILURE_DURING_PROCESSING);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void doAuthWithDelegation(AuthenticationAttempt authenticationAttempt, ImapSession imapSession, ImapRequest imapRequest, ImapProcessor.Responder responder, HumanReadableText humanReadableText) {
        Preconditions.checkArgument(authenticationAttempt.isDelegation());
        try {
            boolean z = false;
            if (authenticationAttempt.getAuthenticationId() == null) {
                z = true;
            }
            if (!z) {
                MailboxManager mailboxManager = getMailboxManager();
                try {
                    MailboxSession loginAsOtherUser = mailboxManager.loginAsOtherUser(authenticationAttempt.getAuthenticationId(), authenticationAttempt.getPassword(), authenticationAttempt.getDelegateUserName().get());
                    imapSession.authenticated();
                    imapSession.setMailboxSession(loginAsOtherUser);
                    provisionInbox(imapSession, mailboxManager, loginAsOtherUser);
                    okComplete(imapRequest, responder);
                } catch (BadCredentialsException e) {
                    z = true;
                }
            }
            if (z) {
                manageFailureCount(imapSession, imapRequest, responder, humanReadableText);
            }
        } catch (UserDoesNotExistException e2) {
            LOGGER.info("User {} does not exist", authenticationAttempt.getAuthenticationId(), e2);
            no(imapRequest, responder, HumanReadableText.USER_DOES_NOT_EXIST);
        } catch (NotAdminException e3) {
            LOGGER.info("User {} is not an admin", authenticationAttempt.getDelegateUserName(), e3);
            no(imapRequest, responder, HumanReadableText.NOT_AN_ADMIN);
        } catch (MailboxException e4) {
            LOGGER.info("Login failed", e4);
            no(imapRequest, responder, HumanReadableText.GENERIC_FAILURE_DURING_PROCESSING);
        }
    }

    private void provisionInbox(ImapSession imapSession, MailboxManager mailboxManager, MailboxSession mailboxSession) throws MailboxException {
        MailboxPath buildFullPath = PathConverter.forSession(imapSession).buildFullPath(ImapConstants.INBOX_NAME);
        if (((Boolean) Mono.from(mailboxManager.mailboxExists(buildFullPath, mailboxSession)).block()).booleanValue()) {
            LOGGER.debug("INBOX exists. No need to create it.");
            return;
        }
        try {
            mailboxManager.createMailbox(buildFullPath, mailboxSession).ifPresentOrElse(mailboxId -> {
                LOGGER.info("Provisioning INBOX. {} created.", mailboxId);
            }, () -> {
                LOGGER.warn("Provisioning INBOX successful. But no MailboxId have been returned.");
            });
        } catch (MailboxExistsException e) {
            LOGGER.warn("Mailbox INBOX created by concurrent call. Safe to ignore this exception.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void manageFailureCount(ImapSession imapSession, ImapRequest imapRequest, ImapProcessor.Responder responder, HumanReadableText humanReadableText) {
        Integer num = (Integer) imapSession.getAttribute(ATTRIBUTE_NUMBER_OF_FAILURES);
        int intValue = num == null ? 1 : num.intValue() + 1;
        if (intValue < MAX_FAILURES) {
            imapSession.setAttribute(ATTRIBUTE_NUMBER_OF_FAILURES, Integer.valueOf(intValue));
            no(imapRequest, responder, humanReadableText);
        } else {
            LOGGER.info("Too many authentication failures. Closing connection.");
            bye(responder, HumanReadableText.TOO_MANY_FAILURES);
            imapSession.logout();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AuthenticationAttempt delegation(Username username, Username username2, String str) {
        return new AuthenticationAttempt(Optional.of(username), username2, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static AuthenticationAttempt noDelegation(Username username, String str) {
        return new AuthenticationAttempt(Optional.empty(), username, str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void authSuccess(Username username, ImapSession imapSession, ImapRequest imapRequest, ImapProcessor.Responder responder) {
        imapSession.authenticated();
        imapSession.setMailboxSession(getMailboxManager().createSystemSession(username));
        okComplete(imapRequest, responder);
    }
}
