package org.apache.wiki;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.wiki.api.core.Engine;
import org.apache.wiki.api.core.Session;
import org.apache.wiki.auth.AuthenticationManager;
import org.apache.wiki.auth.GroupPrincipal;
import org.apache.wiki.auth.NoSuchPrincipalException;
import org.apache.wiki.auth.SessionMonitor;
import org.apache.wiki.auth.UserManager;
import org.apache.wiki.auth.WikiPrincipal;
import org.apache.wiki.auth.authorize.Group;
import org.apache.wiki.auth.authorize.GroupManager;
import org.apache.wiki.auth.authorize.Role;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.UserProfile;
import org.apache.wiki.event.WikiEvent;
import org.apache.wiki.event.WikiSecurityEvent;
import org.apache.wiki.util.HttpUtil;

/* loaded from: input_file:WEB-INF/lib/jspwiki-main-2.11.2.jar:org/apache/wiki/WikiSession.class */
public class WikiSession implements Session {
    private static final String ALL = "*";
    private Engine m_engine;
    private static final Logger log = LogManager.getLogger((Class<?>) WikiSession.class);
    private static final ThreadLocal<Session> c_guestSession = new ThreadLocal<>();
    private final Subject m_subject = new Subject();
    private final Map<String, Set<String>> m_messages = new ConcurrentHashMap();
    private String m_status = Session.ANONYMOUS;
    private Principal m_userPrincipal = WikiPrincipal.GUEST;
    private Principal m_loginPrincipal = WikiPrincipal.GUEST;
    private Locale m_cachedLocale = Locale.getDefault();

    protected boolean isInGroup(Group group) {
        for (Principal principal : getPrincipals()) {
            if (isAuthenticated() && group.isMember(principal)) {
                return true;
            }
        }
        return false;
    }

    private WikiSession() {
    }

    @Override // org.apache.wiki.api.core.Session
    public boolean isAsserted() {
        return this.m_subject.getPrincipals().contains(Role.ASSERTED);
    }

    @Override // org.apache.wiki.api.core.Session
    public boolean isAuthenticated() {
        if (this.m_subject.getPrincipals().contains(Role.AUTHENTICATED)) {
            return true;
        }
        if (isAnonymous() || isAsserted()) {
            return false;
        }
        this.m_subject.getPrincipals().add(Role.AUTHENTICATED);
        return true;
    }

    @Override // org.apache.wiki.api.core.Session
    public boolean isAnonymous() {
        Set<Principal> principals = this.m_subject.getPrincipals();
        return principals.contains(Role.ANONYMOUS) || principals.contains(WikiPrincipal.GUEST) || HttpUtil.isIPV4Address(getUserPrincipal().getName());
    }

    @Override // org.apache.wiki.api.core.Session
    public Principal getLoginPrincipal() {
        return this.m_loginPrincipal;
    }

    @Override // org.apache.wiki.api.core.Session
    public Principal getUserPrincipal() {
        return this.m_userPrincipal;
    }

    @Override // org.apache.wiki.api.core.Session
    public Locale getLocale() {
        return this.m_cachedLocale;
    }

    @Override // org.apache.wiki.api.core.Session
    public void addMessage(String str) {
        addMessage("*", str);
    }

    @Override // org.apache.wiki.api.core.Session
    public void addMessage(String str, String str2) {
        if (str == null) {
            throw new IllegalArgumentException("addMessage: topic cannot be null.");
        }
        this.m_messages.computeIfAbsent(str, str3 -> {
            return new LinkedHashSet();
        }).add(StringUtils.defaultString(str2));
    }

    @Override // org.apache.wiki.api.core.Session
    public void clearMessages() {
        this.m_messages.clear();
    }

    @Override // org.apache.wiki.api.core.Session
    public void clearMessages(String str) {
        if (this.m_messages.get(str) != null) {
            this.m_messages.clear();
        }
    }

    @Override // org.apache.wiki.api.core.Session
    public String[] getMessages() {
        return getMessages("*");
    }

    @Override // org.apache.wiki.api.core.Session
    public String[] getMessages(String str) {
        Set<String> set = this.m_messages.get(str);
        return (set == null || set.size() == 0) ? new String[0] : (String[]) set.toArray(new String[0]);
    }

    @Override // org.apache.wiki.api.core.Session
    public Principal[] getPrincipals() {
        ArrayList arrayList = new ArrayList();
        for (Principal principal : this.m_subject.getPrincipals()) {
            if (AuthenticationManager.isUserPrincipal(principal)) {
                arrayList.add(principal);
            }
        }
        return (Principal[]) arrayList.toArray(new Principal[0]);
    }

    @Override // org.apache.wiki.api.core.Session
    public Principal[] getRoles() {
        HashSet hashSet = new HashSet();
        hashSet.addAll(this.m_subject.getPrincipals(Role.class));
        hashSet.addAll(this.m_subject.getPrincipals(GroupPrincipal.class));
        Principal[] principalArr = (Principal[]) hashSet.toArray(new Principal[0]);
        Arrays.sort(principalArr, WikiPrincipal.COMPARATOR);
        return principalArr;
    }

    @Override // org.apache.wiki.api.core.Session
    public boolean hasPrincipal(Principal principal) {
        return this.m_subject.getPrincipals().contains(principal);
    }

    @Override // org.apache.wiki.event.WikiEventListener
    public void actionPerformed(WikiEvent wikiEvent) {
        if (wikiEvent instanceof WikiSecurityEvent) {
            WikiSecurityEvent wikiSecurityEvent = (WikiSecurityEvent) wikiEvent;
            if (wikiSecurityEvent.getTarget() != null) {
                switch (wikiSecurityEvent.getType()) {
                    case 30:
                    case 33:
                    case 34:
                    case 36:
                    case 37:
                    case 38:
                    case 39:
                    case 41:
                    case 42:
                    case 43:
                    case 44:
                    case 45:
                    case 49:
                    case 50:
                    case 51:
                    case 52:
                    default:
                        return;
                    case 31:
                        if (equals((WikiSession) wikiSecurityEvent.getTarget())) {
                            this.m_status = Session.ANONYMOUS;
                            Set<Principal> principals = this.m_subject.getPrincipals();
                            this.m_loginPrincipal = (Principal) wikiSecurityEvent.getPrincipal();
                            this.m_userPrincipal = this.m_loginPrincipal;
                            principals.clear();
                            principals.add(this.m_loginPrincipal);
                            principals.add(Role.ALL);
                            principals.add(Role.ANONYMOUS);
                            return;
                        }
                        return;
                    case 32:
                        if (equals((WikiSession) wikiSecurityEvent.getTarget())) {
                            this.m_status = Session.ASSERTED;
                            Set<Principal> principals2 = this.m_subject.getPrincipals();
                            this.m_loginPrincipal = (Principal) wikiSecurityEvent.getPrincipal();
                            this.m_userPrincipal = this.m_loginPrincipal;
                            principals2.clear();
                            principals2.add(this.m_loginPrincipal);
                            principals2.add(Role.ALL);
                            principals2.add(Role.ASSERTED);
                            return;
                        }
                        return;
                    case 35:
                        if (equals((WikiSession) wikiSecurityEvent.getTarget()) && this.m_status.equals(Session.AUTHENTICATED)) {
                            this.m_subject.getPrincipals().add((Principal) wikiSecurityEvent.getPrincipal());
                            return;
                        }
                        return;
                    case 40:
                        if (equals((WikiSession) wikiSecurityEvent.getTarget())) {
                            this.m_status = Session.AUTHENTICATED;
                            Set<Principal> principals3 = this.m_subject.getPrincipals();
                            this.m_loginPrincipal = (Principal) wikiSecurityEvent.getPrincipal();
                            this.m_userPrincipal = this.m_loginPrincipal;
                            principals3.clear();
                            principals3.add(this.m_loginPrincipal);
                            principals3.add(Role.ALL);
                            principals3.add(Role.AUTHENTICATED);
                            injectUserProfilePrincipals();
                            injectGroupPrincipals();
                            return;
                        }
                        return;
                    case 46:
                        Group group = (Group) wikiSecurityEvent.getTarget();
                        if (isInGroup(group)) {
                            this.m_subject.getPrincipals().add(group.getPrincipal());
                            return;
                        }
                        return;
                    case 47:
                        this.m_subject.getPrincipals().remove(((Group) wikiSecurityEvent.getTarget()).getPrincipal());
                        return;
                    case 48:
                        this.m_subject.getPrincipals().removeAll(this.m_subject.getPrincipals(GroupPrincipal.class));
                        return;
                    case 53:
                        if (equals((WikiSession) wikiSecurityEvent.getSrc())) {
                            injectUserProfilePrincipals();
                            injectGroupPrincipals();
                            return;
                        }
                        return;
                    case 54:
                        if (equals((WikiSession) wikiSecurityEvent.getSrc()) && this.m_status.equals(Session.AUTHENTICATED)) {
                            UserProfile userProfile = ((UserProfile[]) wikiSecurityEvent.getTarget())[1];
                            if (userProfile.getFullname() == null) {
                                throw new IllegalStateException("User profile FullName cannot be null.");
                            }
                            Set<Principal> principals4 = this.m_subject.getPrincipals();
                            this.m_loginPrincipal = new WikiPrincipal(userProfile.getLoginName());
                            principals4.clear();
                            principals4.add(this.m_loginPrincipal);
                            principals4.add(Role.ALL);
                            principals4.add(Role.AUTHENTICATED);
                            injectUserProfilePrincipals();
                            injectGroupPrincipals();
                            return;
                        }
                        return;
                }
            }
        }
    }

    @Override // org.apache.wiki.api.core.Session
    public void invalidate() {
        this.m_subject.getPrincipals().clear();
        this.m_subject.getPrincipals().add(WikiPrincipal.GUEST);
        this.m_subject.getPrincipals().add(Role.ANONYMOUS);
        this.m_subject.getPrincipals().add(Role.ALL);
        this.m_userPrincipal = WikiPrincipal.GUEST;
        this.m_loginPrincipal = WikiPrincipal.GUEST;
    }

    protected void injectGroupPrincipals() {
        this.m_subject.getPrincipals().removeAll(this.m_subject.getPrincipals(GroupPrincipal.class));
        GroupManager groupManager = (GroupManager) this.m_engine.getManager(GroupManager.class);
        for (Principal principal : groupManager.getRoles()) {
            if (groupManager.isUserInRole(this, principal)) {
                this.m_subject.getPrincipals().add(principal);
            }
        }
    }

    protected void injectUserProfilePrincipals() {
        String name = this.m_loginPrincipal.getName();
        if (name == null) {
            log.info("Refresh principals failed because WikiSession had no user Principal; maybe not logged in?");
            return;
        }
        UserDatabase userDatabase = ((UserManager) this.m_engine.getManager(UserManager.class)).getUserDatabase();
        if (userDatabase == null) {
            throw new IllegalStateException("User database cannot be null.");
        }
        try {
            for (Principal principal : userDatabase.getPrincipals(userDatabase.find(name).getLoginName())) {
                this.m_subject.getPrincipals().add(principal);
                if ((principal instanceof WikiPrincipal) && ((WikiPrincipal) principal).getType().equals(WikiPrincipal.FULL_NAME)) {
                    this.m_userPrincipal = principal;
                } else if (!(this.m_userPrincipal instanceof WikiPrincipal)) {
                    this.m_userPrincipal = principal;
                }
            }
        } catch (NoSuchPrincipalException e) {
            log.warn("User profile '" + name + "' not found. This is normal for container-auth users who haven't set up a profile yet.");
        }
    }

    @Override // org.apache.wiki.api.core.Session
    public String getStatus() {
        return this.m_status;
    }

    @Override // org.apache.wiki.api.core.Session
    public Subject getSubject() {
        return this.m_subject;
    }

    public static void removeWikiSession(Engine engine, HttpServletRequest httpServletRequest) {
        if (engine == null || httpServletRequest == null) {
            throw new IllegalArgumentException("Request or engine cannot be null.");
        }
        SessionMonitor.getInstance(engine).remove(httpServletRequest.getSession());
        c_guestSession.remove();
    }

    public static Session getWikiSession(Engine engine, HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            log.debug("Looking up WikiSession for NULL HttpRequest: returning guestSession()");
            return staticGuestSession(engine);
        }
        WikiSession wikiSession = (WikiSession) SessionMonitor.getInstance(engine).find(httpServletRequest.getSession());
        wikiSession.m_engine = engine;
        wikiSession.m_cachedLocale = httpServletRequest.getLocale();
        return wikiSession;
    }

    public static Session guestSession(Engine engine) {
        WikiSession wikiSession = new WikiSession();
        wikiSession.m_engine = engine;
        wikiSession.invalidate();
        GroupManager groupManager = (GroupManager) engine.getManager(GroupManager.class);
        AuthenticationManager authenticationManager = (AuthenticationManager) engine.getManager(AuthenticationManager.class);
        UserManager userManager = (UserManager) engine.getManager(UserManager.class);
        groupManager.addWikiEventListener(wikiSession);
        authenticationManager.addWikiEventListener(wikiSession);
        userManager.addWikiEventListener(wikiSession);
        return wikiSession;
    }

    private static Session staticGuestSession(Engine engine) {
        Session session = c_guestSession.get();
        if (session == null) {
            session = guestSession(engine);
            c_guestSession.set(session);
        }
        return session;
    }

    @Deprecated
    public static int sessions(Engine engine) {
        return SessionMonitor.getInstance(engine).sessions();
    }

    @Deprecated
    public static Principal[] userPrincipals(Engine engine) {
        return SessionMonitor.getInstance(engine).userPrincipals();
    }
}
