package org.apache.wiki.auth;

import java.security.Principal;
import java.text.MessageFormat;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.ResourceBundle;
import java.util.WeakHashMap;
import javax.mail.MessagingException;
import javax.mail.internet.AddressException;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import org.apache.wiki.WikiContext;
import org.apache.wiki.WikiEngine;
import org.apache.wiki.WikiSession;
import org.apache.wiki.api.exceptions.NoRequiredPropertyException;
import org.apache.wiki.api.exceptions.WikiException;
import org.apache.wiki.api.filters.PageFilter;
import org.apache.wiki.auth.permissions.AllPermission;
import org.apache.wiki.auth.permissions.WikiPermission;
import org.apache.wiki.auth.user.AbstractUserDatabase;
import org.apache.wiki.auth.user.DuplicateUserException;
import org.apache.wiki.auth.user.JDBCUserDatabase;
import org.apache.wiki.auth.user.UserDatabase;
import org.apache.wiki.auth.user.UserProfile;
import org.apache.wiki.event.WikiEventListener;
import org.apache.wiki.event.WikiEventManager;
import org.apache.wiki.event.WikiSecurityEvent;
import org.apache.wiki.filters.SpamFilter;
import org.apache.wiki.i18n.InternationalizationManager;
import org.apache.wiki.preferences.Preferences;
import org.apache.wiki.rpc.RPCCallable;
import org.apache.wiki.rpc.json.JSONRPCManager;
import org.apache.wiki.ui.InputValidator;
import org.apache.wiki.util.ClassUtil;
import org.apache.wiki.util.MailUtil;
import org.apache.wiki.util.TextUtil;
import org.apache.wiki.workflow.Decision;
import org.apache.wiki.workflow.DecisionRequiredException;
import org.apache.wiki.workflow.Fact;
import org.apache.wiki.workflow.Outcome;
import org.apache.wiki.workflow.Task;
import org.apache.wiki.workflow.Workflow;
import org.apache.wiki.workflow.WorkflowBuilder;

/* loaded from: input_file:WEB-INF/lib/jspwiki-war-2.10.0.jar:org/apache/wiki/auth/UserManager.class */
public class UserManager {
    private static final String USERDATABASE_PACKAGE = "org.apache.wiki.auth.user";
    private static final String SESSION_MESSAGES = "profile";
    private static final String PARAM_EMAIL = "email";
    private static final String PARAM_FULLNAME = "fullname";
    private static final String PARAM_PASSWORD = "password";
    private static final String PARAM_LOGINNAME = "loginname";
    private static final String UNKNOWN_CLASS = "<unknown>";
    private WikiEngine m_engine;
    private static Logger log = Logger.getLogger(UserManager.class);
    public static final String SAVE_APPROVER = "workflow.createUserProfile";
    private static final String PROP_DATABASE = "jspwiki.userdatabase";
    protected static final String SAVE_TASK_MESSAGE_KEY = "task.createUserProfile";
    protected static final String SAVED_PROFILE = "userProfile";
    protected static final String SAVE_DECISION_MESSAGE_KEY = "decision.createUserProfile";
    protected static final String FACT_SUBMITTER = "fact.submitter";
    protected static final String PREFS_LOGIN_NAME = "prefs.loginname";
    protected static final String PREFS_FULL_NAME = "prefs.fullname";
    protected static final String PREFS_EMAIL = "prefs.email";
    private UserDatabase m_database;
    private final Map<WikiSession, UserProfile> m_profiles = new WeakHashMap();
    private boolean m_useJAAS = true;

    /* loaded from: input_file:WEB-INF/lib/jspwiki-war-2.10.0.jar:org/apache/wiki/auth/UserManager$DummyUserDatabase.class */
    public static class DummyUserDatabase extends AbstractUserDatabase {
        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public void commit() throws WikiSecurityException {
        }

        @Override // org.apache.wiki.auth.user.UserDatabase
        public void deleteByLoginName(String str) throws WikiSecurityException {
        }

        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public UserProfile findByEmail(String str) throws NoSuchPrincipalException {
            throw new NoSuchPrincipalException("No user profiles available");
        }

        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public UserProfile findByFullName(String str) throws NoSuchPrincipalException {
            throw new NoSuchPrincipalException("No user profiles available");
        }

        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public UserProfile findByLoginName(String str) throws NoSuchPrincipalException {
            throw new NoSuchPrincipalException("No user profiles available");
        }

        @Override // org.apache.wiki.auth.user.UserDatabase
        public UserProfile findByUid(String str) throws NoSuchPrincipalException {
            throw new NoSuchPrincipalException("No user profiles available");
        }

        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public UserProfile findByWikiName(String str) throws NoSuchPrincipalException {
            throw new NoSuchPrincipalException("No user profiles available");
        }

        @Override // org.apache.wiki.auth.user.UserDatabase
        public Principal[] getWikiNames() throws WikiSecurityException {
            return new Principal[0];
        }

        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public void initialize(WikiEngine wikiEngine, Properties properties) throws NoRequiredPropertyException {
        }

        @Override // org.apache.wiki.auth.user.UserDatabase
        public void rename(String str, String str2) throws DuplicateUserException, WikiSecurityException {
            throw new NoSuchPrincipalException("No user profiles available");
        }

        @Override // org.apache.wiki.auth.user.AbstractUserDatabase, org.apache.wiki.auth.user.UserDatabase
        public void save(UserProfile userProfile) throws WikiSecurityException {
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jspwiki-war-2.10.0.jar:org/apache/wiki/auth/UserManager$JSONUserModule.class */
    public static final class JSONUserModule implements RPCCallable {
        private volatile UserManager m_manager;

        public JSONUserModule(UserManager userManager) {
            this.m_manager = userManager;
        }

        public UserProfile getUserInfo(String str) throws NoSuchPrincipalException {
            if (this.m_manager != null) {
                return this.m_manager.getUserDatabase().find(str);
            }
            throw new IllegalStateException("The manager is offline.");
        }
    }

    /* loaded from: input_file:WEB-INF/lib/jspwiki-war-2.10.0.jar:org/apache/wiki/auth/UserManager$SaveUserProfileTask.class */
    public static class SaveUserProfileTask extends Task {
        private static final long serialVersionUID = 6994297086560480285L;
        private final UserDatabase m_db;
        private final WikiEngine m_engine;
        private final Locale m_loc;

        @Deprecated
        public SaveUserProfileTask(WikiEngine wikiEngine) {
            super(UserManager.SAVE_TASK_MESSAGE_KEY);
            this.m_engine = wikiEngine;
            this.m_db = wikiEngine.getUserManager().getUserDatabase();
            this.m_loc = null;
        }

        public SaveUserProfileTask(WikiEngine wikiEngine, Locale locale) {
            super(UserManager.SAVE_TASK_MESSAGE_KEY);
            this.m_engine = wikiEngine;
            this.m_db = wikiEngine.getUserManager().getUserDatabase();
            this.m_loc = locale;
        }

        @Override // org.apache.wiki.workflow.AbstractStep, org.apache.wiki.workflow.Step
        public Outcome execute() throws WikiException {
            UserProfile userProfile = (UserProfile) getWorkflow().getAttribute(UserManager.SAVED_PROFILE);
            this.m_db.save(userProfile);
            if (userProfile.getEmail() != null) {
                try {
                    InternationalizationManager internationalizationManager = this.m_engine.getInternationalizationManager();
                    String applicationName = this.m_engine.getApplicationName();
                    MailUtil.sendMessage(this.m_engine.getWikiProperties(), userProfile.getEmail(), internationalizationManager.get(InternationalizationManager.DEF_TEMPLATE, this.m_loc, "notification.createUserProfile.accept.subject", applicationName), internationalizationManager.get(InternationalizationManager.DEF_TEMPLATE, this.m_loc, "notification.createUserProfile.accept.content", applicationName, userProfile.getLoginName(), userProfile.getFullname(), userProfile.getEmail(), this.m_engine.getURL(WikiContext.LOGIN, null, null, true)));
                } catch (AddressException e) {
                } catch (MessagingException e2) {
                    UserManager.log.error("Could not send registration confirmation e-mail. Is the e-mail server running?", e2);
                }
            }
            return Outcome.STEP_COMPLETE;
        }
    }

    public void initialize(WikiEngine wikiEngine, Properties properties) {
        this.m_engine = wikiEngine;
        this.m_useJAAS = AuthenticationManager.SECURITY_JAAS.equals(properties.getProperty(AuthenticationManager.PROP_SECURITY, AuthenticationManager.SECURITY_JAAS));
        addWikiEventListener(wikiEngine.getPageManager());
        JSONRPCManager.registerGlobalObject(JDBCUserDatabase.DEFAULT_DB_TABLE, new JSONUserModule(this), new AllPermission(null));
    }

    public UserDatabase getUserDatabase() {
        if (this.m_database != null) {
            return this.m_database;
        }
        if (!this.m_useJAAS) {
            this.m_database = new DummyUserDatabase();
            return this.m_database;
        }
        String str = UNKNOWN_CLASS;
        try {
            try {
                try {
                    try {
                        try {
                            str = TextUtil.getRequiredProperty(this.m_engine.getWikiProperties(), PROP_DATABASE);
                            log.info("Attempting to load user database class " + str);
                            this.m_database = (UserDatabase) ClassUtil.findClass(USERDATABASE_PACKAGE, str).newInstance();
                            this.m_database.initialize(this.m_engine, this.m_engine.getWikiProperties());
                            log.info("UserDatabase initialized.");
                            if (this.m_database == null) {
                                log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                                this.m_database = new DummyUserDatabase();
                            }
                        } catch (IllegalAccessException e) {
                            log.error("You are not allowed to access this user database class", e);
                            if (this.m_database == null) {
                                log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                                this.m_database = new DummyUserDatabase();
                            }
                        }
                    } catch (InstantiationException e2) {
                        log.error("UserDatabase class " + str + " cannot be created", e2);
                        if (this.m_database == null) {
                            log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                            this.m_database = new DummyUserDatabase();
                        }
                    }
                } catch (ClassNotFoundException e3) {
                    log.error("UserDatabase class " + str + " cannot be found", e3);
                    if (this.m_database == null) {
                        log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                        this.m_database = new DummyUserDatabase();
                    }
                }
            } catch (NoRequiredPropertyException e4) {
                log.error("You have not set the 'jspwiki.userdatabase'. You need to do this if you want to enable user management by JSPWiki.");
                if (this.m_database == null) {
                    log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                    this.m_database = new DummyUserDatabase();
                }
            } catch (WikiSecurityException e5) {
                log.error("Exception initializing user database: " + e5.getMessage());
                if (this.m_database == null) {
                    log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                    this.m_database = new DummyUserDatabase();
                }
            }
            return this.m_database;
        } catch (Throwable th) {
            if (this.m_database == null) {
                log.info("I could not create a database object you specified (or didn't specify), so I am falling back to a default.");
                this.m_database = new DummyUserDatabase();
            }
            throw th;
        }
    }

    public UserProfile getUserProfile(WikiSession wikiSession) {
        UserProfile userProfile = this.m_profiles.get(wikiSession);
        boolean z = userProfile == null;
        Principal principal = null;
        if (wikiSession.isAuthenticated()) {
            principal = wikiSession.getUserPrincipal();
            try {
                userProfile = getUserDatabase().find(principal.getName());
                z = false;
            } catch (NoSuchPrincipalException e) {
            }
        }
        if (z) {
            userProfile = getUserDatabase().newProfile();
            if (principal != null) {
                userProfile.setLoginName(principal.getName());
            }
            if (!userProfile.isNew()) {
                throw new IllegalStateException("New profile should be marked 'new'. Check your UserProfile implementation.");
            }
        }
        this.m_profiles.put(wikiSession, userProfile);
        return userProfile;
    }

    public void setUserProfile(WikiSession wikiSession, UserProfile userProfile) throws DuplicateUserException, WikiException {
        UserProfile findByFullName;
        UserProfile findByLoginName;
        if (!this.m_engine.getAuthorizationManager().checkPermission(wikiSession, new WikiPermission(this.m_engine.getApplicationName(), WikiPermission.EDIT_PROFILE_ACTION))) {
            throw new WikiSecurityException("You are not allowed to save wiki profiles.");
        }
        boolean isNew = userProfile.isNew();
        UserProfile userProfile2 = getUserProfile(wikiSession);
        boolean z = (userProfile2 == null || userProfile2.getFullname() == null) ? false : (userProfile2.getFullname().equals(userProfile.getFullname()) && userProfile2.getLoginName().equals(userProfile.getLoginName())) ? false : true;
        try {
            findByLoginName = getUserDatabase().findByLoginName(userProfile.getLoginName());
        } catch (NoSuchPrincipalException e) {
        }
        if (findByLoginName != null && !findByLoginName.equals(userProfile2)) {
            throw new DuplicateUserException("security.error.login.taken", userProfile.getLoginName());
        }
        try {
            findByFullName = getUserDatabase().findByFullName(userProfile.getFullname());
        } catch (NoSuchPrincipalException e2) {
        }
        if (findByFullName != null && !findByFullName.equals(userProfile2)) {
            throw new DuplicateUserException("security.error.fullname.taken", userProfile.getFullname());
        }
        if (!isNew || userProfile2 == null || !userProfile2.isNew()) {
            if (z && userProfile2 != null && !userProfile2.getLoginName().equals(userProfile.getLoginName())) {
                getUserDatabase().rename(userProfile2.getLoginName(), userProfile.getLoginName());
            }
            getUserDatabase().save(userProfile);
            if (z) {
                fireEvent(54, wikiSession, new UserProfile[]{userProfile2, userProfile});
                return;
            } else {
                fireEvent(53, wikiSession, userProfile);
                return;
            }
        }
        WorkflowBuilder builder = WorkflowBuilder.getBuilder(this.m_engine);
        Principal userPrincipal = wikiSession.getUserPrincipal();
        SaveUserProfileTask saveUserProfileTask = new SaveUserProfileTask(this.m_engine, wikiSession.getLocale());
        boolean z2 = userProfile.getEmail() != null;
        Fact[] factArr = new Fact[z2 ? 4 : 3];
        factArr[0] = new Fact(PREFS_FULL_NAME, userProfile.getFullname());
        factArr[1] = new Fact(PREFS_LOGIN_NAME, userProfile.getLoginName());
        factArr[2] = new Fact(FACT_SUBMITTER, userPrincipal.getName());
        if (z2) {
            factArr[3] = new Fact(PREFS_EMAIL, userProfile.getEmail());
        }
        Workflow buildApprovalWorkflow = builder.buildApprovalWorkflow(userPrincipal, SAVE_APPROVER, null, SAVE_DECISION_MESSAGE_KEY, factArr, saveUserProfileTask, null);
        buildApprovalWorkflow.setAttribute(SAVED_PROFILE, userProfile);
        this.m_engine.getWorkflowManager().start(buildApprovalWorkflow);
        if (buildApprovalWorkflow.getCurrentStep() instanceof Decision) {
            throw new DecisionRequiredException("This profile must be approved before it becomes active");
        }
        try {
            AuthenticationManager authenticationManager = this.m_engine.getAuthenticationManager();
            if (isNew && !authenticationManager.isContainerAuthenticated()) {
                authenticationManager.login(wikiSession, null, userProfile.getLoginName(), userProfile.getPassword());
            }
            fireEvent(53, wikiSession, userProfile);
        } catch (WikiException e3) {
            throw new WikiSecurityException(e3.getMessage(), e3);
        }
    }

    public UserProfile parseProfile(WikiContext wikiContext) {
        UserProfile userProfile = getUserProfile(wikiContext.getWikiSession());
        HttpServletRequest httpRequest = wikiContext.getHttpRequest();
        String parameter = httpRequest.getParameter(PARAM_LOGINNAME);
        String parameter2 = httpRequest.getParameter("password");
        String parameter3 = httpRequest.getParameter(PARAM_FULLNAME);
        String parameter4 = httpRequest.getParameter("email");
        String str = InputValidator.isBlank(parameter) ? null : parameter;
        String str2 = InputValidator.isBlank(parameter2) ? null : parameter2;
        String str3 = InputValidator.isBlank(parameter3) ? null : parameter3;
        String str4 = InputValidator.isBlank(parameter4) ? null : parameter4;
        if (this.m_engine.getAuthenticationManager().isContainerAuthenticated() && wikiContext.getWikiSession().isAuthenticated()) {
            str = wikiContext.getWikiSession().getLoginPrincipal().getName();
        }
        userProfile.setLoginName(str);
        userProfile.setEmail(str4);
        userProfile.setFullname(str3);
        userProfile.setPassword(str2);
        return userProfile;
    }

    public void validateProfile(WikiContext wikiContext, UserProfile userProfile) {
        boolean isNew = userProfile.isNew();
        WikiSession wikiSession = wikiContext.getWikiSession();
        InputValidator inputValidator = new InputValidator(SESSION_MESSAGES, wikiContext);
        ResourceBundle bundle = Preferences.getBundle(wikiContext, InternationalizationManager.CORE_BUNDLE);
        Iterator<PageFilter> it = this.m_engine.getFilterManager().getFilterList().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            PageFilter next = it.next();
            if (next instanceof SpamFilter) {
                if (!((SpamFilter) next).isValidUserProfile(wikiContext, userProfile)) {
                    wikiSession.addMessage(SESSION_MESSAGES, "Invalid userprofile");
                    return;
                }
            }
        }
        if (this.m_engine.getAuthenticationManager().isContainerAuthenticated() && !wikiContext.getWikiSession().isAuthenticated()) {
            wikiSession.addMessage(SESSION_MESSAGES, bundle.getString("security.error.createprofilebeforelogin"));
        }
        inputValidator.validateNotNull(userProfile.getLoginName(), bundle.getString("security.user.loginname"));
        inputValidator.validateNotNull(userProfile.getFullname(), bundle.getString("security.user.fullname"));
        inputValidator.validate(userProfile.getEmail(), bundle.getString("security.user.email"), 1);
        if (!this.m_engine.getAuthenticationManager().isContainerAuthenticated()) {
            String password = userProfile.getPassword();
            if (password != null) {
                HttpServletRequest httpRequest = wikiContext.getHttpRequest();
                if (!password.equals(httpRequest == null ? null : httpRequest.getParameter("password2"))) {
                    wikiSession.addMessage(SESSION_MESSAGES, bundle.getString("security.error.passwordnomatch"));
                }
            } else if (isNew) {
                wikiSession.addMessage(SESSION_MESSAGES, bundle.getString("security.error.blankpassword"));
            }
        }
        String fullname = userProfile.getFullname();
        String loginName = userProfile.getLoginName();
        try {
            UserProfile find = getUserDatabase().find(fullname);
            if (find != null && !userProfile.equals(find) && !fullname.equals(find.getFullname())) {
                wikiSession.addMessage(SESSION_MESSAGES, MessageFormat.format(bundle.getString("security.error.illegalfullname"), fullname));
            }
        } catch (NoSuchPrincipalException e) {
        }
        try {
            UserProfile find2 = getUserDatabase().find(loginName);
            if (find2 != null && !userProfile.equals(find2) && !loginName.equals(find2.getLoginName())) {
                wikiSession.addMessage(SESSION_MESSAGES, MessageFormat.format(bundle.getString("security.error.illegalloginname"), loginName));
            }
        } catch (NoSuchPrincipalException e2) {
        }
    }

    public Principal[] listWikiNames() throws WikiSecurityException {
        return getUserDatabase().getWikiNames();
    }

    public synchronized void addWikiEventListener(WikiEventListener wikiEventListener) {
        WikiEventManager.addWikiEventListener(this, wikiEventListener);
    }

    public synchronized void removeWikiEventListener(WikiEventListener wikiEventListener) {
        WikiEventManager.removeWikiEventListener(this, wikiEventListener);
    }

    protected void fireEvent(int i, WikiSession wikiSession, Object obj) {
        if (WikiEventManager.isListening(this)) {
            WikiEventManager.fireEvent(this, new WikiSecurityEvent(wikiSession, i, obj));
        }
    }
}
