package org.jahia.params.valves;

import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.jahia.bin.Login;
import org.jahia.params.ProcessingContext;
import org.jahia.pipelines.PipelineException;
import org.jahia.pipelines.valves.ValveContext;
import org.jahia.registries.ServicesRegistry;
import org.jahia.services.SpringContextSingleton;
import org.jahia.services.categories.Category;
import org.jahia.services.preferences.user.UserPreferencesHelper;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.settings.SettingsBean;
import org.jahia.utils.LanguageCodeConverters;
import org.jahia.utils.Patterns;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationEvent;

/* loaded from: input_file:org/jahia/params/valves/LoginEngineAuthValveImpl.class */
public class LoginEngineAuthValveImpl extends BaseAuthValve {
    public static final String ACCOUNT_LOCKED = "account_locked";
    public static final String BAD_PASSWORD = "bad_password";
    private static final transient Logger logger = LoggerFactory.getLogger(LoginEngineAuthValveImpl.class);
    public static final String LOGIN_TAG_PARAMETER = "doLogin";
    public static final String OK = "ok";
    public static final String UNKNOWN_USER = "unknown_user";
    public static final String USE_COOKIE = "useCookie";
    public static final String VALVE_RESULT = "login_valve_result";
    private CookieAuthConfig cookieAuthConfig;
    private boolean fireLoginEvent = false;
    private String preserveSessionAttributes = null;

    /* loaded from: input_file:org/jahia/params/valves/LoginEngineAuthValveImpl$LoginEvent.class */
    public class LoginEvent extends ApplicationEvent {
        private static final long serialVersionUID = -7356560804745397662L;
        private JahiaUser jahiaUser;
        private AuthValveContext authValveContext;

        public LoginEvent(Object obj, JahiaUser jahiaUser, AuthValveContext authValveContext) {
            super(obj);
            this.jahiaUser = jahiaUser;
            this.authValveContext = authValveContext;
        }

        public JahiaUser getJahiaUser() {
            return this.jahiaUser;
        }

        public AuthValveContext getAuthValveContext() {
            return this.authValveContext;
        }
    }

    public void setFireLoginEvent(boolean z) {
        this.fireLoginEvent = z;
    }

    public void setPreserveSessionAttributes(String str) {
        this.preserveSessionAttributes = str;
    }

    private void enforcePasswordPolicy(JahiaUser jahiaUser) {
    }

    @Override // org.jahia.pipelines.valves.Valve
    public void invoke(Object obj, ValveContext valveContext) throws PipelineException {
        ServicesRegistry servicesRegistry;
        if (!isEnabled()) {
            valveContext.invokeNext(obj);
            return;
        }
        AuthValveContext authValveContext = (AuthValveContext) obj;
        HttpServletRequest request = authValveContext.getRequest();
        JahiaUser jahiaUser = null;
        boolean z = false;
        if (isLoginRequested(request)) {
            String parameter = request.getParameter("username");
            String parameter2 = request.getParameter("password");
            if (parameter != null && parameter2 != null && (servicesRegistry = ServicesRegistry.getInstance()) != null && servicesRegistry.getJahiaUserManagerService() != null) {
                jahiaUser = ServicesRegistry.getInstance().getJahiaUserManagerService().lookupUser(parameter);
                if (jahiaUser == null) {
                    if (logger.isDebugEnabled()) {
                        logger.debug("Login failed. Unknown username " + parameter + ".");
                    }
                    request.setAttribute(VALVE_RESULT, UNKNOWN_USER);
                } else if (!jahiaUser.verifyPassword(parameter2)) {
                    logger.warn("Login failed: user " + jahiaUser.getUsername() + " provided bad password.");
                    request.setAttribute(VALVE_RESULT, BAD_PASSWORD);
                } else if (jahiaUser.isAccountLocked()) {
                    logger.warn("Login failed: account for user " + jahiaUser.getUsername() + " is locked.");
                    request.setAttribute(VALVE_RESULT, ACCOUNT_LOCKED);
                } else {
                    z = true;
                }
            }
        }
        if (!z) {
            valveContext.invokeNext(obj);
            return;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("User " + jahiaUser + " logged in.");
        }
        Map<String, Object> preserveSessionAttributes = preserveSessionAttributes(request);
        if (request.getSession(false) != null) {
            request.getSession().invalidate();
        }
        restoreSessionAttributes(request, preserveSessionAttributes);
        request.setAttribute(VALVE_RESULT, OK);
        authValveContext.getSessionFactory().setCurrentUser(jahiaUser);
        if (SettingsBean.getInstance().isConsiderPreferredLanguageAfterLogin()) {
            request.getSession().setAttribute(ProcessingContext.SESSION_LOCALE, UserPreferencesHelper.getPreferredLocale(jahiaUser, LanguageCodeConverters.resolveLocaleForGuest(request)));
        }
        String parameter3 = request.getParameter(USE_COOKIE);
        if (parameter3 != null && "on".equals(parameter3)) {
            String str = null;
            while (str == null) {
                str = CookieAuthValveImpl.generateRandomString(this.cookieAuthConfig.getIdLength());
                Properties properties = new Properties();
                properties.setProperty(this.cookieAuthConfig.getUserPropertyName(), str);
                if (ServicesRegistry.getInstance().getJahiaUserManagerService().searchUsers(properties).size() > 0) {
                    str = null;
                }
            }
            jahiaUser.setProperty(this.cookieAuthConfig.getUserPropertyName(), str);
            Cookie cookie = new Cookie(this.cookieAuthConfig.getCookieName(), str);
            cookie.setPath(StringUtils.isNotEmpty(request.getContextPath()) ? request.getContextPath() : Category.PATH_DELIMITER);
            cookie.setMaxAge(this.cookieAuthConfig.getMaxAgeInSeconds());
            cookie.setHttpOnly(this.cookieAuthConfig.isHttpOnly());
            cookie.setSecure(this.cookieAuthConfig.isSecure());
            authValveContext.getResponse().addCookie(cookie);
        }
        enforcePasswordPolicy(jahiaUser);
        if (this.fireLoginEvent) {
            SpringContextSingleton.getInstance().publishEvent(new LoginEvent(this, jahiaUser, authValveContext));
        }
    }

    private Map<String, Object> preserveSessionAttributes(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        if (this.preserveSessionAttributes != null && httpServletRequest.getSession(false) != null && this.preserveSessionAttributes.length() > 0) {
            String[] split = Patterns.TRIPLE_HASH.split(this.preserveSessionAttributes);
            HttpSession session = httpServletRequest.getSession(false);
            for (String str : split) {
                Object attribute = session.getAttribute(str);
                if (attribute != null) {
                    hashMap.put(str, attribute);
                }
            }
        }
        return hashMap;
    }

    private void restoreSessionAttributes(HttpServletRequest httpServletRequest, Map<String, Object> map) {
        if (map.size() > 0) {
            HttpSession session = httpServletRequest.getSession();
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                session.setAttribute(entry.getKey(), entry.getValue());
            }
        }
    }

    protected boolean isLoginRequested(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(LOGIN_TAG_PARAMETER);
        if (parameter != null) {
            return Boolean.valueOf(parameter).booleanValue() || "1".equals(parameter);
        }
        if ("/cms".equals(httpServletRequest.getServletPath())) {
            return Login.getMapping().equals(httpServletRequest.getPathInfo());
        }
        return false;
    }

    public void setCookieAuthConfig(CookieAuthConfig cookieAuthConfig) {
        this.cookieAuthConfig = cookieAuthConfig;
    }
}
