package org.sonar.server.authentication.ws;

import java.io.IOException;
import javax.annotation.Nullable;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.sonar.api.web.ServletFilter;
import org.sonar.db.DbClient;
import org.sonar.db.user.UserDto;
import org.sonar.server.authentication.CredentialsAuthenticator;
import org.sonar.server.authentication.JwtHttpHandler;
import org.sonar.server.authentication.event.AuthenticationEvent;
import org.sonar.server.authentication.event.AuthenticationException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.user.ServerUserSession;
import org.sonar.server.user.ThreadLocalUserSession;
import org.sonar.server.user.index.UserIndexDefinition;

/* loaded from: input_file:org/sonar/server/authentication/ws/LoginAction.class */
public class LoginAction extends ServletFilter {
    public static final String AUTH_LOGIN_URL = "/api/authentication/login";
    private static final String POST = "POST";
    private final DbClient dbClient;
    private final CredentialsAuthenticator credentialsAuthenticator;
    private final JwtHttpHandler jwtHttpHandler;
    private final ThreadLocalUserSession threadLocalUserSession;
    private final AuthenticationEvent authenticationEvent;

    public LoginAction(DbClient dbClient, CredentialsAuthenticator credentialsAuthenticator, JwtHttpHandler jwtHttpHandler, ThreadLocalUserSession threadLocalUserSession, AuthenticationEvent authenticationEvent) {
        this.dbClient = dbClient;
        this.credentialsAuthenticator = credentialsAuthenticator;
        this.jwtHttpHandler = jwtHttpHandler;
        this.threadLocalUserSession = threadLocalUserSession;
        this.authenticationEvent = authenticationEvent;
    }

    public ServletFilter.UrlPattern doGetPattern() {
        return ServletFilter.UrlPattern.create(AUTH_LOGIN_URL);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!httpServletRequest.getMethod().equals(POST)) {
            httpServletResponse.setStatus(400);
            return;
        }
        try {
            UserDto authenticate = authenticate(httpServletRequest, httpServletRequest.getParameter(UserIndexDefinition.FIELD_LOGIN), httpServletRequest.getParameter("password"));
            this.jwtHttpHandler.generateToken(authenticate, httpServletRequest, httpServletResponse);
            this.threadLocalUserSession.set(ServerUserSession.createForUser(this.dbClient, authenticate));
        } catch (AuthenticationException e) {
            this.authenticationEvent.failure(httpServletRequest, e);
            httpServletResponse.setStatus(401);
        } catch (UnauthorizedException e2) {
            httpServletResponse.setStatus(e2.httpCode());
        }
    }

    private UserDto authenticate(HttpServletRequest httpServletRequest, @Nullable String str, @Nullable String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            throw AuthenticationException.newBuilder().setSource(AuthenticationEvent.Source.local(AuthenticationEvent.Method.FORM)).setLogin(str).setMessage("Empty login and/or password").build();
        }
        return this.credentialsAuthenticator.authenticate(str, str2, httpServletRequest, AuthenticationEvent.Method.FORM);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
