package org.support.project.web.logic.impl;

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.arnx.jsonic.JSON;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.support.project.aop.Aspect;
import org.support.project.common.config.ConfigLoader;
import org.support.project.common.config.INT_FLAG;
import org.support.project.common.log.Log;
import org.support.project.common.log.LogFactory;
import org.support.project.common.util.Compare;
import org.support.project.common.util.PasswordUtil;
import org.support.project.common.util.RandomUtil;
import org.support.project.common.util.StringUtils;
import org.support.project.di.Container;
import org.support.project.di.DI;
import org.support.project.di.Instance;
import org.support.project.ormapping.transaction.Transaction;
import org.support.project.web.bean.LdapInfo;
import org.support.project.web.bean.LoginedUser;
import org.support.project.web.bean.UserSecret;
import org.support.project.web.config.AppConfig;
import org.support.project.web.config.WebConfig;
import org.support.project.web.dao.LdapConfigsDao;
import org.support.project.web.dao.UserAliasDao;
import org.support.project.web.dao.UsersDao;
import org.support.project.web.entity.LdapConfigsEntity;
import org.support.project.web.entity.UserAliasEntity;
import org.support.project.web.entity.UsersEntity;
import org.support.project.web.exception.AuthenticateException;
import org.support.project.web.logic.AddUserProcess;
import org.support.project.web.logic.LdapLogic;
import org.support.project.web.logic.UserLogic;

@DI(instance = Instance.Singleton)
/* loaded from: input_file:org/support/project/web/logic/impl/DefaultAuthenticationLogicImpl.class */
public class DefaultAuthenticationLogicImpl extends AbstractAuthenticationLogic<LoginedUser> {
    private static final Log LOG = LogFactory.getLog(DefaultAuthenticationLogicImpl.class);
    private int cookieMaxAge = -1;
    private String cookieEncryptKey = "";
    private boolean cookieSecure = true;

    @Override // org.support.project.web.logic.AuthenticationLogic
    public void initCookie(int i, String str, boolean z) {
        this.cookieMaxAge = i;
        this.cookieEncryptKey = str;
        this.cookieSecure = z;
    }

    @Override // org.support.project.web.logic.AuthenticationLogic
    public void setCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticateException {
        try {
            if (httpServletRequest.getCookies() != null && this.cookieMaxAge > 0 && StringUtils.isNotEmpty(this.cookieEncryptKey)) {
                LoginedUser session = getSession(httpServletRequest);
                UserSecret userSecret = new UserSecret();
                userSecret.setUserKey(session.getLoginUser().getUserKey());
                userSecret.setUserName(session.getLoginUser().getUserName());
                userSecret.setEmail(session.getLoginUser().getMailAddress());
                Cookie cookie = new Cookie("LOGIN_USER_KEY", PasswordUtil.encrypt(JSON.encode(userSecret), this.cookieEncryptKey));
                cookie.setPath(httpServletRequest.getContextPath() + "/");
                cookie.setMaxAge(this.cookieMaxAge);
                cookie.setSecure(this.cookieSecure);
                httpServletResponse.addCookie(cookie);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new AuthenticateException(e);
        }
    }

    @Override // org.support.project.web.logic.AuthenticationLogic
    public boolean cookieLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        if (Boolean.TRUE.equals(session.getAttribute("COOKIE_LOGIN_CHECK"))) {
            return false;
        }
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null && this.cookieMaxAge > 0 && StringUtils.isNotEmpty(this.cookieEncryptKey)) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals("LOGIN_USER_KEY")) {
                    try {
                        UserSecret userSecret = (UserSecret) JSON.decode(PasswordUtil.decrypt(cookie.getValue(), this.cookieEncryptKey), UserSecret.class);
                        UsersEntity selectOnLowerUserKey = UsersDao.get().selectOnLowerUserKey(userSecret.getUserKey());
                        if (selectOnLowerUserKey == null) {
                            return false;
                        }
                        if (!userSecret.getUserKey().toLowerCase().equals(selectOnLowerUserKey.getUserKey().toLowerCase()) || !userSecret.getUserName().equals(selectOnLowerUserKey.getUserName()) || !StringUtils.equals(userSecret.getEmail(), selectOnLowerUserKey.getMailAddress())) {
                            LOG.info("Cookie of LOGIN_USER_KEY is invalid.");
                            return false;
                        }
                        LOG.debug(userSecret.getUserKey() + " is Login(from cookie).");
                        setSession(userSecret.getUserKey(), httpServletRequest);
                        UserSecret userSecret2 = new UserSecret();
                        userSecret2.setUserKey(userSecret.getUserKey());
                        userSecret2.setUserName(userSecret.getUserName());
                        userSecret2.setEmail(userSecret.getEmail());
                        Cookie cookie2 = new Cookie("LOGIN_USER_KEY", PasswordUtil.encrypt(JSON.encode(userSecret), this.cookieEncryptKey));
                        cookie2.setPath(httpServletRequest.getContextPath() + "/");
                        cookie2.setMaxAge(this.cookieMaxAge);
                        cookie2.setSecure(this.cookieSecure);
                        httpServletResponse.addCookie(cookie2);
                        return true;
                    } catch (Exception e) {
                        LOG.trace("error cookieLogin.", e);
                    }
                }
            }
        }
        session.setAttribute("COOKIE_LOGIN_CHECK", Boolean.TRUE);
        return false;
    }

    @Override // org.support.project.web.logic.impl.AbstractAuthenticationLogic, org.support.project.web.logic.AuthenticationLogic
    @Aspect(advice = Transaction.class)
    public int auth(String str, String str2) throws AuthenticateException {
        initLogic();
        for (LdapConfigsEntity ldapConfigsEntity : LdapConfigsDao.get().selectAll()) {
            try {
                LdapInfo auth = LdapLogic.get().auth(ldapConfigsEntity, str, str2);
                if (auth != null) {
                    UserAliasEntity selectOnAliasKey = UserAliasDao.get().selectOnAliasKey(ldapConfigsEntity.getSystemName(), str);
                    if (selectOnAliasKey != null) {
                        UsersDao usersDao = UsersDao.get();
                        UsersEntity selectOnKey = usersDao.selectOnKey(selectOnAliasKey.getUserId());
                        if (selectOnKey == null) {
                            return Integer.MIN_VALUE;
                        }
                        if (Compare.equal(selectOnAliasKey.getUserInfoUpdate(), Integer.valueOf(INT_FLAG.ON.getValue()))) {
                            updateUser(str, str2, auth, usersDao, selectOnKey);
                        }
                        return selectOnKey.getUserId().intValue();
                    }
                    UsersDao usersDao2 = UsersDao.get();
                    UsersEntity selectOnLowerUserKey = usersDao2.selectOnLowerUserKey(str);
                    if (selectOnLowerUserKey == null) {
                        selectOnLowerUserKey = addUser(str, str2, auth);
                        if (StringUtils.isNotEmpty(AppConfig.get().getAddUserProcess())) {
                            ((AddUserProcess) Container.getComp(AppConfig.get().getAddUserProcess(), AddUserProcess.class)).addUserProcess(selectOnLowerUserKey.getUserKey());
                        }
                    } else {
                        updateUser(str, str2, auth, usersDao2, selectOnLowerUserKey);
                    }
                    UserAliasEntity userAliasEntity = new UserAliasEntity();
                    userAliasEntity.setUserInfoUpdate(Integer.valueOf(INT_FLAG.ON.getValue()));
                    userAliasEntity.setUserId(selectOnLowerUserKey.getUserId());
                    userAliasEntity.setAuthKey(ldapConfigsEntity.getSystemName());
                    userAliasEntity.setAliasKey(str);
                    userAliasEntity.setAliasName(auth.getName().toLowerCase());
                    userAliasEntity.setAliasMail(auth.getMail());
                    UserAliasDao.get().save(userAliasEntity);
                    return selectOnLowerUserKey.getUserId().intValue();
                }
            } catch (LdapException | IOException e) {
                throw new AuthenticateException((Throwable) e);
            }
        }
        try {
            if (StringUtils.isEmpty(str2)) {
                return Integer.MIN_VALUE;
            }
            UsersEntity selectOnUserKey = UsersDao.get().selectOnUserKey(str);
            AppConfig appConfig = (AppConfig) ConfigLoader.load("/appconfig.xml", AppConfig.class);
            if (selectOnUserKey == null) {
                return Integer.MIN_VALUE;
            }
            if (selectOnUserKey.getAuthLdap() != null && selectOnUserKey.getAuthLdap().intValue() != INT_FLAG.OFF.getValue()) {
                return Integer.MIN_VALUE;
            }
            if (selectOnUserKey.getPassword().equals(PasswordUtil.getStretchedPassword(str2, selectOnUserKey.getSalt(), appConfig.getHashIterations().intValue()))) {
                return selectOnUserKey.getUserId().intValue();
            }
            return Integer.MIN_VALUE;
        } catch (NoSuchAlgorithmException e2) {
            throw new AuthenticateException(e2);
        }
    }

    private void updateUser(String str, String str2, LdapInfo ldapInfo, UsersDao usersDao, UsersEntity usersEntity) {
        boolean z = false;
        if (StringUtils.isNotEmpty(ldapInfo.getName()) && !ldapInfo.getName().equals(usersEntity.getUserName())) {
            usersEntity.setUserName(ldapInfo.getName());
            z = true;
        }
        if (StringUtils.isNotEmpty(ldapInfo.getMail()) && StringUtils.isEmailAddress(ldapInfo.getMail()) && !ldapInfo.getMail().equals(usersEntity.getMailAddress())) {
            usersEntity.setMailAddress(ldapInfo.getMail());
            z = true;
        }
        if (usersEntity.getAuthLdap() == null || usersEntity.getAuthLdap().intValue() != INT_FLAG.ON.getValue()) {
            usersEntity.setAuthLdap(Integer.valueOf(INT_FLAG.ON.getValue()));
            z = true;
        }
        if (z) {
            usersEntity.setPassword(RandomUtil.randamGen(32));
            usersDao.save(usersEntity);
            LOG.debug("Change User info on Ldap login. [user]" + str);
        }
    }

    private UsersEntity addUser(String str, String str2, LdapInfo ldapInfo) {
        UsersEntity usersEntity = new UsersEntity();
        usersEntity.setUserKey(ldapInfo.getId());
        if (StringUtils.isNotEmpty(ldapInfo.getName())) {
            usersEntity.setUserName(ldapInfo.getName());
        } else {
            usersEntity.setUserName(ldapInfo.getId());
        }
        if (StringUtils.isNotEmpty(ldapInfo.getMail()) && StringUtils.isEmailAddress(ldapInfo.getMail())) {
            usersEntity.setMailAddress(ldapInfo.getMail());
        }
        usersEntity.setAuthLdap(Integer.valueOf(INT_FLAG.ON.getValue()));
        usersEntity.setAdmin(Boolean.valueOf(ldapInfo.isAdmin()));
        usersEntity.setPassword(RandomUtil.randamGen(24));
        ArrayList arrayList = new ArrayList();
        arrayList.add(WebConfig.ROLE_USER);
        if (ldapInfo.isAdmin()) {
            arrayList.add(WebConfig.ROLE_ADMIN);
        }
        usersEntity.setPassword(RandomUtil.randamGen(32));
        UsersEntity insert = UserLogic.get().insert(usersEntity, (String[]) arrayList.toArray(new String[0]));
        LOG.info("Add User on first Ldap login. [user]" + str);
        return insert;
    }
}
