package io.datarouter.web.user.authenticate.authenticator.impl;

import io.datarouter.storage.config.Config;
import io.datarouter.util.BooleanTool;
import io.datarouter.util.lang.ObjectTool;
import io.datarouter.util.string.StringTool;
import io.datarouter.web.exception.IncorrectPasswordException;
import io.datarouter.web.exception.InvalidCredentialsException;
import io.datarouter.web.user.DatarouterUserDao;
import io.datarouter.web.user.DatarouterUserNodes;
import io.datarouter.web.user.authenticate.authenticator.DatarouterAuthenticator;
import io.datarouter.web.user.authenticate.config.DatarouterAuthenticationConfig;
import io.datarouter.web.user.authenticate.saml.DatarouterSamlSettingRoot;
import io.datarouter.web.user.cache.DatarouterUserByUsernameCache;
import io.datarouter.web.user.databean.DatarouterUser;
import io.datarouter.web.user.session.DatarouterSession;
import io.datarouter.web.util.http.RequestTool;
import java.util.Date;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:io/datarouter/web/user/authenticate/authenticator/impl/DatarouterSigninFormAuthenticator.class */
public class DatarouterSigninFormAuthenticator implements DatarouterAuthenticator {
    private static final Logger logger = LoggerFactory.getLogger(DatarouterSigninFormAuthenticator.class);

    @Inject
    private DatarouterAuthenticationConfig authenticationConfig;

    @Inject
    private DatarouterUserNodes userNodes;

    @Inject
    private DatarouterSamlSettingRoot samlSettings;

    @Inject
    private DatarouterUserByUsernameCache datarouterUserByUsernameCache;

    @Inject
    private DatarouterUserDao datarouterUserDao;

    @Override // io.datarouter.web.user.authenticate.authenticator.DatarouterAuthenticator
    public DatarouterSession getSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (ObjectTool.notEquals(httpServletRequest.getServletPath(), this.authenticationConfig.getSigninSubmitPath())) {
            return null;
        }
        String str = RequestTool.get(httpServletRequest, this.authenticationConfig.getUsernameParam(), null);
        String str2 = RequestTool.get(httpServletRequest, this.authenticationConfig.getPasswordParam(), null);
        if (ObjectTool.anyNull(new Object[]{str, str2})) {
            return null;
        }
        if (this.samlSettings.getShouldProcess().booleanValue()) {
            logger.info("Sign in form disabled.");
            return null;
        }
        DatarouterUser lookupAndValidateUser = lookupAndValidateUser(str, str2);
        lookupAndValidateUser.setLastLoggedIn(new Date());
        this.userNodes.getUserNode().put(lookupAndValidateUser, (Config) null);
        return DatarouterSession.createFromUser(lookupAndValidateUser);
    }

    private DatarouterUser lookupAndValidateUser(String str, String str2) {
        if (StringTool.isEmpty(str)) {
            throw new InvalidCredentialsException("no username specified");
        }
        DatarouterUser datarouterUser = (DatarouterUser) this.datarouterUserByUsernameCache.getOrThrow(str);
        if (BooleanTool.isFalseOrNull(datarouterUser.getEnabled())) {
            throw new InvalidCredentialsException("user not enabled (" + str + ")");
        }
        if (StringTool.isEmpty(str2)) {
            throw new InvalidCredentialsException("password cannot be empty (" + str + ")");
        }
        if (this.datarouterUserDao.isPasswordCorrect(datarouterUser, str2)) {
            return datarouterUser;
        }
        throw new IncorrectPasswordException("invalid password (" + str + ")");
    }
}
