package org.jahia.modules.jahiaauth.valves;

import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.jahia.api.settings.SettingsBean;
import org.jahia.api.usermanager.JahiaUserManagerService;
import org.jahia.modules.jahiaauth.service.JahiaAuthConstants;
import org.jahia.modules.jahiaauth.service.JahiaAuthMapperService;
import org.jahia.modules.jahiaauth.service.MappedProperty;
import org.jahia.osgi.FrameworkService;
import org.jahia.params.valves.AuthValveContext;
import org.jahia.params.valves.BaseAuthValve;
import org.jahia.params.valves.CookieAuthValveImpl;
import org.jahia.pipelines.Pipeline;
import org.jahia.pipelines.PipelineException;
import org.jahia.pipelines.valves.ValveContext;
import org.jahia.services.content.decorator.JCRUserNode;
import org.jahia.services.preferences.user.UserPreferencesHelper;
import org.jahia.services.usermanager.JahiaUser;
import org.jahia.utils.LanguageCodeConverters;
import org.jahia.utils.Patterns;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jahia/modules/jahiaauth/valves/SSOValve.class */
public class SSOValve extends BaseAuthValve {
    private static final Logger logger = LoggerFactory.getLogger(SSOValve.class);
    private static String VALVE_RESULT = "login_valve_result";
    private JahiaUserManagerService jahiaUserManagerService;
    private JahiaAuthMapperService jahiaAuthMapperService;
    private SettingsBean settingsBean;
    private Pipeline authPipeline;
    private String preserveSessionAttributes = null;

    public void start() {
        setId("ssoValve");
        removeValve(this.authPipeline);
        addValve(this.authPipeline, -1, null, null);
    }

    public void stop() {
        removeValve(this.authPipeline);
    }

    public void invoke(Object obj, ValveContext valveContext) throws PipelineException {
        AuthValveContext authValveContext = (AuthValveContext) obj;
        HttpServletRequest request = authValveContext.getRequest();
        if (authValveContext.getSessionFactory().getCurrentUser() != null) {
            valveContext.invokeNext(obj);
            return;
        }
        String id = request.getSession().getId();
        Map<String, Map<String, MappedProperty>> mapperResultsForSession = this.jahiaAuthMapperService.getMapperResultsForSession(id);
        if (mapperResultsForSession == null || !request.getParameterMap().containsKey("site")) {
            valveContext.invokeNext(obj);
            return;
        }
        String findUserId = findUserId(mapperResultsForSession);
        if (findUserId == null) {
            valveContext.invokeNext(obj);
            return;
        }
        boolean z = false;
        JCRUserNode lookupUser = this.jahiaUserManagerService.lookupUser(findUserId, request.getParameter("site"));
        if (lookupUser == null) {
            logger.warn("Login failed. Unknown username {}", findUserId);
            request.setAttribute(VALVE_RESULT, "unknown_user");
        } else if (lookupUser.isAccountLocked()) {
            logger.warn("Login failed: account for user {} is locked.", lookupUser.getName());
            request.setAttribute(VALVE_RESULT, "account_locked");
        } else {
            z = true;
        }
        if (z) {
            login(authValveContext, request, id, lookupUser);
        } else {
            valveContext.invokeNext(obj);
        }
    }

    private void login(AuthValveContext authValveContext, HttpServletRequest httpServletRequest, String str, JCRUserNode jCRUserNode) {
        if (logger.isDebugEnabled()) {
            logger.debug("User {} logged in.", jCRUserNode);
        }
        Map<String, Serializable> preserveSessionAttributes = preserveSessionAttributes(httpServletRequest);
        JahiaUser jahiaUser = jCRUserNode.getJahiaUser();
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.getSession().invalidate();
        }
        if (!str.equals(httpServletRequest.getSession().getId())) {
            this.jahiaAuthMapperService.updateCacheEntry(str, httpServletRequest.getSession().getId());
        }
        restoreSessionAttributes(httpServletRequest, preserveSessionAttributes);
        httpServletRequest.setAttribute(VALVE_RESULT, "ok");
        authValveContext.getSessionFactory().setCurrentUser(jahiaUser);
        if (this.settingsBean.isConsiderPreferredLanguageAfterLogin()) {
            httpServletRequest.getSession().setAttribute("org.jahia.services.multilang.currentlocale", UserPreferencesHelper.getPreferredLocale(jCRUserNode, LanguageCodeConverters.resolveLocaleForGuest(httpServletRequest)));
        }
        String parameter = httpServletRequest.getParameter("useCookie");
        if (parameter != null && "on".equals(parameter)) {
            CookieAuthValveImpl.createAndSendCookie(authValveContext, jCRUserNode, this.settingsBean.getCookieAuthConfig());
        }
        HashMap hashMap = new HashMap();
        hashMap.put("user", jahiaUser);
        hashMap.put("authContext", authValveContext);
        hashMap.put("source", this);
        FrameworkService.sendEvent("org/jahia/usersgroups/login/LOGIN", hashMap, false);
    }

    private String findUserId(Map<String, Map<String, MappedProperty>> map) {
        for (Map<String, MappedProperty> map2 : map.values()) {
            if (map2.containsKey(JahiaAuthConstants.SSO_LOGIN)) {
                return (String) map2.get(JahiaAuthConstants.SSO_LOGIN).getValue();
            }
        }
        return null;
    }

    private Map<String, Serializable> preserveSessionAttributes(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        if (this.preserveSessionAttributes != null && httpServletRequest.getSession(false) != null && this.preserveSessionAttributes.length() > 0) {
            String[] split = Patterns.TRIPLE_HASH.split(this.preserveSessionAttributes);
            HttpSession session = httpServletRequest.getSession(false);
            for (String str : split) {
                Object attribute = session.getAttribute(str);
                if (attribute instanceof Serializable) {
                    hashMap.put(str, (Serializable) attribute);
                }
            }
        }
        return hashMap;
    }

    private void restoreSessionAttributes(HttpServletRequest httpServletRequest, Map<String, Serializable> map) {
        if (map.size() > 0) {
            HttpSession session = httpServletRequest.getSession();
            for (Map.Entry<String, Serializable> entry : map.entrySet()) {
                session.setAttribute(entry.getKey(), entry.getValue());
            }
        }
    }

    public void setJahiaAuthMapperService(JahiaAuthMapperService jahiaAuthMapperService) {
        this.jahiaAuthMapperService = jahiaAuthMapperService;
    }

    public void setJahiaUserManagerService(JahiaUserManagerService jahiaUserManagerService) {
        this.jahiaUserManagerService = jahiaUserManagerService;
    }

    public void setSettingsBean(SettingsBean settingsBean) {
        this.settingsBean = settingsBean;
        this.preserveSessionAttributes = settingsBean.getString("preserveSessionAttributesOnLogin", "wemSessionId");
    }

    public void setAuthPipeline(Pipeline pipeline) {
        this.authPipeline = pipeline;
    }
}
