package org.jahia.modules.mfa.graphql.extensions;

import graphql.annotations.annotationTypes.GraphQLDescription;
import graphql.annotations.annotationTypes.GraphQLField;
import graphql.annotations.annotationTypes.GraphQLName;
import graphql.annotations.annotationTypes.GraphQLNonNull;
import java.util.Locale;
import javax.jcr.RepositoryException;
import org.apache.commons.lang.StringUtils;
import org.jahia.modules.mfa.MFAConstants;
import org.jahia.modules.mfa.impl.JahiaMFAServiceImpl;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.services.content.decorator.JCRSiteNode;
import org.jahia.services.content.decorator.JCRUserNode;
import org.jahia.services.usermanager.JahiaUserManagerService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@GraphQLName("MFAQuery")
@GraphQLDescription("Queries MFA")
/* loaded from: input_file:jahia-mfa-core-1.0.2.jar:org/jahia/modules/mfa/graphql/extensions/GqlMFAQuery.class */
public class GqlMFAQuery {
    private static final Logger LOGGER = LoggerFactory.getLogger(GqlMFAQuery.class);

    @GraphQLField
    @GraphQLName("verifyMFAEnforcement")
    @GraphQLDescription("verify MFA Enforcement")
    public static boolean verifyMFAEnforcementExtension(@GraphQLName("username") @GraphQLNonNull @GraphQLDescription("username of current user") String str, @GraphQLName("sitekey") @GraphQLNonNull @GraphQLDescription("site key") String str2) {
        boolean z = false;
        boolean z2 = false;
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("verifying MFA Enforcement");
        }
        JahiaMFAServiceImpl jahiaMFAServiceImpl = JahiaMFAServiceImpl.getInstance();
        if (jahiaMFAServiceImpl != null) {
            if (!StringUtils.isEmpty(str2)) {
                try {
                    JCRSiteNode node = JCRSessionFactory.getInstance().getCurrentSystemSession((String) null, (Locale) null, (Locale) null).getNode("/sites/" + str2);
                    if (node.isNodeType(MFAConstants.MIXIN_MFA_SITE) && node.hasProperty(MFAConstants.PROP_ENFORCEMFA)) {
                        if (node.getPropertyAsString(MFAConstants.PROP_ENFORCEMFA).equals("true")) {
                            z = true;
                        }
                    }
                } catch (RepositoryException e) {
                    LOGGER.error("MFA Enforcement could not find site matching that servername", e);
                }
            }
            if (!StringUtils.isEmpty(str)) {
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug(String.format("VerifyMFAEnforcementAction for user %s", str));
                }
                JCRUserNode lookupUser = JahiaUserManagerService.getInstance().lookupUser(str);
                if (lookupUser == null) {
                    lookupUser = JahiaUserManagerService.getInstance().lookupUser(str, str2);
                }
                if (lookupUser != null && jahiaMFAServiceImpl.hasMFA(lookupUser)) {
                    z2 = true;
                }
            }
        }
        return z || z2;
    }

    @GraphQLField
    @GraphQLName("verifyToken")
    @GraphQLDescription("verify Token")
    public boolean verifyTokenExtension(@GraphQLName("password") @GraphQLNonNull @GraphQLDescription("password") String str, @GraphQLName("provider") @GraphQLNonNull @GraphQLDescription("provider") String str2, @GraphQLName("token") @GraphQLNonNull @GraphQLDescription("MFA Token") String str3) {
        LOGGER.info("verifying token");
        JahiaMFAServiceImpl jahiaMFAServiceImpl = JahiaMFAServiceImpl.getInstance();
        if (jahiaMFAServiceImpl == null) {
            return false;
        }
        JCRUserNode userNode = Utils.getUserNode(JCRSessionFactory.getInstance().getCurrentUser());
        if (str == null || str2 == null || str3 == null) {
            return false;
        }
        try {
            if (Utils.isCorrectUser(userNode)) {
                return jahiaMFAServiceImpl.verifyToken(userNode, str2, str3, str);
            }
            return false;
        } catch (Exception e) {
            LOGGER.error(String.format("Impossible to verity token for user %s", userNode.getPath()), e);
            return false;
        }
    }
}
