package org.exist.cocoon;

import java.util.HashMap;
import java.util.Map;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.avalon.framework.thread.ThreadSafe;
import org.apache.cocoon.acting.ServiceableAction;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.Session;
import org.apache.cocoon.environment.SourceResolver;
import org.exist.security.Permission;
import org.exist.xquery.XPathException;
import org.exist.xquery.value.Item;
import org.xmldb.api.DatabaseManager;
import org.xmldb.api.base.XMLDBException;

/* loaded from: input_file:WEB-INF/lib/exist-optional-1_0b2_build_1107.jar:org/exist/cocoon/XMLDBSessionLoginAction.class */
public class XMLDBSessionLoginAction extends ServiceableAction implements ThreadSafe {
    public Map act(Redirector redirector, SourceResolver sourceResolver, Map map, String str, Parameters parameters) throws Exception {
        String sessionAttribute;
        String sessionAttribute2;
        Request request = ObjectModelHelper.getRequest(map);
        if (request == null) {
            getLogger().error("XMLDBSessionLoginAction: no request object!");
            return null;
        }
        HashMap hashMap = new HashMap();
        Session session = request.getSession(false);
        if (session == null || !request.isRequestedSessionIdValid()) {
            session = request.getSession(true);
        }
        if (session.getAttribute(Permission.USER_STRING) == null) {
            System.out.println("no user ");
            sessionAttribute = parameters.getParameter(Permission.USER_STRING, null);
            sessionAttribute2 = parameters.getParameter("password", null);
            if (sessionAttribute == null) {
                sessionAttribute = request.getParameter(Permission.USER_STRING);
                sessionAttribute2 = request.getParameter("password");
            }
            if (sessionAttribute == null) {
                getLogger().error("XMLDBSessionLoginAction: no parameters!");
                return null;
            }
            if (str == null) {
                getLogger().error("XMLDBSessionLoginAction: no source specified!");
                return null;
            }
            getLogger().info(new StringBuffer().append("trying to login user ").append(sessionAttribute).toString());
            try {
                DatabaseManager.getCollection(str, sessionAttribute, sessionAttribute2);
                session.setAttribute(Permission.USER_STRING, sessionAttribute);
                session.setAttribute("password", sessionAttribute2);
            } catch (XMLDBException e) {
                getLogger().error(new StringBuffer().append("login denied: ").append(e.getMessage()).toString());
                return null;
            }
        } else {
            sessionAttribute = getSessionAttribute(session, Permission.USER_STRING);
            sessionAttribute2 = getSessionAttribute(session, "password");
            if (sessionAttribute == null) {
                return null;
            }
        }
        hashMap.put(Permission.USER_STRING, sessionAttribute);
        hashMap.put("password", sessionAttribute2);
        return hashMap;
    }

    private String getSessionAttribute(Session session, String str) {
        Object attribute = session.getAttribute(str);
        if (attribute == null) {
            return null;
        }
        if (!(attribute instanceof Item)) {
            return attribute.toString();
        }
        try {
            return ((Item) attribute).getStringValue();
        } catch (XPathException e) {
            return null;
        }
    }
}
