package com.xpn.xwiki.user.impl.xwiki;

import com.xpn.xwiki.XWiki;
import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.objects.classes.PasswordClass;
import com.xpn.xwiki.plugin.ldap.LDAPPlugin;
import com.xpn.xwiki.plugin.usertools.XWikiUserManagementToolsImpl;
import com.xpn.xwiki.user.api.XWikiUser;
import java.io.IOException;
import java.security.Principal;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.securityfilter.config.SecurityConfig;
import org.securityfilter.filter.SavedRequest;
import org.securityfilter.filter.SecurityRequestWrapper;
import org.securityfilter.realm.SecurityRealmInterface;
import org.securityfilter.realm.SimplePrincipal;

/* loaded from: input_file:com/xpn/xwiki/user/impl/xwiki/XWikiAuthServiceImpl.class */
public class XWikiAuthServiceImpl extends AbstractXWikiAuthService {
    private static final Log log;
    protected XWikiAuthenticator authenticator;
    static Class class$0;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        log = LogFactory.getLog(cls);
    }

    protected XWikiAuthenticator getAuthenticator(XWikiContext xWikiContext) throws XWikiException {
        if (this.authenticator != null) {
            return this.authenticator;
        }
        try {
            XWiki wiki = xWikiContext.getWiki();
            if ("basic".equals(wiki.Param("xwiki.authentication"))) {
                this.authenticator = new MyBasicAuthenticator();
                SecurityConfig securityConfig = new SecurityConfig(false);
                securityConfig.setAuthMethod("BASIC");
                if (wiki.Param("xwiki.authentication.realname") != null) {
                    securityConfig.setRealmName(wiki.Param("xwiki.authentication.realname"));
                } else {
                    securityConfig.setRealmName("XWiki");
                }
                this.authenticator.init(null, securityConfig);
            } else {
                this.authenticator = new MyFormAuthenticator();
                SecurityConfig securityConfig2 = new SecurityConfig(false);
                securityConfig2.setAuthMethod("FORM");
                if (wiki.Param("xwiki.authentication.realname") != null) {
                    securityConfig2.setRealmName(wiki.Param("xwiki.authentication.realname"));
                } else {
                    securityConfig2.setRealmName("XWiki");
                }
                if (wiki.Param("xwiki.authentication.defaultpage") != null) {
                    securityConfig2.setDefaultPage(wiki.Param("xwiki.authentication.defaultpage"));
                } else {
                    securityConfig2.setDefaultPage("/bin/view/Main/WebHome");
                }
                if (wiki.Param("xwiki.authentication.loginpage") != null) {
                    securityConfig2.setLoginPage(wiki.Param("xwiki.authentication.loginpage"));
                } else {
                    securityConfig2.setLoginPage("/bin/login/XWiki/XWikiLogin");
                }
                if (wiki.Param("xwiki.authentication.logoutpage") != null) {
                    securityConfig2.setLogoutPage(wiki.Param("xwiki.authentication.logoutpage"));
                } else {
                    securityConfig2.setLogoutPage("/bin/logout/XWiki/XWikiLogout");
                }
                if (wiki.Param("xwiki.authentication.errorpage") != null) {
                    securityConfig2.setErrorPage(wiki.Param("xwiki.authentication.errorpage"));
                } else {
                    securityConfig2.setErrorPage("/bin/loginerror/XWiki/XWikiLogin");
                }
                MyPersistentLoginManager myPersistentLoginManager = new MyPersistentLoginManager();
                if (wiki.Param("xwiki.authentication.cookiepath") != null) {
                    myPersistentLoginManager.setCookiePath(wiki.Param("xwiki.authentication.cookiepath"));
                }
                if (wiki.Param("xwiki.authentication.cookiedomains") != null) {
                    myPersistentLoginManager.setCookieDomains(StringUtils.split(wiki.Param("xwiki.authentication.cookiedomains"), ","));
                }
                if (wiki.Param("xwiki.authentication.cookielife") != null) {
                    myPersistentLoginManager.setCookieLife(wiki.Param("xwiki.authentication.cookielife"));
                }
                if (wiki.Param("xwiki.authentication.protection") != null) {
                    myPersistentLoginManager.setProtection(wiki.Param("xwiki.authentication.protection"));
                }
                if (wiki.Param("xwiki.authentication.useip") != null) {
                    myPersistentLoginManager.setUseIP(wiki.Param("xwiki.authentication.useip"));
                }
                if (wiki.Param("xwiki.authentication.encryptionalgorithm") != null) {
                    myPersistentLoginManager.setEncryptionAlgorithm(wiki.Param("xwiki.authentication.encryptionalgorithm"));
                }
                if (wiki.Param("xwiki.authentication.encryptionmode") != null) {
                    myPersistentLoginManager.setEncryptionMode(wiki.Param("xwiki.authentication.encryptionmode"));
                }
                if (wiki.Param("xwiki.authentication.encryptionpadding") != null) {
                    myPersistentLoginManager.setEncryptionPadding(wiki.Param("xwiki.authentication.encryptionpadding"));
                }
                if (wiki.Param("xwiki.authentication.validationKey") != null) {
                    myPersistentLoginManager.setValidationKey(wiki.Param("xwiki.authentication.validationKey"));
                }
                if (wiki.Param("xwiki.authentication.encryptionKey") != null) {
                    myPersistentLoginManager.setEncryptionKey(wiki.Param("xwiki.authentication.encryptionKey"));
                }
                securityConfig2.setPersistentLoginManager(myPersistentLoginManager);
                MyFilterConfig myFilterConfig = new MyFilterConfig();
                if (wiki.Param("xwiki.authentication.loginsubmitpage") != null) {
                    myFilterConfig.setInitParameter("loginSubmitPattern", wiki.Param("xwiki.authentication.loginsubmitpage"));
                } else {
                    myFilterConfig.setInitParameter("loginSubmitPattern", "/loginsubmit/XWiki/XWikiLogin");
                }
                this.authenticator.init(myFilterConfig, securityConfig2);
            }
            return this.authenticator;
        } catch (Exception e) {
            throw new XWikiException(8, XWikiException.ERROR_XWIKI_USER_INIT, "Cannot initialize authentication system", e);
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public XWikiUser checkAuth(XWikiContext xWikiContext) throws XWikiException {
        XWiki wiki = xWikiContext.getWiki();
        HttpServletRequest httpServletRequest = null;
        HttpServletResponse httpServletResponse = null;
        if (xWikiContext.getRequest() != null) {
            httpServletRequest = xWikiContext.getRequest().getHttpServletRequest();
        }
        if (xWikiContext.getResponse() != null) {
            httpServletResponse = xWikiContext.getResponse().getHttpServletResponse();
        }
        if (httpServletRequest == null) {
            return null;
        }
        XWikiAuthenticator authenticator = getAuthenticator(xWikiContext);
        SecurityRequestWrapper securityRequestWrapper = new SecurityRequestWrapper(httpServletRequest, (SavedRequest) null, (SecurityRealmInterface) null, authenticator.getAuthMethod());
        securityRequestWrapper.setUserPrincipal((Principal) null);
        try {
            if (authenticator.processLogout(securityRequestWrapper, httpServletResponse, wiki.getUrlPatternMatcher())) {
                if (log.isInfoEnabled()) {
                    log.info(new StringBuffer("User ").append(xWikiContext.getUser()).append(" has been logged-out").toString());
                }
                securityRequestWrapper.setUserPrincipal((Principal) null);
                return null;
            }
            if (authenticator.processLogin(securityRequestWrapper, httpServletResponse, xWikiContext)) {
                return null;
            }
            Principal userPrincipal = securityRequestWrapper.getUserPrincipal();
            if (log.isInfoEnabled() && userPrincipal != null) {
                log.info(new StringBuffer("User ").append(userPrincipal.getName()).append(" is authentified").toString());
            }
            if (userPrincipal == null) {
                return null;
            }
            return new XWikiUser(userPrincipal.getName());
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public XWikiUser checkAuth(String str, String str2, String str3, XWikiContext xWikiContext) throws XWikiException {
        HttpServletRequest httpServletRequest = null;
        HttpServletResponse httpServletResponse = null;
        if (xWikiContext.getRequest() != null) {
            httpServletRequest = xWikiContext.getRequest().getHttpServletRequest();
        }
        if (xWikiContext.getResponse() != null) {
            httpServletResponse = xWikiContext.getResponse().getHttpServletResponse();
        }
        if (httpServletRequest == null) {
            return null;
        }
        XWikiAuthenticator authenticator = getAuthenticator(xWikiContext);
        SecurityRequestWrapper securityRequestWrapper = new SecurityRequestWrapper(httpServletRequest, (SavedRequest) null, (SecurityRealmInterface) null, authenticator.getAuthMethod());
        try {
            if (!authenticator.processLogin(str, str2, str3, securityRequestWrapper, httpServletResponse, xWikiContext)) {
                return null;
            }
            Principal userPrincipal = securityRequestWrapper.getUserPrincipal();
            if (log.isInfoEnabled() && userPrincipal != null) {
                log.info(new StringBuffer("User ").append(userPrincipal.getName()).append(" is authentified").toString());
            }
            if (userPrincipal == null) {
                return null;
            }
            return new XWikiUser(userPrincipal.getName());
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public void showLogin(XWikiContext xWikiContext) throws XWikiException {
        try {
            if (xWikiContext.getMode() == 0) {
                getAuthenticator(xWikiContext).showLogin(xWikiContext.getRequest().getHttpServletRequest(), xWikiContext.getResponse().getHttpServletResponse(), xWikiContext);
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public Principal authenticate(String str, String str2, XWikiContext xWikiContext) throws XWikiException {
        if (str == null) {
            return null;
        }
        String replaceAll = str.replaceAll(" ", "");
        if (replaceAll.equals("")) {
            xWikiContext.put("message", "nousername");
            return null;
        }
        if (str2 == null || str2.trim().equals("")) {
            xWikiContext.put("message", "nopassword");
            return null;
        }
        if (isSuperAdmin(replaceAll)) {
            return authenticateSuperAdmin(str2, xWikiContext);
        }
        if (xWikiContext == null) {
            xWikiContext.put("message", "loginfailed");
            return null;
        }
        String str3 = replaceAll;
        int indexOf = replaceAll.indexOf(XWikiDocument.SPACE_NAME_SEP);
        if (indexOf != -1) {
            str3 = replaceAll.substring(indexOf + 1);
        }
        try {
            String findUser = findUser(str3, xWikiContext);
            if (findUser == null) {
                xWikiContext.put("message", "wronguser");
            } else {
                if (checkPassword(findUser, str2, xWikiContext)) {
                    return new SimplePrincipal(findUser);
                }
                xWikiContext.put("message", "wrongpassword");
            }
        } catch (Exception unused) {
        }
        if (!xWikiContext.isVirtual()) {
            return null;
        }
        String database = xWikiContext.getDatabase();
        try {
            xWikiContext.setDatabase(xWikiContext.getWiki().getDatabase());
            String findUser2 = findUser(str3, xWikiContext);
            if (findUser2 == null) {
                xWikiContext.put("message", "wronguser");
                return null;
            }
            if (checkPassword(findUser2, str2, xWikiContext)) {
                return new SimplePrincipal(new StringBuffer(String.valueOf(xWikiContext.getDatabase())).append(":").append(findUser2).toString());
            }
            xWikiContext.put("message", "wrongpassword");
            return null;
        } catch (Exception unused2) {
            xWikiContext.put("message", "loginfailed");
            return null;
        } finally {
            xWikiContext.setDatabase(database);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Object[], java.lang.Object[][]] */
    public String findUser(String str, XWikiContext xWikiContext) throws XWikiException {
        String str2;
        if (xWikiContext.getWiki().exists(new StringBuffer("XWiki.").append(str).toString(), xWikiContext)) {
            str2 = new StringBuffer("XWiki.").append(str).toString();
        } else {
            List search = xWikiContext.getWiki().search("select distinct doc.fullName from XWikiDocument as doc", new Object[]{new Object[]{"doc.web", "XWiki"}, new Object[]{"doc.name", str}}, xWikiContext);
            str2 = search.size() == 0 ? null : (String) search.get(0);
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkPassword(String str, String str2, XWikiContext xWikiContext) throws XWikiException {
        try {
            boolean z = false;
            XWikiDocument document = xWikiContext.getWiki().getDocument(str, xWikiContext);
            if (document.getObject(XWikiUserManagementToolsImpl.DEFAULT_USER_CLASS) != null) {
                String stringValue = document.getStringValue(XWikiUserManagementToolsImpl.DEFAULT_USER_CLASS, "password");
                z = ((PasswordClass) xWikiContext.getWiki().getClass(XWikiUserManagementToolsImpl.DEFAULT_USER_CLASS, xWikiContext).getField("password")).getEquivalentPassword(stringValue, str2).equals(stringValue);
            }
            if (log.isDebugEnabled()) {
                if (z) {
                    log.debug(new StringBuffer("Password check for user ").append(str).append(" successful").toString());
                } else {
                    log.debug(new StringBuffer("Password check for user ").append(str).append(" failed").toString());
                }
            }
            return z;
        } catch (Throwable th) {
            th.printStackTrace();
            return false;
        }
    }

    protected String getParam(String str, XWikiContext xWikiContext) {
        String str2 = "";
        try {
            str2 = xWikiContext.getWiki().getXWikiPreference(str, xWikiContext);
        } catch (Exception unused) {
        }
        if (str2 == null || "".equals(str2)) {
            try {
                str2 = xWikiContext.getWiki().Param(new StringBuffer("xwiki.authentication.").append(StringUtils.replace(str, "auth_", XWikiDocument.SPACE_NAME_SEP)).toString());
            } catch (Exception unused2) {
            }
        }
        if (str2 == null) {
            str2 = "";
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createUser(String str, XWikiContext xWikiContext) throws XWikiException {
        String param = getParam("auth_createuser", xWikiContext);
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer("Create user param is ").append(param).toString());
        }
        if (param != null) {
            String clearName = xWikiContext.getWiki().clearName(str, true, true, xWikiContext);
            if (!xWikiContext.getWiki().getDocument(new StringBuffer("XWiki.").append(clearName).toString(), xWikiContext).isNew()) {
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer("User page already exists for user ").append(str).toString());
                    return;
                }
                return;
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer("User page does not exist for user ").append(str).toString());
            }
            if (!"ldap".equals(param)) {
                if ("empty".equals(param)) {
                    if (log.isDebugEnabled()) {
                        log.debug(new StringBuffer("Creating emptry user for user ").append(str).toString());
                    }
                    xWikiContext.getWiki().createEmptyUser(clearName, "edit", xWikiContext);
                    return;
                }
                return;
            }
            LDAPPlugin lDAPPlugin = (LDAPPlugin) xWikiContext.getWiki().getPlugin("ldap", xWikiContext);
            if (lDAPPlugin != null) {
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer("Creating user from ldap for user ").append(str).toString());
                }
                lDAPPlugin.createUserFromLDAP(clearName, str, null, null, xWikiContext);
            } else if (log.isErrorEnabled()) {
                log.error("Impossible to create user from LDAP because LDAP plugin is not activated");
            }
        }
    }
}
