package fr.paris.lutece.portal.service.admin;

import fr.paris.lutece.portal.business.user.AdminUser;
import fr.paris.lutece.portal.business.user.AdminUserHome;
import fr.paris.lutece.portal.business.user.authentication.AdminAuthentication;
import fr.paris.lutece.portal.business.user.authentication.LuteceDefaultAdminAuthentication;
import fr.paris.lutece.portal.service.captcha.ICaptchaSecurityService;
import fr.paris.lutece.portal.service.init.LuteceInitException;
import fr.paris.lutece.portal.service.security.UserNotSignedException;
import fr.paris.lutece.portal.service.spring.SpringContextService;
import fr.paris.lutece.portal.service.util.AppLogService;
import fr.paris.lutece.util.url.UrlItem;
import java.util.Collection;
import java.util.Enumeration;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:fr/paris/lutece/portal/service/admin/AdminAuthenticationService.class */
public final class AdminAuthenticationService {
    private static final String ATTRIBUTE_ADMIN_USER = "lutece_admin_user";
    private static final String ATTRIBUTE_ADMIN_LOGIN_NEXT_URL = "luteceAdminLoginNextUrl";
    private static final String BEAN_ADMIN_AUTHENTICATION_MODULE = "adminAuthenticationModule";
    private static AdminAuthenticationService _singleton = new AdminAuthenticationService();
    private static AdminAuthentication _authentication;
    private static boolean _bUseDefaultModule;

    private AdminAuthenticationService() {
    }

    public static synchronized void init() throws LuteceInitException {
        _authentication = (AdminAuthentication) SpringContextService.getBean(BEAN_ADMIN_AUTHENTICATION_MODULE);
        AppLogService.info("Authentication module loaded : " + _authentication.getAuthServiceName());
        if (_authentication.getClass().equals(LuteceDefaultAdminAuthentication.class)) {
            _bUseDefaultModule = true;
        }
    }

    public static AdminAuthenticationService getInstance() {
        return _singleton;
    }

    public boolean isDefaultModuleUsed() {
        return _bUseDefaultModule;
    }

    public AdminUser getRemoteUser(HttpServletRequest httpServletRequest) throws UserNotSignedException, AccessDeniedException {
        AdminUser registeredUser = getRegisteredUser(httpServletRequest);
        if (_authentication.isExternalAuthentication()) {
            if (registeredUser == null) {
                AdminUser httpAuthenticatedUser = _authentication.getHttpAuthenticatedUser(httpServletRequest);
                registerUser(httpServletRequest, httpAuthenticatedUser);
                AdminUserService.updateDateLastLogin(httpAuthenticatedUser.getUserId());
                throw new UserNotSignedException();
            }
            AdminUser httpAuthenticatedUser2 = _authentication.getHttpAuthenticatedUser(httpServletRequest);
            if (httpAuthenticatedUser2 == null) {
                throw new AccessDeniedException("User not found while retrieving from external authentication");
            }
            if (!httpAuthenticatedUser2.getAccessCode().equals(registeredUser.getAccessCode())) {
                unregisterUser(httpServletRequest);
                registerUser(httpServletRequest, httpAuthenticatedUser2);
                AdminUserService.updateDateLastLogin(registeredUser.getUserId());
                throw new UserNotSignedException();
            }
        } else if (registeredUser == null) {
            throw new UserNotSignedException();
        }
        return registeredUser;
    }

    public void loginUser(HttpServletRequest httpServletRequest, String str, String str2) throws LoginException {
        AdminUser login = _authentication.login(str, str2, httpServletRequest);
        try {
            registerUser(httpServletRequest, login);
            AdminUserService.updateDateLastLogin(login.getUserId());
        } catch (AccessDeniedException e) {
            throw new LoginException();
        } catch (UserNotSignedException e2) {
            throw new LoginException();
        }
    }

    public void logoutUser(HttpServletRequest httpServletRequest) {
        try {
            _authentication.logout(getRemoteUser(httpServletRequest));
            unregisterUser(httpServletRequest);
        } catch (AccessDeniedException e) {
        } catch (UserNotSignedException e2) {
        }
    }

    private AdminUser bindUser(AdminUser adminUser) throws AccessDeniedException, UserNotSignedException {
        if (adminUser == null) {
            throw new UserNotSignedException();
        }
        AdminUser findUserByLogin = AdminUserHome.findUserByLogin(adminUser.getAccessCode());
        if (findUserByLogin == null || !findUserByLogin.isStatusActive()) {
            throw new AccessDeniedException("User " + findUserByLogin + " is null or not active");
        }
        findUserByLogin.setRights(AdminUserHome.getRightsListForUser(findUserByLogin.getUserId()));
        findUserByLogin.setRoles(AdminUserHome.getRolesListForUser(findUserByLogin.getUserId()));
        return findUserByLogin;
    }

    public void registerUser(HttpServletRequest httpServletRequest, AdminUser adminUser) throws AccessDeniedException, UserNotSignedException {
        httpServletRequest.getSession(true).setAttribute(ATTRIBUTE_ADMIN_USER, bindUser(adminUser));
    }

    public void unregisterUser(HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession(true).removeAttribute(ATTRIBUTE_ADMIN_USER);
    }

    public AdminUser getRegisteredUser(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        if (session != null) {
            return (AdminUser) session.getAttribute(ATTRIBUTE_ADMIN_USER);
        }
        return null;
    }

    public boolean isExternalAuthentication() {
        return _authentication.isExternalAuthentication();
    }

    public String getLoginPageUrl() {
        return _authentication.getLoginPageUrl();
    }

    public String getChangePasswordPageUrl() {
        return _authentication.getChangePasswordPageUrl();
    }

    public String getDoLoginUrl() {
        return _authentication.getDoLoginUrl();
    }

    public String getDoLogoutUrl() {
        return _authentication.getDoLogoutUrl();
    }

    public String getNewAccountPageUrl() {
        return _authentication.getNewAccountPageUrl();
    }

    public String getViewAccountPageUrl() {
        return _authentication.getViewAccountPageUrl();
    }

    public String getLostPasswordPageUrl() {
        return _authentication.getLostPasswordPageUrl();
    }

    public String getLostLoginPageUrl() {
        return _authentication.getLostLoginPageUrl();
    }

    public Collection<AdminUser> getUserListFromModule(String str, String str2, String str3) {
        return _authentication.getUserList(str, str2, str3);
    }

    public AdminUser getUserPublicDataFromModule(String str) {
        return _authentication.getUserPublicData(str);
    }

    public void setLoginNextUrl(HttpServletRequest httpServletRequest) {
        UrlItem urlItem = new UrlItem(httpServletRequest.getRequestURI());
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            urlItem.addParameter(str, httpServletRequest.getParameter(str));
        }
        httpServletRequest.getSession(true).setAttribute(ATTRIBUTE_ADMIN_LOGIN_NEXT_URL, urlItem.getUrl());
    }

    public String getLoginNextUrl(HttpServletRequest httpServletRequest) {
        String str = ICaptchaSecurityService.EMPTY_STRING;
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            str = (String) session.getAttribute(ATTRIBUTE_ADMIN_LOGIN_NEXT_URL);
            session.removeAttribute(ATTRIBUTE_ADMIN_LOGIN_NEXT_URL);
        }
        return str;
    }
}
