package fr.paris.lutece.plugins.mylutece.modules.database.authentication;

import fr.paris.lutece.plugins.mylutece.authentication.PortalAuthentication;
import fr.paris.lutece.plugins.mylutece.authentication.logs.ConnectionLog;
import fr.paris.lutece.plugins.mylutece.authentication.logs.ConnectionLogHome;
import fr.paris.lutece.plugins.mylutece.business.attribute.AttributeFieldHome;
import fr.paris.lutece.plugins.mylutece.business.attribute.AttributeHome;
import fr.paris.lutece.plugins.mylutece.business.attribute.IAttribute;
import fr.paris.lutece.plugins.mylutece.business.attribute.MyLuteceUserField;
import fr.paris.lutece.plugins.mylutece.business.attribute.MyLuteceUserFieldHome;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.DatabaseHome;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.DatabaseUserHome;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.GroupRoleHome;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.business.parameter.DatabaseUserParameterHome;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.service.DatabaseAccountLifeTimeService;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.service.DatabasePlugin;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.service.DatabaseService;
import fr.paris.lutece.plugins.mylutece.modules.database.authentication.web.MyLuteceDatabaseApp;
import fr.paris.lutece.plugins.mylutece.util.SecurityUtils;
import fr.paris.lutece.portal.business.template.DatabaseTemplateHome;
import fr.paris.lutece.portal.service.i18n.I18nService;
import fr.paris.lutece.portal.service.mail.MailService;
import fr.paris.lutece.portal.service.plugin.Plugin;
import fr.paris.lutece.portal.service.plugin.PluginService;
import fr.paris.lutece.portal.service.security.FailedLoginCaptchaException;
import fr.paris.lutece.portal.service.security.LoginRedirectException;
import fr.paris.lutece.portal.service.security.LuteceUser;
import fr.paris.lutece.portal.service.template.AppTemplateService;
import fr.paris.lutece.portal.service.util.AppException;
import fr.paris.lutece.portal.service.util.AppLogService;
import fr.paris.lutece.portal.service.util.AppPathService;
import fr.paris.lutece.portal.service.util.AppPropertiesService;
import fr.paris.lutece.util.ReferenceItem;
import fr.paris.lutece.util.html.HtmlTemplate;
import fr.paris.lutece.util.http.SecurityUtil;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:fr/paris/lutece/plugins/mylutece/modules/database/authentication/BaseAuthentication.class */
public class BaseAuthentication extends PortalAuthentication {
    private static final String AUTH_SERVICE_NAME = AppPropertiesService.getProperty("mylutece-database.service.name");
    private static final String PLUGIN_JCAPTCHA = "jcaptcha";
    private static final String PROPERTY_MAX_ACCESS_FAILED = "access_failures_max";
    private static final String PROPERTY_ACCESS_FAILED_CAPTCHA = "access_failures_captcha";
    private static final String PROPERTY_INTERVAL_MINUTES = "access_failures_interval";
    private static final String PROPERTY_UNBLOCK_USER = "mylutece_database_unblock_user";
    private static final String PROPERTY_TOO_MANY_FAILURES = "mylutece.ip.labelTooManyLoginTrials";
    private static final String PARAMETER_UNBLOCK_USER_MAIL_SENDER = "unblock_user_mail_sender";
    private static final String PARAMETER_UNBLOCK_USER_MAIL_SUBJECT = "unblock_user_mail_subject";
    private static final String PARAMETER_ENABLE_UNBLOCK_IP = "enable_unblock_ip";
    private static final String MARK_URL = "url";
    private static final String MARK_SITE_LINK = "site_link";
    private static final String PROPERTY_MESSAGE_USER_NOT_FOUND_DATABASE = "module.mylutece.database.message.userNotFoundDatabase";
    private static final String CONSTANT_PATH_ICON = "images/local/skin/plugins/mylutece/modules/database/mylutece-database.png";
    private static final String BEAN_USER_ATTRIBUTES_SERVICE = "mylutece.myLuteceUserAttributesService";

    public String getAuthServiceName() {
        return AUTH_SERVICE_NAME;
    }

    public String getAuthType(HttpServletRequest httpServletRequest) {
        return "BASIC";
    }

    public LuteceUser login(String str, String str2, HttpServletRequest httpServletRequest) throws LoginException {
        try {
            return super.login(str, str2, httpServletRequest);
        } catch (LoginRedirectException e) {
            throw new AppException("Mylutece-database: impossible. this code should never be reached.", e);
        }
    }

    public LuteceUser processLogin(String str, String str2, HttpServletRequest httpServletRequest) throws LoginException {
        ReferenceItem findByKey;
        DatabaseService service = DatabaseService.getService();
        Plugin plugin = PluginService.getPlugin("mylutece");
        Plugin plugin2 = PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME);
        ConnectionLog connectionLog = new ConnectionLog();
        connectionLog.setIpAddress(SecurityUtil.getRealIp(httpServletRequest));
        connectionLog.setDateLogin(new Timestamp(new Date().getTime()));
        int integerSecurityParameter = DatabaseUserParameterHome.getIntegerSecurityParameter(PROPERTY_MAX_ACCESS_FAILED, plugin2);
        int i = 0;
        int integerSecurityParameter2 = DatabaseUserParameterHome.getIntegerSecurityParameter(PROPERTY_INTERVAL_MINUTES, plugin2);
        boolean z = false;
        if (PluginService.isPluginEnable(PLUGIN_JCAPTCHA)) {
            i = DatabaseUserParameterHome.getIntegerSecurityParameter(PROPERTY_ACCESS_FAILED_CAPTCHA, plugin2);
        }
        Locale locale = httpServletRequest.getLocale();
        if ((integerSecurityParameter > 0 || i > 0) && integerSecurityParameter2 > 0) {
            int loginErrors = ConnectionLogHome.getLoginErrors(connectionLog, integerSecurityParameter2, plugin);
            if (i > 0 && loginErrors >= i) {
                z = true;
            }
            if (integerSecurityParameter > 0 && loginErrors >= integerSecurityParameter) {
                if (loginErrors == integerSecurityParameter && (findByKey = DatabaseUserParameterHome.findByKey(PARAMETER_ENABLE_UNBLOCK_IP, plugin2)) != null && findByKey.isChecked()) {
                    sendUnlockLinkToUser(str, integerSecurityParameter2, httpServletRequest, plugin2);
                }
                String localizedString = I18nService.getLocalizedString(PROPERTY_TOO_MANY_FAILURES, new Object[]{Integer.toString(integerSecurityParameter2)}, locale);
                if (z) {
                    throw new FailedLoginCaptchaException(localizedString, z);
                }
                throw new FailedLoginException(localizedString);
            }
        }
        BaseUser findLuteceUserByLogin = DatabaseHome.findLuteceUserByLogin(str, plugin2, this);
        if (findLuteceUserByLogin == null || !service.isUserActive(str, plugin2)) {
            AppLogService.info("Unable to find user in the database : " + str);
            if (z) {
                throw new FailedLoginCaptchaException(I18nService.getLocalizedString(PROPERTY_MESSAGE_USER_NOT_FOUND_DATABASE, locale), z);
            }
            throw new FailedLoginException(I18nService.getLocalizedString(PROPERTY_MESSAGE_USER_NOT_FOUND_DATABASE, locale));
        }
        if (!service.checkPassword(str, str2, plugin2)) {
            AppLogService.info("User login : Incorrect login or password" + str);
            if (z) {
                throw new FailedLoginCaptchaException(I18nService.getLocalizedString(PROPERTY_MESSAGE_USER_NOT_FOUND_DATABASE, locale), z);
            }
            throw new FailedLoginException(I18nService.getLocalizedString(PROPERTY_MESSAGE_USER_NOT_FOUND_DATABASE, locale));
        }
        List<String> findUserRolesFromLogin = DatabaseHome.findUserRolesFromLogin(str, plugin2);
        if (!findUserRolesFromLogin.isEmpty()) {
            findLuteceUserByLogin.addRoles(findUserRolesFromLogin);
        }
        List<String> findUserGroupsFromLogin = DatabaseHome.findUserGroupsFromLogin(str, plugin2);
        if (!findUserGroupsFromLogin.isEmpty()) {
            findLuteceUserByLogin.setGroups(findUserGroupsFromLogin);
        }
        setLocalDatabaseUserAttributes(locale, findLuteceUserByLogin);
        Timestamp findPasswordMaxValideDateFromLogin = DatabaseHome.findPasswordMaxValideDateFromLogin(str, plugin2);
        if (findPasswordMaxValideDateFromLogin != null && findPasswordMaxValideDateFromLogin.getTime() < new Date().getTime()) {
            DatabaseHome.updateResetPasswordFromLogin(str, Boolean.TRUE.booleanValue(), plugin2);
        }
        service.updateUserExpirationDate(DatabaseHome.findUserIdFromLogin(str, plugin2), plugin2);
        return findLuteceUserByLogin;
    }

    public void logout(LuteceUser luteceUser) {
    }

    public boolean findResetPassword(HttpServletRequest httpServletRequest, String str) {
        return DatabaseHome.findResetPasswordFromLogin(str, PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME));
    }

    public LuteceUser getAnonymousUser() {
        return new BaseUser("GUEST", this);
    }

    public boolean isUserInRole(LuteceUser luteceUser, HttpServletRequest httpServletRequest, String str) {
        String[] rolesByUser = getRolesByUser(luteceUser);
        if (rolesByUser == null || str == null) {
            return false;
        }
        for (String str2 : rolesByUser) {
            if (str.equals(str2)) {
                return true;
            }
        }
        return false;
    }

    public String getViewAccountPageUrl() {
        return MyLuteceDatabaseApp.getViewAccountUrl();
    }

    public String getNewAccountPageUrl() {
        return MyLuteceDatabaseApp.getNewAccountUrl();
    }

    public String getChangePasswordPageUrl() {
        return MyLuteceDatabaseApp.getChangePasswordUrl();
    }

    public String getLostPasswordPageUrl() {
        return MyLuteceDatabaseApp.getLostPasswordUrl();
    }

    public String getLostLoginPageUrl() {
        return MyLuteceDatabaseApp.getLostLoginUrl();
    }

    public String getResetPasswordPageUrl(HttpServletRequest httpServletRequest) {
        return AppPathService.getBaseUrl(httpServletRequest) + MyLuteceDatabaseApp.getMessageResetPasswordUrl();
    }

    public Collection<LuteceUser> getUsers() {
        Collection<BaseUser> findDatabaseUsersList = DatabaseHome.findDatabaseUsersList(PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME), this);
        ArrayList arrayList = new ArrayList();
        Iterator<BaseUser> it = findDatabaseUsersList.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next());
        }
        return arrayList;
    }

    public LuteceUser getUser(String str) {
        return DatabaseHome.findLuteceUserByLogin(str, PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME), this);
    }

    public String[] getRolesByUser(LuteceUser luteceUser) {
        Plugin plugin = PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME);
        HashSet hashSet = new HashSet();
        String[] groups = luteceUser.getGroups();
        String[] roles = luteceUser.getRoles();
        if (roles != null) {
            hashSet.addAll(Arrays.asList(roles));
        }
        if (groups != null) {
            for (String str : groups) {
                Iterator<String> it = GroupRoleHome.findGroupRoles(str, plugin).iterator();
                while (it.hasNext()) {
                    hashSet.add(it.next());
                }
            }
        }
        String[] strArr = new String[hashSet.size()];
        hashSet.toArray(strArr);
        return strArr;
    }

    public String getIconUrl() {
        return CONSTANT_PATH_ICON;
    }

    public String getName() {
        return DatabasePlugin.PLUGIN_NAME;
    }

    public String getPluginName() {
        return DatabasePlugin.PLUGIN_NAME;
    }

    public void updateDateLastLogin(LuteceUser luteceUser, HttpServletRequest httpServletRequest) {
        DatabaseService.getService().updateUserLastLoginDate(luteceUser.getName(), PluginService.getPlugin(DatabasePlugin.PLUGIN_NAME));
    }

    private void sendUnlockLinkToUser(String str, int i, HttpServletRequest httpServletRequest, Plugin plugin) {
        int findDatabaseUserIdFromLogin = DatabaseUserHome.findDatabaseUserIdFromLogin(str, plugin);
        if (findDatabaseUserIdFromLogin > 0) {
            ReferenceItem findByKey = DatabaseUserParameterHome.findByKey(PARAMETER_UNBLOCK_USER_MAIL_SENDER, plugin);
            String name = findByKey == null ? "" : findByKey.getName();
            ReferenceItem findByKey2 = DatabaseUserParameterHome.findByKey(PARAMETER_UNBLOCK_USER_MAIL_SUBJECT, plugin);
            String name2 = findByKey2 == null ? "" : findByKey2.getName();
            String buildResetConnectionLogUrl = SecurityUtils.buildResetConnectionLogUrl(i, httpServletRequest);
            HashMap hashMap = new HashMap();
            hashMap.put(MARK_URL, buildResetConnectionLogUrl);
            hashMap.put(MARK_SITE_LINK, MailService.getSiteLink(AppPathService.getBaseUrl(httpServletRequest), true));
            HtmlTemplate templateFromStringFtl = AppTemplateService.getTemplateFromStringFtl(DatabaseTemplateHome.getTemplateFromKey(PROPERTY_UNBLOCK_USER), httpServletRequest.getLocale(), hashMap);
            String userMainEmail = new DatabaseAccountLifeTimeService().getUserMainEmail(findDatabaseUserIdFromLogin);
            if (userMainEmail == null || !StringUtils.isNotBlank(userMainEmail)) {
                return;
            }
            MailService.sendMailHtml(userMainEmail, name, name, name2, templateFromStringFtl.getHtml());
        }
    }

    private void setLocalDatabaseUserAttributes(Locale locale, BaseUser baseUser) {
        Plugin plugin = PluginService.getPlugin("mylutece");
        int findUserIdFromLogin = DatabaseHome.findUserIdFromLogin(baseUser.getAccessCode(), plugin);
        for (IAttribute iAttribute : AttributeHome.findAll(locale, plugin)) {
            iAttribute.setListAttributeFields(AttributeFieldHome.selectAttributeFieldsByIdAttribute(iAttribute.getIdAttribute(), plugin));
            List<MyLuteceUserField> selectUserFieldsByIdUserIdAttribute = MyLuteceUserFieldHome.selectUserFieldsByIdUserIdAttribute(findUserIdFromLogin, iAttribute.getIdAttribute(), plugin);
            if (selectUserFieldsByIdUserIdAttribute.size() == 1) {
                baseUser.setUserInfo(iAttribute.getTitle(), ((MyLuteceUserField) selectUserFieldsByIdUserIdAttribute.get(0)).getValue());
            } else if (selectUserFieldsByIdUserIdAttribute.size() > 0) {
                for (MyLuteceUserField myLuteceUserField : selectUserFieldsByIdUserIdAttribute) {
                    baseUser.setUserInfo(iAttribute.getTitle() + "_" + myLuteceUserField.getAttributeField().getTitle(), myLuteceUserField.getValue());
                }
            } else {
                baseUser.setUserInfo(String.valueOf(iAttribute.getTitle()), "");
            }
        }
    }
}
