package blackboard.platform.authentication.impl;

import blackboard.data.user.User;
import blackboard.persist.KeyNotFoundException;
import blackboard.persist.PersistenceException;
import blackboard.persist.PersistenceRuntimeException;
import blackboard.persist.user.UserDbLoader;
import blackboard.platform.authentication.AuthenticationManagerEx;
import blackboard.platform.authentication.AuthenticationOneTimeEvent;
import blackboard.platform.authentication.AuthenticationOneTimeLogin;
import blackboard.platform.authentication.AuthenticationProvider;
import blackboard.platform.authentication.AuthenticationProviderManagerEx;
import blackboard.platform.authentication.EventType;
import blackboard.platform.authentication.PostLoginUrlInterceptor;
import blackboard.platform.authentication.UsernamePasswordPostValidationCheck;
import blackboard.platform.authentication.UsernamePasswordPreValidationCheck;
import blackboard.platform.authentication.ValidationResult;
import blackboard.platform.authentication.ValidationStatus;
import blackboard.platform.authentication.ValidationSummary;
import blackboard.platform.context.ContextManagerFactory;
import blackboard.platform.intl.BbLocale;
import blackboard.platform.intl.LocaleManagerFactory;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.multitenancy.MultiTenancyUsernameHelper;
import blackboard.platform.security.SecurityUtil;
import blackboard.platform.security.authentication.HttpAuthUtil;
import blackboard.platform.session.BbSessionManagerServiceFactory;
import blackboard.platform.session.impl.NullSession;
import blackboard.util.BundleUtil;
import blackboard.util.StringUtil;
import blackboard.util.UrlUtil;
import java.io.IOException;
import java.util.Calendar;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:blackboard/platform/authentication/impl/AuthenticationManagerImpl.class */
public class AuthenticationManagerImpl implements AuthenticationManagerEx {
    @Override // blackboard.platform.authentication.AuthenticationManager
    public User findUser(String str, AuthenticationProvider authenticationProvider) {
        try {
            switch (authenticationProvider.getLookupMethod()) {
                case Username:
                    return checkUserAvailable(UserDbLoader.Default.getInstance().loadByUserName(MultiTenancyUsernameHelper.Factory.getInstance().getInternalUsername(str)));
                case BatchUid:
                    return checkUserAvailable(UserDbLoader.Default.getInstance().loadByBatchUid(str));
                default:
                    return null;
            }
        } catch (KeyNotFoundException e) {
            return null;
        } catch (Exception e2) {
            LogServiceFactory.getInstance().logError("Unexpected error finding user: " + str, e2);
            return null;
        }
    }

    public User checkUserAvailable(User user) {
        if (user.getIsAvailable()) {
            return user;
        }
        return null;
    }

    @Override // blackboard.platform.authentication.AuthenticationManager
    public String getLoginUrl(String str) {
        return StringUtil.notEmpty(str) ? String.format("/?new_loc=%s", UrlUtil.encodeUrl(str)) : "/";
    }

    @Override // blackboard.platform.authentication.AuthenticationManager
    public ValidationSummary validateUser(String str, String str2, HttpServletRequest httpServletRequest) {
        try {
            ValidationSummaryImpl validationSummaryImpl = new ValidationSummaryImpl();
            UsernamePasswordValidationChainImpl usernamePasswordValidationChainImpl = new UsernamePasswordValidationChainImpl();
            validationSummaryImpl.setValidationChain(usernamePasswordValidationChainImpl);
            validationSummaryImpl.setStatus(ValidationStatus.Continue);
            AuthenticationExtensionHelper iFactory = AuthenticationExtensionHelper.Factory.getInstance();
            AuthenticationProviderManagerEx iFactory2 = AuthenticationProviderManagerEx.Factory.getInstance();
            UsernamePasswordAuthenticationProviderFilterHelper iFactory3 = UsernamePasswordAuthenticationProviderFilterHelper.Factory.getInstance();
            validationSummaryImpl.setAttemptedUsername(MultiTenancyUsernameHelper.Factory.getInstance().getInternalUsername(str));
            boolean z = true;
            Iterator<UsernamePasswordPreValidationCheck> it = iFactory.getAllUsernamePasswordPreValidationChecks().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                ValidationResult preValidationChecks = it.next().preValidationChecks(str, str2);
                usernamePasswordValidationChainImpl.addPreValidationCheckResult(preValidationChecks);
                if (preValidationChecks.getStatus() == ValidationStatus.UserDenied) {
                    z = false;
                    validationSummaryImpl.setMessage(preValidationChecks.getMessage());
                    validationSummaryImpl.setStatus(ValidationStatus.UserDenied);
                    break;
                }
            }
            if (z) {
                boolean isContinueOnError = iFactory2.isContinueOnError();
                Iterator<AuthenticationProvider> it2 = iFactory2.loadUserPassAuthenticationProviders(true).iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    AuthenticationProvider next = it2.next();
                    if (iFactory3.providerPassesFilters(next, usernamePasswordValidationChainImpl, httpServletRequest)) {
                        ValidationResult validate = next.getHandler().getUsernamePasswordValidator(next).validate(str, str2);
                        usernamePasswordValidationChainImpl.addValidationResult(validate);
                        ValidationStatus status = validate.getStatus();
                        if (status == ValidationStatus.UserDenied) {
                            validationSummaryImpl.setAttemptedUsername(MultiTenancyUsernameHelper.Factory.getInstance().getInternalUsername(str));
                            validationSummaryImpl.setMatchingAuthenticationProvider(next);
                            validationSummaryImpl.setMessage(validate.getMessage());
                            validationSummaryImpl.setStatus(ValidationStatus.UserDenied);
                            break;
                        }
                        if (status == ValidationStatus.Success) {
                            String userKey = validate.getUserKey();
                            validationSummaryImpl.setAttemptedUsername(MultiTenancyUsernameHelper.Factory.getInstance().getInternalUsername(str));
                            validationSummaryImpl.setMatchingAuthenticationProvider(next);
                            validationSummaryImpl.setUserKey(userKey);
                            validationSummaryImpl.setUser(findUser(userKey, next));
                            validationSummaryImpl.setMessage(null);
                            validationSummaryImpl.setStatus(ValidationStatus.Success);
                            break;
                        }
                        if (status != ValidationStatus.Error) {
                            continue;
                        } else {
                            if (!isContinueOnError) {
                                validationSummaryImpl.setMatchingAuthenticationProvider(next);
                                validationSummaryImpl.setMessage(validate.getMessage());
                                validationSummaryImpl.setStatus(ValidationStatus.Error);
                                break;
                            }
                            validationSummaryImpl.setStatus(ValidationStatus.Continue);
                        }
                    }
                }
                if (validationSummaryImpl.getStatus() == ValidationStatus.Continue) {
                    validationSummaryImpl.setStatus(ValidationStatus.UserNotFound);
                    validationSummaryImpl.setMessage(BundleUtil.getMessage("auth_provider", "login.access.denied"));
                } else if (validationSummaryImpl.getStatus() == ValidationStatus.Success) {
                    Iterator<UsernamePasswordPostValidationCheck> it3 = iFactory.getAllUsernamePasswordPostValidationChecks().iterator();
                    while (true) {
                        if (!it3.hasNext()) {
                            break;
                        }
                        ValidationResult postValidationChecks = it3.next().postValidationChecks(validationSummaryImpl.getUser());
                        usernamePasswordValidationChainImpl.addPostValidationCheckResult(postValidationChecks);
                        if (postValidationChecks.getStatus() == ValidationStatus.UserDenied) {
                            validationSummaryImpl.setMessage(postValidationChecks.getMessage());
                            validationSummaryImpl.setStatus(ValidationStatus.UserDenied);
                            break;
                        }
                    }
                }
            }
            MultiTenancyUsernameHelper.Factory.getInstance().markSkipUsernameConversionOnContext(false);
            return validationSummaryImpl;
        } catch (Throwable th) {
            MultiTenancyUsernameHelper.Factory.getInstance().markSkipUsernameConversionOnContext(false);
            throw th;
        }
    }

    @Override // blackboard.platform.authentication.AuthenticationManagerEx
    public AuthenticationOneTimeLogin createOneTimeLogin(String str, String str2, Calendar calendar) throws KeyNotFoundException {
        String str3 = null;
        String str4 = str;
        String str5 = "";
        AuthenticationOneTimeLoginDAO iFactory = AuthenticationOneTimeLoginDAO.Factory.getInstance();
        try {
            try {
                User loadByUserName = UserDbLoader.Default.getInstance().loadByUserName(str);
                AuthenticationOneTimeLogin authenticationOneTimeLogin = new AuthenticationOneTimeLogin();
                authenticationOneTimeLogin.setUserId(loadByUserName.getId());
                authenticationOneTimeLogin.setEntryCode(SecurityUtil.getHashValue(str2));
                authenticationOneTimeLogin.setExpirationDate(calendar);
                iFactory.persist(authenticationOneTimeLogin);
                String formatDateTime = LocaleManagerFactory.getInstance().getLocale().formatDateTime(authenticationOneTimeLogin.getExpirationDate().getTime(), BbLocale.Date.SHORT, BbLocale.Time.LONG);
                str3 = authenticationOneTimeLogin.getTicket();
                str4 = loadByUserName.getUserName();
                str5 = String.format("One time login ticket created. User: %s, Ticket Id: %s, Expiration: %s", str4, str3, formatDateTime);
                logTicket(str3, str5, str4, null, EventType.LoginCreated);
                return authenticationOneTimeLogin;
            } catch (KeyNotFoundException e) {
                String.format("One time login ticket creation failed. Username does not exist: %s", str);
                throw e;
            } catch (PersistenceException e2) {
                String.format("One time login ticket creation failed. Error Message: %s", e2.getMessage());
                throw new PersistenceRuntimeException(e2);
            }
        } catch (Throwable th) {
            logTicket(str3, str5, str4, null, EventType.LoginCreated);
            throw th;
        }
    }

    @Override // blackboard.platform.authentication.AuthenticationManagerEx
    public boolean isValidOneTimeLoginTicket(String str, HttpServletRequest httpServletRequest) {
        boolean z = false;
        AuthenticationOneTimeLoginDAO iFactory = AuthenticationOneTimeLoginDAO.Factory.getInstance();
        try {
            AuthenticationOneTimeLogin loadByTicket = iFactory.loadByTicket(str);
            if (loadByTicket.getExpirationDate().after(Calendar.getInstance())) {
                z = true;
            } else {
                try {
                    logInvalidTicket(str, "Ticket has expired.", UserDbLoader.Default.getInstance().loadById(loadByTicket.getUserId()).getUserName(), httpServletRequest);
                } catch (KeyNotFoundException e) {
                    logInvalidTicket(str, "User associated to ticket no longer exists.", null, httpServletRequest);
                } catch (PersistenceException e2) {
                    throw new PersistenceRuntimeException(e2);
                }
            }
        } catch (KeyNotFoundException e3) {
            logInvalidTicket(str, "Ticket does not exist.", null, httpServletRequest);
        }
        iFactory.clearExpired();
        return z;
    }

    @Override // blackboard.platform.authentication.AuthenticationManagerEx
    public User validateOneTimeLogin(String str, String str2, HttpServletRequest httpServletRequest) {
        User user = null;
        AuthenticationOneTimeLoginDAO iFactory = AuthenticationOneTimeLoginDAO.Factory.getInstance();
        try {
            AuthenticationOneTimeLogin loadByTicket = iFactory.loadByTicket(str);
            try {
                try {
                    User loadById = UserDbLoader.Default.getInstance().loadById(loadByTicket.getUserId());
                    if (!loadByTicket.getExpirationDate().after(Calendar.getInstance())) {
                        logInvalidTicket(str, "Ticket has expired.", loadById.getUserName(), httpServletRequest);
                    } else if (StringUtil.notEmpty(str2) && loadByTicket.getEntryCode().equals(SecurityUtil.getHashValue(str2))) {
                        user = loadById;
                        iFactory.deleteById(loadByTicket.getId());
                        logTicket(loadByTicket.getTicket(), String.format("One time login succeeded. User: %s, Ticket Id: %s", loadById.getUserName(), loadByTicket.getTicket()), loadById.getUserName(), httpServletRequest, EventType.Login);
                    } else {
                        logInvalidTicket(str, "Entered entry code does not match.", loadById.getUserName(), httpServletRequest, EventType.FailedLogin_Password);
                    }
                } catch (KeyNotFoundException e) {
                    logInvalidTicket(str, "User associated to ticket no longer exists.", null, httpServletRequest);
                }
            } catch (PersistenceException e2) {
                throw new PersistenceRuntimeException(e2);
            }
        } catch (KeyNotFoundException e3) {
            logInvalidTicket(str, "Ticket does not exist.", null, httpServletRequest);
        }
        iFactory.clearExpired();
        return user;
    }

    private void logInvalidTicket(String str, String str2, String str3, HttpServletRequest httpServletRequest) {
        logInvalidTicket(str, str2, str3, httpServletRequest, EventType.FailedLogin_Username);
    }

    private void logInvalidTicket(String str, String str2, String str3, HttpServletRequest httpServletRequest, EventType eventType) {
        logTicket(str, String.format("One time login failed for ticket: %s. %s.", str, str2), str3, httpServletRequest, eventType);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v6, types: [blackboard.platform.session.BbSession] */
    private void logTicket(String str, String str2, String str3, HttpServletRequest httpServletRequest, EventType eventType) {
        NullSession nullSession;
        try {
            nullSession = BbSessionManagerServiceFactory.getInstance().getSession(httpServletRequest);
        } catch (Exception e) {
            nullSession = new NullSession();
        }
        AuthenticationListenerHelper.Factory.getInstance().fireAuthenticationEvent(new AuthenticationOneTimeEvent(eventType, new Date(), str3, str2, null, nullSession, httpServletRequest, str));
    }

    @Override // blackboard.platform.authentication.AuthenticationManager
    public void redirectAfterLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        List<PostLoginUrlInterceptor> allPostLoginUrlInterceptors = AuthenticationExtensionHelper.Factory.getInstance().getAllPostLoginUrlInterceptors();
        User user = ContextManagerFactory.getInstance().getContext().getUser();
        String str2 = str;
        Iterator<PostLoginUrlInterceptor> it = allPostLoginUrlInterceptors.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String postLoginUrl = it.next().getPostLoginUrl(user, str);
            if (StringUtil.notEmpty(postLoginUrl)) {
                str2 = postLoginUrl;
                break;
            }
        }
        HttpAuthUtil.sendRedirect(httpServletRequest, httpServletResponse, str2);
    }
}
