package blackboard.platform.security.authentication;

import blackboard.base.InitializationException;
import blackboard.data.registry.SystemRegistryEntry;
import blackboard.data.user.User;
import blackboard.db.CIConstants;
import blackboard.persist.Id;
import blackboard.persist.registry.SystemRegistryEntryDbLoader;
import blackboard.platform.config.BbConfig;
import blackboard.platform.config.ConfigurationService;
import blackboard.platform.context.ContextManager;
import blackboard.platform.context.ContextManagerFactory;
import blackboard.platform.context.impl.ContextManagerServerImpl;
import blackboard.platform.intl.BbResourceBundle;
import blackboard.platform.intl.BundleManagerFactory;
import blackboard.platform.log.LogService;
import blackboard.platform.log.LogServiceFactory;
import blackboard.platform.monitor.session.SessionMonitorServiceFactory;
import blackboard.platform.monitor.session.impl.SessionMonitorImpl;
import blackboard.platform.security.authentication.servlet.LoginBrokerServletConstants;
import blackboard.platform.session.BbSession;
import blackboard.platform.session.BbSessionManagerServiceEx;
import blackboard.platform.session.BbSessionManagerServiceExFactory;
import blackboard.platform.session.BbSessionManagerServiceFactory;
import blackboard.platform.session.impl.NullSession;
import blackboard.platform.tracking.TrackingEventManager;
import blackboard.platform.tracking.TrackingEventManagerFactory;
import blackboard.platform.tracking.data.TrackingEvent;
import blackboard.util.CrossCourseNavHelper;
import blackboard.util.StringUtil;
import blackboard.util.URLUTF8Encoder;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:blackboard/platform/security/authentication/HttpAuthManager.class */
public class HttpAuthManager {
    public static final String CHALLENGE_TOKEN = "bb.challenge.token";
    HttpServletRequest _req;
    HttpServletResponse _res;
    String _message;
    User _user;
    static final String CONFIG_NAME = "authentication";
    static final String CONFIG_DIR = "config/";
    static final String IMPL_CLASS_KEY = "impl";
    static final String USE_CHALLENGE_KEY = "use_challenge";
    private BbResourceBundle _bundle;
    static final String DEFAULT_AUTH_TYPE = new BaseAuthenticationModule().getAuthType();
    private static HttpAuthModule MODULE = null;
    private static HttpAuthModule INTEGRATION_MODULE = null;
    private static LogService LOG = null;

    public static void init(ConfigurationService configurationService) throws InitializationException {
        LOG = LogServiceFactory.getInstance();
        try {
            String bbProperty = configurationService.getBbProperty(BbConfig.AUTH_TYPE);
            if (StringUtil.isEmpty(bbProperty)) {
                bbProperty = DEFAULT_AUTH_TYPE;
            }
            MODULE = HttpAuthConfig.getModule(bbProperty);
            try {
                INTEGRATION_MODULE = HttpAuthConfig.getModule("integration");
            } catch (Exception e) {
                LOG.logDebug("system cannot register integration module", e);
            }
        } catch (Exception e2) {
            throw new InitializationException(e2.getLocalizedMessage(), e2);
        }
    }

    public HttpAuthManager(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this._req = null;
        this._res = null;
        this._bundle = null;
        this._bundle = BundleManagerFactory.getInstance().getBundle("security");
        if (MODULE == null) {
            throw new RuntimeException(this._bundle.getString("auth.mgr.no.impl"));
        }
        this._req = httpServletRequest;
        this._res = httpServletResponse;
    }

    /* JADX WARN: Can't wrap try/catch for region: R(31:43|(3:186|187|(21:189|46|(1:185)(1:50)|51|(1:184)(1:55)|56|(1:183)(1:60)|61|(4:158|159|(3:161|(1:163)|164)(1:166)|165)(1:65)|66|(1:157)(1:70)|71|(1:77)|78|(3:96|97|(2:99|(2:101|102)(2:103|104))(2:105|(2:107|108)(1:109)))|80|(1:86)|87|(2:89|(1:93))|94|95))|45|46|(1:48)|185|51|(1:53)|184|56|(1:58)|183|61|(1:63)|158|159|(0)(0)|165|66|(1:68)|157|71|(3:73|75|77)|78|(0)|80|(3:82|84|86)|87|(0)|94|95) */
    /* JADX WARN: Code restructure failed: missing block: B:167:0x01a0, code lost:
    
        r23 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:169:0x01a4, code lost:
    
        if (r21 != false) goto L72;
     */
    /* JADX WARN: Code restructure failed: missing block: B:172:0x01b0, code lost:
    
        r0 = false;
     */
    /* JADX WARN: Code restructure failed: missing block: B:173:0x01b1, code lost:
    
        r24 = r0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:174:0x01b8, code lost:
    
        if (blackboard.util.StringUtil.isEmpty((java.lang.String) null) == false) goto L81;
     */
    /* JADX WARN: Code restructure failed: missing block: B:179:0x01c5, code lost:
    
        r11 = "guest";
     */
    /* JADX WARN: Code restructure failed: missing block: B:181:0x01ce, code lost:
    
        throw r23;
     */
    /* JADX WARN: Code restructure failed: missing block: B:182:0x01ac, code lost:
    
        r0 = true;
     */
    /* JADX WARN: Removed duplicated region for block: B:161:0x0117 A[Catch: BbCredentialsNotFoundException -> 0x01a0, RuntimeException -> 0x0301, Exception -> 0x0312, TryCatch #3 {BbCredentialsNotFoundException -> 0x01a0, blocks: (B:159:0x010c, B:161:0x0117, B:163:0x012c, B:164:0x0176, B:166:0x018b), top: B:158:0x010c, outer: #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:166:0x018b A[Catch: BbCredentialsNotFoundException -> 0x01a0, RuntimeException -> 0x0301, Exception -> 0x0312, TryCatch #3 {BbCredentialsNotFoundException -> 0x01a0, blocks: (B:159:0x010c, B:161:0x0117, B:163:0x012c, B:164:0x0176, B:166:0x018b), top: B:158:0x010c, outer: #6 }] */
    /* JADX WARN: Removed duplicated region for block: B:89:0x02cb A[Catch: RuntimeException -> 0x0301, Exception -> 0x0312, TryCatch #6 {RuntimeException -> 0x0301, Exception -> 0x0312, blocks: (B:187:0x00b7, B:58:0x00ec, B:71:0x01de, B:78:0x01f6, B:97:0x0200, B:99:0x021c, B:101:0x0226, B:102:0x0236, B:103:0x0237, B:104:0x0247, B:105:0x0248, B:107:0x0252, B:108:0x0262, B:82:0x029d, B:84:0x02a4, B:86:0x02b1, B:89:0x02cb, B:91:0x02e0, B:93:0x02f8, B:111:0x0268, B:114:0x0283, B:159:0x010c, B:161:0x0117, B:163:0x012c, B:164:0x0176, B:166:0x018b, B:173:0x01b1, B:181:0x01ce), top: B:186:0x00b7, inners: #3, #5 }] */
    /* JADX WARN: Removed duplicated region for block: B:96:0x0200 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean validateSession() {
        /*
            Method dump skipped, instructions count: 1194
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: blackboard.platform.security.authentication.HttpAuthManager.validateSession():boolean");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void recreateSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        BbSessionManagerServiceEx bbSessionManagerServiceExFactory = BbSessionManagerServiceExFactory.getInstance();
        BbSession session = bbSessionManagerServiceExFactory.getSession(httpServletRequest);
        if (session instanceof NullSession) {
            return;
        }
        bbSessionManagerServiceExFactory.removeSession(session);
        bbSessionManagerServiceExFactory.setSession(httpServletRequest, null);
        bbSessionManagerServiceExFactory.safeGetSession(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void requestValidation(User user, HttpServletRequest httpServletRequest) throws Exception {
        String userName = user.getUserName();
        associateSessionWithUser(userName, httpServletRequest);
        ((ContextManagerServerImpl) ContextManagerFactory.getInstance()).refreshContext(httpServletRequest);
        AuthDbUtil.updateLastLoginTime(userName);
        TrackingEventManager trackingEventManagerFactory = TrackingEventManagerFactory.getInstance();
        boolean equalsIgnoreCase = LoginBrokerServletConstants.PORTAL_DIRECT_ENTRY_ACTION.equalsIgnoreCase(httpServletRequest.getParameter("action"));
        if (trackingEventManagerFactory == null || equalsIgnoreCase) {
            LOG.logDebug("Unable to post tracking event for successful login for user " + userName);
            return;
        }
        TrackingEvent trackingEvent = new TrackingEvent();
        trackingEvent.setType(TrackingEvent.Type.LOGIN_ATTEMPT);
        trackingEvent.setData("Login succeeded.");
        trackingEvent.setSessionId(RDBMSAuthUtil.getSessionId(httpServletRequest));
        trackingEvent.setUserId(user.getId());
        trackingEventManagerFactory.postTrackingEvent(trackingEvent);
    }

    protected static void associateSessionWithUser(String str, HttpServletRequest httpServletRequest) throws BbAuthenticationFailedException, BbSecurityException {
        new SessionStub(httpServletRequest).associateSessionWithUser(str);
    }

    public void requestAuthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws BbSecurityException {
        if (IntegrationAuthenticationLogic.getInstance().isIntegratedRequestAuthenticate(httpServletRequest)) {
            INTEGRATION_MODULE.requestAuthenticate(httpServletRequest, httpServletResponse);
        } else {
            MODULE.requestAuthenticate(httpServletRequest, httpServletResponse);
        }
    }

    public static String createNewLocParam(String str) {
        return "new_loc=" + URLUTF8Encoder.encode(str);
    }

    public static String getCurrentLoc(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        String queryString = httpServletRequest.getQueryString();
        if (requestURI == null || requestURI.length() <= 0) {
            return null;
        }
        return (queryString == null || queryString.length() <= 0) ? requestURI : requestURI + "?" + queryString;
    }

    public void invalidateSession() {
        BbSession session;
        User user;
        String str = "Logout failed";
        TrackingEventManager trackingEventManager = null;
        try {
            ContextManager contextManagerFactory = ContextManagerFactory.getInstance();
            Id userId = contextManagerFactory.getContext().getUserId();
            try {
                MODULE.doLogout(this._req, this._res);
                if (IntegrationAuthenticationLogic.getInstance().isIntegrationDelegationEnabled()) {
                    INTEGRATION_MODULE.doLogout(this._req, this._res);
                }
                session = BbSessionManagerServiceFactory.getInstance().getSession(this._req);
                ((ContextManagerServerImpl) contextManagerFactory).refreshContext(this._req);
                user = contextManagerFactory.getContext().getUser();
            } catch (Exception e) {
                LOG.logDebug("Failed to log user out of current session.", e);
            }
            if (user != null && !user.isGuest()) {
                throw new BbSecurityException(this._bundle.getString("auth.impl.session.invalidation.failure"));
            }
            String userName = session.getUserName();
            if (StringUtil.notEmpty(userName) && !"guest".equals(userName)) {
                throw new BbSecurityException(this._bundle.getString("auth.impl.session.invalidation.failure"));
            }
            SessionMonitorImpl sessionMonitorImpl = (SessionMonitorImpl) SessionMonitorServiceFactory.getInstance().getMonitor();
            if (sessionMonitorImpl.isMonitoring()) {
                sessionMonitorImpl.handleSessionEnded(session);
            }
            str = "Logout succeeded";
            try {
                trackingEventManager = TrackingEventManagerFactory.getInstance();
            } catch (Exception e2) {
                LOG.logDebug("Could not retrieve event-tracking service.");
            }
            if (trackingEventManager == null) {
                LOG.logDebug("Unable to post LOGOUT tracking event; event-tracking service is not available.");
                return;
            }
            TrackingEvent trackingEvent = new TrackingEvent();
            trackingEvent.setType(TrackingEvent.Type.LOGOUT);
            trackingEvent.setData(str);
            if (userId != null) {
                trackingEvent.setUserId(userId);
            }
            trackingEventManager.postTrackingEvent(trackingEvent);
        } catch (Exception e3) {
            LOG.logDebug("Could not retrieve current context information.", e3);
            throw new RuntimeException("Could not retrieve current context information.");
        }
    }

    public void logoutRedirect() throws IOException {
        HttpAuthUtil.sendLogoutRedirect(this._req, this._res);
    }

    public static void sendLoginRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        sendRedirect(httpServletRequest, httpServletResponse, httpServletRequest.getParameter(LoginBrokerServletConstants.NEW_LOC_PARAM));
    }

    public static void sendAccessDeniedRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String failureRedirectUrl = CrossCourseNavHelper.getFailureRedirectUrl(httpServletRequest, null);
        if (failureRedirectUrl != null) {
            httpServletResponse.sendRedirect(failureRedirectUrl);
        } else {
            sendLoginRedirect(httpServletRequest, httpServletResponse);
        }
    }

    public static void sendBrokerRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        String str2 = getLoginUri() + "?";
        sendRedirect(httpServletRequest, httpServletResponse, (str == null || str.length() == 0) ? str2 + createNewLocParam(getCurrentLoc(httpServletRequest)) : str2 + createNewLocParam(str));
    }

    public static void sendRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        HttpAuthUtil.sendRedirect(httpServletRequest, httpServletResponse, str);
    }

    public static String getAuthType() {
        if (MODULE != null) {
            return MODULE.getAuthType();
        }
        return null;
    }

    public static boolean isDefault() {
        return MODULE != null && getAuthType().equals(new BaseAuthenticationModule().getAuthType());
    }

    public static boolean isLdap() {
        return MODULE != null && getAuthType().equals(new LDAPAuthModule().getAuthType());
    }

    public static boolean isDatatel() {
        return MODULE != null && getAuthType().equals(new DatatelAuthModule().getAuthType());
    }

    public String getErrorMessage() {
        return this._message;
    }

    public static boolean isExternalAuth() {
        return MODULE != null && getAuthType().equals(new ExternalAuthModule().getAuthType());
    }

    public static String getDefaultLoginUri() {
        return "login.jsp";
    }

    private static String getLoginUri() {
        SystemRegistryEntry loadByKey;
        String str = null;
        try {
            if (ContextManagerFactory.getInstance().getContext() != null && (loadByKey = SystemRegistryEntryDbLoader.Default.getInstance().loadByKey(CIConstants.CFG_LOGIN_URL)) != null) {
                str = loadByKey.getValue();
            }
            return str;
        } catch (Exception e) {
            throw new RuntimeException(BundleManagerFactory.getInstance().getBundle("security").getString("security.context.mgr.unavailable"));
        }
    }

    public String generateChallenge() {
        try {
            if (!HttpAuthConfig.getInstance(MODULE.getAuthType()).getUseChallenge()) {
                return "";
            }
            String generateChallenge = RDBMSAuthUtil.generateChallenge();
            try {
                int i = -1;
                SessionStub sessionStub = new SessionStub(this._req);
                if (sessionStub != null) {
                    i = sessionStub.getSessionId();
                }
                RDBMSAuthUtil.persistChallengeToken(generateChallenge, i);
                return generateChallenge;
            } catch (BbSecurityException e) {
                LogServiceFactory.getInstance().logDebug("Error occurred while attempting to generate challenge", e);
                return null;
            }
        } catch (Exception e2) {
            return "";
        }
    }

    private static boolean isInternalUser(User user) {
        return user != null && user.getId().isSet() && "integration".equals(user.getUserName());
    }

    private String getUserIdParam() {
        return this._req.getParameter("user_id");
    }

    public User getAuthenticationAccount() {
        return this._user;
    }
}
