package blackboard.platform.security.authentication;

import blackboard.data.user.User;
import blackboard.persist.Id;
import blackboard.persist.KeyNotFoundException;
import blackboard.persist.PersistenceException;
import blackboard.persist.user.UserDbLoader;
import blackboard.platform.BbServiceManager;
import blackboard.platform.context.ContextManager;
import blackboard.platform.context.ContextManagerFactory;
import blackboard.platform.context.impl.ContextImpl;
import blackboard.platform.integration.PasswordChangeForcedException;
import blackboard.platform.integration.PasswordChangeRequiredException;
import blackboard.platform.integration.launch.InternalLaunchHelper;
import blackboard.platform.integration.launch.LaunchHandler;
import blackboard.platform.integration.provider.AuthenticationProvider;
import blackboard.platform.integration.provider.NavigationProvider;
import blackboard.platform.integration.service.LmsIntegrationManager;
import blackboard.platform.integration.service.LmsIntegrationManagerFactory;
import blackboard.platform.security.authentication.servlet.LoginBrokerServlet;
import blackboard.platform.session.CookieUtil;
import blackboard.util.Base64Codec;
import blackboard.util.FileUtil;
import blackboard.util.StringUtil;
import blackboard.util.UrlUtil;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:blackboard/platform/security/authentication/IntegrationAuthenticationModule.class */
public class IntegrationAuthenticationModule extends BaseAuthenticationModule {
    public static final String AUTH_TYPE = "integration";
    private static final String PASSWORD_AUTHENTICATION = "pass_auth";
    private static final String STATE_PARM = "integration-state";
    private static final String URL_PARAM = "url";

    @Override // blackboard.platform.security.authentication.BaseAuthenticationModule, blackboard.platform.security.authentication.HttpAuthModule
    public String doAuthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws BbAuthenticationFailedException, BbSecurityException, BbCredentialsNotFoundException {
        String authenticate = authenticate(httpServletRequest, getDoAuthenticateParams(httpServletRequest), FileUtil.ISO_8859_1);
        if (authenticate == null) {
            authenticate = authenticate(httpServletRequest, getSecondaryDoAuthenticateParams(httpServletRequest), FileUtil.UTF_16LE);
            if (authenticate == null) {
                throw new InvalidCredentialsException(getBundle().getString("auth.impl.invalid.credentials"));
            }
        }
        return authenticate;
    }

    private String authenticate(HttpServletRequest httpServletRequest, Map<String, String> map, String str) throws BbAuthenticationFailedException, InvalidCredentialsException, BbCredentialsNotFoundException {
        if (map == null) {
            throw new BbCredentialsNotFoundException();
        }
        try {
            String str2 = map.get("user_id");
            String str3 = map.get(LoginBrokerServlet.ENCODED_PASSWORD_PARAM);
            User loadByUserName = ((UserDbLoader) BbServiceManager.getPersistenceService().getDbPersistenceManager().getLoader(UserDbLoader.TYPE)).loadByUserName(str2);
            if (null == loadByUserName) {
                throw new InvalidCredentialsException(getBundle().getString("auth.impl.general.error"));
            }
            LmsIntegrationManager lmsIntegrationManagerFactory = LmsIntegrationManagerFactory.getInstance();
            Id usersHighestPriorityLmsIntegrationId = lmsIntegrationManagerFactory.getUsersHighestPriorityLmsIntegrationId(loadByUserName.getId());
            try {
                if (lmsIntegrationManagerFactory.getAuthenticationProvider(usersHighestPriorityLmsIntegrationId).login(loadByUserName.getId(), decodeBase64(str3, str))) {
                    return str2;
                }
                return null;
            } catch (PasswordChangeForcedException e) {
                try {
                    addChangePasswordAttributes(httpServletRequest, usersHighestPriorityLmsIntegrationId, loadByUserName, NavigationProvider.Location.PasswordForcedChangePage);
                } catch (Exception e2) {
                    this._logger.logDebug("Error in addChangePasswordAttributes: ", e2);
                }
                throw new BbAuthenticationFailedException(e.getMessage(), null);
            } catch (PasswordChangeRequiredException e3) {
                try {
                    addChangePasswordAttributes(httpServletRequest, usersHighestPriorityLmsIntegrationId, loadByUserName, NavigationProvider.Location.ExpiredPasswordChangePage);
                } catch (Exception e4) {
                    this._logger.logDebug("Error in addChangePasswordAttributes: ", e4);
                }
                throw new BbAuthenticationFailedException(e3.getMessage(), null);
            }
        } catch (PersistenceException e5) {
            this._logger.logDebug("Error processing authentication request: ", e5);
            throw new BbAuthenticationFailedException(getBundle().getString("auth.impl.general.error"), e5);
        }
    }

    private void addChangePasswordAttributes(HttpServletRequest httpServletRequest, Id id, User user, NavigationProvider.Location location) throws Exception {
        httpServletRequest.setAttribute(STATE_PARM, PASSWORD_AUTHENTICATION);
        LmsIntegrationManager lmsIntegrationManagerFactory = LmsIntegrationManagerFactory.getInstance();
        AuthenticationProvider authenticationProvider = lmsIntegrationManagerFactory.getAuthenticationProvider(id);
        NavigationProvider navigationProvider = lmsIntegrationManagerFactory.getNavigationProvider(id);
        Id id2 = user.getId();
        ((ContextImpl) ContextManagerFactory.getInstance().getContext()).setUser(user);
        httpServletRequest.setAttribute("url", InternalLaunchHelper.getInstance().getUrl(LaunchHandler.Type.Url, id, navigationProvider.getUrl(location, UrlUtil.calculateFullUrl(httpServletRequest.getServerName(), UrlUtil.isSystemSSL(), "webapps/login?action=logout"))));
        authenticationProvider.flushCachedCredentials(id2);
    }

    @Override // blackboard.platform.security.authentication.BaseAuthenticationModule, blackboard.platform.security.authentication.HttpAuthModule
    public void requestAuthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws BbSecurityException {
        if (!StringUtil.isEqual((String) httpServletRequest.getAttribute(STATE_PARM), PASSWORD_AUTHENTICATION)) {
            super.requestAuthenticate(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            associateUserWithSession(httpServletRequest, httpServletResponse);
            httpServletResponse.sendRedirect((String) httpServletRequest.getAttribute("url"));
        } catch (Exception e) {
        }
    }

    private void associateUserWithSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Map<String, String> doAuthenticateParams = getDoAuthenticateParams(httpServletRequest);
        if (doAuthenticateParams == null) {
            throw new BbCredentialsNotFoundException();
        }
        establishSession(httpServletRequest, httpServletResponse, doAuthenticateParams.get("user_id"));
    }

    @Override // blackboard.platform.security.authentication.BaseAuthenticationModule, blackboard.platform.security.authentication.HttpAuthModule
    public void doLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws BbSecurityException {
        Id userId = ((ContextManager) BbServiceManager.safeLookupService(ContextManager.class)).getContext().getUserId();
        try {
            List<Id> allIntegrationIdsByUserId = LmsIntegrationManagerFactory.getInstance().getAllIntegrationIdsByUserId(userId);
            if (allIntegrationIdsByUserId != null && allIntegrationIdsByUserId.size() > 0) {
                Id[] idArr = (Id[]) allIntegrationIdsByUserId.toArray(new Id[0]);
                for (Id id : idArr) {
                    LmsIntegrationManagerFactory.getInstance().getAuthenticationProvider(id).logout(userId, httpServletRequest, httpServletResponse);
                }
                for (Id id2 : idArr) {
                    CookieUtil.removeCookie(httpServletRequest, httpServletResponse, id2.getExternalString());
                }
                CookieUtil.removeCookie(httpServletRequest, httpServletResponse, "active_integration");
            }
        } catch (KeyNotFoundException e) {
            this._logger.logDebug("Error processing authentication request: ", e);
        } catch (PersistenceException e2) {
            this._logger.logDebug("Error processing authentication request: ", e2);
        } catch (Exception e3) {
            this._logger.logDebug("Error processing authentication request: ", e3);
        }
    }

    @Override // blackboard.platform.security.authentication.BaseAuthenticationModule, blackboard.platform.security.authentication.HttpAuthModule
    public String getAuthType() {
        return "integration";
    }

    private String decodeBase64(String str, String str2) {
        String str3;
        try {
            str3 = Base64Codec.decode(str, str2);
        } catch (Exception e) {
            str3 = "";
        }
        return str3;
    }
}
