package org.codehaus.plexus.redback.struts2.interceptor;

import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
import java.io.File;
import java.io.FileInputStream;
import java.util.Date;
import java.util.Map;
import java.util.Properties;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.lang.StringUtils;
import org.apache.struts2.ServletActionContext;
import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.codehaus.plexus.redback.configuration.UserConfiguration;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.redback.integration.util.AutoLoginCookies;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;

@Scope("prototype")
@Controller("redbackForceAdminUserInterceptor")
/* loaded from: input_file:WEB-INF/lib/redback-struts2-integration-1.4.jar:org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.class */
public class ForceAdminUserInterceptor implements Interceptor {
    private Logger log = LoggerFactory.getLogger(ForceAdminUserInterceptor.class);
    private static final String SECURITY_ADMIN_USER_NEEDED = "security-admin-user-needed";
    private static final String FORCE_ADMIN_FILE_PATH = "redback.admin.creation.file";
    private static final String ADMIN_FULL_NAME_KEY = "redback.admin.fullname";
    private static final String ADMIN_EMAIL_KEY = "redback.admin.email";
    private static final String ADMIN_PASSWORD_KEY = "redback.admin.password";
    private static boolean checked = false;

    @Inject
    @Named("userManager#configurable")
    private UserManager userManager;

    @Inject
    private RoleManager roleManager;

    @Inject
    private UserConfiguration config;

    @Inject
    protected SecuritySystem securitySystem;

    @Inject
    private AutoLoginCookies autologinCookies;
    protected Map<String, Object> session;

    @Override // com.opensymphony.xwork2.interceptor.Interceptor
    public void destroy() {
    }

    @Override // com.opensymphony.xwork2.interceptor.Interceptor
    public void init() {
    }

    @Override // com.opensymphony.xwork2.interceptor.Interceptor
    public String intercept(ActionInvocation actionInvocation) throws Exception {
        if (checked) {
            return actionInvocation.invoke();
        }
        try {
            User findUser = this.userManager.findUser(getAdminUid());
            if (findUser == null) {
                findUser = useForceAdminFile();
                if (findUser == null) {
                    this.log.info("No admin user configured - forwarding to admin user creation page.");
                    return SECURITY_ADMIN_USER_NEEDED;
                }
            }
            assignAdminRole(findUser);
            checked = true;
            this.log.info("Admin user found. No need to configure admin user.");
        } catch (UserNotFoundException e) {
            User useForceAdminFile = useForceAdminFile();
            if (useForceAdminFile == null) {
                this.log.info("No admin user found - forwarding to admin user creation page.");
                return SECURITY_ADMIN_USER_NEEDED;
            }
            assignAdminRole(useForceAdminFile);
            checked = true;
        }
        return actionInvocation.invoke();
    }

    private User useForceAdminFile() {
        try {
            String property = System.getProperty(FORCE_ADMIN_FILE_PATH);
            if (StringUtils.isBlank(property)) {
                this.log.info("redback.admin.creation.file system props is empty don't use an auto creation admin ");
                return null;
            }
            File file = new File(property);
            if (!file.exists()) {
                this.log.warn("file set in sysprops redback.admin.creation.file not exists skip admin auto creation");
                return null;
            }
            Properties properties = new Properties();
            try {
                properties.load(new FileInputStream(file));
                String property2 = properties.getProperty(ADMIN_PASSWORD_KEY);
                String property3 = properties.getProperty(ADMIN_EMAIL_KEY);
                String property4 = properties.getProperty(ADMIN_FULL_NAME_KEY);
                if (StringUtils.isBlank(property2)) {
                    this.log.warn("property redback.admin.password not set skip auto admin creation");
                    return null;
                }
                if (StringUtils.isBlank(property3)) {
                    this.log.warn("property redback.admin.email not set skip auto admin creation");
                    return null;
                }
                if (StringUtils.isBlank(property4)) {
                    this.log.warn("property redback.admin.fullname not set skip auto admin creation");
                    return null;
                }
                User createUser = this.userManager.createUser(getAdminUid(), property4, property3);
                createUser.setPassword(property2);
                createUser.setLocked(false);
                createUser.setPasswordChangeRequired(false);
                createUser.setPermanent(true);
                User addUser = this.userManager.addUser(createUser);
                addUser.setPassword(property2);
                PasswordBasedAuthenticationDataSource passwordBasedAuthenticationDataSource = new PasswordBasedAuthenticationDataSource();
                passwordBasedAuthenticationDataSource.setPrincipal(addUser.getUsername());
                passwordBasedAuthenticationDataSource.setPassword(addUser.getPassword());
                SecuritySession authenticate = this.securitySystem.authenticate(passwordBasedAuthenticationDataSource);
                if (authenticate.getAuthenticationResult().isAuthenticated()) {
                    ServletActionContext.getRequest().getSession(true).setAttribute(SecuritySystemConstants.SECURITY_SESSION_KEY, authenticate);
                    this.autologinCookies.setSignonCookie(passwordBasedAuthenticationDataSource.getPrincipal(), ServletActionContext.getResponse(), ServletActionContext.getRequest());
                    addUser = authenticate.getUser();
                    addUser.setLastLoginDate(new Date());
                    this.securitySystem.getUserManager().updateUser(addUser);
                }
                return addUser;
            } catch (Exception e) {
                this.log.warn("error loading properties from file " + property + " skip admin auto creation");
                return null;
            }
        } catch (Exception e2) {
            this.log.warn("failed to automatically create an admin account " + e2.getMessage(), (Throwable) e2);
            return null;
        }
    }

    private String getAdminUid() {
        return this.config.getString("redback.default.admin");
    }

    private void assignAdminRole(User user) throws RoleManagerException {
        this.roleManager.assignRole("system-administrator", user.getPrincipal().toString());
    }
}
