package org.structr.rest.auth;

import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.structr.common.error.FrameworkException;
import org.structr.core.app.StructrApp;
import org.structr.core.auth.exception.AuthenticationException;
import org.structr.core.entity.AbstractUser;
import org.structr.core.entity.Principal;
import org.structr.core.entity.SuperUser;
import org.structr.core.property.PropertyKey;
import org.structr.schema.action.Actions;

/* loaded from: input_file:org/structr/rest/auth/AuthHelper.class */
public class AuthHelper {
    public static final String STANDARD_ERROR_MSG = "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!";
    private static final Logger logger = Logger.getLogger(AuthHelper.class.getName());

    public static <T> Principal getPrincipalForCredential(PropertyKey<T> propertyKey, T t) {
        if (t == null) {
            return null;
        }
        try {
            return StructrApp.getInstance().nodeQuery(Principal.class).and(propertyKey, t).getFirst();
        } catch (FrameworkException e) {
            logger.log(Level.WARNING, "Error while searching for principal", e);
            return null;
        }
    }

    public static Principal getPrincipalForPassword(PropertyKey<String> propertyKey, String str, String str2) throws AuthenticationException {
        String str3 = null;
        Principal principal = null;
        String configurationValue = StructrApp.getConfigurationValue("superuser.username");
        String configurationValue2 = StructrApp.getConfigurationValue("superuser.password");
        if (configurationValue.equals(str) && configurationValue2.equals(str2)) {
            principal = new SuperUser();
        } else {
            try {
                principal = StructrApp.getInstance().nodeQuery(Principal.class).and().or(propertyKey, str).or(AbstractUser.name, str).getFirst();
                if (principal == null) {
                    logger.log(Level.INFO, "No principal found for {0} {1}", new Object[]{propertyKey.dbName(), str});
                    str3 = "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!";
                } else {
                    if (((Boolean) principal.getProperty(Principal.blocked)).booleanValue()) {
                        logger.log(Level.INFO, "Principal {0} is blocked", principal);
                        str3 = "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!";
                    }
                    if (StringUtils.isEmpty(str2)) {
                        logger.log(Level.INFO, "Empty password for principal {0}", principal);
                        str3 = "Empty password, should never happen here!";
                    } else if (!principal.isValidPassword(str2)) {
                        str3 = "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!";
                    }
                }
            } catch (FrameworkException e) {
                logger.log(Level.WARNING, "", e);
            }
        }
        if (str3 != null) {
            throw new AuthenticationException(str3);
        }
        return principal;
    }

    public static Principal getPrincipalForSessionId(String str) {
        return getPrincipalForCredential(Principal.sessionIds, new String[]{str});
    }

    public static void doLogin(HttpServletRequest httpServletRequest, Principal principal) throws FrameworkException {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            session = SessionHelper.newSession(httpServletRequest);
        }
        SessionHelper.clearInvalidSessions(principal);
        if (session != null) {
            SessionHelper.clearSession(session.getId());
            principal.addSessionId(session.getId());
            Actions.call("onStructrLogin", principal);
        }
    }

    public static void doLogout(HttpServletRequest httpServletRequest, Principal principal) throws FrameworkException {
        HttpSession session = httpServletRequest.getSession(false);
        SessionHelper.clearSession(session.getId());
        SessionHelper.invalidateSession(session);
        sendLogoutNotification(principal);
        try {
            httpServletRequest.logout();
            httpServletRequest.changeSessionId();
        } catch (Throwable th) {
        }
    }

    public static void sendLogoutNotification(Principal principal) throws FrameworkException {
        Actions.call("onStructrLogout", principal);
    }
}
