package org.structr.core.auth;

import java.util.Iterator;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.structr.common.error.FrameworkException;
import org.structr.core.Services;
import org.structr.core.app.StructrApp;
import org.structr.core.auth.exception.AuthenticationException;
import org.structr.core.entity.AbstractUser;
import org.structr.core.entity.Principal;
import org.structr.core.entity.SuperUser;
import org.structr.core.property.PropertyKey;

/* loaded from: input_file:org/structr/core/auth/AuthHelper.class */
public class AuthHelper {
    private static final String STANDARD_ERROR_MSG = "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!";
    private static final Logger logger = Logger.getLogger(AuthHelper.class.getName());

    public static <T> Principal getPrincipalForCredential(PropertyKey<T> propertyKey, T t) {
        if (t == null) {
            return null;
        }
        try {
            return (Principal) StructrApp.getInstance().nodeQuery(Principal.class).and(propertyKey, t).getFirst();
        } catch (FrameworkException e) {
            logger.log(Level.WARNING, "Error while searching for principal", (Throwable) e);
            return null;
        }
    }

    public static Principal getPrincipalForPassword(PropertyKey<String> propertyKey, String str, String str2) throws AuthenticationException {
        String str3 = null;
        Principal principal = null;
        String configurationValue = StructrApp.getConfigurationValue(Services.SUPERUSER_USERNAME);
        String configurationValue2 = StructrApp.getConfigurationValue(Services.SUPERUSER_PASSWORD);
        if (configurationValue.equals(str) && configurationValue2.equals(str2)) {
            logger.log(Level.INFO, "############# Authenticated as superadmin! ############");
            principal = new SuperUser();
        } else {
            try {
                principal = (Principal) StructrApp.getInstance().nodeQuery(Principal.class).and().or(propertyKey, str).or(AbstractUser.name, str).getFirst();
                if (principal == null) {
                    logger.log(Level.INFO, "No principal found for {0} {1}", new Object[]{propertyKey.dbName(), str});
                    str3 = STANDARD_ERROR_MSG;
                } else {
                    if (((Boolean) principal.getProperty(Principal.blocked)).booleanValue()) {
                        logger.log(Level.INFO, "Principal {0} is blocked", principal);
                        str3 = STANDARD_ERROR_MSG;
                    }
                    if (StringUtils.isEmpty(str2)) {
                        logger.log(Level.INFO, "Empty password for principal {0}", principal);
                        str3 = "Empty password, should never happen here!";
                    } else {
                        String str4 = (String) principal.getProperty(Principal.salt);
                        String hash = str4 != null ? getHash(str2, str4) : getSimpleHash(str2);
                        String encryptedPassword = principal.getEncryptedPassword();
                        if (encryptedPassword == null || !hash.equals(encryptedPassword)) {
                            logger.log(Level.INFO, "Wrong password for principal {0}", principal);
                            str3 = STANDARD_ERROR_MSG;
                        }
                    }
                }
            } catch (FrameworkException e) {
                e.printStackTrace();
            }
        }
        if (str3 != null) {
            throw new AuthenticationException(str3);
        }
        return principal;
    }

    public static Principal getPrincipalForSessionId(String str) {
        return getPrincipalForCredential(Principal.sessionIds, new String[]{str});
    }

    public static String getHash(String str, String str2) {
        return StringUtils.isEmpty(str2) ? getSimpleHash(str) : DigestUtils.sha512Hex(DigestUtils.sha512Hex(str).concat(str2));
    }

    @Deprecated
    public static String getSimpleHash(String str) {
        return DigestUtils.sha512Hex(str);
    }

    public static void doLogin(HttpServletRequest httpServletRequest, Principal principal) {
        String sessionId = getSessionId(httpServletRequest);
        if (sessionId != null) {
            clearSession(sessionId);
            principal.addSessionId(sessionId);
        }
    }

    public static void doLogout(HttpServletRequest httpServletRequest, Principal principal) {
        String sessionId = getSessionId(httpServletRequest);
        if (sessionId != null) {
            clearSession(sessionId);
            principal.removeSessionId(sessionId);
        }
    }

    public static String getSessionId(HttpServletRequest httpServletRequest) {
        HttpSession session;
        String str = null;
        try {
            str = httpServletRequest.getRequestedSessionId();
        } catch (UnsupportedOperationException e) {
        }
        return (str != null || (session = httpServletRequest.getSession(true)) == null) ? str : session.getId();
    }

    public static void clearSession(String str) {
        try {
            Iterator it = StructrApp.getInstance().nodeQuery(Principal.class).and(Principal.sessionIds, new String[]{str}).getAsList().iterator();
            while (it.hasNext()) {
                ((Principal) it.next()).removeSessionId(str);
            }
        } catch (FrameworkException e) {
            logger.log(Level.WARNING, "Error while removing sessionId " + str + " from all principals", (Throwable) e);
            e.printStackTrace();
        }
    }
}
