package edu.ucsb.nceas.metacat;

import edu.ucsb.nceas.metacat.client.rest.MetacatRest;
import edu.ucsb.nceas.metacat.properties.PropertyService;
import edu.ucsb.nceas.metacat.shared.MetacatUtilException;
import edu.ucsb.nceas.metacat.util.AuthUtil;
import edu.ucsb.nceas.utilities.PropertyNotFoundException;
import java.net.ConnectException;
import java.util.HashMap;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;

/* loaded from: input_file:edu/ucsb/nceas/metacat/AuthSession.class */
public class AuthSession {
    private String authClass;
    private AuthInterface authService;
    private static Logger logMetacat = Logger.getLogger(AuthSession.class);
    private HttpSession session = null;
    private String statusMessage = null;

    public AuthSession() throws InstantiationException, IllegalAccessException, ClassNotFoundException {
        this.authClass = null;
        this.authService = null;
        try {
            this.authClass = PropertyService.getProperty("auth.class");
        } catch (PropertyNotFoundException e) {
            e.printStackTrace();
        }
        this.authService = (AuthInterface) createObject(this.authClass);
    }

    public HttpSession getSessions() {
        return this.session;
    }

    public boolean authenticate(HttpServletRequest httpServletRequest, String str, String str2) {
        String str3;
        try {
            if (!this.authService.authenticate(str, str2)) {
                this.statusMessage = formatOutput("unauth_login", "Authentication failed for user: " + str);
                return false;
            }
            String[][] groups = this.authService.getGroups(str, str2, str);
            String[] strArr = null;
            if (groups != null) {
                strArr = new String[groups.length];
                for (int i = 0; i < groups.length; i++) {
                    strArr[i] = groups[i][0];
                }
            }
            if (strArr == null) {
                strArr = new String[0];
            }
            String[] strArr2 = null;
            try {
                strArr2 = this.authService.getUserInfo(str, str2);
            } catch (ConnectException e) {
                logMetacat.warn("AuthSession.authenticate - can't get the user info for user " + str + " since " + e.getMessage());
            }
            this.session = createSession(httpServletRequest, str, str2, strArr, strArr2);
            this.statusMessage = formatOutput(MetacatRest.FUNCTION_NAME_LOGIN, "Authentication successful for user: " + str, this.session.getId(), str, strArr, strArr2);
            return true;
        } catch (IllegalStateException e2) {
            str3 = e2.getMessage();
            this.statusMessage = formatOutput("error_login", str3);
            return false;
        } catch (ConnectException e3) {
            str3 = "Connection to the authentication service failed in AuthSession.authenticate: " + e3.getMessage();
            this.statusMessage = formatOutput("error_login", str3);
            return false;
        }
    }

    private HttpSession createSession(HttpServletRequest httpServletRequest, String str, String str2, String[] strArr, String[] strArr2) throws IllegalStateException {
        HttpSession session = httpServletRequest.getSession(true);
        if (!session.isNew()) {
            logMetacat.info("in session is not new");
            logMetacat.info("the old session id is : " + session.getId());
            logMetacat.info("the old session username : " + session.getAttribute("username"));
            session.invalidate();
            logMetacat.info("in session is not new");
            session = httpServletRequest.getSession(true);
        }
        session.setMaxInactiveInterval(-1);
        session.setAttribute("username", str);
        session.setAttribute("password", str2);
        if (strArr2 != null && strArr2.length == 3) {
            session.setAttribute("name", strArr2[0]);
            session.setAttribute("organization", strArr2[1]);
            session.setAttribute("email", strArr2[2]);
        }
        if (strArr.length > 0) {
            session.setAttribute("groupnames", strArr);
        }
        logMetacat.info("the new session id is : " + session.getId());
        logMetacat.info("the new session username : " + session.getAttribute("username"));
        return session;
    }

    public String getMessage() {
        return this.statusMessage;
    }

    public String getPrincipals(String str, String str2) throws ConnectException {
        return this.authService.getPrincipals(str, str2);
    }

    public HashMap<String, Vector<String>> getAttributes(String str) throws ConnectException {
        return this.authService.getAttributes(str);
    }

    private String formatOutput(String str, String str2) {
        return formatOutput(str, str2, null, null, null, null);
    }

    private String formatOutput(String str, String str2, String str3, String str4, String[] strArr, String[] strArr2) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
        stringBuffer.append("<" + str + ">");
        stringBuffer.append("\n  <message>" + str2 + "</message>\n");
        if (str3 != null) {
            stringBuffer.append("\n  <sessionId>" + str3 + "</sessionId>\n");
            if (strArr2 != null && strArr2[0] != null) {
                stringBuffer.append("\n<name>\n");
                stringBuffer.append(strArr2[0]);
                stringBuffer.append("\n</name>\n");
            }
            if (strArr2 != null && strArr2[1] != null) {
                stringBuffer.append("\n<organization>\n");
                stringBuffer.append(strArr2[1]);
                stringBuffer.append("\n</organization>\n");
            }
            if (strArr2 != null && strArr2[2] != null) {
                stringBuffer.append("\n<email>\n");
                stringBuffer.append(strArr2[2]);
                stringBuffer.append("\n</email>\n");
            }
            try {
                if (AuthUtil.isAdministrator(str4, strArr)) {
                    stringBuffer.append("\n  <isAdministrator></isAdministrator>\n");
                }
            } catch (MetacatUtilException e) {
                logMetacat.error("Could not determine if user is administrator. Omitting from xml output: " + e.getMessage());
            }
            try {
                if (AuthUtil.isModerator(str4, strArr)) {
                    stringBuffer.append("\n  <isModerator></isModerator>\n");
                }
            } catch (MetacatUtilException e2) {
                logMetacat.error("Could not determine if user is moderator. Omitting from xml output: " + e2.getMessage());
            }
        }
        stringBuffer.append("</" + str + ">");
        return stringBuffer.toString();
    }

    public String[] getGroups(String str, String str2, String str3) throws Exception {
        String[][] groups = this.authService.getGroups(str, str2, str3);
        String[] strArr = null;
        if (groups != null) {
            strArr = new String[groups.length];
            for (int i = 0; i < groups.length; i++) {
                strArr[i] = groups[i][0];
                logMetacat.debug("AuthSession.getGroups - found that user " + str3 + " is the member of the group " + strArr[i]);
            }
        }
        return strArr;
    }

    private static Object createObject(String str) throws InstantiationException, IllegalAccessException, ClassNotFoundException {
        return Class.forName(str).newInstance();
    }

    private static Object createObject(String str, String str2) throws Exception {
        try {
            return Class.forName(str).newInstance();
        } catch (ClassNotFoundException e) {
            throw e;
        } catch (IllegalAccessException e2) {
            throw e2;
        } catch (InstantiationException e3) {
            throw e3;
        }
    }
}
