package com.caucho.security;

import com.caucho.server.session.SessionImpl;
import java.io.IOException;
import java.io.Serializable;
import java.lang.ref.SoftReference;
import java.security.Principal;
import java.util.ArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.PostConstruct;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.util.ClassUtils;

/* loaded from: input_file:BOOT-INF/lib/resin-4.0.65.jar:com/caucho/security/AbstractLogin.class */
public abstract class AbstractLogin implements Login {
    private static final Logger log = Logger.getLogger(AbstractLogin.class.getName());
    protected Authenticator _auth;
    protected SingleSignon _singleSignon;

    @Inject
    private Instance<Authenticator> _authInstance;

    @Inject
    private Instance<SingleSignon> _signonInstance;
    private boolean _isSessionSaveLogin = true;
    private boolean _isLogoutOnTimeout = true;

    /* loaded from: input_file:BOOT-INF/lib/resin-4.0.65.jar:com/caucho/security/AbstractLogin$LoginPrincipal.class */
    static class LoginPrincipal implements Serializable {
        private Principal _user;

        LoginPrincipal(Principal principal) {
            this._user = principal;
        }

        public Principal getUser() {
            return this._user;
        }

        public String toString() {
            return getClass().getSimpleName() + "[" + this._user + "]";
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/resin-4.0.65.jar:com/caucho/security/AbstractLogin$PrincipalEntry.class */
    static class PrincipalEntry {
        private Principal _principal;
        private ArrayList<SoftReference<SessionImpl>> _sessions;

        PrincipalEntry(Principal principal) {
            this._principal = principal;
        }

        Principal getPrincipal() {
            return this._principal;
        }

        void addSession(SessionImpl sessionImpl) {
            if (this._sessions == null) {
                this._sessions = new ArrayList<>();
            }
            this._sessions.add(new SoftReference<>(sessionImpl));
        }

        boolean logout(HttpSession httpSession) {
            ArrayList<SoftReference<SessionImpl>> arrayList = this._sessions;
            if (arrayList == null) {
                return true;
            }
            boolean z = true;
            for (int size = arrayList.size() - 1; size >= 0; size--) {
                SessionImpl sessionImpl = arrayList.get(size).get();
                if (sessionImpl == httpSession) {
                    try {
                        arrayList.remove(size);
                    } catch (Exception e) {
                        AbstractLogin.log.log(Level.WARNING, e.toString(), (Throwable) e);
                    }
                } else if (sessionImpl == null) {
                    arrayList.remove(size);
                } else {
                    z = false;
                }
            }
            return z;
        }

        void logout() {
            ArrayList<SoftReference<SessionImpl>> arrayList = this._sessions;
            this._sessions = null;
            for (int i = 0; arrayList != null && i < arrayList.size(); i++) {
                SessionImpl sessionImpl = arrayList.get(i).get();
                if (sessionImpl != null) {
                    try {
                        sessionImpl.invalidateLogout();
                    } catch (Exception e) {
                        AbstractLogin.log.log(Level.WARNING, e.toString(), (Throwable) e);
                    }
                }
            }
        }
    }

    public void setAuthenticator(Authenticator authenticator) {
        this._auth = authenticator;
    }

    @Override // com.caucho.security.Login
    public Authenticator getAuthenticator() {
        if (this._auth == null) {
            if (!this._authInstance.isUnsatisfied()) {
                this._auth = this._authInstance.get();
            }
            if (this._auth == null) {
                this._auth = new NullAuthenticator();
            }
            if (log.isLoggable(Level.FINE)) {
                log.fine(toString() + " using " + this._auth);
            }
        }
        return this._auth;
    }

    protected SingleSignon getSingleSignon() {
        if (this._singleSignon == null) {
            Authenticator authenticator = getAuthenticator();
            if (this._auth instanceof AbstractAuthenticator) {
                this._singleSignon = ((AbstractAuthenticator) authenticator).getSingleSignon();
            }
        }
        return this._singleSignon;
    }

    public boolean isLogoutOnSessionTimeout() {
        return this._isLogoutOnTimeout;
    }

    public void setLogoutOnSessionTimeout(boolean z) {
        this._isLogoutOnTimeout = z;
    }

    public void setSessionSaveLogin(boolean z) {
        this._isSessionSaveLogin = z;
    }

    public boolean isSessionSaveLogin() {
        return this._isSessionSaveLogin;
    }

    @PostConstruct
    public void init() throws ServletException {
        if (this._singleSignon != null || this._signonInstance.isUnsatisfied()) {
            return;
        }
        this._singleSignon = this._signonInstance.get();
    }

    @Override // com.caucho.security.Login
    public String getAuthType() {
        return "none";
    }

    @Override // com.caucho.security.Login
    public boolean isLoginUsedForRequest(HttpServletRequest httpServletRequest) {
        return true;
    }

    @Override // com.caucho.security.Login
    public Principal getUserPrincipal(HttpServletRequest httpServletRequest) {
        return getUserPrincipal(httpServletRequest, false);
    }

    private Principal getUserPrincipal(HttpServletRequest httpServletRequest, boolean z) {
        Principal principal = (Principal) httpServletRequest.getAttribute(Login.LOGIN_USER);
        if (principal != null) {
            if (principal != AbstractAuthenticator.NULL_USER) {
                return principal;
            }
            if (!z) {
                return null;
            }
        }
        Principal findSavedUser = findSavedUser(httpServletRequest);
        if (findSavedUser != null && isSavedUserValid(httpServletRequest, findSavedUser)) {
            httpServletRequest.setAttribute(Login.LOGIN_USER, findSavedUser);
            return findSavedUser;
        }
        Principal loginPrincipalImpl = z ? getLoginPrincipalImpl(httpServletRequest) : getUserPrincipalImpl(httpServletRequest);
        if (loginPrincipalImpl != null) {
            httpServletRequest.setAttribute(Login.LOGIN_USER, loginPrincipalImpl);
            saveUser(httpServletRequest, loginPrincipalImpl);
        } else if (findSavedUser != null) {
            httpServletRequest.setAttribute(Login.LOGIN_USER, AbstractAuthenticator.NULL_USER);
            saveUser(httpServletRequest, null);
        } else {
            httpServletRequest.setAttribute(Login.LOGIN_USER, AbstractAuthenticator.NULL_USER);
        }
        return loginPrincipalImpl;
    }

    @Override // com.caucho.security.Login
    public Principal login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        try {
            Principal findSavedUser = findSavedUser(httpServletRequest);
            if (findSavedUser != null && isSavedUserValid(httpServletRequest, findSavedUser)) {
                httpServletRequest.setAttribute(Login.LOGIN_USER, findSavedUser);
                return findSavedUser;
            }
            Principal login = login(httpServletRequest, httpServletResponse);
            if (login != null || findSavedUser != null) {
                saveUser(httpServletRequest, login);
            }
            if (login != null) {
                loginSuccessResponse(login, httpServletRequest, httpServletResponse);
                return login;
            }
            if (z) {
                log.fine(this + " sending login challenge");
                loginChallenge(httpServletRequest, httpServletResponse);
            }
            return null;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new LoginException(e2);
        }
    }

    protected Principal login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return getUserPrincipal(httpServletRequest, true);
    }

    protected Principal findSavedUser(HttpServletRequest httpServletRequest) {
        SingleSignon singleSignon = getSingleSignon();
        SessionImpl sessionImpl = (SessionImpl) httpServletRequest.getSession(false);
        String id = sessionImpl != null ? sessionImpl.getId() : httpServletRequest.getRequestedSessionId();
        if (id == null) {
            return null;
        }
        if (singleSignon != null) {
            Principal principal = singleSignon.get(id);
            if (principal != null && log.isLoggable(Level.FINER)) {
                log.finer(this + " load user '" + principal + "' from " + singleSignon);
            }
            return principal;
        }
        if (!isSessionSaveLogin() || sessionImpl == null) {
            return null;
        }
        Principal principal2 = (Principal) sessionImpl.getAttribute(Login.LOGIN_USER);
        if (principal2 != null && log.isLoggable(Level.FINER)) {
            log.finer(this + " load user '" + principal2 + "' from session");
        }
        return principal2;
    }

    protected void saveUser(HttpServletRequest httpServletRequest, Principal principal) {
        SingleSignon singleSignon = getSingleSignon();
        SessionImpl sessionImpl = isSessionSaveLogin() ? (SessionImpl) httpServletRequest.getSession(true) : (SessionImpl) httpServletRequest.getSession(false);
        String id = sessionImpl != null ? sessionImpl.getId() : httpServletRequest.getRequestedSessionId();
        if (id == null) {
            return;
        }
        if (singleSignon != null) {
            singleSignon.put(id, principal);
            if (log.isLoggable(Level.FINER)) {
                log.finer(this + " save user '" + principal + "' in single signon " + singleSignon);
                return;
            }
            return;
        }
        if (isSessionSaveLogin()) {
            sessionImpl.setAttribute(Login.LOGIN_USER, principal);
            if (log.isLoggable(Level.FINER)) {
                log.finer(this + " save user '" + principal + "' in session " + sessionImpl);
            }
        }
    }

    @Override // com.caucho.security.Login
    public boolean isPasswordBased() {
        return false;
    }

    protected Principal getUserPrincipalImpl(HttpServletRequest httpServletRequest) {
        return null;
    }

    protected boolean isSavedUserValid(HttpServletRequest httpServletRequest, Principal principal) {
        return true;
    }

    protected Principal getLoginPrincipalImpl(HttpServletRequest httpServletRequest) {
        return getUserPrincipalImpl(httpServletRequest);
    }

    protected void loginChallenge(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
    }

    protected void loginSuccessResponse(Principal principal, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
    }

    @Override // com.caucho.security.Login
    public boolean isUserInRole(Principal principal, String str) {
        return getAuthenticator().isUserInRole(principal, str);
    }

    @Override // com.caucho.security.Login
    public void logout(Principal principal, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String requestedSessionId = httpServletRequest.getRequestedSessionId();
        logoutImpl(principal, httpServletRequest, httpServletResponse);
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null) {
            session.removeAttribute(Login.LOGIN_USER);
        }
        httpServletRequest.removeAttribute(Login.LOGIN_USER);
        SingleSignon singleSignon = getSingleSignon();
        if (singleSignon != null) {
            singleSignon.remove(requestedSessionId);
        }
    }

    @Override // com.caucho.security.Login
    public void sessionInvalidate(HttpSession httpSession, boolean z) {
        SingleSignon singleSignon;
        if (httpSession == null || (singleSignon = getSingleSignon()) == null) {
            return;
        }
        if (!z || isLogoutOnSessionTimeout()) {
            singleSignon.remove(httpSession.getId());
        }
    }

    protected void logoutImpl(Principal principal, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    public String toString() {
        return getClass().getSimpleName() + ClassUtils.ARRAY_SUFFIX;
    }
}
