package org.exist.xquery.functions.session;

import java.util.Optional;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.exist.client.InteractiveClient;
import org.exist.dom.QName;
import org.exist.http.servlets.SessionWrapper;
import org.exist.security.AuthenticationException;
import org.exist.xquery.Cardinality;
import org.exist.xquery.FunctionSignature;
import org.exist.xquery.UserSwitchingBasicFunction;
import org.exist.xquery.XPathException;
import org.exist.xquery.XQueryContext;
import org.exist.xquery.value.BooleanValue;
import org.exist.xquery.value.FunctionParameterSequenceType;
import org.exist.xquery.value.FunctionReturnSequenceType;
import org.exist.xquery.value.Sequence;
import org.exist.xquery.value.SequenceType;
import org.exist.xquery.value.StringValue;

/* loaded from: input_file:org/exist/xquery/functions/session/SetCurrentUser.class */
public class SetCurrentUser extends UserSwitchingBasicFunction {
    private static final Logger logger = LogManager.getLogger(SetCurrentUser.class);
    public static final FunctionSignature signature = new FunctionSignature(new QName("set-current-user", SessionModule.NAMESPACE_URI, SessionModule.PREFIX), "Change the user identity for the current HTTP session. Subsequent XQueries in the session will run with the new user identity.", new SequenceType[]{new FunctionParameterSequenceType("user-name", 22, Cardinality.EXACTLY_ONE, "The user name"), new FunctionParameterSequenceType(InteractiveClient.PASSWORD, 22, Cardinality.EXACTLY_ONE, "The password")}, new FunctionReturnSequenceType(23, Cardinality.EXACTLY_ONE, "true if the user name and password represent a valid user"));

    public SetCurrentUser(XQueryContext xQueryContext) {
        super(xQueryContext, signature);
    }

    @Override // org.exist.xquery.BasicFunction
    public Sequence eval(Sequence[] sequenceArr, Sequence sequence) throws XPathException {
        String stringValue = sequenceArr[0].getStringValue();
        String stringValue2 = sequenceArr[1].getStringValue();
        try {
            switchUser(this.context.getBroker().getBrokerPool().getSecurityManager().authenticate(stringValue, stringValue2));
            SessionWrapper validOrCreateSession = SessionFunction.getValidOrCreateSession(this, this.context, Optional.ofNullable(this.context.getHttpContext()).map((v0) -> {
                return v0.getSession();
            }));
            validOrCreateSession.setAttribute("user", stringValue);
            validOrCreateSession.setAttribute(InteractiveClient.PASSWORD, new StringValue(this, stringValue2));
            return BooleanValue.TRUE;
        } catch (AuthenticationException e) {
            logger.warn("Could not validate user {} [{}]", stringValue, e.getMessage());
            return BooleanValue.FALSE;
        }
    }
}
