package org.apache.zeppelin.rest;

import java.util.HashMap;
import java.util.HashSet;
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.zeppelin.annotation.ZeppelinApi;
import org.apache.zeppelin.server.JsonResponse;
import org.apache.zeppelin.ticket.TicketContainer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Produces({"application/json"})
@Path("/login")
/* loaded from: input_file:org/apache/zeppelin/rest/LoginRestApi.class */
public class LoginRestApi {
    private static final Logger LOG = LoggerFactory.getLogger(LoginRestApi.class);

    @POST
    @ZeppelinApi
    public Response postLogin(@FormParam("userName") String str, @FormParam("password") String str2) {
        JsonResponse jsonResponse = null;
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            subject.logout();
        }
        if (!subject.isAuthenticated()) {
            try {
                subject.login(new UsernamePasswordToken(str, str2));
                HashSet<String> roles = org.apache.zeppelin.utils.SecurityUtils.getRoles();
                String principal = org.apache.zeppelin.utils.SecurityUtils.getPrincipal();
                String ticket = "anonymous".equals(principal) ? "anonymous" : TicketContainer.instance.getTicket(principal);
                HashMap hashMap = new HashMap();
                hashMap.put("principal", principal);
                hashMap.put("roles", roles.toString());
                hashMap.put("ticket", ticket);
                jsonResponse = new JsonResponse(Response.Status.OK, "", hashMap);
            } catch (UnknownAccountException e) {
                LOG.error("Exception in login: ", e);
            } catch (AuthenticationException e2) {
                LOG.error("Exception in login: ", e2);
            } catch (LockedAccountException e3) {
                LOG.error("Exception in login: ", e3);
            } catch (IncorrectCredentialsException e4) {
                LOG.error("Exception in login: ", e4);
            }
        }
        if (jsonResponse == null) {
            jsonResponse = new JsonResponse(Response.Status.FORBIDDEN, "", "");
        }
        LOG.warn(jsonResponse.toString());
        return jsonResponse.build();
    }

    @POST
    @ZeppelinApi
    @Path("logout")
    public Response logout() {
        SecurityUtils.getSubject().logout();
        HashMap hashMap = new HashMap();
        hashMap.put("principal", "anonymous");
        hashMap.put("roles", "");
        hashMap.put("ticket", "anonymous");
        JsonResponse jsonResponse = new JsonResponse(Response.Status.OK, "", hashMap);
        LOG.warn(jsonResponse.toString());
        return jsonResponse.build();
    }
}
