package org.apache.jetspeed.security.impl;

import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.pipeline.PipelineException;
import org.apache.jetspeed.pipeline.valve.AbstractValve;
import org.apache.jetspeed.pipeline.valve.LoginValidationValve;
import org.apache.jetspeed.pipeline.valve.ValveContext;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.SecurityException;
import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserCredential;
import org.apache.jetspeed.security.UserManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/jetspeed/security/impl/LoginValidationValveImpl.class */
public class LoginValidationValveImpl extends AbstractValve implements LoginValidationValve {
    private static final Logger log = LoggerFactory.getLogger(LoginValidationValveImpl.class);
    private int maxNumberOfAuthenticationFailures;
    private List sessionAttributes;

    public LoginValidationValveImpl(List list) {
        this.sessionAttributes = list;
    }

    public LoginValidationValveImpl(int i) {
        this.maxNumberOfAuthenticationFailures = i;
        this.sessionAttributes = new LinkedList();
    }

    public LoginValidationValveImpl(int i, List list) {
        this.maxNumberOfAuthenticationFailures = i;
        this.sessionAttributes = list;
    }

    @Override // org.apache.jetspeed.pipeline.valve.AbstractValve
    public void invoke(RequestContext requestContext, ValveContext valveContext) throws PipelineException {
        try {
            if (requestContext.getRequest().getUserPrincipal() == null) {
                if (requestContext.getSessionAttribute("org.apache.jetspeed.login.retrycount") != null) {
                    String str = (String) requestContext.getSessionAttribute("org.apache.jetspeed.login.username");
                    if (str == null || str.equals("")) {
                        requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_UNKNOWN_USER);
                    } else {
                        UserManager userManager = (UserManager) Jetspeed.getComponentManager().getComponent(UserManager.class);
                        if (userManager != null) {
                            try {
                                User user = userManager.getUser(str);
                                if (user.isEnabled()) {
                                    UserCredential userCredential = SubjectHelper.getUserCredential(userManager.getSubject(user));
                                    if (userCredential == null || !userCredential.isEnabled()) {
                                        requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_CREDENTIAL_DISABLED);
                                    } else if (userCredential.isExpired()) {
                                        requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_CREDENTIAL_EXPIRED);
                                    } else if (this.maxNumberOfAuthenticationFailures <= 1 || userCredential.getAuthenticationFailures() != this.maxNumberOfAuthenticationFailures - 1) {
                                        requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_INVALID_PASSWORD);
                                    } else {
                                        requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_FINAL_LOGIN_ATTEMPT);
                                    }
                                } else {
                                    requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_USER_DISABLED);
                                }
                            } catch (SecurityException e) {
                                requestContext.setSessionAttribute("org.apache.jetspeed.login.errorcode", LoginConstants.ERROR_UNKNOWN_USER);
                            }
                        }
                    }
                }
            } else if (requestContext.getSessionAttribute("org.apache.jetspeed.login.check") == null) {
                clearSessionAttributes(requestContext);
                requestContext.getRequest().getSession().setAttribute("org.apache.jetspeed.login.check", "true");
            }
            valveContext.invokeNext(requestContext);
        } catch (Exception e2) {
            log.error("Exception in request pipeline: " + e2.getMessage(), e2);
            throw new PipelineException(e2.toString(), e2);
        }
    }

    private void clearSessionAttributes(RequestContext requestContext) {
        Iterator it = this.sessionAttributes.iterator();
        while (it.hasNext()) {
            requestContext.getRequest().getSession().removeAttribute((String) it.next());
        }
    }

    public String toString() {
        return "LoginValidationValve";
    }
}
