package org.apache.cocoon.webapps.authentication.components;

import java.io.IOException;
import org.apache.avalon.framework.activity.Disposable;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.avalon.framework.thread.ThreadSafe;
import org.apache.cocoon.ProcessingException;
import org.apache.cocoon.components.source.SourceUtil;
import org.apache.cocoon.webapps.authentication.AuthenticationConstants;
import org.apache.cocoon.webapps.authentication.components.Authenticator;
import org.apache.cocoon.webapps.authentication.configuration.HandlerConfiguration;
import org.apache.cocoon.webapps.authentication.user.UserHandler;
import org.apache.cocoon.webapps.session.MediaManager;
import org.apache.cocoon.xml.XMLUtils;
import org.apache.cocoon.xml.dom.DOMUtil;
import org.apache.excalibur.source.Source;
import org.apache.excalibur.source.SourceException;
import org.apache.excalibur.source.SourceParameters;
import org.apache.excalibur.source.SourceResolver;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/apache/cocoon/webapps/authentication/components/PipelineAuthenticator.class */
public class PipelineAuthenticator extends AbstractLogEnabled implements Serviceable, ThreadSafe, Disposable, Authenticator {
    protected ServiceManager manager;
    protected SourceResolver resolver;

    private boolean isValidAuthenticationFragment(Document document) throws ProcessingException {
        if (getLogger().isDebugEnabled()) {
            getLogger().debug(new StringBuffer().append("BEGIN isValidAuthenticationFragment fragment=").append(XMLUtils.serializeNode(document, XMLUtils.createPropertiesForXML(false))).toString());
        }
        boolean z = false;
        if (document.hasChildNodes() && document.getChildNodes().getLength() == 1) {
            Node firstChild = document.getFirstChild();
            if (firstChild.getNodeType() == 1 && firstChild.getNodeName().equals(AuthenticationConstants.SESSION_CONTEXT_NAME) && firstChild.hasChildNodes()) {
                NodeList childNodes = firstChild.getChildNodes();
                boolean z2 = false;
                int i = 0;
                int length = childNodes.getLength();
                while (!z2 && i < length) {
                    firstChild = childNodes.item(i);
                    if (firstChild.getNodeType() == 1 && firstChild.getNodeName().equals("ID")) {
                        z2 = true;
                    } else {
                        i++;
                    }
                }
                if (z2) {
                    firstChild.normalize();
                    if (firstChild.hasChildNodes() && firstChild.getChildNodes().getLength() == 1 && firstChild.getChildNodes().item(0).getNodeType() == 3 && firstChild.getChildNodes().item(0).getNodeValue().trim().length() > 0) {
                        z = true;
                    }
                }
            }
        }
        if (getLogger().isDebugEnabled()) {
            getLogger().debug(new StringBuffer().append("END isValidAuthenticationFragment valid=").append(z).toString());
        }
        return z;
    }

    @Override // org.apache.cocoon.webapps.authentication.components.Authenticator
    public Authenticator.AuthenticationResult authenticate(HandlerConfiguration handlerConfiguration, SourceParameters sourceParameters) throws ProcessingException {
        if (getLogger().isDebugEnabled()) {
            getLogger().debug(new StringBuffer().append("start authenticator using handler ").append(handlerConfiguration.getName()).toString());
        }
        String authenticationResource = handlerConfiguration.getAuthenticationResource();
        SourceParameters authenticationResourceParameters = handlerConfiguration.getAuthenticationResourceParameters();
        if (sourceParameters != null) {
            sourceParameters.add(authenticationResourceParameters);
        } else {
            sourceParameters = authenticationResourceParameters;
        }
        Document document = null;
        String str = null;
        try {
            try {
                try {
                    Source source = SourceUtil.getSource(authenticationResource, (Parameters) null, sourceParameters, this.resolver);
                    document = SourceUtil.toDOM(source);
                    this.resolver.release(source);
                } catch (ProcessingException e) {
                    getLogger().error(new StringBuffer().append("authenticator: ").append(e.getMessage()).toString(), e);
                    str = e.getMessage();
                }
                boolean z = false;
                Authenticator.AuthenticationResult authenticationResult = null;
                if (document != null) {
                    z = isValidAuthenticationFragment(document);
                    if (z) {
                        if (getLogger().isInfoEnabled()) {
                            getLogger().info(new StringBuffer().append("Authenticator: User authenticated using handler '").append(handlerConfiguration.getName()).append("'").toString());
                        }
                        MediaManager mediaManager = null;
                        try {
                            try {
                                mediaManager = (MediaManager) this.manager.lookup(MediaManager.ROLE);
                                String mediaType = mediaManager.getMediaType();
                                this.manager.release(mediaManager);
                                synchronized (handlerConfiguration) {
                                    Element element = (Element) document.getFirstChild();
                                    Element createElementNS = document.createElementNS(null, "type");
                                    createElementNS.appendChild(document.createTextNode("cocoon.authentication"));
                                    element.appendChild(createElementNS);
                                    Element createElementNS2 = document.createElementNS(null, "media");
                                    createElementNS2.appendChild(document.createTextNode(mediaType));
                                    element.appendChild(createElementNS2);
                                    authenticationResult = new Authenticator.AuthenticationResult(true, document);
                                }
                            } catch (ServiceException e2) {
                                throw new ProcessingException("Unable to lookup media manager.", e2);
                            }
                        } catch (Throwable th) {
                            this.manager.release(mediaManager);
                            throw th;
                        }
                    }
                }
                if (!z) {
                    if (getLogger().isInfoEnabled()) {
                        getLogger().info(new StringBuffer().append("Authenticator: Failed authentication using handler '").append(handlerConfiguration.getName()).append("'").toString());
                    }
                    Node node = null;
                    if (document != null) {
                        node = DOMUtil.getFirstNodeFromPath(document, new String[]{AuthenticationConstants.SESSION_CONTEXT_NAME, "data"}, false);
                    }
                    Document createDocument = DOMUtil.createDocument();
                    Element createElementNS3 = createDocument.createElementNS(null, "root");
                    createDocument.appendChild(createElementNS3);
                    Element createElementNS4 = createDocument.createElementNS(null, "failed");
                    createElementNS3.appendChild(createElementNS4);
                    if (str != null) {
                        createElementNS4.appendChild(createDocument.createTextNode(str));
                    }
                    if (node == null) {
                        Element createElementNS5 = createDocument.createElementNS(null, "data");
                        createElementNS3.appendChild(createElementNS5);
                        createElementNS5.appendChild(createDocument.createTextNode("No information available"));
                    } else {
                        createElementNS3.appendChild(createDocument.importNode(node, true));
                    }
                    authenticationResult = new Authenticator.AuthenticationResult(false, createDocument);
                }
                if (getLogger().isDebugEnabled()) {
                    getLogger().debug("end authenticator");
                }
                return authenticationResult;
            } catch (IOException e3) {
                throw new ProcessingException(e3);
            } catch (SourceException e4) {
                throw SourceUtil.handle(e4);
            } catch (SAXException e5) {
                throw new ProcessingException(e5);
            }
        } catch (Throwable th2) {
            this.resolver.release((Source) null);
            throw th2;
        }
    }

    public void service(ServiceManager serviceManager) throws ServiceException {
        this.manager = serviceManager;
        this.resolver = (SourceResolver) this.manager.lookup(SourceResolver.ROLE);
    }

    public void dispose() {
        if (this.manager != null) {
            this.manager.release(this.resolver);
            this.manager = null;
            this.resolver = null;
        }
    }

    @Override // org.apache.cocoon.webapps.authentication.components.Authenticator
    public void logout(UserHandler userHandler) {
        if (getLogger().isDebugEnabled()) {
            getLogger().debug(new StringBuffer().append("logout using handler ").append(userHandler.getHandlerName()).toString());
        }
        HandlerConfiguration handlerConfiguration = userHandler.getHandlerConfiguration();
        String logoutResource = handlerConfiguration.getLogoutResource();
        if (logoutResource != null) {
            Source source = null;
            try {
                try {
                    source = SourceUtil.getSource(logoutResource, (Parameters) null, handlerConfiguration.getAuthenticationResourceParameters(), this.resolver);
                    SourceUtil.toDOM(source);
                    this.resolver.release(source);
                } catch (Exception e) {
                    getLogger().error(new StringBuffer().append("logout: ").append(e.getMessage()).toString(), e);
                    this.resolver.release(source);
                }
            } catch (Throwable th) {
                this.resolver.release(source);
                throw th;
            }
        }
    }
}
