package org.apache.syncope.client.enduser.resources;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.client.enduser.SyncopeEnduserApplication;
import org.apache.syncope.client.enduser.SyncopeEnduserSession;
import org.apache.syncope.client.enduser.model.Credentials;
import org.apache.wicket.request.resource.AbstractResource;
import org.apache.wicket.request.resource.IResource;
import org.apache.wicket.util.io.IOUtils;

/* loaded from: input_file:org/apache/syncope/client/enduser/resources/LoginResource.class */
public class LoginResource extends AbstractBaseResource {
    private static final long serialVersionUID = -7720997467070461915L;

    protected AbstractResource.ResourceResponse newResourceResponse(IResource.Attributes attributes) {
        HttpServletRequest httpServletRequest;
        AbstractResource.ResourceResponse resourceResponse = new AbstractResource.ResourceResponse();
        try {
            httpServletRequest = (HttpServletRequest) attributes.getRequest().getContainerRequest();
        } catch (Exception e) {
            LOG.error("Could not read credentials from request", e);
            resourceResponse.setError(Integer.valueOf(Response.Status.BAD_REQUEST.getStatusCode()), "ErrorMessage{{ " + e.getMessage() + " }}");
        }
        if (!xsrfCheck(httpServletRequest)) {
            LOG.error("XSRF TOKEN does not match");
            resourceResponse.setError(Integer.valueOf(Response.Status.BAD_REQUEST.getStatusCode()), "XSRF TOKEN does not match");
            return resourceResponse;
        }
        Credentials credentials = (Credentials) MAPPER.readValue(IOUtils.toString(httpServletRequest.getInputStream()), Credentials.class);
        final String username = credentials.getUsername();
        String password = credentials.getPassword().isEmpty() ? null : credentials.getPassword();
        LOG.debug("Enduser login, user: {}", username);
        if (StringUtils.isBlank(username)) {
            LOG.error("Could not read credentials from request: username is blank!");
            resourceResponse.setError(Integer.valueOf(Response.Status.BAD_REQUEST.getStatusCode()), "ErrorMessage{{ Could not read credentials from request: username is blank! }}");
        } else if (SyncopeEnduserApplication.get().getAdminUser().equalsIgnoreCase(username) || !SyncopeEnduserSession.get().authenticate(username, password)) {
            resourceResponse.setError(Integer.valueOf(Response.Status.UNAUTHORIZED.getStatusCode()), "ErrorMessage{{ Username or password are incorrect }}");
        } else {
            resourceResponse.setWriteCallback(new AbstractResource.WriteCallback() { // from class: org.apache.syncope.client.enduser.resources.LoginResource.1
                public void writeData(IResource.Attributes attributes2) throws IOException {
                    attributes2.getResponse().write(username);
                }
            });
            resourceResponse.setStatusCode(Integer.valueOf(Response.Status.OK.getStatusCode()));
        }
        return resourceResponse;
    }
}
