package org.bonitasoft.engine.core.login;

import java.io.Serializable;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.bonitasoft.engine.authentication.AuthenticationConstants;
import org.bonitasoft.engine.authentication.AuthenticationException;
import org.bonitasoft.engine.authentication.GenericAuthenticationService;
import org.bonitasoft.engine.authorization.PermissionsBuilder;
import org.bonitasoft.engine.identity.IdentityService;
import org.bonitasoft.engine.identity.SUserNotFoundException;
import org.bonitasoft.engine.identity.SUserUpdateException;
import org.bonitasoft.engine.identity.model.SUser;
import org.bonitasoft.engine.identity.model.builder.impl.SUserUpdateBuilderImpl;
import org.bonitasoft.engine.persistence.SBonitaReadException;
import org.bonitasoft.engine.profile.ProfileService;
import org.bonitasoft.engine.session.SSessionException;
import org.bonitasoft.engine.session.SSessionNotFoundException;
import org.bonitasoft.engine.session.SessionService;
import org.bonitasoft.engine.session.model.SSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/bonitasoft/engine/core/login/SecuredLoginServiceImpl.class */
public class SecuredLoginServiceImpl implements LoginService {
    private static final Logger log = LoggerFactory.getLogger(SecuredLoginServiceImpl.class);
    private final GenericAuthenticationService authenticationService;
    private final SessionService sessionService;
    private final IdentityService identityService;
    private final TechnicalUser technicalUser;
    private final ProfileService profileService;
    private final PermissionsBuilder permissionsBuilder;

    public SecuredLoginServiceImpl(@Qualifier("entryPointAuthenticationService") GenericAuthenticationService genericAuthenticationService, SessionService sessionService, IdentityService identityService, TechnicalUser technicalUser, ProfileService profileService, PermissionsBuilder permissionsBuilder) {
        this.authenticationService = genericAuthenticationService;
        this.sessionService = sessionService;
        this.identityService = identityService;
        this.technicalUser = technicalUser;
        this.profileService = profileService;
        this.permissionsBuilder = permissionsBuilder;
    }

    @Override // org.bonitasoft.engine.core.login.LoginService
    public SSession login(Map<String, Serializable> map) throws SLoginException, SUserNotFoundException {
        debugLog("Logging in");
        checkNull(map);
        Long valueOf = Long.valueOf(extractTenant(map));
        if (isTechnicalUser(map)) {
            debugLog("Authenticated as technical user");
            return createSession(valueOf, extractUserName(map), -1L, true);
        }
        String verifyCredentials = verifyCredentials(map);
        checkIsNotBlank(verifyCredentials);
        debugLog("Authenticated as regular user");
        SUser user = getUser(verifyCredentials);
        checkIsEnabled(user);
        SSession createSession = createSession(valueOf, verifyCredentials, user.getId(), false);
        updateLastConnectionDate(user);
        return createSession;
    }

    private void updateLastConnectionDate(SUser sUser) throws SLoginException {
        try {
            this.identityService.updateUser(sUser, SUserUpdateBuilderImpl.updateBuilder().updateLastConnection(System.currentTimeMillis()).done());
        } catch (SUserUpdateException e) {
            throw new SLoginException(e);
        }
    }

    private long extractTenant(Map<String, Serializable> map) {
        return NumberUtils.toLong(String.valueOf(map.get(AuthenticationConstants.BASIC_TENANT_ID)), -1L);
    }

    private void checkNull(Map<String, Serializable> map) throws SLoginException {
        if (map == null) {
            throw new SLoginException("invalid credentials, map is null");
        }
    }

    private SSession createSession(Long l, String str, long j, boolean z) throws SLoginException {
        try {
            List<String> list = (List) this.profileService.getProfilesOfUser(j).stream().map((v0) -> {
                return v0.getName();
            }).collect(Collectors.toList());
            return this.sessionService.createSession(l.longValue(), j, str, z, list, this.permissionsBuilder.getPermissions(z, list, str));
        } catch (SBonitaReadException | SSessionException e) {
            throw new SLoginException(e);
        }
    }

    private void checkIsEnabled(SUser sUser) throws SLoginException {
        if (!sUser.isEnabled()) {
            throw new SLoginException("Unable to login : the user is disable.");
        }
    }

    private void checkIsNotBlank(String str) throws SLoginException {
        if (StringUtils.isBlank(str)) {
            debugLog("Authentication failed");
            throw new SLoginException("User name or password is not valid!");
        }
    }

    private SUser getUser(String str) throws SUserNotFoundException {
        try {
            return this.identityService.getUserByUserName(str);
        } catch (SUserNotFoundException e) {
            debugLog("Unable to find user with username " + str + " in database.");
            throw e;
        }
    }

    private String verifyCredentials(Map<String, Serializable> map) throws SLoginException {
        try {
            return this.authenticationService.checkUserCredentials(map);
        } catch (AuthenticationException e) {
            debugLog("Unable to authenticate user with username " + map.get(AuthenticationConstants.BASIC_USERNAME));
            throw new SLoginException(e);
        }
    }

    private boolean isTechnicalUser(Map<String, Serializable> map) {
        return this.technicalUser.getUserName().equals(extractUserName(map)) && this.technicalUser.getPassword().equals(String.valueOf(map.get(AuthenticationConstants.BASIC_PASSWORD)));
    }

    private String extractUserName(Map<String, Serializable> map) {
        if (!map.containsKey(AuthenticationConstants.BASIC_USERNAME) || map.get(AuthenticationConstants.BASIC_USERNAME) == null) {
            return null;
        }
        return String.valueOf(map.get(AuthenticationConstants.BASIC_USERNAME));
    }

    @Override // org.bonitasoft.engine.core.login.LoginService
    public void logout(long j) throws SSessionNotFoundException {
        this.sessionService.deleteSession(j);
    }

    @Override // org.bonitasoft.engine.core.login.LoginService
    public boolean isValid(long j) {
        try {
            return this.sessionService.isValid(j);
        } catch (SSessionNotFoundException e) {
            return false;
        }
    }

    private void debugLog(String str) {
        log.debug(str);
    }
}
