package org.bonitasoft.engine.core.login;

import java.io.IOException;
import java.io.Serializable;
import java.util.Map;
import java.util.Properties;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.bonitasoft.engine.authentication.AuthenticationConstants;
import org.bonitasoft.engine.authentication.AuthenticationException;
import org.bonitasoft.engine.authentication.GenericAuthenticationService;
import org.bonitasoft.engine.home.BonitaHomeServer;
import org.bonitasoft.engine.identity.IdentityService;
import org.bonitasoft.engine.identity.SUserNotFoundException;
import org.bonitasoft.engine.identity.xml.OrganizationMappingConstants;
import org.bonitasoft.engine.log.technical.TechnicalLogSeverity;
import org.bonitasoft.engine.log.technical.TechnicalLoggerService;
import org.bonitasoft.engine.session.SSessionException;
import org.bonitasoft.engine.session.SSessionNotFoundException;
import org.bonitasoft.engine.session.SessionService;
import org.bonitasoft.engine.session.model.SSession;
import org.bonitasoft.engine.sessionaccessor.SessionAccessor;

/* loaded from: input_file:org/bonitasoft/engine/core/login/SecuredLoginServiceImpl.class */
public class SecuredLoginServiceImpl implements LoginService {
    private GenericAuthenticationService authenticationService;
    private final SessionService sessionService;
    private final SessionAccessor sessionAccessor;
    private final IdentityService identityService;
    private final TechnicalLoggerService logger;

    public SecuredLoginServiceImpl(GenericAuthenticationService genericAuthenticationService, SessionService sessionService, SessionAccessor sessionAccessor, IdentityService identityService, TechnicalLoggerService technicalLoggerService) {
        this.authenticationService = genericAuthenticationService;
        this.sessionService = sessionService;
        this.sessionAccessor = sessionAccessor;
        this.identityService = identityService;
        this.logger = technicalLoggerService;
    }

    @Override // org.bonitasoft.engine.core.login.LoginService
    public SSession login(Map<String, Serializable> map) throws SLoginException, SUserNotFoundException {
        debugLog("Loging in");
        if (map == null) {
            throw new SLoginException("invalid credentials, map is null");
        }
        Long valueOf = Long.valueOf(NumberUtils.toLong(String.valueOf(map.get(AuthenticationConstants.BASIC_TENANT_ID)), -1L));
        this.sessionAccessor.setSessionInfo(-1L, valueOf.longValue());
        long j = 0;
        boolean z = false;
        String str = null;
        try {
            try {
                TechnicalUser technicalUser = getTechnicalUser(valueOf.longValue());
                if (map.containsKey(AuthenticationConstants.BASIC_USERNAME) && map.get(AuthenticationConstants.BASIC_USERNAME) != null) {
                    str = String.valueOf(map.get(AuthenticationConstants.BASIC_USERNAME));
                }
                if (technicalUser.getUserName().equals(str) && technicalUser.getPassword().equals(String.valueOf(map.get(AuthenticationConstants.BASIC_PASSWORD)))) {
                    debugLog("Authenticated as technical user");
                    z = true;
                    j = -1;
                } else {
                    str = this.authenticationService.checkUserCredentials(map);
                    if (StringUtils.isNotBlank(str)) {
                        debugLog("Authenticated as regular user");
                        j = this.identityService.getUserByUserName(str).getId();
                    } else {
                        debugLog("Authentication failed");
                        authenticationFailed();
                    }
                }
                try {
                    debugLog("Session creation");
                    return this.sessionService.createSession(valueOf.longValue(), j, str, z);
                } catch (SSessionException e) {
                    throw new SLoginException(e);
                }
            } catch (AuthenticationException e2) {
                debugLog("Unable to authenticate user with username " + ((String) null));
                throw new SLoginException(e2);
            } catch (SUserNotFoundException e3) {
                debugLog("Unable to find user with username " + ((String) null) + " in database.");
                throw e3;
            }
        } finally {
            this.sessionAccessor.deleteSessionId();
        }
    }

    protected void authenticationFailed() throws SLoginException {
        try {
            Thread.sleep(3000L);
            throw new SLoginException("User name or password is not valid!");
        } catch (InterruptedException e) {
            throw new SLoginException("User name or password is not valid!");
        }
    }

    protected String retrievePasswordFromCredentials(Map<String, Serializable> map) throws SLoginException {
        if (map == null || !map.containsKey(AuthenticationConstants.BASIC_PASSWORD) || map.get(AuthenticationConstants.BASIC_PASSWORD) == null) {
            throw new SLoginException("invalid credentials, password is absent");
        }
        return String.valueOf(map.get(AuthenticationConstants.BASIC_PASSWORD));
    }

    protected String retrieveUsernameFromCredentials(Map<String, Serializable> map) throws SLoginException {
        if (map != null && map.containsKey(AuthenticationConstants.BASIC_USERNAME) && map.get(AuthenticationConstants.BASIC_USERNAME) != null) {
            String valueOf = String.valueOf(map.get(AuthenticationConstants.BASIC_USERNAME));
            if (!StringUtils.isBlank(valueOf)) {
                return valueOf;
            }
        }
        throw new SLoginException("invalid credentials, username is blank");
    }

    @Override // org.bonitasoft.engine.core.login.LoginService
    public void logout(long j) throws SSessionNotFoundException {
        this.sessionService.deleteSession(j);
    }

    @Override // org.bonitasoft.engine.core.login.LoginService
    public boolean isValid(long j) {
        try {
            return this.sessionService.isValid(j);
        } catch (SSessionNotFoundException e) {
            return false;
        }
    }

    protected TechnicalUser getTechnicalUser(long j) throws SLoginException {
        try {
            Properties tenantProperties = BonitaHomeServer.getInstance().getTenantProperties(j);
            return new TechnicalUser((String) tenantProperties.get(OrganizationMappingConstants.USER_NAME), (String) tenantProperties.get("userPassword"));
        } catch (IOException e) {
            throw new SLoginException(e);
        }
    }

    protected void debugLog(String str) {
        if (this.logger.isLoggable(getClass(), TechnicalLogSeverity.DEBUG)) {
            this.logger.log(getClass(), TechnicalLogSeverity.DEBUG, str);
        }
    }
}
