package com.ghc.ghTester.project.core;

import com.ghc.ghTester.nls.GHMessages;
import com.ghc.ghTester.project.PermissionsSettings;
import com.ghc.jaas.JAASLogonModuleProvider;
import com.ghc.jaas.KrbConnection;
import com.ghc.ldap.LdapConnection;
import com.ghc.ldap.LdapConnectionException;
import com.ghc.ldap.UsernamePasswordConnection;
import com.ghc.permission.api.CurrentUser;
import com.ghc.permission.ldap.LdapPermissions;
import com.ghc.permission.ldap.LdapPermissionsFactory;
import com.ghc.permission.ldap.LdapPermissionsFactoryRegistry;
import com.ghc.utils.password.PasswordHasher;
import com.ghc.utils.registry.RegistryKey;
import com.ghc.utils.registry.RegistryValue;
import com.ghc.utils.registry.RootKey;
import com.ibm.rational.rit.rtcpclient.RTCPClientManager;
import com.ibm.rational.rit.rtcpclient.auth.AuthServiceClient;
import com.ibm.rational.rit.rtcpclient.auth.FailedConnectionException;
import com.ibm.rational.rit.rtcpclient.auth.UnauthorizedClientException;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.core.runtime.OperationCanceledException;

/* loaded from: input_file:com/ghc/ghTester/project/core/ProjectLogon.class */
public class ProjectLogon {
    private static final String ALLOW_TGT_SESSION_KEY = "allowtgtsessionkey";
    private final boolean m_isAdminLogon;
    private final boolean m_isPermissioned;
    private ProjectLogonParameters m_plp;
    private final boolean m_isChangable;
    private final LdapConnection m_connection;
    private final LdapPermissions m_permissions;
    private static final Logger LOGGER = Logger.getLogger(ProjectLogon.class.getName());
    private static Boolean s_autoLogonPermitted = null;
    private static List<String> s_autoLogonLanguages = Arrays.asList("en", "ja", "ko", "zh");

    /* loaded from: input_file:com/ghc/ghTester/project/core/ProjectLogon$ProjectLogonException.class */
    public static class ProjectLogonException extends Exception {
        public ProjectLogonException(String str) {
            super(str);
        }
    }

    /* loaded from: input_file:com/ghc/ghTester/project/core/ProjectLogon$ProjectLogonUnavailableException.class */
    public static class ProjectLogonUnavailableException extends ProjectLogonException {
        public ProjectLogonUnavailableException(String str) {
            super(str);
        }
    }

    private ProjectLogon(boolean z, boolean z2, LdapConnection ldapConnection, LdapPermissions ldapPermissions) {
        this.m_isPermissioned = z;
        this.m_isAdminLogon = z2;
        this.m_connection = ldapConnection;
        this.m_permissions = ldapPermissions;
        this.m_plp = null;
        this.m_isChangable = false;
    }

    public ProjectLogon(ProjectLogonParameters projectLogonParameters) {
        this.m_isPermissioned = false;
        this.m_isAdminLogon = false;
        this.m_connection = null;
        this.m_permissions = null;
        this.m_plp = projectLogonParameters;
        this.m_isChangable = this.m_plp != null;
    }

    public ProjectLogon() {
        this.m_isPermissioned = false;
        this.m_isAdminLogon = false;
        this.m_connection = null;
        this.m_permissions = null;
        this.m_plp = new ProjectLogonParameters(false, CurrentUser.getInstance().getUserName(), new char[0]);
        this.m_isChangable = true;
    }

    public static ProjectLogon performLogon(ProjectDefinition projectDefinition, PermissionsSettings permissionsSettings, LogonParameterFactory logonParameterFactory) throws ProjectLogonException {
        return performLogon(projectDefinition, permissionsSettings, null, logonParameterFactory);
    }

    public static ProjectLogon performLogon(ProjectDefinition projectDefinition, PermissionsSettings permissionsSettings, ServerSettings serverSettings, LogonParameterFactory logonParameterFactory) throws ProjectLogonException {
        ProjectLogon X_doAutoLogon;
        String str = GHMessages.ProjectLogon_autoLogonFailed;
        if (permissionsSettings == null || permissionsSettings.isNotPermissioned()) {
            return new ProjectLogon(false, true, null, null);
        }
        if (permissionsSettings.isPermissionedByRTCP()) {
            return performManualRTCPLogon(GHMessages.ProjectLogon_pleaseEnterPassword, permissionsSettings, serverSettings, logonParameterFactory, projectDefinition);
        }
        return (permissionsSettings.isAttemptAutoLogin() && isAutoLogonPermitted() && (X_doAutoLogon = X_doAutoLogon(X_getPermissionsFactory(permissionsSettings), X_createLdapURL(permissionsSettings))) != null) ? X_doAutoLogon : performManualLdapLogon(str, permissionsSettings, logonParameterFactory);
    }

    public static boolean isAutoLogonPermitted() {
        if (s_autoLogonPermitted == null) {
            Locale locale = Locale.getDefault();
            if (locale == null) {
                s_autoLogonPermitted = Boolean.FALSE;
            } else {
                s_autoLogonPermitted = Boolean.valueOf(s_autoLogonLanguages.contains(locale.getLanguage()));
            }
        }
        return s_autoLogonPermitted.booleanValue();
    }

    public static ProjectLogon performManualLdapLogon(String str, PermissionsSettings permissionsSettings, LogonParameterFactory logonParameterFactory) throws ProjectLogonException {
        LdapPermissionsFactory X_getPermissionsFactory = X_getPermissionsFactory(permissionsSettings);
        String str2 = str;
        while (true) {
            ProjectLogonParameters createParameters = logonParameterFactory.createParameters(str2);
            if (createParameters == null) {
                throw new OperationCanceledException(str2);
            }
            if (createParameters.isProjectAdminLogon()) {
                if (PasswordHasher.getHash(createParameters.getPassword()).equals(permissionsSettings.getPasswordHash())) {
                    return new ProjectLogon(true, true, null, null);
                }
                str2 = GHMessages.ProjectLogon_adminPasswordIncorrect;
            } else if (createParameters.getPassword().length > 0) {
                UsernamePasswordConnection usernamePasswordConnection = new UsernamePasswordConnection(X_createLdapURL(permissionsSettings), X_getDomainDecoratedUserName(createParameters), createParameters.getPassword());
                try {
                    return new ProjectLogon(true, false, usernamePasswordConnection, X_getPermissionsFactory.create(usernamePasswordConnection));
                } catch (Exception unused) {
                    str2 = GHMessages.ProjectLogon_couldNotLogon;
                }
            } else {
                str2 = GHMessages.ProjectLogon_pleaseEnterPassword;
            }
        }
    }

    public static void performRTCPLogoff(Project project, ProjectLogonParameters projectLogonParameters, String str) {
        if (projectLogonParameters == null || str == null) {
            return;
        }
        String gHServerURL = project.getProjectDefinition().getGHServerURL();
        try {
            RTCPClientManager.getInstance(gHServerURL).getNewAuthServiceClient().endSession(projectLogonParameters.getUsername(), new String(projectLogonParameters.getPassword()), str);
        } catch (Exception unused) {
            LOGGER.log(Level.INFO, "Unable to logoff '" + projectLogonParameters.getUsername() + "' on " + gHServerURL);
        }
    }

    public static void performRTCPRefresh(ProjectDefinition projectDefinition, ProjectLogonParameters projectLogonParameters) throws UnauthorizedClientException {
        if (projectLogonParameters == null || projectDefinition == null) {
            return;
        }
        String gHServerURL = projectDefinition.getGHServerURL();
        AuthServiceClient newAuthServiceClient = RTCPClientManager.getInstance(gHServerURL).getNewAuthServiceClient();
        String username = projectLogonParameters.getUsername();
        String str = new String(projectLogonParameters.getPassword());
        try {
            projectDefinition.setAccessToken(newAuthServiceClient.refreshSession(username, str, projectDefinition.getAccessToken()));
        } catch (Exception unused) {
            LOGGER.log(Level.INFO, "Unable to refresh token '" + username + "' on " + gHServerURL);
        } catch (UnauthorizedClientException unused2) {
            LOGGER.log(Level.INFO, "Unable to refresh token '" + username + "' on " + gHServerURL);
            try {
                projectDefinition.setAccessToken(newAuthServiceClient.startSession(username, str));
            } catch (FailedConnectionException e) {
                handleFailedConnection(e);
            }
        } catch (FailedConnectionException e2) {
            handleFailedConnection(e2);
        }
    }

    private static void handleFailedConnection(FailedConnectionException failedConnectionException) {
        LOGGER.log(Level.INFO, MessageFormat.format("Unable to connect to Server at: {0}", failedConnectionException.getHostUrl()));
    }

    public static ProjectLogon performManualRTCPLogon(String str, PermissionsSettings permissionsSettings, LogonParameterFactory logonParameterFactory, ProjectDefinition projectDefinition) throws ProjectLogonException {
        return performManualRTCPLogon(str, permissionsSettings, null, logonParameterFactory, projectDefinition);
    }

    public static ProjectLogon performManualRTCPLogon(String str, PermissionsSettings permissionsSettings, ServerSettings serverSettings, LogonParameterFactory logonParameterFactory, ProjectDefinition projectDefinition) throws ProjectLogonException {
        String str2 = str;
        String gHServerURL = serverSettings == null ? projectDefinition.getGHServerURL() : serverSettings.getGhServerUrl();
        AuthServiceClient newAuthServiceClient = RTCPClientManager.getInstance(gHServerURL).getNewAuthServiceClient();
        if (!newAuthServiceClient.isServerAvailable()) {
            LOGGER.log(Level.INFO, "Unable to connect to RTCP on " + gHServerURL + " for authentication");
            throw new ProjectLogonUnavailableException(MessageFormat.format(GHMessages.ProjectLogon_serverNotAvailableError, gHServerURL));
        }
        if (!newAuthServiceClient.isDomainLevelSecurityEnabled()) {
            return new ProjectLogon(false, true, null, null);
        }
        while (true) {
            ProjectLogonParameters createParameters = logonParameterFactory.createParameters(str2);
            if (createParameters == null) {
                throw new OperationCanceledException(str2);
            }
            if (createParameters.getPassword().length > 0) {
                try {
                    String startSession = newAuthServiceClient.startSession(createParameters.getUsername(), new String(createParameters.getPassword()));
                    if (serverSettings != null) {
                        projectDefinition.setServerSettings(serverSettings);
                    }
                    projectDefinition.setAccessToken(startSession);
                    return new ProjectLogon(createParameters);
                } catch (Exception unused) {
                    str2 = GHMessages.ProjectLogon_couldNotLogon;
                } catch (FailedConnectionException e) {
                    str2 = MessageFormat.format(GHMessages.ProjectLogon_serverNotAvailableError, e.getHostUrl());
                }
            } else {
                str2 = GHMessages.ProjectLogon_pleaseEnterPassword;
            }
        }
    }

    public boolean isAdminLogon() {
        return this.m_isAdminLogon;
    }

    public boolean isChangable() {
        return this.m_isChangable;
    }

    public boolean isPermissioned() {
        return this.m_isPermissioned;
    }

    public LdapConnection getConnection() {
        return this.m_connection;
    }

    public LdapPermissions getPermissions() {
        return this.m_permissions;
    }

    public ProjectLogonParameters getProjectLogonParameters() {
        return this.m_plp;
    }

    public void setProjectLogonParameters(ProjectLogonParameters projectLogonParameters) {
        this.m_plp = projectLogonParameters;
    }

    private static void X_setKerberosRegKey() {
        try {
            String X_getKerberosKeyNameForOS = X_getKerberosKeyNameForOS();
            if (X_getKerberosKeyNameForOS != null) {
                RegistryKey registryKey = new RegistryKey(RootKey.HKEY_LOCAL_MACHINE, X_getKerberosKeyNameForOS);
                if (registryKey.exists()) {
                    RegistryValue value = registryKey.getValue(ALLOW_TGT_SESSION_KEY);
                    if (value == null || value.getData() == null) {
                        registryKey.setValue(new RegistryValue(ALLOW_TGT_SESSION_KEY, 1));
                    }
                }
            }
        } catch (Throwable th) {
            Logger.getLogger(ProjectLogon.class.getName()).log(Level.FINE, "Unable to set registry key. Please set the following registry key manually for Auto logon to work: HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters\\allowtgtsessionkey as a DWORD with value of 0x0001. For Win XP, the key is HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Lsa\\Kerberos\\allowtgtsessionkey.", th);
        }
    }

    private static String X_getKerberosKeyNameForOS() {
        String lowerCase = System.getProperty("os.name").toLowerCase();
        if (lowerCase.indexOf("win") == -1) {
            return null;
        }
        return lowerCase.equals("windows xp") ? "System\\CurrentControlSet\\Control\\Lsa\\Kerberos" : "System\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters";
    }

    private static ProjectLogon X_doAutoLogon(LdapPermissionsFactory ldapPermissionsFactory, String str) {
        X_setKerberosRegKey();
        KrbConnection krbConnection = new KrbConnection(str, JAASLogonModuleProvider.getSingleSignOnName());
        try {
            return new ProjectLogon(true, false, krbConnection, ldapPermissionsFactory.create(krbConnection));
        } catch (LdapConnectionException e) {
            Logger.getLogger(ProjectLogon.class.getName()).log(Level.FINEST, "Auto logon failed", e);
            return null;
        }
    }

    private static LdapPermissionsFactory X_getPermissionsFactory(PermissionsSettings permissionsSettings) throws ProjectLogonException {
        LdapPermissionsFactory ldapPermissionsFactory = LdapPermissionsFactoryRegistry.getInstance().get(permissionsSettings.getLdapPermissionsFactoryId());
        if (ldapPermissionsFactory == null) {
            throw new ProjectLogonException(MessageFormat.format(GHMessages.ProjectLogon_couldNotFindFactory, permissionsSettings.getLdapPermissionsFactoryId()));
        }
        return ldapPermissionsFactory;
    }

    private static String X_createLdapURL(PermissionsSettings permissionsSettings) {
        return "ldap://" + permissionsSettings.getHost() + ":" + permissionsSettings.getPort();
    }

    private static String X_getDomainDecoratedUserName(ProjectLogonParameters projectLogonParameters) {
        String str;
        String username = projectLogonParameters.getUsername();
        if (username.indexOf(92) == -1 && username.indexOf(64) == -1 && (str = System.getenv("USERDOMAIN")) != null) {
            username = String.valueOf(str) + "\\" + username;
        }
        return username;
    }
}
