package com.worklight.core.auth.ext;

import com.ibm.json.java.JSONObject;
import com.worklight.common.log.WorklightLogger;
import com.worklight.common.log.WorklightServerLogger;
import com.worklight.gadgets.api.GadgetAPIRequestCoder;
import com.worklight.gadgets.bean.AppVersionAccessAction;
import com.worklight.gadgets.bean.AppVersionAccessData;
import com.worklight.gadgets.bean.Gadget;
import com.worklight.gadgets.utils.GadgetUtils;
import com.worklight.server.auth.api.AuthenticationResult;
import com.worklight.server.auth.api.AuthenticationStatus;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:lib/worklight-extension-api.jar:com/worklight/core/auth/ext/AppVersionAccessAuthenticator.class */
public class AppVersionAccessAuthenticator extends WorklightProtocolAuthenticator {
    private static final String LOGGER_APPLICATION_VERSION_NOTIFIED = "logger.applicationVersionNotified";
    private static final String LOGGER_APPLICATION_VERSION_DENIED = "logger.applicationVersionDenied";
    private static final String MESSAGE_TYPE = "messageType";
    private static final String MESSAGE = "message";
    private static final String MESSAGE_ID = "messageId";
    private static final String DOWNLOAD_LINK = "downloadLink";
    private static final WorklightServerLogger logger = new WorklightServerLogger(AppVersionAccessAuthenticator.class, WorklightLogger.MessagesBundles.CORE);
    public static final String REALM_NAME = "wl_remoteDisableRealm";
    private String sentNotificationId = null;
    private String confirmedNotificationId = null;

    @Override // com.worklight.core.auth.ext.WorklightProtocolAuthenticator, com.worklight.server.auth.api.WorkLightAuthenticator
    public AuthenticationResult processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) throws IOException, ServletException {
        AppVersionAccessData appVersionAccessData;
        if (!z) {
            return AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED);
        }
        AuthenticationStatus authenticationStatus = null;
        JSONObject jSONObject = new JSONObject();
        GadgetAPIRequestCoder.GadgetRequestInfo decodeGadgetRequestInfo = GadgetAPIRequestCoder.decodeGadgetRequestInfo(httpServletRequest);
        String sessionId = decodeGadgetRequestInfo.getSessionId();
        String version = decodeGadgetRequestInfo.getVersion();
        Gadget gadget = GadgetUtils.getGadgetApplicationFrom(decodeGadgetRequestInfo).getGadget();
        if (version == null || (appVersionAccessData = GadgetUtils.getAppVersionAccessService().getAppVersionAccessData(gadget, decodeGadgetRequestInfo.getGadgetEnvironment(), version)) == null) {
            return AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
        }
        AppVersionAccessAction action = appVersionAccessData.getAction();
        if (action == AppVersionAccessAction.BLOCK) {
            authenticationStatus = AuthenticationStatus.FAILURE;
        } else if (action == AppVersionAccessAction.NOTIFY) {
            this.sentNotificationId = String.valueOf(appVersionAccessData.getCreatedTime().getTime());
            if (this.confirmedNotificationId != null && this.confirmedNotificationId.equals(this.sentNotificationId)) {
                return AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
            }
            if (this.sentNotificationId != null && this.confirmedNotificationId != this.sentNotificationId && this.sentNotificationId.equals(String.valueOf(getChallengeResponse(httpServletRequest)))) {
                this.confirmedNotificationId = this.sentNotificationId;
                return AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
            }
            authenticationStatus = AuthenticationStatus.CLIENT_INTERACTION_REQUIRED;
        }
        populateJSON(appVersionAccessData, jSONObject, sessionId);
        AuthenticationResult createFrom = AuthenticationResult.createFrom(authenticationStatus);
        createFrom.setJson(jSONObject);
        return createFrom;
    }

    private static void populateJSON(AppVersionAccessData appVersionAccessData, JSONObject jSONObject, String str) {
        AppVersionAccessAction action = appVersionAccessData.getAction();
        if (action == AppVersionAccessAction.NOTIFY) {
            logger.info("populateJSON", LOGGER_APPLICATION_VERSION_NOTIFIED, new Object[]{appVersionAccessData, str});
        } else {
            logger.info("populateJSON", LOGGER_APPLICATION_VERSION_DENIED, new Object[]{appVersionAccessData, str});
        }
        jSONObject.put(MESSAGE_TYPE, action.toString());
        jSONObject.put("message", appVersionAccessData.getMessage());
        if (appVersionAccessData.getAction() == AppVersionAccessAction.NOTIFY) {
            jSONObject.put(MESSAGE_ID, String.valueOf(appVersionAccessData.getCreatedTime().getTime()));
        }
        String downloadLink = appVersionAccessData.getDownloadLink();
        if (StringUtils.isEmpty(downloadLink)) {
            downloadLink = null;
        }
        jSONObject.put(DOWNLOAD_LINK, downloadLink);
    }

    @Override // com.worklight.core.auth.ext.WorklightProtocolAuthenticator, com.worklight.server.auth.api.WorkLightAuthenticator
    public AuthenticationResult processRequestAlreadyAuthenticated(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        AuthenticationResult processRequest = processRequest(httpServletRequest, httpServletResponse, true);
        return processRequest.getStatus() == AuthenticationStatus.SUCCESS ? AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED) : processRequest;
    }
}
