package com.worklight.core.auth.impl;

import com.ibm.json.java.JSONObject;
import com.worklight.common.log.WorklightLogger;
import com.worklight.common.log.WorklightServerLogger;
import com.worklight.console.application.Services;
import com.worklight.core.auth.api.AuthenticationService;
import com.worklight.core.auth.api.ProtectedResource;
import com.worklight.core.auth.ext.Device;
import com.worklight.core.auth.ext.LogoutAwareAuthenticator;
import com.worklight.core.logging.WorklightErrors;
import com.worklight.core.util.RssBrokerUtils;
import com.worklight.gadgets.GadgetRuntimeException;
import com.worklight.gadgets.api.GadgetAPIRequestCoder;
import com.worklight.gadgets.bean.GadgetApplication;
import com.worklight.gadgets.utils.GadgetUtils;
import com.worklight.integration.notification.UserSubscriptionData;
import com.worklight.server.auth.api.AuthenticationResult;
import com.worklight.server.auth.api.AuthenticationStatus;
import com.worklight.server.auth.api.UserIdentity;
import com.worklight.server.auth.api.WorkLightAuthLoginModule;
import com.worklight.server.auth.api.WorkLightAuthenticator;
import com.worklight.server.auth.api.WorkLightLoginModule;
import com.worklight.server.auth.api.WorkLightLoginModuleBase;
import com.worklight.server.integration.api.JSObjectConverter;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.BeanFactory;

/* loaded from: input_file:com/worklight/core/auth/impl/LoginContext.class */
public class LoginContext implements Cloneable {
    private static final WorklightServerLogger logger = new WorklightServerLogger(LoginContext.class, WorklightLogger.MessagesBundles.CORE);
    private static final String SUCCESS_KEY = "WL-Authentication-Success";
    private String realmName;
    private String loginModuleName;
    private WorkLightAuthenticator authenticator;
    private WorkLightLoginModuleBase loginModule;
    private String onLoginUrl;
    private AuthenticationResult result;
    private UserIdentity identity;
    private boolean identitySent;
    private boolean redirected;
    private boolean subscriptionsSent;

    /* renamed from: com.worklight.core.auth.impl.LoginContext$1, reason: invalid class name */
    /* loaded from: input_file:com/worklight/core/auth/impl/LoginContext$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$worklight$server$auth$api$AuthenticationStatus = new int[AuthenticationStatus.values().length];

        static {
            try {
                $SwitchMap$com$worklight$server$auth$api$AuthenticationStatus[AuthenticationStatus.CLIENT_INTERACTION_REQUIRED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$worklight$server$auth$api$AuthenticationStatus[AuthenticationStatus.FAILURE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$worklight$server$auth$api$AuthenticationStatus[AuthenticationStatus.SEND_RESPONSE_TO_CLIENT_ONE_WAY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$worklight$server$auth$api$AuthenticationStatus[AuthenticationStatus.REQUEST_NOT_RECOGNIZED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public LoginContext(String str, String str2, WorkLightAuthenticator workLightAuthenticator, WorkLightLoginModuleBase workLightLoginModuleBase, String str3) {
        this.identitySent = false;
        this.redirected = false;
        this.subscriptionsSent = false;
        this.realmName = str;
        this.loginModuleName = str2;
        this.authenticator = workLightAuthenticator;
        this.loginModule = workLightLoginModuleBase;
        this.onLoginUrl = str3;
    }

    public LoginContext() {
        this.identitySent = false;
        this.redirected = false;
        this.subscriptionsSent = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LoginContext(String str, UserIdentity userIdentity, WorkLightAuthenticator workLightAuthenticator, WorkLightLoginModuleBase workLightLoginModuleBase, String str2) {
        this.identitySent = false;
        this.redirected = false;
        this.subscriptionsSent = false;
        this.realmName = str;
        this.loginModuleName = userIdentity.loginModule;
        this.authenticator = workLightAuthenticator;
        this.loginModule = workLightLoginModuleBase;
        this.onLoginUrl = str2;
        this.identity = userIdentity;
        this.result = AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public LoginContext m87clone() throws CloneNotSupportedException {
        LoginContext loginContext = (LoginContext) super.clone();
        loginContext.authenticator = this.authenticator.clone();
        loginContext.loginModule = this.loginModule.clone();
        return loginContext;
    }

    public WorkLightAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public String getLoginModuleName() {
        return this.loginModuleName;
    }

    public String getRealmName() {
        return this.realmName;
    }

    public boolean isLoginSuccessfull() {
        return this.result != null && this.result.getStatus() == AuthenticationStatus.SUCCESS;
    }

    public AuthenticationResult processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        try {
        } catch (Throwable th) {
            logger.error(th, "processRequest", "logger.loginReamlFailed", new Object[]{this.loginModuleName, getRealCause(th).getLocalizedMessage()});
            logger.errorNoExternalization("processRequest", WorklightErrors.AUTHENTICATION_ERROR.createErrorMessage("An error occurred while performing authentication using loginModule " + this.loginModuleName));
            this.result = AuthenticationResult.createFrom(AuthenticationStatus.FAILURE);
        }
        if (this.result == null || this.result.getStatus() != AuthenticationStatus.SUCCESS) {
            if (this.result != null && this.result.getStatus() == AuthenticationStatus.FAILURE) {
                throw new IllegalStateException("A bug: request passed to a failed login configuration.");
            }
            logger.debug("processRequest", "Passing the request to the authenticator " + this.authenticator.getClass().getName());
            this.result = this.authenticator.processRequest(httpServletRequest, httpServletResponse, z);
            if (this.result.getStatus() == AuthenticationStatus.SUCCESS) {
                logger.debug("processRequest", "Calling the login module " + this.loginModule.getClass().getName());
                invokeLoginModule(this.authenticator.getAuthenticationData(), httpServletRequest, httpServletResponse);
            }
            return this.result;
        }
        if (!z) {
            return AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
        }
        AuthenticationResult processRequestAlreadyAuthenticated = this.authenticator.processRequestAlreadyAuthenticated(httpServletRequest, httpServletResponse);
        switch (AnonymousClass1.$SwitchMap$com$worklight$server$auth$api$AuthenticationStatus[processRequestAlreadyAuthenticated.getStatus().ordinal()]) {
            case 1:
            case 2:
                this.result = processRequestAlreadyAuthenticated;
                return processRequestAlreadyAuthenticated;
            case 3:
                return AuthenticationResult.createFrom(AuthenticationStatus.CLIENT_INTERACTION_REQUIRED);
            case 4:
                return AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED);
            default:
                throw new IllegalStateException("Processing result " + processRequestAlreadyAuthenticated + " not expected.");
        }
    }

    private Throwable getRealCause(Throwable th) {
        Throwable cause = th.getCause();
        return (cause == null || cause == th) ? th : getRealCause(cause);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void invokeLoginModule(Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        boolean z = false;
        String str = null;
        try {
            z = this.loginModule.login(map);
        } catch (Throwable th) {
            str = th.getMessage();
        }
        if (z) {
            if (this.loginModule instanceof WorkLightLoginModule) {
                this.identity = this.loginModule.createIdenity(this.loginModuleName);
            } else {
                if (!(this.loginModule instanceof WorkLightAuthLoginModule)) {
                    throw new RuntimeException("Cannot create UserIdentity, because the login module does not implement one of: WorkLightLoginModule, WorkLightAuthLoginModule.");
                }
                this.identity = this.loginModule.createIdentity(this.loginModuleName);
            }
            this.result = AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
            logger.debug("invokeLoginModule", "Created identity " + this.identity);
            if (getAuthenticationService().isAuditingRequired(this.loginModuleName)) {
                RssBrokerUtils.getAudit().audit("Session started for user '" + this.identity.name + "'");
                return;
            }
            return;
        }
        logger.debug("invokeLoginModule", "Login module failed.");
        this.result = AuthenticationResult.createFailureResult(new JSONObject(), "login module failed");
        this.loginModule.abort();
        if (httpServletRequest == null || httpServletResponse == null) {
            return;
        }
        try {
            this.result = this.authenticator.processAuthenticationFailure(httpServletRequest, httpServletResponse, str);
        } catch (Exception e) {
            logger.error(e, "invokeLoginModule", "logger.authenticatorFailed", new Object[0]);
        }
    }

    public AuthenticationResult setAuthenticationData(Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        this.result = AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
        map.putAll(this.authenticator.getAuthenticationData());
        invokeLoginModule(map, httpServletRequest, httpServletResponse);
        return this.result;
    }

    public UserIdentity getIdentity() {
        return this.identity;
    }

    public void logout() {
        if (this.result == null || this.result.getStatus() != AuthenticationStatus.SUCCESS) {
            logger.debug(GadgetAPIRequestCoder.REQ_PATH_LOGOUT, "Logout from " + this.loginModuleName + " in state " + this.result);
        } else {
            logger.debug(GadgetAPIRequestCoder.REQ_PATH_LOGOUT, "Logout user " + this.identity.name + " from " + this.loginModuleName);
            AuthenticationService authenticationService = getAuthenticationService();
            if (authenticationService == null || !authenticationService.isAuditingRequired(this.loginModuleName)) {
                logger.debug(GadgetAPIRequestCoder.REQ_PATH_LOGOUT, "Logout from " + this.loginModuleName + " in state " + this.result + " Note: AuthenticationService is null.");
            } else {
                RssBrokerUtils.getAudit().audit("Session ended for user '" + this.identity.name + "'");
            }
        }
        try {
            this.loginModule.logout();
            this.identity = null;
            if (this.authenticator instanceof LogoutAwareAuthenticator) {
                this.authenticator.logout();
            }
        } catch (Exception e) {
            logger.error(GadgetAPIRequestCoder.REQ_PATH_LOGOUT, "logger.unexpectedExceptionLogout", new Object[]{this.loginModuleName});
            logger.debug(e, GadgetAPIRequestCoder.REQ_PATH_LOGOUT, e.getLocalizedMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean handleCustomLoginOnSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (this.result != null && this.result.getStatus() != AuthenticationStatus.SUCCESS) {
            throw new IllegalStateException("This method should not be invoked in state " + this.result);
        }
        if (this.onLoginUrl == null || this.redirected) {
            return this.authenticator.changeResponseOnSuccess(httpServletRequest, httpServletResponse);
        }
        httpServletResponse.sendRedirect(this.onLoginUrl);
        this.redirected = true;
        return true;
    }

    public AuthenticationService getAuthenticationService() {
        BeanFactory beanFactory = RssBrokerUtils.getBeanFactory();
        if (beanFactory != null) {
            return (AuthenticationService) beanFactory.getBean(AuthenticationService.BEAN_ID);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addIdentityToJSONResponse(HttpServletRequest httpServletRequest, JSONObject jSONObject, ProtectedResource protectedResource) {
        Device contextDevice;
        if (this.result == null || this.result.getStatus() != AuthenticationStatus.SUCCESS) {
            return;
        }
        if (!this.identitySent) {
            JSONObject jSONObject2 = (JSONObject) jSONObject.get(SUCCESS_KEY);
            if (jSONObject2 == null) {
                jSONObject2 = new JSONObject();
            }
            jSONObject2.put(this.realmName, JSObjectConverter.scriptableToJSON(this.identity.asScriptable()));
            jSONObject.put(SUCCESS_KEY, jSONObject2);
            this.identitySent = true;
        }
        if (this.subscriptionsSent || !Services.getLoginService().isUserRealm(this.realmName) || protectedResource.getDeviceRealm() == null || (contextDevice = MobileClientData.getContextDevice(protectedResource)) == null) {
            return;
        }
        try {
            GadgetApplication gadgetApplicationFrom = GadgetUtils.getGadgetApplicationFrom(httpServletRequest);
            UserIdentity identityForRealm = AuthenticationContext.getCurrentContext().getIdentityForRealm(this.realmName);
            if (gadgetApplicationFrom.notificationsEnabled()) {
                UserSubscriptionData.addSubscriptionDataToResponse(identityForRealm, jSONObject, contextDevice);
            }
            if (gadgetApplicationFrom.smsNotificationsEnabled()) {
                UserSubscriptionData.addSMSSubscriptionDataToResponse(identityForRealm, jSONObject, contextDevice);
            }
        } catch (GadgetRuntimeException e) {
        }
        this.subscriptionsSent = true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addChallengeToComposite(JSONObject jSONObject, JSONObject jSONObject2) {
        jSONObject2.put(this.realmName, jSONObject);
    }

    public int hashCode() {
        return (31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * ((31 * 1) + (this.authenticator == null ? 0 : this.authenticator.hashCode()))) + (this.identity == null ? 0 : this.identity.hashCode()))) + (this.identitySent ? 1231 : 1237))) + (this.loginModule == null ? 0 : this.loginModule.hashCode()))) + (this.loginModuleName == null ? 0 : this.loginModuleName.hashCode()))) + (this.onLoginUrl == null ? 0 : this.onLoginUrl.hashCode()))) + (this.realmName == null ? 0 : this.realmName.hashCode()))) + (this.redirected ? 1231 : 1237))) + (this.result == null ? 0 : this.result.hashCode());
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        LoginContext loginContext = (LoginContext) obj;
        if (this.authenticator == null) {
            if (loginContext.authenticator != null) {
                return false;
            }
        } else if (!this.authenticator.equals(loginContext.authenticator)) {
            return false;
        }
        if (this.identity == null) {
            if (loginContext.identity != null) {
                return false;
            }
        } else if (!this.identity.equals(loginContext.identity)) {
            return false;
        }
        if (this.identitySent != loginContext.identitySent) {
            return false;
        }
        if (this.loginModule == null) {
            if (loginContext.loginModule != null) {
                return false;
            }
        } else if (!this.loginModule.equals(loginContext.loginModule)) {
            return false;
        }
        if (this.loginModuleName == null) {
            if (loginContext.loginModuleName != null) {
                return false;
            }
        } else if (!this.loginModuleName.equals(loginContext.loginModuleName)) {
            return false;
        }
        if (this.onLoginUrl == null) {
            if (loginContext.onLoginUrl != null) {
                return false;
            }
        } else if (!this.onLoginUrl.equals(loginContext.onLoginUrl)) {
            return false;
        }
        if (this.realmName == null) {
            if (loginContext.realmName != null) {
                return false;
            }
        } else if (!this.realmName.equals(loginContext.realmName)) {
            return false;
        }
        if (this.redirected != loginContext.redirected) {
            return false;
        }
        return this.result == null ? loginContext.result == null : this.result.equals(loginContext.result);
    }
}
