package org.exoplatform.services.organization.auth;

import java.util.Collection;
import java.util.HashSet;
import java.util.Map;
import javax.security.auth.login.LoginException;
import org.exoplatform.container.component.ComponentRequestLifecycle;
import org.exoplatform.container.component.RequestLifeCycle;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import org.exoplatform.services.organization.ExtendedUserHandler;
import org.exoplatform.services.organization.Membership;
import org.exoplatform.services.organization.OrganizationService;
import org.exoplatform.services.organization.UserHandler;
import org.exoplatform.services.security.Authenticator;
import org.exoplatform.services.security.Credential;
import org.exoplatform.services.security.DigestPasswordEncrypter;
import org.exoplatform.services.security.Identity;
import org.exoplatform.services.security.MembershipEntry;
import org.exoplatform.services.security.PasswordCredential;
import org.exoplatform.services.security.PasswordEncrypter;
import org.exoplatform.services.security.RolesExtractor;
import org.exoplatform.services.security.UsernameCredential;

/* loaded from: input_file:APP-INF/lib/exo.core.component.organization.api-2.4.5-GA.jar:org/exoplatform/services/organization/auth/OrganizationAuthenticatorImpl.class */
public class OrganizationAuthenticatorImpl implements Authenticator {
    protected static Log log = ExoLogger.getLogger("exo.core.component.organization.api.OrganizationUserRegistry");
    private final OrganizationService orgService;
    private final PasswordEncrypter encrypter;
    private final RolesExtractor rolesExtractor;

    public OrganizationAuthenticatorImpl(OrganizationService organizationService, RolesExtractor rolesExtractor, PasswordEncrypter passwordEncrypter) {
        this.orgService = organizationService;
        this.encrypter = passwordEncrypter;
        this.rolesExtractor = rolesExtractor;
    }

    public OrganizationAuthenticatorImpl(OrganizationService organizationService, RolesExtractor rolesExtractor) {
        this(organizationService, rolesExtractor, null);
    }

    public OrganizationAuthenticatorImpl(OrganizationService organizationService) {
        this(organizationService, null, null);
    }

    public OrganizationService getOrganizationService() {
        return this.orgService;
    }

    @Override // org.exoplatform.services.security.Authenticator
    public Identity createIdentity(String str) throws Exception {
        HashSet hashSet = new HashSet();
        begin(this.orgService);
        Collection<Membership> findMembershipsByUser = this.orgService.getMembershipHandler().findMembershipsByUser(str);
        end(this.orgService);
        if (findMembershipsByUser != null) {
            for (Membership membership : findMembershipsByUser) {
                hashSet.add(new MembershipEntry(membership.getGroupId(), membership.getMembershipType()));
            }
        }
        return this.rolesExtractor == null ? new Identity(str, hashSet) : new Identity(str, hashSet, this.rolesExtractor.extractRoles(str, hashSet));
    }

    @Override // org.exoplatform.services.security.Authenticator
    public String validateUser(Credential[] credentialArr) throws LoginException, Exception {
        String str = null;
        String str2 = null;
        Map<String, String> map = null;
        for (Credential credential : credentialArr) {
            if (credential instanceof UsernameCredential) {
                str = ((UsernameCredential) credential).getUsername();
            }
            if (credential instanceof PasswordCredential) {
                str2 = ((PasswordCredential) credential).getPassword();
                map = ((PasswordCredential) credential).getPasswordContext();
            }
        }
        if (str == null || str2 == null) {
            throw new LoginException("Username or Password is not defined");
        }
        if (this.encrypter != null) {
            str2 = new String(this.encrypter.encrypt(str2.getBytes()));
        }
        begin(this.orgService);
        UserHandler userHandler = this.orgService.getUserHandler();
        boolean authenticate = (map == null || !(userHandler instanceof ExtendedUserHandler)) ? userHandler.authenticate(str, str2) : ((ExtendedUserHandler) userHandler).authenticate(str, str2, new DigestPasswordEncrypter(str, map));
        end(this.orgService);
        if (authenticate) {
            return str;
        }
        throw new LoginException("Login failed for " + str.replace("\n", " ").replace("\r", " "));
    }

    public void begin(OrganizationService organizationService) throws Exception {
        if (organizationService instanceof ComponentRequestLifecycle) {
            RequestLifeCycle.begin((ComponentRequestLifecycle) organizationService);
        }
    }

    public void end(OrganizationService organizationService) throws Exception {
        if (organizationService instanceof ComponentRequestLifecycle) {
            RequestLifeCycle.end();
        }
    }
}
