package org.gatein.sso.authentication.callback;

import javax.security.auth.login.LoginException;
import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import org.exoplatform.container.ExoContainer;
import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.container.PortalContainer;
import org.exoplatform.container.RootContainer;
import org.exoplatform.container.xml.InitParams;
import org.exoplatform.services.rest.resource.ResourceContainer;
import org.exoplatform.services.security.Authenticator;
import org.exoplatform.services.security.Credential;
import org.exoplatform.services.security.PasswordCredential;
import org.exoplatform.services.security.UsernameCredential;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;

@Path("/sso/authcallback")
/* loaded from: input_file:org/gatein/sso/authentication/callback/AuthenticationHandler.class */
public class AuthenticationHandler implements ResourceContainer {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationHandler.class);
    private final boolean callbackEnabled;

    public AuthenticationHandler(InitParams initParams) {
        this.callbackEnabled = Boolean.parseBoolean(initParams.getValueParam("ssoCallbackEnabled").getValue());
    }

    @GET
    @Produces({"text/plain"})
    @Path("/auth/{1}/{2}")
    public String authenticate(@PathParam("1") String str, @PathParam("2") String str2) {
        if (!this.callbackEnabled) {
            log.warn("SSO callbacks are disabled!");
            return "Error! SSO callbacks are disabled!";
        }
        try {
            log.debug("Handle SSO callback authentication. Username: " + str);
            try {
                ((Authenticator) getContainer().getComponentInstanceOfType(Authenticator.class)).validateUser(new Credential[]{new UsernameCredential(str), new PasswordCredential(str2)});
                if (log.isTraceEnabled()) {
                    log.trace("Login successful for user " + str);
                }
                return "" + Boolean.TRUE;
            } catch (LoginException e) {
                log.debug("Login failed for user " + str);
                return "" + Boolean.FALSE;
            }
        } catch (Exception e2) {
            log.error(this, e2);
            throw new RuntimeException(e2);
        }
    }

    @GET
    @Produces({"text/plain"})
    @Path("/roles/{1}")
    public String getJAASRoles(@PathParam("1") String str) {
        if (!this.callbackEnabled) {
            log.warn("SSO callbacks are disabled!");
            return "Error! SSO callbacks are disabled!";
        }
        try {
            log.debug("Going to obtain roles for user: " + str);
            StringBuilder sb = null;
            for (String str2 : ((Authenticator) getContainer().getComponentInstanceOfType(Authenticator.class)).createIdentity(str).getRoles()) {
                if (sb == null) {
                    sb = new StringBuilder(str2);
                } else {
                    sb.append(",").append(str2);
                }
            }
            return sb != null ? sb.toString() : "";
        } catch (Exception e) {
            log.error(this, e);
            throw new RuntimeException(e);
        }
    }

    @Path("/postauth/")
    @Consumes({"application/x-www-form-urlencoded"})
    @POST
    @Produces({"text/plain"})
    public String authenticatePost(@FormParam("username") String str, @FormParam("password") String str2) {
        return authenticate(str, str2);
    }

    private ExoContainer getContainer() throws Exception {
        PortalContainer currentContainer = ExoContainerContext.getCurrentContainer();
        if (currentContainer instanceof RootContainer) {
            currentContainer = RootContainer.getInstance().getPortalContainer("portal");
        }
        return currentContainer;
    }
}
