package com.alogic.auth.local;

import com.alogic.auth.AuthenticationHandler;
import com.alogic.auth.Constants;
import com.alogic.auth.Principal;
import com.alogic.auth.Session;
import com.alogic.auth.SessionManager;
import com.alogic.auth.SessionPrincipal;
import com.alogic.auth.UserModel;
import com.alogic.auth.util.SimpleUser;
import com.alogic.load.Loader;
import com.anysoft.util.BaseException;
import com.anysoft.util.Factory;
import com.anysoft.util.Properties;
import com.anysoft.util.PropertiesConstants;
import com.anysoft.util.XmlElementProperties;
import com.anysoft.util.XmlTools;
import com.anysoft.util.code.Coder;
import com.anysoft.util.code.CoderFactory;
import com.logicbus.backend.Context;
import com.logicbus.backend.message.JsonMessage;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alogic/auth/local/DefaultAuthenticationHandler.class */
public class DefaultAuthenticationHandler extends AuthenticationHandler.Abstract {
    protected SessionManager sessionManager = null;
    protected Loader<UserModel> loader = null;
    protected Coder encrypter = null;
    protected Coder md5 = null;

    protected Session getSession(SessionManager sessionManager, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        return sessionManager.getSession(httpServletRequest, httpServletResponse, z);
    }

    @Override // com.alogic.auth.AuthenticationHandler.Abstract, com.alogic.auth.AuthenticationHandler
    public boolean isLocalLoginMode() {
        return true;
    }

    @Override // com.alogic.auth.AuthenticationHandler.Abstract
    public void configure(Element element, Properties properties) {
        XmlElementProperties xmlElementProperties = new XmlElementProperties(element, properties);
        Element firstElementByPath = XmlTools.getFirstElementByPath(element, "user-model");
        if (firstElementByPath != null) {
            try {
                this.loader = (Loader) new Factory().newInstance(firstElementByPath, xmlElementProperties, "loader", SimpleUser.LoadFromInner.class.getName());
            } catch (Exception e) {
                this.LOG.error("Can not create loader :" + XmlTools.node2String(firstElementByPath));
                this.LOG.error(ExceptionUtils.getStackTrace(e));
            }
        }
        configure(xmlElementProperties);
    }

    @Override // com.alogic.auth.AuthenticationHandler.Abstract
    public void configure(Properties properties) {
        super.configure(properties);
        this.encrypter = CoderFactory.newCoder("DES3");
        this.md5 = CoderFactory.newCoder("MD5");
    }

    @Override // com.alogic.auth.AuthenticationHandler
    public Principal getCurrent(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return getCurrent(httpServletRequest, httpServletResponse, getSession(this.sessionManager, httpServletRequest, httpServletResponse, false));
    }

    @Override // com.alogic.auth.AuthenticationHandler
    public Principal getCurrent(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Session session) {
        if (session == null || !session.isLoggedIn()) {
            return null;
        }
        return new SessionPrincipal(session.getId(), session);
    }

    @Override // com.alogic.auth.AuthenticationHandler
    public Principal getPrincipal(String str, String str2, String str3) {
        throw new BaseException(Constants.CODE_ERR, "In default mode,it's not supported to get principal by token.");
    }

    @Override // com.alogic.auth.AuthenticationHandler
    public Principal login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Session session = getSession(this.sessionManager, httpServletRequest, httpServletResponse, true);
        if (session.isLoggedIn()) {
            session.hDel(Constants.USER_GROUP);
            session.sDel(Constants.PRIVILEGE_GROUP);
            session.setLoggedIn(false);
        }
        String parameter = getParameter(httpServletRequest, "loginId");
        String parameter2 = getParameter(httpServletRequest, "pwd");
        String parameter3 = getParameter(httpServletRequest, "loginCode");
        try {
            try {
                String hGet = session.hGet(Constants.DEFAULT_GROUP, Constants.AUTH_CODE, "");
                if (StringUtils.isEmpty(hGet)) {
                    throw new BaseException("clnt.e2003", "The auth code does not exist.");
                }
                if (!parameter3.equals(hGet)) {
                    throw new BaseException("clnt.e2002", String.format("The auth code %s is not correct", parameter3));
                }
                UserModel loadUserModel = loadUserModel(parameter);
                if (loadUserModel == null) {
                    throw new BaseException("clnt.e2001", String.format("User %s does not exist or the password is not correct.", parameter));
                }
                if (!this.md5.encode(this.encrypter.decode(parameter2, parameter3), parameter).equals(loadUserModel.getPassword())) {
                    throw new BaseException("clnt.e2001", String.format("User %s does not exist or the password is not correct.", parameter));
                }
                SessionPrincipal sessionPrincipal = new SessionPrincipal(session.getId(), session);
                loadUserModel.copyTo(sessionPrincipal);
                sessionPrincipal.setProperty(Constants.LOGIN_TIME, String.valueOf(System.currentTimeMillis()), true);
                sessionPrincipal.setProperty(Constants.FROM_IP, getClientIp(httpServletRequest), true);
                session.setLoggedIn(true);
                this.LOG.info(String.format("User %s has logged in.", loadUserModel.getId()));
                session.hDel(Constants.DEFAULT_GROUP, Constants.AUTH_CODE);
                return sessionPrincipal;
            } catch (Exception e) {
                this.LOG.error(String.format("User %s tried to login ,but %s", parameter, e.getMessage()));
                throw e;
            }
        } catch (Throwable th) {
            session.hDel(Constants.DEFAULT_GROUP, Constants.AUTH_CODE);
            throw th;
        }
    }

    @Override // com.alogic.auth.AuthenticationHandler
    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    protected UserModel loadUserModel(String str) {
        if (this.loader == null) {
            return null;
        }
        return (UserModel) this.loader.load(str, true);
    }

    protected String getParameter(HttpServletRequest httpServletRequest, String str) {
        String parameter = httpServletRequest.getParameter(str);
        if (StringUtils.isEmpty(parameter)) {
            throw new BaseException("clnt.e2000", String.format("Can not find parameter %s", str));
        }
        return parameter;
    }

    protected String getParameter(HttpServletRequest httpServletRequest, String str, String str2) {
        String parameter = httpServletRequest.getParameter(str);
        return StringUtils.isEmpty(parameter) ? str2 : parameter;
    }

    @Override // com.alogic.auth.AuthenticationHandler
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Session session = getSession(this.sessionManager, httpServletRequest, httpServletResponse, false);
        if (session == null || !session.isLoggedIn()) {
            return;
        }
        session.hDel(Constants.USER_GROUP);
        session.sDel(Constants.PRIVILEGE_GROUP);
        session.setLoggedIn(false);
        SessionPrincipal sessionPrincipal = new SessionPrincipal(session.getId(), session);
        this.LOG.info(String.format("User %s has logged out.", sessionPrincipal.getLoginId()));
        sessionPrincipal.expire();
    }

    @Override // com.alogic.auth.AuthenticationHandler.Abstract, com.alogic.auth.AuthenticationHandler
    public void command(Context context) {
        JsonMessage asMessage = context.asMessage(JsonMessage.class);
        if (PropertiesConstants.getString(context, "cmd", "help").equals("GetUser")) {
            String string = PropertiesConstants.getString(context, Constants.USERID, "");
            if (StringUtils.isNotEmpty(string)) {
                UserModel loadUserModel = loadUserModel(string);
                HashMap hashMap = new HashMap();
                loadUserModel.report(hashMap);
                asMessage.getRoot().put("data", hashMap);
            }
        }
    }
}
