package org.alfresco.repo.remoteticket;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.remotecredentials.PasswordCredentialsInfoImpl;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.remoteconnector.RemoteConnectorRequest;
import org.alfresco.service.cmr.remoteconnector.RemoteConnectorService;
import org.alfresco.service.cmr.remotecredentials.BaseCredentialsInfo;
import org.alfresco.service.cmr.remotecredentials.PasswordCredentialsInfo;
import org.alfresco.service.cmr.remotecredentials.RemoteCredentialsService;
import org.alfresco.service.cmr.remoteticket.NoCredentialsFoundException;
import org.alfresco.service.cmr.remoteticket.NoSuchSystemException;
import org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketInfo;
import org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService;
import org.alfresco.service.cmr.remoteticket.RemoteSystemUnavailableException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.simple.JSONObject;
import org.json.simple.parser.ParseException;

/* loaded from: input_file:WEB-INF/lib/alfresco-repository-5.0.a.jar:org/alfresco/repo/remoteticket/RemoteAlfrescoTicketServiceImpl.class */
public class RemoteAlfrescoTicketServiceImpl implements RemoteAlfrescoTicketService {
    private static Log logger = LogFactory.getLog(RemoteAlfrescoTicketServiceImpl.class);
    private RetryingTransactionHelper retryingTransactionHelper;
    private RemoteCredentialsService remoteCredentialsService;
    private RemoteConnectorService remoteConnectorService;
    private SimpleCache<String, String> ticketsCache;
    private Map<String, String> remoteSystemsUrls = new HashMap();
    private Map<String, Map<String, String>> remoteSystemsReqHeaders = new HashMap();

    public void setRemoteCredentialsService(RemoteCredentialsService remoteCredentialsService) {
        this.remoteCredentialsService = remoteCredentialsService;
    }

    public void setRemoteConnectorService(RemoteConnectorService remoteConnectorService) {
        this.remoteConnectorService = remoteConnectorService;
    }

    public void setTicketsCache(SimpleCache<String, String> simpleCache) {
        this.ticketsCache = simpleCache;
    }

    public void setRetryingTransactionHelper(RetryingTransactionHelper retryingTransactionHelper) {
        this.retryingTransactionHelper = retryingTransactionHelper;
    }

    @Override // org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService
    public synchronized void registerRemoteSystem(String str, String str2, Map<String, String> map) {
        this.remoteSystemsUrls.put(str, str2);
        this.remoteSystemsReqHeaders.put(str, map);
        if (logger.isDebugEnabled()) {
            logger.debug("Registered System " + str + " as " + str2);
        }
    }

    protected void ensureRemoteSystemKnown(String str) throws NoSuchSystemException {
        if (this.remoteSystemsUrls.get(str) == null) {
            throw new NoSuchSystemException(str);
        }
    }

    protected PasswordCredentialsInfo ensureCredentialsFound(String str, BaseCredentialsInfo baseCredentialsInfo) {
        if (baseCredentialsInfo == null) {
            throw new NoCredentialsFoundException(str);
        }
        if (baseCredentialsInfo instanceof PasswordCredentialsInfo) {
            return (PasswordCredentialsInfo) baseCredentialsInfo;
        }
        throw new AlfrescoRuntimeException("Credentials found, but of the wrong type, needed PasswordCredentialsInfo but got " + baseCredentialsInfo);
    }

    protected String toCacheKey(String str, BaseCredentialsInfo baseCredentialsInfo) {
        return str + "===" + baseCredentialsInfo.getRemoteUsername();
    }

    @Override // org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService
    public BaseCredentialsInfo storeRemoteCredentials(String str, String str2, String str3) throws AuthenticationException, RemoteSystemUnavailableException, NoSuchSystemException {
        ensureRemoteSystemKnown(str);
        PasswordCredentialsInfoImpl passwordCredentialsInfoImpl = new PasswordCredentialsInfoImpl();
        BaseCredentialsInfo remoteCredentials = getRemoteCredentials(str);
        if (remoteCredentials != null) {
            if (remoteCredentials instanceof PasswordCredentialsInfoImpl) {
                passwordCredentialsInfoImpl = (PasswordCredentialsInfoImpl) remoteCredentials;
                if (logger.isDebugEnabled()) {
                    logger.debug("Updating existing credentials from " + passwordCredentialsInfoImpl.getNodeRef());
                }
            } else {
                if (logger.isDebugEnabled()) {
                    logger.debug("Unable to update existing credentials from " + remoteCredentials.getNodeRef() + ", replacing");
                }
                this.remoteCredentialsService.deleteCredentials(remoteCredentials);
            }
        }
        passwordCredentialsInfoImpl.setRemoteUsername(str2);
        passwordCredentialsInfoImpl.setRemotePassword(str3);
        refreshTicket(str, passwordCredentialsInfoImpl);
        if (logger.isDebugEnabled()) {
            logger.debug("Credentials correct for " + str2 + " on " + str);
        }
        passwordCredentialsInfoImpl.setLastAuthenticationSucceeded(true);
        return passwordCredentialsInfoImpl.getNodeRef() != null ? this.remoteCredentialsService.updateCredentials(passwordCredentialsInfoImpl) : this.remoteCredentialsService.createPersonCredentials(str, passwordCredentialsInfoImpl);
    }

    @Override // org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService
    public BaseCredentialsInfo getRemoteCredentials(String str) throws NoSuchSystemException {
        ensureRemoteSystemKnown(str);
        return this.remoteCredentialsService.getPersonCredentials(str);
    }

    @Override // org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService
    public boolean deleteRemoteCredentials(String str) throws NoSuchSystemException {
        BaseCredentialsInfo remoteCredentials = getRemoteCredentials(str);
        if (remoteCredentials == null) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("No credentials found to delete on " + str);
            return false;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Deleting credentials for " + remoteCredentials.getRemoteUsername() + " on " + str);
        }
        this.remoteCredentialsService.deleteCredentials(remoteCredentials);
        this.ticketsCache.remove(toCacheKey(str, remoteCredentials));
        return true;
    }

    @Override // org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService
    public RemoteAlfrescoTicketInfo getAlfrescoTicket(String str) throws AuthenticationException, NoCredentialsFoundException, NoSuchSystemException, RemoteSystemUnavailableException {
        ensureRemoteSystemKnown(str);
        BaseCredentialsInfo remoteCredentials = getRemoteCredentials(str);
        PasswordCredentialsInfo ensureCredentialsFound = ensureCredentialsFound(str, remoteCredentials);
        String str2 = this.ticketsCache.get(toCacheKey(str, ensureCredentialsFound));
        if (str2 == null) {
            return refreshTicket(str, ensureCredentialsFound);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Cached ticket found for " + remoteCredentials.getRemoteUsername() + " on " + str);
        }
        return new AlfTicketRemoteAlfrescoTicketImpl(str2);
    }

    @Override // org.alfresco.service.cmr.remoteticket.RemoteAlfrescoTicketService
    public RemoteAlfrescoTicketInfo refetchAlfrescoTicket(String str) throws AuthenticationException, NoCredentialsFoundException, NoSuchSystemException, RemoteSystemUnavailableException {
        ensureRemoteSystemKnown(str);
        return refreshTicket(str, ensureCredentialsFound(str, getRemoteCredentials(str)));
    }

    protected RemoteAlfrescoTicketInfo refreshTicket(String str, final PasswordCredentialsInfo passwordCredentialsInfo) throws AuthenticationException, NoSuchSystemException, RemoteSystemUnavailableException {
        String str2 = this.remoteSystemsUrls.get(str);
        if (str2 == null) {
            throw new NoSuchSystemException(str);
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Fetching new ticket for " + passwordCredentialsInfo.getRemoteUsername() + " on " + str);
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("username", passwordCredentialsInfo.getRemoteUsername());
        jSONObject.put("password", passwordCredentialsInfo.getRemotePassword());
        RemoteConnectorRequest buildRequest = this.remoteConnectorService.buildRequest(str2 + "api/login", "POST");
        buildRequest.setRequestBody(jSONObject.toJSONString());
        Map<String, String> map = this.remoteSystemsReqHeaders.get(str);
        if (map != null) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                buildRequest.addRequestHeader(entry.getKey(), entry.getValue());
            }
        }
        String cacheKey = toCacheKey(str, passwordCredentialsInfo);
        try {
            JSONObject executeJSONRequest = this.remoteConnectorService.executeJSONRequest(buildRequest);
            if (logger.isDebugEnabled()) {
                logger.debug("JSON Ticket Response Received: " + executeJSONRequest);
            }
            Object obj = executeJSONRequest.get("data");
            if (obj == null) {
                throw new RemoteSystemUnavailableException("Invalid JSON received: " + executeJSONRequest);
            }
            if (!(obj instanceof JSONObject)) {
                throw new RemoteSystemUnavailableException("Invalid JSON part received: " + obj.getClass() + " - from: " + executeJSONRequest);
            }
            Object obj2 = ((JSONObject) obj).get("ticket");
            if (obj2 == null) {
                throw new RemoteSystemUnavailableException("Invalid JSON received, ticket missing: " + executeJSONRequest);
            }
            if (!(obj2 instanceof String)) {
                throw new RemoteSystemUnavailableException("Invalid JSON part received: " + obj2.getClass() + " from: " + executeJSONRequest);
            }
            String str3 = (String) obj2;
            this.ticketsCache.put(cacheKey, str3);
            if (!passwordCredentialsInfo.getLastAuthenticationSucceeded()) {
                this.retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() { // from class: org.alfresco.repo.remoteticket.RemoteAlfrescoTicketServiceImpl.2
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback
                    public Void execute() {
                        RemoteAlfrescoTicketServiceImpl.this.remoteCredentialsService.updateCredentialsAuthenticationSucceeded(true, passwordCredentialsInfo);
                        return null;
                    }
                }, false, true);
            }
            return new AlfTicketRemoteAlfrescoTicketImpl(str3);
        } catch (IOException e) {
            if (logger.isDebugEnabled()) {
                logger.debug("Problem communicating with remote Alfresco instance " + str, e);
            }
            throw new RemoteSystemUnavailableException("Error talking to remote system", e);
        } catch (AuthenticationException e2) {
            if (passwordCredentialsInfo.getNodeRef() != null && passwordCredentialsInfo.getLastAuthenticationSucceeded()) {
                this.retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() { // from class: org.alfresco.repo.remoteticket.RemoteAlfrescoTicketServiceImpl.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback
                    public Void execute() {
                        RemoteAlfrescoTicketServiceImpl.this.remoteCredentialsService.updateCredentialsAuthenticationSucceeded(false, passwordCredentialsInfo);
                        return null;
                    }
                }, false, true);
            }
            this.ticketsCache.remove(cacheKey);
            throw e2;
        } catch (ParseException e3) {
            if (logger.isDebugEnabled()) {
                logger.debug("Invalid JSON from remote Alfresco instance " + str, e3);
            }
            throw new RemoteSystemUnavailableException("Invalid JSON response from remote system", e3);
        }
    }
}
