package com.xpn.xwiki.user.impl.xwiki;

import com.xpn.xwiki.XWiki;
import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.objects.BaseObject;
import com.xpn.xwiki.objects.classes.PasswordClass;
import com.xpn.xwiki.user.api.XWikiUser;
import com.xpn.xwiki.web.Utils;
import com.xpn.xwiki.web.XWikiResponse;
import java.io.IOException;
import java.net.URL;
import java.security.Principal;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.httpclient.auth.AuthState;
import org.apache.commons.lang3.StringUtils;
import org.apache.xalan.templates.Constants;
import org.apache.xpath.compiler.Keywords;
import org.securityfilter.authenticator.FormAuthenticator;
import org.securityfilter.config.SecurityConfig;
import org.securityfilter.filter.SecurityRequestWrapper;
import org.securityfilter.filter.URLPatternMatcher;
import org.securityfilter.realm.SimplePrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xwiki.model.EntityType;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.model.reference.EntityReference;
import org.xwiki.model.reference.EntityReferenceSerializer;

/* loaded from: input_file:WEB-INF/lib/xwiki-platform-oldcore-7.1.3.jar:com/xpn/xwiki/user/impl/xwiki/XWikiAuthServiceImpl.class */
public class XWikiAuthServiceImpl extends AbstractXWikiAuthService {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) XWikiAuthServiceImpl.class);
    private static final EntityReference USERCLASS_REFERENCE = new EntityReference("XWikiUsers", EntityType.DOCUMENT, new EntityReference("XWiki", EntityType.SPACE));
    private DocumentReferenceResolver<String> currentDocumentReferenceResolver = (DocumentReferenceResolver) Utils.getComponent(DocumentReferenceResolver.TYPE_STRING, Keywords.FUNC_CURRENT_STRING);
    private EntityReferenceSerializer<String> compactWikiEntityReferenceSerializer = (EntityReferenceSerializer) Utils.getComponent(EntityReferenceSerializer.TYPE_STRING, "compactwiki");
    protected Map<String, XWikiAuthenticator> authenticators = new ConcurrentHashMap();

    protected XWikiAuthenticator getAuthenticator(XWikiContext xWikiContext) throws XWikiException {
        XWikiAuthenticator myFormAuthenticator;
        String wikiId = xWikiContext.getWikiId();
        if (wikiId != null) {
            wikiId = wikiId.toLowerCase();
        }
        XWikiAuthenticator xWikiAuthenticator = this.authenticators.get(wikiId);
        if (xWikiAuthenticator != null) {
            return xWikiAuthenticator;
        }
        try {
            XWiki wiki = xWikiContext.getWiki();
            if (AuthState.PREEMPTIVE_AUTH_SCHEME.equals(wiki.Param("xwiki.authentication"))) {
                myFormAuthenticator = new MyBasicAuthenticator();
                SecurityConfig securityConfig = new SecurityConfig(false);
                securityConfig.setAuthMethod(SecurityContext.BASIC_AUTH);
                if (wiki.Param("xwiki.authentication.realmname") != null) {
                    securityConfig.setRealmName(wiki.Param("xwiki.authentication.realmname"));
                } else {
                    securityConfig.setRealmName("XWiki");
                }
                myFormAuthenticator.init(null, securityConfig);
            } else {
                myFormAuthenticator = new MyFormAuthenticator();
                SecurityConfig securityConfig2 = new SecurityConfig(false);
                securityConfig2.setAuthMethod(SecurityContext.FORM_AUTH);
                if (wiki.Param("xwiki.authentication.realmname") != null) {
                    securityConfig2.setRealmName(wiki.Param("xwiki.authentication.realmname"));
                } else {
                    securityConfig2.setRealmName("XWiki");
                }
                if (wiki.Param("xwiki.authentication.defaultpage") != null) {
                    securityConfig2.setDefaultPage(wiki.Param("xwiki.authentication.defaultpage"));
                } else {
                    securityConfig2.setDefaultPage(stripContextPathFromURL(xWikiContext.getURLFactory().createURL(xWikiContext.getWiki().getDefaultSpace(xWikiContext), xWikiContext.getWiki().getDefaultPage(xWikiContext), "view", xWikiContext), xWikiContext));
                }
                if (wiki.Param("xwiki.authentication.loginpage") != null) {
                    securityConfig2.setLoginPage(wiki.Param("xwiki.authentication.loginpage"));
                } else {
                    securityConfig2.setLoginPage(stripContextPathFromURL(xWikiContext.getURLFactory().createURL("XWiki", "XWikiLogin", "login", xWikiContext), xWikiContext));
                }
                if (wiki.Param("xwiki.authentication.logoutpage") != null) {
                    securityConfig2.setLogoutPage(wiki.Param("xwiki.authentication.logoutpage"));
                } else {
                    securityConfig2.setLogoutPage(stripContextPathFromURL(xWikiContext.getURLFactory().createURL("XWiki", "XWikiLogout", "logout", xWikiContext), xWikiContext));
                }
                if (wiki.Param("xwiki.authentication.errorpage") != null) {
                    securityConfig2.setErrorPage(wiki.Param("xwiki.authentication.errorpage"));
                } else {
                    securityConfig2.setErrorPage(stripContextPathFromURL(xWikiContext.getURLFactory().createURL("XWiki", "XWikiLogin", "loginerror", xWikiContext), xWikiContext));
                }
                MyPersistentLoginManager myPersistentLoginManager = new MyPersistentLoginManager();
                if (wiki.Param("xwiki.authentication.cookieprefix") != null) {
                    myPersistentLoginManager.setCookiePrefix(wiki.Param("xwiki.authentication.cookieprefix"));
                }
                if (wiki.Param("xwiki.authentication.cookiepath") != null) {
                    myPersistentLoginManager.setCookiePath(wiki.Param("xwiki.authentication.cookiepath"));
                }
                if (wiki.Param("xwiki.authentication.cookiedomains") != null) {
                    myPersistentLoginManager.setCookieDomains(StringUtils.split(wiki.Param("xwiki.authentication.cookiedomains"), ","));
                }
                if (wiki.Param("xwiki.authentication.cookielife") != null) {
                    myPersistentLoginManager.setCookieLife(wiki.Param("xwiki.authentication.cookielife"));
                }
                if (wiki.Param("xwiki.authentication.protection") != null) {
                    myPersistentLoginManager.setProtection(wiki.Param("xwiki.authentication.protection"));
                }
                if (wiki.Param("xwiki.authentication.useip") != null) {
                    myPersistentLoginManager.setUseIP(wiki.Param("xwiki.authentication.useip"));
                }
                if (wiki.Param("xwiki.authentication.encryptionalgorithm") != null) {
                    myPersistentLoginManager.setEncryptionAlgorithm(wiki.Param("xwiki.authentication.encryptionalgorithm"));
                }
                if (wiki.Param("xwiki.authentication.encryptionmode") != null) {
                    myPersistentLoginManager.setEncryptionMode(wiki.Param("xwiki.authentication.encryptionmode"));
                }
                if (wiki.Param("xwiki.authentication.encryptionpadding") != null) {
                    myPersistentLoginManager.setEncryptionPadding(wiki.Param("xwiki.authentication.encryptionpadding"));
                }
                if (wiki.Param("xwiki.authentication.validationKey") != null) {
                    myPersistentLoginManager.setValidationKey(wiki.Param("xwiki.authentication.validationKey"));
                }
                if (wiki.Param("xwiki.authentication.encryptionKey") != null) {
                    myPersistentLoginManager.setEncryptionKey(wiki.Param("xwiki.authentication.encryptionKey"));
                }
                securityConfig2.setPersistentLoginManager(myPersistentLoginManager);
                MyFilterConfig myFilterConfig = new MyFilterConfig();
                myFilterConfig.setInitParameter(FormAuthenticator.LOGIN_SUBMIT_PATTERN_KEY, wiki.Param("xwiki.authentication.loginsubmitpage", "/loginsubmit/XWiki/XWikiLogin"));
                myFormAuthenticator.init(myFilterConfig, securityConfig2);
            }
            this.authenticators.put(wikiId, myFormAuthenticator);
            return myFormAuthenticator;
        } catch (Exception e) {
            throw new XWikiException(8, XWikiException.ERROR_XWIKI_USER_INIT, "Cannot initialize authentication system for wiki [" + wikiId + "]", e);
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public XWikiUser checkAuth(XWikiContext xWikiContext) throws XWikiException {
        long currentTimeMillis = System.currentTimeMillis();
        HttpServletRequest httpServletRequest = null;
        XWikiResponse response = xWikiContext.getResponse();
        if (xWikiContext.getRequest() != null) {
            httpServletRequest = xWikiContext.getRequest().getHttpServletRequest();
        }
        if (httpServletRequest == null) {
            return null;
        }
        XWikiAuthenticator authenticator = getAuthenticator(xWikiContext);
        SecurityRequestWrapper securityRequestWrapper = new SecurityRequestWrapper(httpServletRequest, null, null, authenticator.getAuthMethod());
        try {
            try {
                if (authenticator.processLogin(securityRequestWrapper, response, xWikiContext)) {
                    LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - currentTimeMillis) + " milliseconds to run.");
                    return null;
                }
                if (authenticator.processLogout(securityRequestWrapper, response, new URLPatternMatcher())) {
                    if (LOGGER.isInfoEnabled()) {
                        LOGGER.info("User " + xWikiContext.getUser() + " has been logged-out");
                    }
                    securityRequestWrapper.setUserPrincipal(null);
                    LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - currentTimeMillis) + " milliseconds to run.");
                    return null;
                }
                String contextUserName = getContextUserName(securityRequestWrapper.getUserPrincipal(), xWikiContext);
                if (LOGGER.isInfoEnabled() && contextUserName != null) {
                    LOGGER.info("User " + contextUserName + " is authentified");
                }
                if (contextUserName == null) {
                    LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - currentTimeMillis) + " milliseconds to run.");
                    return null;
                }
                XWikiUser xWikiUser = new XWikiUser(contextUserName);
                LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - currentTimeMillis) + " milliseconds to run.");
                return xWikiUser;
            } catch (Exception e) {
                LOGGER.error("Failed to authenticate", (Throwable) e);
                LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - currentTimeMillis) + " milliseconds to run.");
                return null;
            }
        } catch (Throwable th) {
            LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - currentTimeMillis) + " milliseconds to run.");
            throw th;
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public XWikiUser checkAuth(String str, String str2, String str3, XWikiContext xWikiContext) throws XWikiException {
        HttpServletRequest httpServletRequest = null;
        XWikiResponse response = xWikiContext.getResponse();
        if (xWikiContext.getRequest() != null) {
            httpServletRequest = xWikiContext.getRequest().getHttpServletRequest();
        }
        if (httpServletRequest == null) {
            return null;
        }
        XWikiAuthenticator authenticator = getAuthenticator(xWikiContext);
        SecurityRequestWrapper securityRequestWrapper = new SecurityRequestWrapper(httpServletRequest, null, null, authenticator.getAuthMethod());
        try {
            if (!authenticator.processLogin(str, str2, str3, securityRequestWrapper, response, xWikiContext)) {
                return null;
            }
            Principal userPrincipal = securityRequestWrapper.getUserPrincipal();
            if (LOGGER.isInfoEnabled() && userPrincipal != null) {
                LOGGER.info("User " + userPrincipal.getName() + " is authentified");
            }
            if (userPrincipal == null) {
                return null;
            }
            return new XWikiUser(getContextUserName(userPrincipal, xWikiContext));
        } catch (Exception e) {
            LOGGER.error("Failed to authenticate", (Throwable) e);
            return null;
        }
    }

    private String getContextUserName(Principal principal, XWikiContext xWikiContext) {
        String str;
        if (principal != null) {
            str = this.compactWikiEntityReferenceSerializer.serialize(this.currentDocumentReferenceResolver.resolve(principal.getName(), new Object[0]), new Object[0]);
        } else {
            str = null;
        }
        return str;
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public void showLogin(XWikiContext xWikiContext) throws XWikiException {
        try {
            if (xWikiContext.getMode() == 0) {
                getAuthenticator(xWikiContext).showLogin(xWikiContext.getRequest().getHttpServletRequest(), xWikiContext.getResponse(), xWikiContext);
            }
        } catch (IOException e) {
            LOGGER.error("Unknown failure when calling showLogin", (Throwable) e);
        }
    }

    @Override // com.xpn.xwiki.user.api.XWikiAuthService
    public Principal authenticate(String str, String str2, XWikiContext xWikiContext) throws XWikiException {
        String findUser;
        if (str == null) {
            return null;
        }
        if (StringUtils.isBlank(str)) {
            xWikiContext.put(Constants.ELEMNAME_MESSAGE_STRING, "nousername");
            return null;
        }
        if (StringUtils.isBlank(str2)) {
            xWikiContext.put(Constants.ELEMNAME_MESSAGE_STRING, "nopassword");
            return null;
        }
        String replaceAll = str.replaceAll(" ", "");
        if (isSuperAdmin(replaceAll)) {
            return authenticateSuperAdmin(str2, xWikiContext);
        }
        if (xWikiContext == null) {
            LOGGER.error("XWikiContext is null");
            return null;
        }
        String str3 = replaceAll;
        String str4 = null;
        int indexOf = replaceAll.indexOf(".");
        int indexOf2 = replaceAll.indexOf(":");
        if (indexOf2 > 0) {
            str4 = replaceAll.substring(0, indexOf2);
        }
        if (indexOf != -1) {
            str3 = replaceAll.substring(indexOf + 1);
        } else if (indexOf2 > 0) {
            str3 = replaceAll.substring(indexOf2 + 1);
        }
        String wikiId = xWikiContext.getWikiId();
        if (str4 != null) {
            try {
                xWikiContext.setWikiId(str4);
            } catch (Throwable th) {
                xWikiContext.setWikiId(wikiId);
                throw th;
            }
        }
        try {
            findUser = findUser(str3, xWikiContext);
        } catch (Exception e) {
        }
        if (findUser != null && checkPassword(findUser, str2, xWikiContext)) {
            SimplePrincipal simplePrincipal = new SimplePrincipal(str4 != null ? xWikiContext.getWikiId() + ":" + findUser : findUser);
            xWikiContext.setWikiId(wikiId);
            return simplePrincipal;
        }
        if (!xWikiContext.isMainWiki()) {
            xWikiContext.setWikiId(xWikiContext.getMainXWiki());
            try {
                String findUser2 = findUser(str3, xWikiContext);
                if (findUser2 != null && checkPassword(findUser2, str2, xWikiContext)) {
                    SimplePrincipal simplePrincipal2 = new SimplePrincipal(xWikiContext.getWikiId() + ":" + findUser2);
                    xWikiContext.setWikiId(wikiId);
                    return simplePrincipal2;
                }
            } catch (Exception e2) {
                xWikiContext.put(Constants.ELEMNAME_MESSAGE_STRING, "loginfailed");
                xWikiContext.setWikiId(wikiId);
                return null;
            }
        }
        xWikiContext.put(Constants.ELEMNAME_MESSAGE_STRING, "invalidcredentials");
        xWikiContext.setWikiId(wikiId);
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v5, types: [java.lang.Object[], java.lang.Object[][]] */
    protected String findUser(String str, XWikiContext xWikiContext) throws XWikiException {
        String str2;
        if (xWikiContext.getWiki().exists(new DocumentReference(xWikiContext.getWikiId(), "XWiki", str), xWikiContext)) {
            str2 = "XWiki." + str;
        } else {
            List search = xWikiContext.getWiki().search("select distinct doc.fullName from XWikiDocument as doc", new Object[]{new Object[]{"doc.space", "XWiki"}, new Object[]{"doc.name", str}}, xWikiContext);
            str2 = search.size() == 0 ? null : (String) search.get(0);
        }
        return str2;
    }

    protected boolean checkPassword(String str, String str2, XWikiContext xWikiContext) throws XWikiException {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            boolean z = false;
            BaseObject xObject = xWikiContext.getWiki().getDocument(str, xWikiContext).getXObject(USERCLASS_REFERENCE);
            if (xObject != null) {
                String stringValue = xObject.getStringValue("password");
                z = new PasswordClass().getEquivalentPassword(stringValue, str2).equals(stringValue);
            }
            if (LOGGER.isDebugEnabled()) {
                if (z) {
                    LOGGER.debug("Password check for user " + str + " successful");
                } else {
                    LOGGER.debug("Password check for user " + str + " failed");
                }
                LOGGER.debug((System.currentTimeMillis() - currentTimeMillis) + " milliseconds spent validating password.");
            }
            return z;
        } catch (Throwable th) {
            LOGGER.error("Failed to check password", th);
            return false;
        }
    }

    protected String getParam(String str, XWikiContext xWikiContext) {
        String str2 = "";
        try {
            str2 = xWikiContext.getWiki().getXWikiPreference(str, xWikiContext);
        } catch (Exception e) {
        }
        if (str2 == null || "".equals(str2)) {
            try {
                str2 = xWikiContext.getWiki().Param("xwiki.authentication." + StringUtils.replace(str, "auth_", ""));
            } catch (Exception e2) {
            }
        }
        if (str2 == null) {
            str2 = "";
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String createUser(String str, XWikiContext xWikiContext) throws XWikiException {
        String param = getParam("auth_createuser", xWikiContext);
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Create user param is " + param);
        }
        if (param == null) {
            return str;
        }
        String clearName = xWikiContext.getWiki().clearName(str, true, true, xWikiContext);
        if (xWikiContext.getWiki().getDocument(new DocumentReference(xWikiContext.getWikiId(), "XWiki", clearName), xWikiContext).isNew()) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("User page does not exist for user " + str);
            }
            if ("empty".equals(param)) {
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("Creating emptry user for user " + str);
                }
                xWikiContext.getWiki().createEmptyUser(clearName, "edit", xWikiContext);
            }
        } else if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("User page already exists for user " + str);
        }
        return clearName;
    }

    protected String stripContextPathFromURL(URL url, XWikiContext xWikiContext) {
        String webAppPath = xWikiContext.getWiki().getWebAppPath(xWikiContext);
        if (webAppPath.endsWith("/") && !webAppPath.startsWith("/")) {
            webAppPath = "/" + StringUtils.chop(webAppPath);
        } else if ("/".equals(webAppPath)) {
            webAppPath = "";
        }
        String removeStart = StringUtils.removeStart(url.toExternalForm(), StringUtils.substringBeforeLast(xWikiContext.getResponse().encodeURL(url.getProtocol() + "://" + url.getAuthority() + webAppPath).replaceAll(";jsessionid=.*?(?=\\?|$)", ""), "?"));
        if (!removeStart.startsWith("/")) {
            removeStart = "/" + removeStart;
        }
        return removeStart;
    }
}
