package org.phenotips.integration.lims247;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.user.api.XWikiAuthService;
import com.xpn.xwiki.user.api.XWikiUser;
import com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl;
import com.xpn.xwiki.web.Utils;
import com.xpn.xwiki.web.XWikiRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xwiki.csrf.CSRFToken;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.WikiReference;

/* loaded from: input_file:org/phenotips/integration/lims247/Lims247AuthServiceImpl.class */
public class Lims247AuthServiceImpl extends XWikiAuthServiceImpl implements XWikiAuthService {
    public static final String SESSION_KEY = "lims247_user";
    public static final String ACCESS_KEY = "lims247_access";
    private Logger logger = LoggerFactory.getLogger(getClass());

    public XWikiUser checkAuth(XWikiContext xWikiContext) throws XWikiException {
        XWikiUser userFromSession = getUserFromSession(xWikiContext);
        if (userFromSession != null) {
            this.logger.debug("Previously authenticated LIMS user found in the session: [{}]", userFromSession.getUser());
            setupContextForLims(xWikiContext);
            storeAccesMode(xWikiContext);
            return userFromSession;
        }
        XWikiRequest request = xWikiContext.getRequest();
        String str = request.get(LimsServer.INSTANCE_IDENTIFIER_KEY);
        String str2 = request.get(LimsServer.USERNAME_KEY);
        String str3 = request.get(LimsServer.TOKEN_KEY);
        if (StringUtils.isNotEmpty(str2) && StringUtils.isNotEmpty(str3)) {
            XWikiUser checkLocalToken = checkLocalToken(str3, str2, xWikiContext);
            if (checkLocalToken == null && StringUtils.isNotEmpty(str)) {
                checkLocalToken = checkRemoteToken(str3, str2, str, xWikiContext);
            }
            if (checkLocalToken != null) {
                storeUserInSession(new LimsAuthentication(str3, checkLocalToken, str), xWikiContext);
                setupContextForLims(xWikiContext);
                storeAccesMode(xWikiContext);
                return checkLocalToken;
            }
        }
        return super.checkAuth(xWikiContext);
    }

    private XWikiUser getUserFromSession(XWikiContext xWikiContext) {
        try {
            LimsAuthentication limsAuthentication = (LimsAuthentication) xWikiContext.getRequest().getSession().getAttribute(SESSION_KEY);
            if (limsAuthentication != null) {
                return limsAuthentication.getUser();
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    private void storeUserInSession(LimsAuthentication limsAuthentication, XWikiContext xWikiContext) {
        xWikiContext.getRequest().getSession().setAttribute(SESSION_KEY, limsAuthentication);
    }

    private XWikiUser checkLocalToken(String str, String str2, XWikiContext xWikiContext) {
        DocumentReference userReference = xWikiContext.getUserReference();
        try {
            CSRFToken cSRFToken = (CSRFToken) Utils.getComponent(CSRFToken.class);
            DocumentReference documentReference = new DocumentReference(xWikiContext.getDatabase(), "XWiki", str2);
            xWikiContext.setUserReference(documentReference);
            boolean isTokenValid = cSRFToken.isTokenValid(str);
            if (!isTokenValid) {
                xWikiContext.setUserReference(documentReference.replaceParent(documentReference.getWikiReference(), new WikiReference("xwiki")));
                isTokenValid = cSRFToken.isTokenValid(str);
            }
            if (isTokenValid) {
                return new XWikiUser("XWiki." + str2);
            }
            return null;
        } finally {
            xWikiContext.setUserReference(userReference);
        }
    }

    private XWikiUser checkRemoteToken(String str, String str2, String str3, XWikiContext xWikiContext) {
        if (((LimsServer) Utils.getComponent(LimsServer.class)).checkToken(str, str2, str3)) {
            return new XWikiUser("XWiki." + str2);
        }
        return null;
    }

    private void setupContextForLims(XWikiContext xWikiContext) {
        if (xWikiContext.getWiki().exists(new DocumentReference(xWikiContext.getDatabase(), "PhenoTips", "EmbeddableSkin"), xWikiContext)) {
            xWikiContext.put("skin", "PhenoTips.EmbeddableSkin");
        }
    }

    private void storeAccesMode(XWikiContext xWikiContext) {
        XWikiRequest request = xWikiContext.getRequest();
        String parameter = request.getParameter(LimsServer.ACCESS_MODE);
        if (parameter != null) {
            request.getSession().setAttribute(ACCESS_KEY, parameter);
        }
    }
}
