package org.onestonesoup.openforum.security.cookie;

import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import org.apache.http.cookie.ClientCookie;
import org.apache.http.cookie.SM;
import org.apache.jasper.Constants;
import org.onestonesoup.core.data.EntityTree;
import org.onestonesoup.javascript.engine.JavascriptEngine;
import org.onestonesoup.openforum.controller.OpenForumController;
import org.onestonesoup.openforum.filemanager.FileServer;
import org.onestonesoup.openforum.javascript.JavascriptHelper;
import org.onestonesoup.openforum.security.Authenticator;
import org.onestonesoup.openforum.security.Login;
import org.onestonesoup.openforum.servlet.ClientConnectionInterface;
import org.onestonesoup.openforum.servlet.HttpHeader;
import org.onestonesoup.openforum.transaction.HttpRequestHelper;
import org.onestonesoup.openforum.transaction.HttpResponseHeader;

/* loaded from: input_file:org/onestonesoup/openforum/security/cookie/SessionCookieAuthenticator.class */
public class SessionCookieAuthenticator implements Authenticator {
    private static final String AUTHENTICATION_PAGE = "/OpenForum/Authentication";
    private static final String LOGIN_SCRIPT_FILE = "login.sjs";
    private OpenForumController controller;
    private SessionStore sessionStore;

    public String getMemberAlias(String str) {
        return this.sessionStore.authenticateUser(str);
    }

    @Override // org.onestonesoup.openforum.security.Authenticator
    public Login authenticate(HttpHeader httpHeader) {
        String str = null;
        String sessionId = getSessionId(httpHeader);
        if (sessionId != null) {
            str = this.sessionStore.authenticateUser(sessionId);
        }
        if (str == null) {
            return Login.getGuestLogin();
        }
        Login login = new Login(str, (String) null);
        login.setLoggedIn(true);
        login.setSessionId(sessionId);
        return login;
    }

    @Override // org.onestonesoup.openforum.security.Authenticator
    public boolean obtainAuthentication(HttpHeader httpHeader, ClientConnectionInterface clientConnectionInterface) throws IOException {
        String value = httpHeader.getChild("request").getValue();
        if (value.equals("/OpenForum/Access/SignIn/Process") && httpHeader.getChild("method").getValue().equals("post") && signIn(httpHeader, clientConnectionInterface)) {
            return true;
        }
        if (value.equals("/OpenForum/Access/SignIn") && httpHeader.getChild("method").getValue().equals("get")) {
            return true;
        }
        new HttpResponseHeader(httpHeader, Constants.SERVLET_CONTENT_TYPE, 302, clientConnectionInterface).addParameter("location", "/OpenForum/Access/SignIn?forwardTo=" + value);
        clientConnectionInterface.getOutputStream().flush();
        clientConnectionInterface.close();
        return false;
    }

    @Override // org.onestonesoup.openforum.security.Authenticator
    public void setController(OpenForumController openForumController) {
        this.controller = openForumController;
        this.sessionStore = SessionStore.getSessionStore(openForumController);
    }

    @Override // org.onestonesoup.openforum.security.Authenticator
    public void setFileServer(FileServer fileServer) {
    }

    private String generateMD5(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(str.getBytes());
            return JavascriptHelper.bytesToHex(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            return null;
        }
    }

    private void sendJSONResponse(EntityTree entityTree, ClientConnectionInterface clientConnectionInterface, String str, String str2) throws IOException {
        HttpResponseHeader httpResponseHeader = new HttpResponseHeader(entityTree, "application/json", 200, clientConnectionInterface);
        if (str2 != null) {
            httpResponseHeader.addParameter(SM.SET_COOKIE, "openForumSession=" + str2 + "; Path=/");
        }
        httpResponseHeader.addParameter("content-length", "" + str.length());
        long currentTimeMillis = System.currentTimeMillis();
        httpResponseHeader.addParameter("last-modified", HttpRequestHelper.getHttpDate(currentTimeMillis));
        httpResponseHeader.addParameter(ClientCookie.EXPIRES_ATTR, HttpRequestHelper.getHttpDate(currentTimeMillis));
        httpResponseHeader.addParameter("cache-control", " max-age=1, must-revalidate ");
        clientConnectionInterface.getOutputStream().write(str.getBytes());
        clientConnectionInterface.getOutputStream().flush();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SessionStore getSessionStore() {
        return this.sessionStore;
    }

    @Override // org.onestonesoup.openforum.security.Authenticator
    public void signOut(HttpHeader httpHeader, ClientConnectionInterface clientConnectionInterface) {
        String sessionId = getSessionId(httpHeader);
        if (sessionId != null) {
            this.sessionStore.invalidateSession(sessionId);
        }
    }

    @Override // org.onestonesoup.openforum.security.Authenticator
    public boolean signIn(HttpHeader httpHeader, ClientConnectionInterface clientConnectionInterface) throws IOException {
        String value = httpHeader.getChild("parameters").getChild("flavour").getValue();
        String value2 = httpHeader.getChild("parameters").getChild("userId").getValue();
        Login login = new Login(value2, httpHeader.getChild("parameters").getChild("password").getValue());
        JavascriptEngine javascriptEngine = this.controller.getJavascriptEngine(this.controller.getSystemLogin());
        javascriptEngine.mount("httpHeader", httpHeader);
        javascriptEngine.mount("sessionStore", this.sessionStore);
        javascriptEngine.mount("login", login);
        javascriptEngine.mount("flavour", value);
        try {
            boolean parseBoolean = Boolean.parseBoolean(javascriptEngine.runJavascript("/OpenForum/Authentication/login.sjs", this.controller.getFileManager().getPageAttachmentAsString(AUTHENTICATION_PAGE, LOGIN_SCRIPT_FILE, this.controller.getSystemLogin())));
            login.setLoggedIn(parseBoolean);
            login.clearPassword();
            if (parseBoolean) {
                if ("json".equals(value)) {
                    sendJSONResponse(httpHeader, clientConnectionInterface, "{result:\"ok\"}", login.getSessionId());
                } else {
                    HttpResponseHeader httpResponseHeader = new HttpResponseHeader(httpHeader, Constants.SERVLET_CONTENT_TYPE, 302, clientConnectionInterface);
                    httpResponseHeader.addParameter(SM.SET_COOKIE, "openForumSession=" + login.getSessionId() + "; Path=/");
                    httpResponseHeader.addParameter("location", "/OpenForum/Access/SignedIn?message=Signed in as " + value2);
                }
                this.controller.getLogger().info(login.getUser() + " logged in.");
                return true;
            }
            if ("json".equals(value)) {
                sendJSONResponse(httpHeader, clientConnectionInterface, "{result:\"error\"}", login.getSessionId());
            } else {
                HttpResponseHeader httpResponseHeader2 = new HttpResponseHeader(httpHeader, Constants.SERVLET_CONTENT_TYPE, 302, clientConnectionInterface);
                httpResponseHeader2.addParameter(SM.SET_COOKIE, "openForumSession=" + login.getSessionId() + "; Path=/");
                httpResponseHeader2.addParameter("location", "/OpenForum/Access/SignIn?message=Sign in failed for " + value2);
            }
            this.controller.getLogger().info(login.getUser() + " failed to log in.");
            return true;
        } catch (Throwable th) {
            throw new IOException(th);
        }
    }

    private String getSessionId(HttpHeader httpHeader) {
        String str = null;
        if (httpHeader.getChild("parameters").getChild("$cookie").getChild("openForumSession") != null) {
            str = httpHeader.getChild("parameters").getChild("$cookie").getChild("openForumSession").getValue();
        }
        return str;
    }
}
