package org.ametys.site;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.regex.Pattern;
import org.ametys.core.authentication.AuthenticateAction;
import org.ametys.core.authentication.CredentialProvider;
import org.ametys.core.user.UserIdentity;
import org.ametys.plugins.core.user.UserDAO;
import org.ametys.plugins.site.Site;
import org.ametys.runtime.config.Config;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.DefaultConfigurationBuilder;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.Session;
import org.apache.cocoon.environment.http.HttpCookie;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;

/* loaded from: input_file:org/ametys/site/FrontAuthenticateAction.class */
public class FrontAuthenticateAction extends AuthenticateAction {
    protected Collection<Pattern> _acceptedSiteUrlPatterns = Arrays.asList(Pattern.compile("^plugins/site/authenticate/[0-9]+$"));

    protected boolean _acceptedUrl(Request request) {
        String str = (String) request.getAttribute("inWorkspaceURL");
        Iterator<Pattern> it = this._acceptedSiteUrlPatterns.iterator();
        while (it.hasNext()) {
            if (it.next().matcher(str).matches()) {
                request.setAttribute("Runtime:GrantedRequest", true);
                return true;
            }
        }
        return false;
    }

    protected void _setUserIdentityInSession(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean z) {
        setUserIdentityInSession(request, userIdentity, credentialProvider, z);
    }

    public static void setUserIdentityInSession(Request request, UserIdentity userIdentity, CredentialProvider credentialProvider, boolean z) {
        String name = ((Site) request.getAttribute("site")).getName();
        Session session = request.getSession(true);
        _resetConnectingStateToSession(request);
        session.setAttribute("Runtime:UserIdentity-" + name, userIdentity);
        session.setAttribute("Runtime:CredentialProvider-" + name, credentialProvider);
        session.setAttribute("Runtime:CredentialProviderMode-" + name, Boolean.valueOf(z));
    }

    protected UserIdentity _getUserIdentityFromSession(Request request) {
        UserIdentity userIdentityFromSession = getUserIdentityFromSession(request);
        if (userIdentityFromSession != null) {
            return userIdentityFromSession;
        }
        Session session = request.getSession(false);
        if (session == null) {
            return null;
        }
        Set _getAvailableUserPopulationsIds = _getAvailableUserPopulationsIds(request, _getContexts(request, null));
        UserIdentity _getUserIdentityFromSession = super._getUserIdentityFromSession(request);
        if (_getUserIdentityFromSession != null && _getAvailableUserPopulationsIds.contains(_getUserIdentityFromSession.getPopulationId())) {
            _setUserIdentityInSession(request, _getUserIdentityFromSession, new UserDAO.ImpersonateCredentialProvider(), true);
            return _getUserIdentityFromSession;
        }
        Enumeration attributeNames = session.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            String str = (String) attributeNames.nextElement();
            if (str.startsWith("Runtime:UserIdentity-")) {
                UserIdentity userIdentity = (UserIdentity) session.getAttribute(str);
                if (_getAvailableUserPopulationsIds.contains(userIdentity.getPopulationId())) {
                    _setUserIdentityInSession(request, userIdentity, new UserDAO.ImpersonateCredentialProvider(), true);
                    return userIdentity;
                }
            }
        }
        return null;
    }

    public static UserIdentity getUserIdentityFromSession(Request request) {
        return getUserIdentityFromSession(request, ((Site) request.getAttribute("site")).getName());
    }

    public static UserIdentity getUserIdentityFromSession(Request request, String str) {
        Session session = request.getSession(false);
        if (session != null) {
            return (UserIdentity) session.getAttribute("Runtime:UserIdentity-" + str);
        }
        return null;
    }

    protected CredentialProvider _getCredentialProviderFromSession(Request request) {
        return getCredentialProviderFromSession(request);
    }

    public static CredentialProvider getCredentialProviderFromSession(Request request) {
        Site site = (Site) request.getAttribute("site");
        if (site == null) {
            return null;
        }
        return getCredentialProviderFromSession(request, site.getName());
    }

    public static CredentialProvider getCredentialProviderFromSession(Request request, String str) {
        Session session = request.getSession(false);
        if (session != null) {
            return (CredentialProvider) session.getAttribute("Runtime:CredentialProvider-" + str);
        }
        return null;
    }

    protected Boolean _getCredentialProviderModeFromSession(Request request) {
        return getCredentialProviderModeFromSession(request);
    }

    public static Boolean getCredentialProviderModeFromSession(Request request) {
        return getCredentialProviderModeFromSession(request, ((Site) request.getAttribute("site")).getName());
    }

    public static Boolean getCredentialProviderModeFromSession(Request request, String str) {
        Session session = request.getSession(false);
        if (session != null) {
            return (Boolean) session.getAttribute("Runtime:CredentialProviderMode-" + str);
        }
        return null;
    }

    protected List<String> _getContexts(Request request, Parameters parameters) {
        String name = ((Site) request.getAttribute("site")).getName();
        return Arrays.asList("/sites/" + name, "/sites-fo/" + name);
    }

    protected String getLoginURL(Request request) {
        return getLoginURLParameters(request, "cocoon://_generate/plugins/web/frontoffice-formbasedauthentication/login/login/" + ((Site) request.getAttribute("site")).getName());
    }

    protected String getLogoutURL(Request request) {
        return "cocoon://_generate/plugins/web/frontoffice-formbasedauthentication/login/logout/" + ((Site) request.getAttribute("site")).getName();
    }

    protected boolean _handleLogout(Redirector redirector, Map map, String str, Parameters parameters) throws Exception {
        HttpCookie httpCookie;
        boolean _handleLogout = super._handleLogout(redirector, map, str, parameters);
        if (_handleLogout && (httpCookie = (HttpCookie) ObjectModelHelper.getRequest(map).getCookieMap().get("JSESSIONID-Ametys")) != null) {
            CloseableHttpClient httpClient = BackOfficeRequestHelper.getHttpClient();
            try {
                HttpGet httpGet = new HttpGet(((String) Config.getInstance().getValue("org.ametys.site.bo")) + "/logout.html");
                httpGet.addHeader("Cookie", "JSESSIONID=" + httpCookie.getValue());
                httpClient.execute(httpGet);
                if (httpClient != null) {
                    httpClient.close();
                }
            } catch (Throwable th) {
                if (httpClient != null) {
                    try {
                        httpClient.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return _handleLogout;
    }

    protected UserIdentity _validateToken(String str, String str2) {
        String str3 = (String) Config.getInstance().getValue("org.ametys.site.bo");
        try {
            CloseableHttpClient httpClient = BackOfficeRequestHelper.getHttpClient();
            try {
                HttpPost httpPost = new HttpPost(str3 + "/_validate_token.xml");
                httpPost.addHeader("X-Ametys-FO", "true");
                ArrayList arrayList = new ArrayList();
                arrayList.add(new BasicNameValuePair("token", str));
                arrayList.add(new BasicNameValuePair("tokenContext", str2));
                httpPost.setEntity(new UrlEncodedFormEntity(arrayList, StandardCharsets.UTF_8));
                CloseableHttpResponse execute = httpClient.execute(httpPost);
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    try {
                        switch (execute.getStatusLine().getStatusCode()) {
                            case 200:
                                execute.getEntity().writeTo(byteArrayOutputStream);
                                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
                                try {
                                    Configuration build = new DefaultConfigurationBuilder().build(byteArrayInputStream);
                                    String value = build.getChild("login").getValue((String) null);
                                    String value2 = build.getChild("populationId").getValue((String) null);
                                    if (!StringUtils.isNoneBlank(new CharSequence[]{value, value2})) {
                                        byteArrayInputStream.close();
                                        byteArrayOutputStream.close();
                                        if (execute != null) {
                                            execute.close();
                                        }
                                        if (httpClient != null) {
                                            httpClient.close();
                                        }
                                        return null;
                                    }
                                    UserIdentity userIdentity = new UserIdentity(value, value2);
                                    byteArrayInputStream.close();
                                    byteArrayOutputStream.close();
                                    if (execute != null) {
                                        execute.close();
                                    }
                                    if (httpClient != null) {
                                        httpClient.close();
                                    }
                                    return userIdentity;
                                } catch (Throwable th) {
                                    try {
                                        byteArrayInputStream.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                    throw th;
                                }
                            case 403:
                                throw new IllegalStateException("The CMS back-office refused the connection");
                            case 500:
                            default:
                                throw new IllegalStateException("The CMS back-office returned an error");
                        }
                    } catch (Throwable th3) {
                        try {
                            byteArrayOutputStream.close();
                        } catch (Throwable th4) {
                            th3.addSuppressed(th4);
                        }
                        throw th3;
                    }
                } catch (Throwable th5) {
                    if (execute != null) {
                        try {
                            execute.close();
                        } catch (Throwable th6) {
                            th5.addSuppressed(th6);
                        }
                    }
                    throw th5;
                }
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException("Unable to synchronize site data", e);
        }
    }
}
