package com.openexchange.ajax.login;

import com.openexchange.ajax.AJAXServlet;
import com.openexchange.ajax.LoginServlet;
import com.openexchange.ajax.SessionUtility;
import com.openexchange.ajax.fields.FolderFields;
import com.openexchange.authentication.Authenticated;
import com.openexchange.authentication.LoginExceptionCodes;
import com.openexchange.authentication.service.Authentication;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.contexts.impl.ContextStorage;
import com.openexchange.groupware.ldap.User;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.login.LoginResult;
import com.openexchange.login.internal.LoginPerformer;
import com.openexchange.login.internal.LoginResultImpl;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.session.Session;
import com.openexchange.sessiond.SessiondService;
import com.openexchange.tools.servlet.http.Tools;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/openexchange/ajax/login/FormLogin.class */
public class FormLogin implements LoginRequestHandler {
    private final LoginConfiguration conf;

    public FormLogin(LoginConfiguration loginConfiguration) {
        this.conf = loginConfiguration;
    }

    @Override // com.openexchange.ajax.login.LoginRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            doFormLogin(httpServletRequest, httpServletResponse);
        } catch (OXException e) {
            String replace = this.conf.getErrorPageTemplate().replace("ERROR_MESSAGE", e.getMessage());
            httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_HTML);
            httpServletResponse.getWriter().write(replace);
        }
    }

    private void doFormLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OXException, IOException {
        LoginRequestImpl parseLogin = LoginTools.parseLogin(httpServletRequest, "login", true, this.conf.getDefaultClient(), this.conf.isCookieForceHTTPS(), this.conf.isDisableTrimLogin(), !this.conf.isFormLoginWithoutAuthId());
        HashMap hashMap = new HashMap(1);
        String parameter = httpServletRequest.getParameter(FolderFields.CAPABILITIES);
        if (null != parameter) {
            hashMap.put("client.capabilities", parameter);
        }
        LoginResult reAuthenticate = reAuthenticate(tryAutologin(httpServletRequest), parseLogin.getLogin(), parseLogin.getPassword(), hashMap);
        if (null == reAuthenticate) {
            reAuthenticate = LoginPerformer.getInstance().doLogin(parseLogin, hashMap);
        }
        Session session = reAuthenticate.getSession();
        User user = reAuthenticate.getUser();
        Tools.disableCaching(httpServletResponse);
        LoginServlet.writeSecretCookie(httpServletRequest, httpServletResponse, session, session.getHash(), httpServletRequest.isSecure(), httpServletRequest.getServerName(), this.conf);
        LoginServlet.addHeadersAndCookies(reAuthenticate, httpServletResponse);
        httpServletResponse.sendRedirect(generateRedirectURL(httpServletRequest.getParameter("uiWebPath"), httpServletRequest.getParameter("autologin"), session, user.getPreferredLanguage(), this.conf.getUiWebPath()));
    }

    private LoginResult reAuthenticate(LoginResult loginResult, String str, String str2, Map<String, Object> map) throws OXException {
        if (null == loginResult) {
            return null;
        }
        Authenticated login = Authentication.login(str, str2, map);
        Context findContext = LoginPerformer.findContext(login.getContextInfo());
        if (findContext.getContextId() != loginResult.getContext().getContextId() || findContext.getContextId() != loginResult.getSession().getContextId()) {
            return null;
        }
        User findUser = LoginPerformer.findUser(findContext, login.getUserInfo());
        if (findUser.getId() == loginResult.getUser().getId() && findUser.getId() == loginResult.getSession().getUserId()) {
            return loginResult;
        }
        return null;
    }

    private LoginResult tryAutologin(HttpServletRequest httpServletRequest) throws OXException {
        Session session;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (!this.conf.isSessiondAutoLogin() || null == cookies || 0 >= cookies.length) {
            return null;
        }
        String str = null;
        String str2 = null;
        String hash = HashCalculator.getInstance().getHash(httpServletRequest);
        String str3 = LoginServlet.SESSION_PREFIX + hash;
        String str4 = LoginServlet.SECRET_PREFIX + hash;
        for (int i = 0; i < cookies.length && (null == str || null == str2); i++) {
            String name = cookies[i].getName();
            if (name.startsWith(str3)) {
                str = cookies[i].getValue();
            } else if (name.startsWith(str4)) {
                str2 = cookies[i].getValue();
            }
        }
        if (null == str || null == str2 || null == (session = ((SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class)).getSession(str)) || !session.getSecret().equals(str2)) {
            return null;
        }
        String remoteAddr = httpServletRequest.getRemoteAddr();
        if (this.conf.isIpCheck()) {
            SessionUtility.checkIP(true, this.conf.getRanges(), session, remoteAddr, this.conf.getIpCheckWhitelist());
        }
        LoginTools.updateIPAddress(this.conf, remoteAddr, session);
        Context context = ContextStorage.getInstance().getContext(session.getContextId());
        User user = UserStorage.getInstance().getUser(session.getUserId(), context);
        if (false == context.isEnabled() || false == user.isMailEnabled()) {
            throw LoginExceptionCodes.INVALID_CREDENTIALS.create();
        }
        return new LoginResultImpl(session, context, user);
    }

    private static String generateRedirectURL(String str, String str2, Session session, String str3, String str4) {
        String str5 = str;
        if (null == str5) {
            str5 = str4;
        }
        String addFragmentParameter = LoginTools.addFragmentParameter(LoginTools.addFragmentParameter(LoginTools.addFragmentParameter(LoginTools.addFragmentParameter(str5.replaceAll("[\n\r]", ""), AJAXServlet.PARAMETER_SESSION, session.getSessionID()), "user", session.getLogin()), "user_id", Integer.toString(session.getUserId())), "language", str3);
        if (str2 != null) {
            addFragmentParameter = LoginTools.addFragmentParameter(addFragmentParameter, AJAXServlet.ACTION_STORE, str2);
        }
        return addFragmentParameter;
    }
}
