package com.openexchange.ajax;

import com.openexchange.ajax.container.Response;
import com.openexchange.ajax.fields.FolderFields;
import com.openexchange.ajax.fields.Header;
import com.openexchange.ajax.fields.LoginFields;
import com.openexchange.ajax.helper.Send;
import com.openexchange.ajax.login.FormLogin;
import com.openexchange.ajax.login.HashCalculator;
import com.openexchange.ajax.login.LoginConfiguration;
import com.openexchange.ajax.login.LoginRequestHandler;
import com.openexchange.ajax.login.LoginTools;
import com.openexchange.ajax.requesthandler.responseRenderers.APIResponseRenderer;
import com.openexchange.ajax.writer.LoginWriter;
import com.openexchange.ajax.writer.ResponseWriter;
import com.openexchange.authentication.LoginExceptionCodes;
import com.openexchange.authentication.ResultCode;
import com.openexchange.config.ConfigTools;
import com.openexchange.config.ConfigurationService;
import com.openexchange.configuration.ClientWhitelist;
import com.openexchange.configuration.CookieHashSource;
import com.openexchange.configuration.ServerConfig;
import com.openexchange.exception.OXException;
import com.openexchange.folderstorage.outlook.OutlookFolderStorage;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.contexts.impl.ContextStorage;
import com.openexchange.groupware.ldap.User;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.groupware.settings.Setting;
import com.openexchange.groupware.settings.impl.ConfigTree;
import com.openexchange.groupware.settings.impl.SettingStorage;
import com.openexchange.java.Java7ConcurrentLinkedQueue;
import com.openexchange.java.StringAllocator;
import com.openexchange.java.util.UUIDs;
import com.openexchange.log.LogFactory;
import com.openexchange.log.LogProperties;
import com.openexchange.log.Props;
import com.openexchange.login.ConfigurationProperty;
import com.openexchange.login.Interface;
import com.openexchange.login.LoginRequest;
import com.openexchange.login.LoginResult;
import com.openexchange.login.internal.LoginPerformer;
import com.openexchange.oauth.provider.OAuthProviderService;
import com.openexchange.server.ServiceExceptionCode;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.session.Session;
import com.openexchange.sessiond.SessionExceptionCodes;
import com.openexchange.sessiond.SessiondService;
import com.openexchange.sessiond.impl.IPRange;
import com.openexchange.tools.io.IOTools;
import com.openexchange.tools.servlet.AjaxExceptionCodes;
import com.openexchange.tools.servlet.OXJSONExceptionCodes;
import com.openexchange.tools.servlet.http.Authorization;
import com.openexchange.tools.servlet.http.Cookies;
import com.openexchange.tools.servlet.http.Tools;
import com.openexchange.tools.session.ServerSession;
import com.openexchange.tools.session.ServerSessionAdapter;
import com.openexchange.webdav.xml.fields.ContactFields;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicReference;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthException;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import net.oauth.server.OAuthServlet;
import org.apache.commons.logging.Log;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/openexchange/ajax/Login.class */
public class Login extends AJAXServlet {
    private static final long serialVersionUID = 7680745138705836499L;
    public static final String ACTION_FORMLOGIN = "formlogin";
    protected final AtomicReference<LoginConfiguration> confReference = new AtomicReference<>();
    private final Map<String, LoginRequestHandler> handlerMap = new ConcurrentHashMap();
    private static final String ERROR_PAGE_TEMPLATE = "<html>\n<script type=\"text/javascript\">\n// Display normal HTML for 5 seconds, then redirect via referrer.\nsetTimeout(redirect,5000);\nfunction redirect(){\n var referrer=document.referrer;\n var redirect_url;\n // If referrer already contains failed parameter, we don't add a 2nd one.\n if(referrer.indexOf(\"login=failed\")>=0){\n  redirect_url=referrer;\n }else{\n  // Check if referrer contains multiple parameter\n  if(referrer.indexOf(\"?\")<0){\n   redirect_url=referrer+\"?login=failed\";\n  }else{\n   redirect_url=referrer+\"&login=failed\";\n  }\n }\n // Redirect to referrer\n window.location.href=redirect_url;\n}\n</script>\n<body>\n<h1>ERROR_MESSAGE</h1>\n</body>\n</html>\n";
    protected static final Log LOG = com.openexchange.log.Log.valueOf(LogFactory.getLog(Login.class));
    public static final String SESSION_PREFIX = "open-xchange-session-".intern();
    public static final String SECRET_PREFIX = "open-xchange-secret-".intern();
    public static final String PUBLIC_SESSION_NAME = "open-xchange-public-session".intern();
    public static final String ACTION_CHANGEIP = "changeip".intern();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.openexchange.ajax.Login$16, reason: invalid class name */
    /* loaded from: input_file:com/openexchange/ajax/Login$16.class */
    public static /* synthetic */ class AnonymousClass16 {
        static final /* synthetic */ int[] $SwitchMap$com$openexchange$authentication$ResultCode = new int[ResultCode.values().length];

        static {
            try {
                $SwitchMap$com$openexchange$authentication$ResultCode[ResultCode.FAILED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$openexchange$authentication$ResultCode[ResultCode.REDIRECT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/openexchange/ajax/Login$CookieType.class */
    public enum CookieType {
        SESSION,
        SECRET
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/openexchange/ajax/Login$LoginClosure.class */
    public interface LoginClosure {
        LoginResult doLogin(HttpServletRequest httpServletRequest) throws OXException;
    }

    public Login() {
        this.handlerMap.put("login", new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.1
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                try {
                    Login.this.doLogin(httpServletRequest, httpServletResponse);
                } catch (OXException e) {
                    Login.logAndSendException(httpServletResponse, e);
                }
            }
        });
        this.handlerMap.put(AJAXServlet.ACTION_OAUTH, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.2
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                try {
                    Login.this.doOAuthLogin(httpServletRequest, httpServletResponse);
                } catch (OXException e) {
                    Login.logAndSendException(httpServletResponse, e);
                }
            }
        });
        this.handlerMap.put(AJAXServlet.ACTION_STORE, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.3
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                try {
                    Login.this.doStore(httpServletRequest, httpServletResponse);
                } catch (JSONException e) {
                    Login.this.log("Error while writing response object.", e);
                    AJAXServlet.sendError(httpServletResponse);
                } catch (OXException e2) {
                    Login.logAndSendException(httpServletResponse, e2);
                }
            }
        });
        this.handlerMap.put(AJAXServlet.ACTION_REFRESH_SECRET, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.4
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                try {
                    Login.this.doRefreshSecret(httpServletRequest, httpServletResponse);
                } catch (JSONException e) {
                    Login.this.log("Error while writing response object.", e);
                    AJAXServlet.sendError(httpServletResponse);
                } catch (OXException e2) {
                    Login.logAndSendException(httpServletResponse, e2);
                }
            }
        });
        this.handlerMap.put(AJAXServlet.ACTION_LOGOUT, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.5
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                Tools.disableCaching(httpServletResponse);
                httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
                String parameter = httpServletRequest.getParameter(AJAXServlet.PARAMETER_SESSION);
                if (parameter == null) {
                    httpServletResponse.sendError(com.openexchange.groupware.container.Appointment.LOCATION);
                    return;
                }
                try {
                    Session lookupSession = LoginPerformer.getInstance().lookupSession(parameter);
                    if (lookupSession != null) {
                        LoginConfiguration loginConfiguration = Login.this.confReference.get();
                        SessionServlet.checkIP(loginConfiguration.isIpCheck(), loginConfiguration.getRanges(), lookupSession, httpServletRequest.getRemoteAddr(), loginConfiguration.getIpCheckWhitelist());
                        String extractSecret = SessionServlet.extractSecret(loginConfiguration.getHashSource(), httpServletRequest, lookupSession.getHash(), lookupSession.getClient());
                        if (extractSecret == null || !lookupSession.getSecret().equals(extractSecret)) {
                            Login.LOG.info("Status code 403 (FORBIDDEN): Missing or non-matching secret.");
                            httpServletResponse.sendError(403);
                        } else {
                            LoginPerformer.getInstance().doLogout(parameter);
                            SessionServlet.removeOXCookies(lookupSession.getHash(), httpServletRequest, httpServletResponse);
                            SessionServlet.removeJSESSIONID(httpServletRequest, httpServletResponse);
                        }
                    }
                } catch (OXException e) {
                    Login.LOG.error("Logout failed", e);
                }
            }
        });
        this.handlerMap.put(AJAXServlet.ACTION_REDIRECT, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.6
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                Session sessionByRandomToken;
                String hash;
                String localIp;
                Tools.disableCaching(httpServletResponse);
                httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
                String parameter = httpServletRequest.getParameter(LoginFields.RANDOM_PARAM);
                if (parameter == null) {
                    httpServletResponse.sendError(com.openexchange.groupware.container.Appointment.LOCATION);
                    return;
                }
                SessiondService sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
                if (sessiondService == null) {
                    Throwable create = ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()});
                    Login.LOG.error(create.getMessage(), create);
                    httpServletResponse.sendError(403);
                    return;
                }
                LoginConfiguration loginConfiguration = Login.this.confReference.get();
                if (!loginConfiguration.isInsecure()) {
                    sessionByRandomToken = sessiondService.getSessionByRandomToken(parameter);
                } else if (loginConfiguration.isRedirectIPChangeAllowed()) {
                    sessionByRandomToken = sessiondService.getSessionByRandomToken(parameter, httpServletRequest.getRemoteAddr());
                } else {
                    sessionByRandomToken = sessiondService.getSessionByRandomToken(parameter);
                    if (null != sessionByRandomToken && (null == (localIp = sessionByRandomToken.getLocalIp()) || SessionServlet.isWhitelistedFromIPCheck(localIp, loginConfiguration.getRanges()))) {
                        String remoteAddr = httpServletRequest.getRemoteAddr();
                        if (!remoteAddr.equals(localIp)) {
                            Login.LOG.info("Changing IP of session " + sessionByRandomToken.getSessionID() + " with authID: " + sessionByRandomToken.getAuthId() + " from " + localIp + " to " + remoteAddr + '.');
                            sessionByRandomToken.setLocalIp(remoteAddr);
                        }
                    }
                }
                if (sessionByRandomToken == null) {
                    if (Login.LOG.isDebugEnabled()) {
                        Login.LOG.debug("No session could be found for random token: " + parameter, new Throwable());
                    } else if (Login.LOG.isInfoEnabled()) {
                        Login.LOG.info("No session could be found for random token: " + parameter);
                    }
                    httpServletResponse.sendError(403);
                    return;
                }
                if (loginConfiguration.isInsecure()) {
                    SessionServlet.removeOXCookies(sessionByRandomToken.getHash(), httpServletRequest, httpServletResponse);
                }
                try {
                    Context context = ContextStorage.getInstance().getContext(sessionByRandomToken.getContextId());
                    User user = UserStorage.getInstance().getUser(sessionByRandomToken.getUserId(), context);
                    if (!context.isEnabled() || !user.isMailEnabled()) {
                        Login.LOG.info("Status code 403 (FORBIDDEN): Either context " + context.getContextId() + " or user " + user.getId() + " not enabled");
                        httpServletResponse.sendError(403);
                        return;
                    }
                    String parameter2 = httpServletRequest.getParameter(LoginFields.CLIENT_PARAM);
                    if (loginConfiguration.isInsecure()) {
                        if (null == parameter2) {
                            parameter2 = sessionByRandomToken.getClient();
                        } else {
                            sessionByRandomToken.setClient(parameter2);
                        }
                        hash = HashCalculator.getHash(httpServletRequest, parameter2);
                        sessionByRandomToken.setHash(hash);
                    } else {
                        hash = sessionByRandomToken.getHash();
                    }
                    Login.writeSecretCookie(httpServletResponse, sessionByRandomToken, hash, httpServletRequest.isSecure(), httpServletRequest.getServerName(), loginConfiguration);
                    httpServletResponse.sendRedirect(LoginTools.generateRedirectURL(httpServletRequest.getParameter("uiWebPath"), httpServletRequest.getParameter(AJAXServlet.ACTION_STORE), sessionByRandomToken.getSessionID(), loginConfiguration.getUiWebPath()));
                } catch (OXException e) {
                    Login.LOG.info("Status code 403 (FORBIDDEN): Couldn't resolve context/user by identifier: " + sessionByRandomToken.getContextId() + "/" + sessionByRandomToken.getUserId());
                    httpServletResponse.sendError(403);
                } catch (UndeclaredThrowableException e2) {
                    Login.LOG.info("Status code 403 (FORBIDDEN): Unexpected error occurred during login: " + e2.getMessage());
                    httpServletResponse.sendError(403);
                }
            }
        });
        this.handlerMap.put(ACTION_CHANGEIP, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.7
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                String parameter;
                Response response = new Response();
                Session session = null;
                try {
                    parameter = httpServletRequest.getParameter(AJAXServlet.PARAMETER_SESSION);
                } catch (OXException e) {
                    Login.LOG.debug(e.getMessage(), e);
                    response.setException(e);
                }
                if (null == parameter) {
                    if (Login.LOG.isInfoEnabled()) {
                        StringBuilder sb = new StringBuilder(32);
                        sb.append("Parameter \"").append(AJAXServlet.PARAMETER_SESSION).append("\" not found for action ").append(Login.ACTION_CHANGEIP);
                        Login.LOG.info(sb.toString());
                    }
                    throw AjaxExceptionCodes.MISSING_PARAMETER.create(AJAXServlet.PARAMETER_SESSION);
                }
                String parameter2 = httpServletRequest.getParameter(LoginFields.CLIENT_IP_PARAM);
                if (null == parameter2) {
                    if (Login.LOG.isInfoEnabled()) {
                        StringBuilder sb2 = new StringBuilder(32);
                        sb2.append("Parameter \"").append(LoginFields.CLIENT_IP_PARAM).append("\" not found for action ").append(Login.ACTION_CHANGEIP);
                        Login.LOG.info(sb2.toString());
                    }
                    throw AjaxExceptionCodes.MISSING_PARAMETER.create(LoginFields.CLIENT_IP_PARAM);
                }
                session = ((SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class, true)).getSession(parameter);
                LoginConfiguration loginConfiguration = Login.this.confReference.get();
                if (session == null) {
                    if (Login.LOG.isInfoEnabled()) {
                        Login.LOG.info("There is no session associated with session identifier: " + parameter);
                    }
                    throw SessionExceptionCodes.SESSION_EXPIRED.create(new Object[]{parameter});
                }
                SessionServlet.checkIP(loginConfiguration.isIpCheck(), loginConfiguration.getRanges(), session, httpServletRequest.getRemoteAddr(), loginConfiguration.getIpCheckWhitelist());
                String extractSecret = SessionServlet.extractSecret(loginConfiguration.getHashSource(), httpServletRequest, session.getHash(), session.getClient());
                if (extractSecret == null || !session.getSecret().equals(extractSecret)) {
                    if (Login.LOG.isInfoEnabled() && null != extractSecret) {
                        Login.LOG.info("Session secret is different. Given secret \"" + extractSecret + "\" differs from secret in session \"" + session.getSecret() + "\".");
                    }
                    throw SessionExceptionCodes.WRONG_SESSION_SECRET.create();
                }
                String localIp = session.getLocalIp();
                if (!parameter2.equals(localIp)) {
                    Login.LOG.info("Changing IP of session " + session.getSessionID() + " with authID: " + session.getAuthId() + " from " + localIp + " to " + parameter2 + '.');
                    session.setLocalIp(parameter2);
                }
                response.setData(OutlookFolderStorage.OUTLOOK_TREE_ID);
                Tools.disableCaching(httpServletResponse);
                httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
                httpServletResponse.setStatus(200);
                try {
                    ResponseWriter.write(response, httpServletResponse.getWriter(), AJAXServlet.localeFrom(session));
                } catch (JSONException e2) {
                    Login.this.log("Error while writing response object.", e2);
                    AJAXServlet.sendError(httpServletResponse);
                }
            }
        });
        this.handlerMap.put(AJAXServlet.ACTION_REDEEM, new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.8
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                Session sessionByRandomToken;
                String hash;
                String localIp;
                Tools.disableCaching(httpServletResponse);
                httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
                String parameter = httpServletRequest.getParameter(LoginFields.RANDOM_PARAM);
                if (parameter == null) {
                    httpServletResponse.sendError(com.openexchange.groupware.container.Appointment.LOCATION);
                    return;
                }
                SessiondService sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
                if (sessiondService == null) {
                    Throwable create = ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()});
                    Login.LOG.error(create.getMessage(), create);
                    httpServletResponse.sendError(403);
                    return;
                }
                LoginConfiguration loginConfiguration = Login.this.confReference.get();
                if (!loginConfiguration.isInsecure()) {
                    sessionByRandomToken = sessiondService.getSessionByRandomToken(parameter);
                } else if (loginConfiguration.isRedirectIPChangeAllowed()) {
                    sessionByRandomToken = sessiondService.getSessionByRandomToken(parameter, httpServletRequest.getRemoteAddr());
                } else {
                    sessionByRandomToken = sessiondService.getSessionByRandomToken(parameter);
                    if (null != sessionByRandomToken && (null == (localIp = sessionByRandomToken.getLocalIp()) || SessionServlet.isWhitelistedFromIPCheck(localIp, loginConfiguration.getRanges()))) {
                        String remoteAddr = httpServletRequest.getRemoteAddr();
                        if (!remoteAddr.equals(localIp)) {
                            Login.LOG.info("Changing IP of session " + sessionByRandomToken.getSessionID() + " with authID: " + sessionByRandomToken.getAuthId() + " from " + localIp + " to " + remoteAddr + '.');
                            sessionByRandomToken.setLocalIp(remoteAddr);
                        }
                    }
                }
                if (sessionByRandomToken == null) {
                    if (Login.LOG.isDebugEnabled()) {
                        Login.LOG.debug("No session could be found for random token: " + parameter, new Throwable());
                    } else if (Login.LOG.isInfoEnabled()) {
                        Login.LOG.info("No session could be found for random token: " + parameter);
                    }
                    httpServletResponse.sendError(403);
                    return;
                }
                if (loginConfiguration.isInsecure()) {
                    SessionServlet.removeOXCookies(sessionByRandomToken.getHash(), httpServletRequest, httpServletResponse);
                }
                try {
                    Context context = ContextStorage.getInstance().getContext(sessionByRandomToken.getContextId());
                    User user = UserStorage.getInstance().getUser(sessionByRandomToken.getUserId(), context);
                    if (!context.isEnabled() || !user.isMailEnabled()) {
                        Login.LOG.info("Status code 403 (FORBIDDEN): Either context " + context.getContextId() + " or user " + user.getId() + " not enabled");
                        httpServletResponse.sendError(403);
                        return;
                    }
                    String parameter2 = httpServletRequest.getParameter(LoginFields.CLIENT_PARAM);
                    if (loginConfiguration.isInsecure()) {
                        if (null == parameter2) {
                            parameter2 = sessionByRandomToken.getClient();
                        } else {
                            sessionByRandomToken.setClient(parameter2);
                        }
                        hash = HashCalculator.getHash(httpServletRequest, parameter2);
                        sessionByRandomToken.setHash(hash);
                    } else {
                        hash = sessionByRandomToken.getHash();
                    }
                    Login.writeSecretCookie(httpServletResponse, sessionByRandomToken, hash, httpServletRequest.isSecure(), httpServletRequest.getServerName(), loginConfiguration);
                    try {
                        JSONObject jSONObject = new JSONObject();
                        LoginWriter.write(sessionByRandomToken, jSONObject);
                        Login.appendModules(sessionByRandomToken, jSONObject, httpServletRequest);
                        jSONObject.write(httpServletResponse.getWriter());
                    } catch (JSONException e) {
                        Login.this.log("Error while writing response object.", e);
                        AJAXServlet.sendError(httpServletResponse);
                    }
                } catch (OXException e2) {
                    Login.LOG.info("Status code 403 (FORBIDDEN): Couldn't resolve context/user by identifier: " + sessionByRandomToken.getContextId() + "/" + sessionByRandomToken.getUserId());
                    httpServletResponse.sendError(403);
                } catch (UndeclaredThrowableException e3) {
                    Login.LOG.info("Status code 403 (FORBIDDEN): Unexpected error occurred during login: " + e3.getMessage());
                    httpServletResponse.sendError(403);
                }
            }
        });
        this.handlerMap.put("autologin", new LoginRequestHandler() { // from class: com.openexchange.ajax.Login.9
            @Override // com.openexchange.ajax.login.LoginRequestHandler
            public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                LoginConfiguration loginConfiguration;
                Tools.disableCaching(httpServletResponse);
                httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
                Response response = new Response();
                Session session = null;
                try {
                    loginConfiguration = Login.this.confReference.get();
                } catch (OXException e) {
                    if (AjaxExceptionCodes.DISABLED_ACTION.equals(e)) {
                        Login.LOG.debug(e.getMessage(), e);
                    } else {
                        e.log(Login.LOG);
                    }
                    if (SessionServlet.isIpCheckError(e) && null != session) {
                        try {
                            SessiondService sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
                            SessionServlet.removeOXCookies(session.getHash(), httpServletRequest, httpServletResponse);
                            SessionServlet.removeJSESSIONID(httpServletRequest, httpServletResponse);
                            sessiondService.removeSession(session.getSessionID());
                        } catch (Exception e2) {
                            Login.LOG.error("Cookies could not be removed.", e2);
                        }
                    }
                    response.setException(e);
                } catch (JSONException e3) {
                    OXException create = OXJSONExceptionCodes.JSON_WRITE_ERROR.create(e3, new Object[0]);
                    Login.LOG.error(create.getMessage(), create);
                    response.setException(create);
                }
                if (!loginConfiguration.isSessiondAutoLogin()) {
                    if (Login.this.doAutoLogin(httpServletRequest, httpServletResponse)) {
                        throw AjaxExceptionCodes.DISABLED_ACTION.create("autologin");
                    }
                    return;
                }
                Cookie[] cookies = httpServletRequest.getCookies();
                if (cookies == null) {
                    cookies = new Cookie[0];
                }
                SessiondService sessiondService2 = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
                if (null == sessiondService2) {
                    Throwable create2 = ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()});
                    Login.LOG.error(create2.getMessage(), create2);
                    httpServletResponse.sendError(403);
                    return;
                }
                String str = null;
                String hash = HashCalculator.getHash(httpServletRequest);
                String str2 = Login.SESSION_PREFIX + hash;
                String str3 = Login.SECRET_PREFIX + hash;
                for (Cookie cookie : cookies) {
                    String name = cookie.getName();
                    if (name.startsWith(str2)) {
                        session = sessiondService2.getSession(cookie.getValue());
                        if (null != session) {
                            if (loginConfiguration.isIpCheck()) {
                                String remoteAddr = httpServletRequest.getRemoteAddr();
                                SessionServlet.checkIP(true, loginConfiguration.getRanges(), session, remoteAddr, loginConfiguration.getIpCheckWhitelist());
                                Login.this.updateIPAddress(remoteAddr, session);
                            } else {
                                Login.this.updateIPAddress(httpServletRequest.getRemoteAddr(), session);
                            }
                            try {
                                Context context = ContextStorage.getInstance().getContext(session.getContextId());
                                User user = UserStorage.getInstance().getUser(session.getUserId(), context);
                                if (!context.isEnabled() || !user.isMailEnabled()) {
                                    throw LoginExceptionCodes.INVALID_CREDENTIALS.create();
                                }
                                JSONObject jSONObject = new JSONObject();
                                LoginWriter.write(session, jSONObject);
                                Login.appendModules(session, jSONObject, httpServletRequest);
                                response.setData(jSONObject);
                                if (null != str) {
                                    break;
                                }
                            } catch (UndeclaredThrowableException e4) {
                                throw LoginExceptionCodes.UNKNOWN.create(e4, new Object[]{e4.getMessage()});
                            }
                        }
                    } else {
                        if (name.startsWith(str3)) {
                            str = cookie.getValue();
                            if (null != session) {
                                break;
                            }
                        } else {
                            continue;
                        }
                    }
                }
                if (null == response.getData() || session == null || str == null || !session.getSecret().equals(str)) {
                    SessionServlet.removeOXCookies(hash, httpServletRequest, httpServletResponse);
                    SessionServlet.removeJSESSIONID(httpServletRequest, httpServletResponse);
                    if (Login.this.doAutoLogin(httpServletRequest, httpServletResponse)) {
                        throw OXJSONExceptionCodes.INVALID_COOKIE.create();
                    }
                    return;
                }
                Tools.disableCaching(httpServletResponse);
                httpServletResponse.setStatus(200);
                httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
                try {
                    if (response.hasError()) {
                        ResponseWriter.write(response, httpServletResponse.getWriter(), AJAXServlet.localeFrom(session));
                    } else {
                        ((JSONObject) response.getData()).write(httpServletResponse.getWriter());
                    }
                } catch (JSONException e5) {
                    Login.this.log("Error while writing response object.", e5);
                    AJAXServlet.sendError(httpServletResponse);
                }
            }
        });
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        String str;
        super.init(servletConfig);
        String initParameter = servletConfig.getInitParameter(ServerConfig.Property.UI_WEB_PATH.getPropertyName());
        boolean parseBoolean = Boolean.parseBoolean(servletConfig.getInitParameter(ConfigurationProperty.SESSIOND_AUTOLOGIN.getPropertyName()));
        CookieHashSource parse = CookieHashSource.parse(servletConfig.getInitParameter(ServerConfig.Property.COOKIE_HASH.getPropertyName()));
        String initParameter2 = servletConfig.getInitParameter(ConfigurationProperty.HTTP_AUTH_AUTOLOGIN.getPropertyName());
        String initParameter3 = servletConfig.getInitParameter(ConfigurationProperty.HTTP_AUTH_CLIENT.getPropertyName());
        String initParameter4 = servletConfig.getInitParameter(ConfigurationProperty.HTTP_AUTH_VERSION.getPropertyName());
        String initParameter5 = servletConfig.getInitParameter(ConfigurationProperty.ERROR_PAGE_TEMPLATE.getPropertyName());
        if (null == initParameter5) {
            str = ERROR_PAGE_TEMPLATE;
        } else {
            try {
                str = IOTools.getFileContents(new File(initParameter5));
                LOG.info("Found an error page template at " + initParameter5);
            } catch (FileNotFoundException e) {
                LOG.error("Could not find an error page template at " + initParameter5 + ", using default.");
                str = ERROR_PAGE_TEMPLATE;
            }
        }
        int parseTimespanSecs = ConfigTools.parseTimespanSecs(servletConfig.getInitParameter(ServerConfig.Property.COOKIE_TTL.getPropertyName()));
        boolean z = Boolean.parseBoolean(servletConfig.getInitParameter(ServerConfig.Property.COOKIE_FORCE_HTTPS.getPropertyName())) || Boolean.parseBoolean(servletConfig.getInitParameter(ServerConfig.Property.FORCE_HTTPS.getPropertyName()));
        boolean parseBoolean2 = Boolean.parseBoolean(servletConfig.getInitParameter(ConfigurationProperty.INSECURE.getPropertyName()));
        boolean parseBoolean3 = Boolean.parseBoolean(servletConfig.getInitParameter(ServerConfig.Property.IP_CHECK.getPropertyName()));
        ClientWhitelist add = new ClientWhitelist().add(servletConfig.getInitParameter(ServerConfig.Property.IP_CHECK_WHITELIST.getPropertyName()));
        boolean parseBoolean4 = Boolean.parseBoolean(servletConfig.getInitParameter(ConfigurationProperty.REDIRECT_IP_CHANGE_ALLOWED.getPropertyName()));
        Java7ConcurrentLinkedQueue java7ConcurrentLinkedQueue = new Java7ConcurrentLinkedQueue();
        String initParameter6 = servletConfig.getInitParameter(ConfigurationProperty.NO_IP_CHECK_RANGE.getPropertyName());
        if (initParameter6 != null) {
            for (String str2 : initParameter6.split("\n")) {
                String replaceAll = str2.replaceAll("\\s", "");
                if (!replaceAll.equals("") && (replaceAll.length() == 0 || replaceAll.charAt(0) != '#')) {
                    java7ConcurrentLinkedQueue.add(IPRange.parseRange(replaceAll));
                }
            }
        }
        LoginConfiguration loginConfiguration = new LoginConfiguration(initParameter, parseBoolean, parse, initParameter2, initParameter3, initParameter4, str, parseTimespanSecs, z, parseBoolean2, parseBoolean3, add, parseBoolean4, java7ConcurrentLinkedQueue);
        this.confReference.set(loginConfiguration);
        this.handlerMap.put(ACTION_FORMLOGIN, new FormLogin(loginConfiguration));
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(AJAXServlet.PARAMETER_ACTION);
        String servletSpecificURI = getServletSpecificURI(httpServletRequest);
        if (null != servletSpecificURI && servletSpecificURI.length() > 0 && servletSpecificURI.startsWith("/httpAuth")) {
            doHttpAuth(httpServletRequest, httpServletResponse);
        } else if (null != parameter) {
            doJSONAuth(httpServletRequest, httpServletResponse, parameter);
        } else {
            logAndSendException(httpServletResponse, AjaxExceptionCodes.MISSING_PARAMETER.create(AJAXServlet.PARAMETER_ACTION));
        }
    }

    private void doJSONAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        LoginRequestHandler loginRequestHandler = this.handlerMap.get(str);
        if (null == loginRequestHandler) {
            logAndSendException(httpServletResponse, AjaxExceptionCodes.UNKNOWN_ACTION.create(str));
        } else {
            loginRequestHandler.handleRequest(httpServletRequest, httpServletResponse);
        }
    }

    private void doHttpAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (httpServletRequest.getHeader(Header.AUTH_HEADER) == null) {
            httpServletResponse.addHeader("WWW-Authenticate", "NEGOTIATE");
            httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Open-Xchange\"");
            httpServletResponse.sendError(com.openexchange.groupware.container.Appointment.FULL_TIME, "Authorization Required!");
            return;
        }
        try {
            doAuthHeaderLogin(httpServletRequest, httpServletResponse);
        } catch (OXException e) {
            LOG.error(e.getMessage(), e);
            httpServletResponse.addHeader("WWW-Authenticate", "NEGOTIATE");
            httpServletResponse.addHeader("WWW-Authenticate", "Basic realm=\"Open-Xchange\"");
            httpServletResponse.sendError(com.openexchange.groupware.container.Appointment.FULL_TIME, e.getMessage());
        }
    }

    protected void updateIPAddress(String str, Session session) {
        if (this.confReference.get().isInsecure()) {
            String localIp = session.getLocalIp();
            if (null == str || str.equals(localIp)) {
                return;
            }
            LOG.info(new StringAllocator("Updating sessions IP address. authID: ").append(session.getAuthId()).append(", sessionID: ").append(session.getSessionID()).append(", old ip: ").append(localIp).append(", new ip: ").append(str).toString());
            session.setLocalIp(str);
        }
    }

    private void doCookieReWrite(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, CookieType cookieType) throws OXException, JSONException, IOException {
        Props optLogProperties;
        Props optLogProperties2;
        LoginConfiguration loginConfiguration = this.confReference.get();
        if (!loginConfiguration.isSessiondAutoLogin() && CookieType.SESSION == cookieType) {
            throw AjaxExceptionCodes.DISABLED_ACTION.create(AJAXServlet.ACTION_STORE);
        }
        SessiondService sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
        if (null == sessiondService) {
            throw ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()});
        }
        String parameter = httpServletRequest.getParameter(AJAXServlet.PARAMETER_SESSION);
        if (null == parameter) {
            throw AjaxExceptionCodes.MISSING_PARAMETER.create(AJAXServlet.PARAMETER_SESSION);
        }
        ServerSession session = SessionServlet.getSession(loginConfiguration.getHashSource(), httpServletRequest, parameter, sessiondService);
        try {
            SessionServlet.checkIP(loginConfiguration.isIpCheck(), loginConfiguration.getRanges(), session, httpServletRequest.getRemoteAddr(), loginConfiguration.getIpCheckWhitelist());
            if (cookieType == CookieType.SESSION) {
                writeSessionCookie(httpServletResponse, session, session.getHash(), httpServletRequest.isSecure(), httpServletRequest.getServerName());
            } else {
                writeSecretCookie(httpServletResponse, session, session.getHash(), httpServletRequest.isSecure(), httpServletRequest.getServerName(), loginConfiguration);
            }
            httpServletRequest.getSession();
            Response response = new Response();
            response.setData(OutlookFolderStorage.OUTLOOK_TREE_ID);
            ResponseWriter.write(response, httpServletResponse.getWriter(), localeFrom((Session) session));
            if (!LogProperties.isEnabled() || null == (optLogProperties2 = LogProperties.optLogProperties())) {
                return;
            }
            optLogProperties2.remove("com.openexchange.session.sessionId");
            optLogProperties2.remove("com.openexchange.session.userId");
            optLogProperties2.remove("com.openexchange.session.contextId");
            optLogProperties2.remove("com.openexchange.session.clientId");
            optLogProperties2.remove("com.openexchange.session.session");
        } catch (Throwable th) {
            if (LogProperties.isEnabled() && null != (optLogProperties = LogProperties.optLogProperties())) {
                optLogProperties.remove("com.openexchange.session.sessionId");
                optLogProperties.remove("com.openexchange.session.userId");
                optLogProperties.remove("com.openexchange.session.contextId");
                optLogProperties.remove("com.openexchange.session.clientId");
                optLogProperties.remove("com.openexchange.session.session");
            }
            throw th;
        }
    }

    protected void doStore(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OXException, JSONException, IOException {
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        doCookieReWrite(httpServletRequest, httpServletResponse, CookieType.SESSION);
    }

    protected void doRefreshSecret(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OXException, JSONException, IOException {
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        doCookieReWrite(httpServletRequest, httpServletResponse, CookieType.SECRET);
    }

    protected static void logAndSendException(HttpServletResponse httpServletResponse, OXException oXException) throws IOException {
        LOG.debug(oXException.getMessage(), oXException);
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        Response response = new Response();
        response.setException(oXException);
        Send.sendResponse(response, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    @Deprecated
    protected void writeSecretCookie(HttpServletResponse httpServletResponse, Session session, String str, boolean z) {
        writeSecretCookie(httpServletResponse, session, str, z, null, this.confReference.get());
    }

    public static void writeSecretCookie(HttpServletResponse httpServletResponse, Session session, String str, boolean z, String str2, LoginConfiguration loginConfiguration) {
        Cookie cookie = new Cookie(SECRET_PREFIX + str, session.getSecret());
        configureCookie(cookie, z, str2, loginConfiguration);
        httpServletResponse.addCookie(cookie);
        String str3 = (String) session.getParameter(Session.PARAM_ALTERNATIVE_ID);
        if (null != str3) {
            Cookie cookie2 = new Cookie(PUBLIC_SESSION_NAME, str3);
            configureCookie(cookie2, z, str2, loginConfiguration);
            httpServletResponse.addCookie(cookie2);
        }
    }

    @Deprecated
    protected void writeSessionCookie(HttpServletResponse httpServletResponse, Session session, String str, boolean z) {
        writeSessionCookie(httpServletResponse, session, str, z, null);
    }

    protected void writeSessionCookie(HttpServletResponse httpServletResponse, Session session, String str, boolean z, String str2) {
        Cookie cookie = new Cookie(SESSION_PREFIX + str, session.getSessionID());
        configureCookie(cookie, z, str2, this.confReference.get());
        httpServletResponse.addCookie(cookie);
    }

    private static void configureCookie(Cookie cookie, boolean z, String str, LoginConfiguration loginConfiguration) {
        cookie.setPath("/");
        if (z || (loginConfiguration.isCookieForceHTTPS() && !Cookies.isLocalLan(str))) {
            cookie.setSecure(true);
        }
        if (loginConfiguration.isSessiondAutoLogin() || loginConfiguration.getCookieExpiry() < 0) {
            cookie.setMaxAge(loginConfiguration.getCookieExpiry());
        }
        String domainValue = Cookies.getDomainValue(null == str ? (String) LogProperties.getLogProperty("com.openexchange.ajp13.serverName") : str);
        if (null != domainValue) {
            cookie.setDomain(domainValue);
        }
    }

    protected boolean doAutoLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, OXException {
        return loginOperation(httpServletRequest, httpServletResponse, new LoginClosure() { // from class: com.openexchange.ajax.Login.10
            @Override // com.openexchange.ajax.Login.LoginClosure
            public LoginResult doLogin(HttpServletRequest httpServletRequest2) throws OXException {
                return LoginPerformer.getInstance().doAutoLogin(Login.this.parseAutoLoginRequest(httpServletRequest2));
            }
        });
    }

    protected void doLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, OXException {
        loginOperation(httpServletRequest, httpServletResponse, new LoginClosure() { // from class: com.openexchange.ajax.Login.11
            @Override // com.openexchange.ajax.Login.LoginClosure
            public LoginResult doLogin(HttpServletRequest httpServletRequest2) throws OXException {
                return LoginPerformer.getInstance().doLogin(Login.parseLogin(httpServletRequest2, "name", false, Login.this.confReference.get().getDefaultClient()));
            }
        });
    }

    protected void doOAuthLogin(HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws IOException, OXException {
        loginOperation(httpServletRequest, httpServletResponse, new LoginClosure() { // from class: com.openexchange.ajax.Login.12
            @Override // com.openexchange.ajax.Login.LoginClosure
            public LoginResult doLogin(HttpServletRequest httpServletRequest2) throws OXException {
                try {
                    OAuthProviderService oAuthProviderService = (OAuthProviderService) ServerServiceRegistry.getInstance().getService(OAuthProviderService.class);
                    OAuthMessage message = OAuthServlet.getMessage(httpServletRequest2, (String) null);
                    OAuthAccessor accessor = oAuthProviderService.getAccessor(message);
                    oAuthProviderService.getValidator().validateMessage(message, accessor);
                    return LoginPerformer.getInstance().doLogin(Login.parseLogin(httpServletRequest2, (String) accessor.getProperty("login"), (String) accessor.getProperty("password"), false, Login.this.confReference.get().getDefaultClient()));
                } catch (OAuthException e) {
                    throw LoginExceptionCodes.UNKNOWN.create(e, new Object[]{e.getMessage()});
                } catch (OAuthProblemException e2) {
                    try {
                        handleException(e2, httpServletRequest2, httpServletResponse, false);
                        return null;
                    } catch (IOException e3) {
                        throw LoginExceptionCodes.UNKNOWN.create(e3, new Object[]{e3.getMessage()});
                    } catch (ServletException e4) {
                        throw LoginExceptionCodes.UNKNOWN.create(e4, new Object[]{e4.getMessage()});
                    }
                } catch (IOException e5) {
                    throw LoginExceptionCodes.UNKNOWN.create(e5, new Object[]{e5.getMessage()});
                } catch (URISyntaxException e6) {
                    throw LoginExceptionCodes.UNKNOWN.create(e6, new Object[]{e6.getMessage()});
                }
            }

            private void handleException(Exception exc, HttpServletRequest httpServletRequest2, HttpServletResponse httpServletResponse2, boolean z) throws IOException, ServletException {
                StringAllocator append = new StringAllocator(32).append(httpServletRequest2.isSecure() ? "https://" : "http://");
                append.append(httpServletRequest2.getLocalName());
                OAuthServlet.handleException(httpServletResponse2, exc, append.toString(), z);
            }
        });
    }

    private boolean loginOperation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, LoginClosure loginClosure) throws IOException, OXException {
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        Response response = new Response();
        LoginResult loginResult = null;
        try {
            HashMap hashMap = new HashMap(1);
            hashMap.put("http.request", httpServletRequest);
            String parameter = httpServletRequest.getParameter(FolderFields.CAPABILITIES);
            if (null != parameter) {
                hashMap.put("client.capabilities", parameter);
            }
            loginResult = loginClosure.doLogin(httpServletRequest);
        } catch (JSONException e) {
            OXException create = OXJSONExceptionCodes.JSON_WRITE_ERROR.create(e, new Object[0]);
            LOG.error(create.getMessage(), create);
            response.setException(create);
        } catch (OXException e2) {
            if (AjaxExceptionCodes.PREFIX.equals(e2.getPrefix())) {
                throw e2;
            }
            if (LoginExceptionCodes.NOT_SUPPORTED.equals(e2)) {
                LOG.debug(e2.getMessage(), e2);
                throw AjaxExceptionCodes.DISABLED_ACTION.create("autologin");
            }
            if (LoginExceptionCodes.REDIRECT.equals(e2)) {
                LOG.debug(e2.getMessage(), e2);
            } else {
                LOG.error(e2.getMessage(), e2);
            }
            response.setException(e2);
        }
        if (null == loginResult) {
            return true;
        }
        addHeadersAndCookies(loginResult, httpServletResponse);
        ResultCode code = loginResult.getCode();
        try {
            if (null != code) {
                switch (AnonymousClass16.$SwitchMap$com$openexchange$authentication$ResultCode[code.ordinal()]) {
                    case 1:
                        return true;
                    case 2:
                        throw LoginExceptionCodes.REDIRECT.create(new Object[]{loginResult.getRedirect()});
                }
                if (!response.hasError() || null == loginResult) {
                    ResponseWriter.write(response, httpServletResponse.getWriter());
                    return false;
                }
                Session session = loginResult.getSession();
                SessionServlet.rememberSession(httpServletRequest, new ServerSessionAdapter(session, loginResult.getContext(), loginResult.getUser()));
                writeSecretCookie(httpServletResponse, session, session.getHash(), httpServletRequest.isSecure(), httpServletRequest.getServerName(), this.confReference.get());
                if (httpServletRequest.getParameter(ContactFields.CALLBACK) == null || !httpServletRequest.getParameter(AJAXServlet.PARAMETER_ACTION).equals("login")) {
                    ((JSONObject) response.getData()).write(httpServletResponse.getWriter());
                } else {
                    APIResponseRenderer.writeResponse(response, "login", httpServletRequest, httpServletResponse);
                }
                return false;
            }
            if (response.hasError()) {
            }
            ResponseWriter.write(response, httpServletResponse.getWriter());
            return false;
        } catch (JSONException e3) {
            if (e3.getCause() instanceof IOException) {
                throw ((IOException) e3.getCause());
            }
            LOG.error("Error while writing response object.", e3);
            sendError(httpServletResponse);
            return false;
        }
        Session session2 = loginResult.getSession();
        session2.setParameter(Header.USER_AGENT, httpServletRequest.getHeader(Header.USER_AGENT));
        JSONObject jSONObject = new JSONObject();
        LoginWriter.write(loginResult, jSONObject);
        if (httpServletRequest.getParameter("multiple") != null) {
            jSONObject.put("multiple", Multiple.perform(new JSONArray(httpServletRequest.getParameter("multiple")), httpServletRequest, ServerSessionAdapter.valueOf(session2)));
        }
        appendModules(session2, jSONObject, httpServletRequest);
        response.setData(jSONObject);
    }

    private static void addHeadersAndCookies(LoginResult loginResult, HttpServletResponse httpServletResponse) {
        com.openexchange.authentication.Cookie[] cookies = loginResult.getCookies();
        if (null != cookies) {
            for (com.openexchange.authentication.Cookie cookie : cookies) {
                httpServletResponse.addCookie(wrapCookie(cookie));
            }
        }
        com.openexchange.authentication.Header[] headers = loginResult.getHeaders();
        if (null != headers) {
            for (com.openexchange.authentication.Header header : headers) {
                httpServletResponse.addHeader(header.getName(), header.getValue());
            }
        }
    }

    private static Cookie wrapCookie(com.openexchange.authentication.Cookie cookie) {
        return new Cookie(cookie.getName(), cookie.getValue());
    }

    public static LoginRequest parseLogin(HttpServletRequest httpServletRequest, String str, boolean z, String str2) throws OXException {
        String parameter = httpServletRequest.getParameter(str);
        if (null == parameter) {
            throw AjaxExceptionCodes.MISSING_PARAMETER.create(str);
        }
        ConfigurationService configurationService = (ConfigurationService) ServerServiceRegistry.getInstance().getService(ConfigurationService.class);
        String property = null == configurationService ? null : configurationService.getProperty("com.openexchange.login.disableTrimLogin");
        if (null == property || !Boolean.parseBoolean(property.toString())) {
            parameter = parameter.trim();
        }
        String str3 = parameter;
        String parameter2 = httpServletRequest.getParameter("password");
        if (null == parameter2) {
            throw AjaxExceptionCodes.MISSING_PARAMETER.create("password");
        }
        return parseLogin(httpServletRequest, str3, parameter2, z, str2);
    }

    protected static LoginRequest parseLogin(final HttpServletRequest httpServletRequest, final String str, final String str2, boolean z, String str3) throws OXException {
        String parameter;
        final String parseAuthId = parseAuthId(httpServletRequest, z);
        final String parseClient = parseClient(httpServletRequest, z, str3);
        if (null != httpServletRequest.getParameter("version")) {
            parameter = httpServletRequest.getParameter("version");
        } else {
            if (z) {
                throw AjaxExceptionCodes.MISSING_PARAMETER.create("version");
            }
            parameter = null;
        }
        final String parseClientIP = parseClientIP(httpServletRequest);
        final String parseUserAgent = parseUserAgent(httpServletRequest);
        final boolean parseVolatile = parseVolatile(httpServletRequest, false);
        final Map<String, List<String>> copyHeaders = Tools.copyHeaders(httpServletRequest);
        final com.openexchange.authentication.Cookie[] cookieFromHeader = Tools.getCookieFromHeader(httpServletRequest);
        final String str4 = parameter;
        return new LoginRequest() { // from class: com.openexchange.ajax.Login.13
            private final String hash;

            {
                this.hash = HashCalculator.getHash(httpServletRequest, parseUserAgent, parseClient);
            }

            @Override // com.openexchange.login.LoginRequest
            public boolean isVolatile() {
                return parseVolatile;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getLogin() {
                return str;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getPassword() {
                return str2;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getClientIP() {
                return parseClientIP;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getUserAgent() {
                return parseUserAgent;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getAuthId() {
                return parseAuthId;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getClient() {
                return parseClient;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getVersion() {
                return str4;
            }

            @Override // com.openexchange.login.LoginRequest
            public Interface getInterface() {
                return Interface.HTTP_JSON;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getHash() {
                return this.hash;
            }

            @Override // com.openexchange.login.LoginRequest
            public Map<String, List<String>> getHeaders() {
                return copyHeaders;
            }

            @Override // com.openexchange.login.LoginRequest
            public com.openexchange.authentication.Cookie[] getCookies() {
                return cookieFromHeader;
            }
        };
    }

    protected LoginRequest parseAutoLoginRequest(final HttpServletRequest httpServletRequest) throws OXException {
        final String parseAuthId = parseAuthId(httpServletRequest, false);
        final String parseClient = parseClient(httpServletRequest, false, this.confReference.get().getDefaultClient());
        final String parseClientIP = parseClientIP(httpServletRequest);
        final String parseUserAgent = parseUserAgent(httpServletRequest);
        final boolean parseVolatile = parseVolatile(httpServletRequest, false);
        final Map<String, List<String>> copyHeaders = Tools.copyHeaders(httpServletRequest);
        final com.openexchange.authentication.Cookie[] cookieFromHeader = Tools.getCookieFromHeader(httpServletRequest);
        return new LoginRequest() { // from class: com.openexchange.ajax.Login.14
            private final String hash;

            {
                this.hash = HashCalculator.getHash(httpServletRequest, parseClient);
            }

            @Override // com.openexchange.login.LoginRequest
            public boolean isVolatile() {
                return parseVolatile;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getVersion() {
                return null;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getUserAgent() {
                return parseUserAgent;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getPassword() {
                return null;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getLogin() {
                return null;
            }

            @Override // com.openexchange.login.LoginRequest
            public Interface getInterface() {
                return Interface.HTTP_JSON;
            }

            @Override // com.openexchange.login.LoginRequest
            public Map<String, List<String>> getHeaders() {
                return copyHeaders;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getHash() {
                return this.hash;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getClientIP() {
                return parseClientIP;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getClient() {
                return parseClient;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getAuthId() {
                return parseAuthId;
            }

            @Override // com.openexchange.login.LoginRequest
            public com.openexchange.authentication.Cookie[] getCookies() {
                return cookieFromHeader;
            }
        };
    }

    private static boolean parseVolatile(HttpServletRequest httpServletRequest, boolean z) {
        String parameter = httpServletRequest.getParameter(LoginFields.VOLATILE);
        return isEmpty(parameter) ? z : Boolean.parseBoolean(parameter.trim());
    }

    private static String parseUserAgent(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(LoginFields.USER_AGENT);
        return null == parameter ? httpServletRequest.getHeader(Header.USER_AGENT) : parameter;
    }

    private static String parseClientIP(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(LoginFields.CLIENT_IP_PARAM);
        return null == parameter ? httpServletRequest.getRemoteAddr() : parameter;
    }

    private static String parseClient(HttpServletRequest httpServletRequest, boolean z, String str) throws OXException {
        String parameter = httpServletRequest.getParameter(LoginFields.CLIENT_PARAM);
        if (null != parameter) {
            return parameter;
        }
        if (z) {
            throw AjaxExceptionCodes.MISSING_PARAMETER.create(LoginFields.CLIENT_PARAM);
        }
        return str;
    }

    private String parseClient(HttpServletRequest httpServletRequest) {
        try {
            return parseClient(httpServletRequest, false, this.confReference.get().getDefaultClient());
        } catch (OXException e) {
            return this.confReference.get().getDefaultClient();
        }
    }

    private static String parseAuthId(HttpServletRequest httpServletRequest, boolean z) throws OXException {
        String parameter = httpServletRequest.getParameter(LoginFields.AUTHID_PARAM);
        if (null != parameter) {
            return parameter;
        }
        if (z) {
            throw AjaxExceptionCodes.MISSING_PARAMETER.create(LoginFields.AUTHID_PARAM);
        }
        return UUIDs.getUnformattedString(UUID.randomUUID());
    }

    protected static void appendModules(Session session, JSONObject jSONObject, HttpServletRequest httpServletRequest) {
        if (parseBoolean(httpServletRequest.getParameter("modules"))) {
            try {
                Setting settingByPath = ConfigTree.getInstance().getSettingByPath("modules");
                SettingStorage.getInstance(session).readValues(settingByPath);
                jSONObject.put("modules", ConfigMenu.convert2JS(settingByPath));
            } catch (OXException e) {
                LOG.warn("Modules could not be added to login JSON response: " + e.getMessage(), e);
            } catch (JSONException e2) {
                LOG.warn("Modules could not be added to login JSON response: " + e2.getMessage(), e2);
            }
        }
    }

    private static boolean parseBoolean(String str) {
        return "true".equalsIgnoreCase(str) || OutlookFolderStorage.OUTLOOK_TREE_ID.equals(str) || "yes".equalsIgnoreCase(str) || "on".equalsIgnoreCase(str);
    }

    private void doAuthHeaderLogin(final HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OXException, IOException {
        Authorization.Credentials credentials;
        String str;
        String header = httpServletRequest.getHeader(Header.AUTH_HEADER);
        if (!Authorization.checkForAuthorizationHeader(header)) {
            throw LoginExceptionCodes.UNKNOWN_HTTP_AUTHORIZATION.create();
        }
        LoginConfiguration loginConfiguration = this.confReference.get();
        if (Authorization.checkForBasicAuthorization(header)) {
            credentials = Authorization.decode(header);
            str = loginConfiguration.getClientVersion();
        } else {
            if (!Authorization.checkForKerberosAuthorization(header)) {
                throw LoginExceptionCodes.UNKNOWN_HTTP_AUTHORIZATION.create(new Object[]{""});
            }
            credentials = new Authorization.Credentials("kerberos", "");
            str = "Kerberos";
        }
        final String parseClient = parseClient(httpServletRequest);
        final String parseClientIP = parseClientIP(httpServletRequest);
        final String parseUserAgent = parseUserAgent(httpServletRequest);
        final boolean parseVolatile = parseVolatile(httpServletRequest, false);
        final Map<String, List<String>> copyHeaders = Tools.copyHeaders(httpServletRequest);
        final com.openexchange.authentication.Cookie[] cookieFromHeader = Tools.getCookieFromHeader(httpServletRequest);
        final String str2 = str;
        final Authorization.Credentials credentials2 = credentials;
        LoginRequest loginRequest = new LoginRequest() { // from class: com.openexchange.ajax.Login.15
            private final String hash;

            {
                this.hash = HashCalculator.getHash(httpServletRequest, parseUserAgent, parseClient);
            }

            @Override // com.openexchange.login.LoginRequest
            public boolean isVolatile() {
                return parseVolatile;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getVersion() {
                return str2;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getUserAgent() {
                return parseUserAgent;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getPassword() {
                return credentials2.getPassword();
            }

            @Override // com.openexchange.login.LoginRequest
            public String getLogin() {
                return credentials2.getLogin();
            }

            @Override // com.openexchange.login.LoginRequest
            public Interface getInterface() {
                return Interface.HTTP_JSON;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getHash() {
                return this.hash;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getClientIP() {
                return parseClientIP;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getClient() {
                return parseClient;
            }

            @Override // com.openexchange.login.LoginRequest
            public String getAuthId() {
                return UUIDs.getUnformattedString(UUID.randomUUID());
            }

            @Override // com.openexchange.login.LoginRequest
            public Map<String, List<String>> getHeaders() {
                return copyHeaders;
            }

            @Override // com.openexchange.login.LoginRequest
            public com.openexchange.authentication.Cookie[] getCookies() {
                return cookieFromHeader;
            }
        };
        HashMap hashMap = new HashMap(1);
        hashMap.put("http.request", httpServletRequest);
        String parameter = httpServletRequest.getParameter(FolderFields.CAPABILITIES);
        if (null != parameter) {
            hashMap.put("client.capabilities", parameter);
        }
        LoginResult doLogin = LoginPerformer.getInstance().doLogin(loginRequest, hashMap);
        Session session = doLogin.getSession();
        Tools.disableCaching(httpServletResponse);
        writeSecretCookie(httpServletResponse, session, session.getHash(), httpServletRequest.isSecure(), httpServletRequest.getServerName(), loginConfiguration);
        addHeadersAndCookies(doLogin, httpServletResponse);
        httpServletResponse.sendRedirect(LoginTools.generateRedirectURL(null, loginConfiguration.getHttpAuthAutoLogin(), session.getSessionID(), loginConfiguration.getUiWebPath()));
    }

    private static boolean isEmpty(String str) {
        if (null == str) {
            return true;
        }
        int length = str.length();
        boolean z = true;
        for (int i = 0; z && i < length; i++) {
            z = Character.isWhitespace(str.charAt(i));
        }
        return z;
    }
}
