package com.openexchange.ajax.login;

import com.openexchange.ajax.LoginServlet;
import com.openexchange.ajax.fields.LoginFields;
import com.openexchange.authentication.BasicAuthenticationService;
import com.openexchange.authentication.LoginExceptionCodes;
import com.openexchange.authentication.LoginInfo;
import com.openexchange.authentication.ResponseEnhancement;
import com.openexchange.authentication.ResultCode;
import com.openexchange.authentication.SessionEnhancement;
import com.openexchange.authentication.service.Authentication;
import com.openexchange.authorization.Authorization;
import com.openexchange.authorization.AuthorizationService;
import com.openexchange.config.ConfigurationService;
import com.openexchange.context.ContextService;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.ldap.User;
import com.openexchange.log.LogProperties;
import com.openexchange.login.LoginRampUpService;
import com.openexchange.login.LoginResult;
import com.openexchange.login.internal.AbstractJsonEnhancingLoginResult;
import com.openexchange.login.internal.AddSessionParameterImpl;
import com.openexchange.login.internal.LoginPerformer;
import com.openexchange.server.ServiceExceptionCode;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.session.Session;
import com.openexchange.sessiond.SessiondService;
import com.openexchange.share.AuthenticationMode;
import com.openexchange.share.GuestInfo;
import com.openexchange.share.ShareExceptionCodes;
import com.openexchange.share.ShareService;
import com.openexchange.share.ShareTarget;
import com.openexchange.share.ShareTargetPath;
import com.openexchange.share.groupware.ModuleSupport;
import com.openexchange.share.groupware.TargetProxy;
import com.openexchange.tools.servlet.AjaxExceptionCodes;
import com.openexchange.tools.servlet.http.Cookies;
import java.io.IOException;
import java.util.List;
import java.util.Set;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/openexchange/ajax/login/AbstractShareBasedLoginRequestHandler.class */
public abstract class AbstractShareBasedLoginRequestHandler extends AbstractLoginRequestHandler {
    protected final ShareLoginConfiguration conf;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/openexchange/ajax/login/AbstractShareBasedLoginRequestHandler$ShareLoginClosure.class */
    public final class ShareLoginClosure implements LoginClosure {
        private final GuestInfo guest;
        private final ShareTarget target;
        private final LoginConfiguration conf;
        private final HttpServletRequest httpRequest;

        private ShareLoginClosure(GuestInfo guestInfo, ShareTarget shareTarget, LoginConfiguration loginConfiguration, HttpServletRequest httpServletRequest) {
            this.guest = guestInfo;
            this.target = shareTarget;
            this.conf = loginConfiguration;
            this.httpRequest = httpServletRequest;
        }

        @Override // com.openexchange.ajax.login.LoginClosure
        public LoginResult doLogin(HttpServletRequest httpServletRequest) throws OXException {
            try {
                if (false == AbstractShareBasedLoginRequestHandler.this.checkAuthenticationMode(this.guest.getAuthentication())) {
                    throw LoginExceptionCodes.INVALID_CREDENTIALS.create();
                }
                BasicAuthenticationService basicService = Authentication.getBasicService();
                if (null == basicService) {
                    throw ServiceExceptionCode.absentService(BasicAuthenticationService.class);
                }
                LoginInfo loginInfoFrom = AbstractShareBasedLoginRequestHandler.this.getLoginInfoFrom(this.httpRequest);
                ContextService contextService = (ContextService) ServerServiceRegistry.getInstance().getService(ContextService.class);
                if (null == contextService) {
                    throw ServiceExceptionCode.absentService(ContextService.class);
                }
                Context context = contextService.getContext(this.guest.getContextID());
                User authenticateUser = AbstractShareBasedLoginRequestHandler.this.authenticateUser(this.guest, loginInfoFrom, context);
                SessionEnhancement handleLoginInfo = basicService.handleLoginInfo(this.guest.getGuestID(), this.guest.getContextID());
                if (null == handleLoginInfo) {
                    return null;
                }
                AuthorizationService service = Authorization.getService();
                if (null == service) {
                    throw ServiceExceptionCode.absentService(AuthorizationService.class);
                }
                service.authorizeUser(context, authenticateUser);
                LoginRequestImpl parseLogin = LoginTools.parseLogin(this.httpRequest, loginInfoFrom.getUsername(), loginInfoFrom.getPassword(), false, LoginTools.parseClient(this.httpRequest, false, this.conf.getDefaultClient()), this.conf.isCookieForceHTTPS(), false, String.valueOf(context.getContextId()), String.valueOf(authenticateUser.getId()));
                LoginPerformer.sanityChecks(parseLogin);
                LoginPerformer.checkClient(parseLogin, authenticateUser, context);
                SessiondService sessiondService = (SessiondService) SessiondService.SERVICE_REFERENCE.get();
                if (null == sessiondService) {
                    sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
                    if (null == sessiondService) {
                        throw ServiceExceptionCode.absentService(SessiondService.class);
                    }
                }
                ConfigurationService configurationService = (ConfigurationService) ServerServiceRegistry.getInstance().getService(ConfigurationService.class);
                parseLogin.setTransient(null == configurationService || configurationService.getBoolProperty("com.openexchange.share.transientSessions", true));
                Session addSession = sessiondService.addSession(new AddSessionParameterImpl(loginInfoFrom.getUsername(), parseLogin, authenticateUser, context));
                if (null == addSession) {
                    throw LoginExceptionCodes.UNKNOWN.create(new Object[]{"Session could not be created."});
                }
                addSession.setParameter(Session.PARAM_GUEST, Boolean.TRUE);
                if (SessionEnhancement.class.isInstance(handleLoginInfo)) {
                    handleLoginInfo.enhanceSession(addSession);
                }
                LogProperties.putSessionProperties(addSession);
                AbstractJsonEnhancingLoginResult abstractJsonEnhancingLoginResult = new AbstractJsonEnhancingLoginResult() { // from class: com.openexchange.ajax.login.AbstractShareBasedLoginRequestHandler.ShareLoginClosure.1
                    @Override // com.openexchange.login.internal.AbstractJsonEnhancingLoginResult
                    protected void doEnhanceJson(JSONObject jSONObject) throws OXException, JSONException {
                        if (ShareLoginClosure.this.target.getModule() > 0) {
                            String shareModule = ((ModuleSupport) ServerServiceRegistry.getInstance().getService(ModuleSupport.class)).getShareModule(ShareLoginClosure.this.target.getModule());
                            if ("infostore".equals(shareModule)) {
                                shareModule = "files";
                            }
                            jSONObject.put("module", shareModule);
                        }
                        jSONObject.putOpt("folder", ShareLoginClosure.this.target.getFolder());
                        jSONObject.putOpt("item", ShareLoginClosure.this.target.getItem());
                    }
                };
                abstractJsonEnhancingLoginResult.setContext(context);
                abstractJsonEnhancingLoginResult.setUser(authenticateUser);
                abstractJsonEnhancingLoginResult.setRequest(parseLogin);
                abstractJsonEnhancingLoginResult.setServerToken((String) addSession.getParameter(LoginFields.SERVER_TOKEN));
                abstractJsonEnhancingLoginResult.setSession(addSession);
                if (handleLoginInfo instanceof ResponseEnhancement) {
                    ResponseEnhancement responseEnhancement = (ResponseEnhancement) handleLoginInfo;
                    abstractJsonEnhancingLoginResult.setHeaders(responseEnhancement.getHeaders());
                    abstractJsonEnhancingLoginResult.setCookies(responseEnhancement.getCookies());
                    abstractJsonEnhancingLoginResult.setRedirect(responseEnhancement.getRedirect());
                    ResultCode code = responseEnhancement.getCode();
                    abstractJsonEnhancingLoginResult.setCode(code);
                    if (ResultCode.REDIRECT.equals(code) || ResultCode.FAILED.equals(code)) {
                        return abstractJsonEnhancingLoginResult;
                    }
                }
                LoginPerformer.triggerLoginHandlers(abstractJsonEnhancingLoginResult);
                return abstractJsonEnhancingLoginResult;
            } catch (RuntimeException e) {
                throw AjaxExceptionCodes.UNEXPECTED_ERROR.create(e, e.getMessage());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractShareBasedLoginRequestHandler(ShareLoginConfiguration shareLoginConfiguration, Set<LoginRampUpService> set) {
        super(set);
        this.conf = shareLoginConfiguration;
    }

    @Override // com.openexchange.ajax.login.LoginRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            doLogin(httpServletRequest, httpServletResponse);
        } catch (OXException e) {
            LoginServlet.logAndSendException(httpServletResponse, e);
        }
    }

    protected void doLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, OXException {
        ShareTarget target;
        String parameter = httpServletRequest.getParameter(LoginFields.SHARE_TOKEN);
        if (null == parameter) {
            throw AjaxExceptionCodes.MISSING_PARAMETER.create(LoginFields.SHARE_TOKEN);
        }
        ShareService shareService = (ShareService) ServerServiceRegistry.getInstance().getService(ShareService.class);
        if (null == shareService) {
            throw ServiceExceptionCode.absentService(ShareService.class);
        }
        final GuestInfo resolveGuest = shareService.resolveGuest(parameter);
        if (null == resolveGuest) {
            throw ShareExceptionCodes.UNKNOWN_SHARE.create(new Object[]{parameter});
        }
        String parameter2 = httpServletRequest.getParameter("target");
        if (parameter2 == null) {
            throw ShareExceptionCodes.UNKNOWN_SHARE.create(new Object[]{parameter});
        }
        ShareTargetPath parse = ShareTargetPath.parse(parameter2);
        if (parse == null) {
            throw ShareExceptionCodes.UNKNOWN_SHARE.create(new Object[]{parameter});
        }
        ModuleSupport moduleSupport = (ModuleSupport) ServerServiceRegistry.getInstance().getService(ModuleSupport.class);
        int contextID = resolveGuest.getContextID();
        int guestID = resolveGuest.getGuestID();
        int module = parse.getModule();
        String folder = parse.getFolder();
        String item = parse.getItem();
        if (moduleSupport.exists(module, folder, item, contextID, guestID) && moduleSupport.isVisible(module, folder, item, contextID, guestID)) {
            target = moduleSupport.resolveTarget(parse, contextID, guestID).getTarget();
        } else {
            List listTargets = moduleSupport.listTargets(contextID, guestID);
            if (listTargets.isEmpty()) {
                throw ShareExceptionCodes.UNKNOWN_SHARE.create(new Object[]{parameter});
            }
            target = ((TargetProxy) listTargets.get(0)).getTarget();
        }
        LoginConfiguration loginConfig = this.conf.getLoginConfig(resolveGuest);
        loginOperation(httpServletRequest, httpServletResponse, new ShareLoginClosure(resolveGuest, target, loginConfig, httpServletRequest), new LoginCookiesSetter() { // from class: com.openexchange.ajax.login.AbstractShareBasedLoginRequestHandler.1
            @Override // com.openexchange.ajax.login.LoginCookiesSetter
            public void setLoginCookies(Session session, HttpServletRequest httpServletRequest2, HttpServletResponse httpServletResponse2, LoginConfiguration loginConfiguration) throws OXException {
                String str;
                httpServletResponse2.addCookie(LoginServlet.configureCookie(new Cookie(LoginServlet.SECRET_PREFIX + session.getHash(), session.getSecret()), httpServletRequest2, loginConfiguration));
                if (loginConfiguration.isSessiondAutoLogin()) {
                    httpServletResponse2.addCookie(LoginServlet.configureCookie(new Cookie(LoginServlet.getShareCookieName(httpServletRequest2), resolveGuest.getBaseToken()), httpServletRequest2, loginConfiguration));
                }
                if (null != Cookies.cookieMapFor(httpServletRequest2).get(LoginServlet.getPublicSessionCookieName(httpServletRequest2)) || null == (str = (String) session.getParameter(Session.PARAM_ALTERNATIVE_ID))) {
                    return;
                }
                httpServletResponse2.addCookie(LoginServlet.configureCookie(new Cookie(LoginServlet.getPublicSessionCookieName(httpServletRequest2), str), httpServletRequest2, loginConfiguration));
            }
        }, loginConfig);
    }

    protected abstract boolean checkAuthenticationMode(AuthenticationMode authenticationMode) throws OXException;

    protected abstract LoginInfo getLoginInfoFrom(HttpServletRequest httpServletRequest) throws OXException;

    protected abstract User authenticateUser(GuestInfo guestInfo, LoginInfo loginInfo, Context context) throws OXException;
}
