package com.openexchange.ajax.login;

import com.openexchange.ajax.AJAXServlet;
import com.openexchange.ajax.LoginServlet;
import com.openexchange.ajax.writer.LoginWriter;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.container.Appointment;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.contexts.impl.ContextStorage;
import com.openexchange.groupware.ldap.User;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.java.Strings;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.session.Session;
import com.openexchange.tokenlogin.TokenLoginService;
import com.openexchange.tools.servlet.http.Tools;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/openexchange/ajax/login/RedeemToken.class */
public class RedeemToken implements LoginRequestHandler {
    private static final Logger LOG = LoggerFactory.getLogger(RedeemToken.class);
    private final LoginConfiguration conf;

    public RedeemToken(LoginConfiguration loginConfiguration) {
        this.conf = loginConfiguration;
    }

    @Override // com.openexchange.ajax.login.LoginRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            doRedeemToken(httpServletRequest, httpServletResponse);
        } catch (OXException e) {
            String replace = this.conf.getErrorPageTemplate().replace("ERROR_MESSAGE", Tools.filter(e.getMessage()));
            httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_HTML);
            httpServletResponse.getWriter().write(replace);
        }
    }

    private void doRedeemToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OXException, IOException {
        String parseToken = LoginTools.parseToken(httpServletRequest);
        String parseAppSecret = LoginTools.parseAppSecret(httpServletRequest);
        if (null == parseToken || null == parseAppSecret) {
            httpServletResponse.sendError(Appointment.LOCATION);
            return;
        }
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        TokenLoginService tokenLoginService = (TokenLoginService) ServerServiceRegistry.getInstance().getService(TokenLoginService.class);
        String parseClient = LoginTools.parseClient(httpServletRequest, true, "");
        String hash = HashCalculator.getInstance().getHash(httpServletRequest, LoginTools.parseUserAgent(httpServletRequest), parseClient);
        try {
            Session redeemToken = tokenLoginService.redeemToken(parseToken, parseAppSecret, parseClient, LoginTools.parseAuthId(httpServletRequest, true), hash, LoginTools.parseClientIP(httpServletRequest));
            Boolean bool = (Boolean) tokenLoginService.getTokenLoginSecret(parseAppSecret).getParameters().get("accessPassword");
            try {
                Context context = ContextStorage.getInstance().getContext(redeemToken.getContextId());
                User user = UserStorage.getInstance().getUser(redeemToken.getUserId(), context);
                if (!context.isEnabled() || !user.isMailEnabled()) {
                    LOG.info("Either context {} or user {} not enabled", Integer.valueOf(context.getContextId()), Integer.valueOf(user.getId()));
                    httpServletResponse.sendError(403);
                    return;
                }
                LoginServlet.writeSecretCookie(httpServletRequest, httpServletResponse, redeemToken, hash, httpServletRequest.isSecure(), httpServletRequest.getServerName(), this.conf);
                String parseRedirectUrl = LoginTools.parseRedirectUrl(httpServletRequest);
                if (!Strings.isEmpty(parseRedirectUrl)) {
                    httpServletResponse.sendRedirect(parseRedirectUrl + "&session=" + redeemToken.getSessionID());
                    return;
                }
                try {
                    JSONObject jSONObject = new JSONObject(12);
                    LoginWriter.write(redeemToken, jSONObject);
                    if (null != bool && bool.booleanValue()) {
                        String password = redeemToken.getPassword();
                        jSONObject.put("password", null == password ? JSONObject.NULL : password);
                    }
                    jSONObject.write(httpServletResponse.getWriter());
                } catch (JSONException e) {
                    LOG.info("", e);
                    httpServletResponse.sendError(500);
                }
            } catch (OXException e2) {
                LOG.info("Couldn't resolve context/user by identifier: {}/{}", new Object[]{Integer.valueOf(redeemToken.getContextId()), Integer.valueOf(redeemToken.getUserId()), e2});
                httpServletResponse.sendError(403);
            } catch (RuntimeException e3) {
                LOG.info("Unexpected error occurred during login", e3);
                httpServletResponse.sendError(403);
            }
        } catch (OXException e4) {
            LoginServlet.logAndSendException(httpServletResponse, e4);
        }
    }
}
