package com.openexchange.ajax.login;

import com.openexchange.ajax.AJAXServlet;
import com.openexchange.ajax.LoginServlet;
import com.openexchange.ajax.SessionUtility;
import com.openexchange.ajax.container.Response;
import com.openexchange.ajax.writer.LoginWriter;
import com.openexchange.ajax.writer.ResponseWriter;
import com.openexchange.authentication.LoginExceptionCodes;
import com.openexchange.exception.OXException;
import com.openexchange.groupware.contexts.Context;
import com.openexchange.groupware.contexts.impl.ContextStorage;
import com.openexchange.groupware.ldap.UserStorage;
import com.openexchange.login.Interface;
import com.openexchange.login.LoginRampUpService;
import com.openexchange.login.LoginRequest;
import com.openexchange.login.LoginResult;
import com.openexchange.login.internal.LoginPerformer;
import com.openexchange.server.ServiceExceptionCode;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.server.services.SessionInspector;
import com.openexchange.session.Reply;
import com.openexchange.session.Session;
import com.openexchange.session.inspector.Reason;
import com.openexchange.sessiond.SessiondService;
import com.openexchange.tools.servlet.AjaxExceptionCodes;
import com.openexchange.tools.servlet.OXJSONExceptionCodes;
import com.openexchange.tools.servlet.http.Tools;
import com.openexchange.tools.session.ServerSessionAdapter;
import java.io.IOException;
import java.lang.reflect.UndeclaredThrowableException;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/openexchange/ajax/login/AutoLogin.class */
public class AutoLogin extends AbstractLoginRequestHandler {
    private static final Logger LOG = LoggerFactory.getLogger(AutoLogin.class);
    private final LoginConfiguration conf;

    public AutoLogin(LoginConfiguration loginConfiguration, Set<LoginRampUpService> set) {
        super(set);
        this.conf = loginConfiguration;
    }

    @Override // com.openexchange.ajax.login.LoginRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        Response response = new Response();
        Session session = null;
        try {
        } catch (JSONException e) {
            OXException create = OXJSONExceptionCodes.JSON_WRITE_ERROR.create(e, new Object[0]);
            LOG.error("", create);
            response.setException(create);
        } catch (OXException e2) {
            if (AjaxExceptionCodes.DISABLED_ACTION.equals(e2)) {
                LOG.debug("", e2);
            } else {
                e2.log(LOG);
            }
            if (SessionUtility.isIpCheckError(e2) && 0 != 0) {
                try {
                    SessiondService sessiondService = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
                    SessionUtility.removeOXCookies(session.getHash(), httpServletRequest, httpServletResponse);
                    SessionUtility.removeJSESSIONID(httpServletRequest, httpServletResponse);
                    sessiondService.removeSession(session.getSessionID());
                } catch (Exception e3) {
                    LOG.error("Cookies could not be removed.", e3);
                }
            }
            response.setException(e2);
        }
        if (!this.conf.isSessiondAutoLogin()) {
            if (doAutoLogin(httpServletRequest, httpServletResponse) && Reply.STOP != SessionInspector.getInstance().getChain().onAutoLoginFailed(Reason.AUTO_LOGIN_DISABLED, httpServletRequest, httpServletResponse)) {
                throw AjaxExceptionCodes.DISABLED_ACTION.create("autologin");
            }
            return;
        }
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            cookies = new Cookie[0];
        }
        SessiondService sessiondService2 = (SessiondService) ServerServiceRegistry.getInstance().getService(SessiondService.class);
        if (null == sessiondService2) {
            LOG.error("", ServiceExceptionCode.SERVICE_UNAVAILABLE.create(new Object[]{SessiondService.class.getName()}));
            httpServletResponse.sendError(403);
            return;
        }
        String str = null;
        String hash = HashCalculator.getInstance().getHash(httpServletRequest);
        String str2 = LoginServlet.SESSION_PREFIX + hash;
        String str3 = LoginServlet.SECRET_PREFIX + hash;
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            if (name.startsWith(str2)) {
                session = sessiondService2.getSession(cookie.getValue());
                if (null != session) {
                    if (this.conf.isIpCheck()) {
                        String remoteAddr = httpServletRequest.getRemoteAddr();
                        SessionUtility.checkIP(true, this.conf.getRanges(), session, remoteAddr, this.conf.getIpCheckWhitelist());
                        LoginTools.updateIPAddress(this.conf, remoteAddr, session);
                    } else {
                        LoginTools.updateIPAddress(this.conf, httpServletRequest.getRemoteAddr(), session);
                    }
                    try {
                        Context context = ContextStorage.getInstance().getContext(session.getContextId());
                        if (!context.isEnabled()) {
                            throw LoginExceptionCodes.INVALID_CREDENTIALS.create();
                        }
                        if (!UserStorage.getInstance().getUser(session.getUserId(), context).isMailEnabled()) {
                            throw LoginExceptionCodes.INVALID_CREDENTIALS.create();
                        }
                        Future<JSONObject> rampUpAsync = rampUpAsync(ServerSessionAdapter.valueOf(session), httpServletRequest);
                        Future<Object> modulesAsync = getModulesAsync(session, httpServletRequest);
                        JSONObject jSONObject = new JSONObject(8);
                        LoginWriter.write(session, jSONObject);
                        if (null != modulesAsync) {
                            try {
                                Object obj = modulesAsync.get();
                                if (null != obj) {
                                    jSONObject.put("modules", obj);
                                }
                            } catch (InterruptedException e4) {
                                Thread.currentThread().interrupt();
                                throw LoginExceptionCodes.UNKNOWN.create(e4, new Object[]{"Thread interrupted."});
                            } catch (ExecutionException e5) {
                                LOG.warn("Modules could not be added to login JSON response", e5.getCause());
                            }
                        }
                        if (null != rampUpAsync) {
                            try {
                                for (Map.Entry entry : rampUpAsync.get().entrySet()) {
                                    jSONObject.put((String) entry.getKey(), entry.getValue());
                                }
                            } catch (InterruptedException e6) {
                                Thread.currentThread().interrupt();
                                throw LoginExceptionCodes.UNKNOWN.create(e6, new Object[]{"Thread interrupted."});
                            } catch (ExecutionException e7) {
                                LOG.warn("Ramp-up information could not be added to login JSON response", e7.getCause());
                            }
                        }
                        response.setData(jSONObject);
                        if (null != str) {
                            break;
                        }
                    } catch (UndeclaredThrowableException e8) {
                        throw LoginExceptionCodes.UNKNOWN.create(e8, new Object[]{e8.getMessage()});
                    }
                }
            } else {
                if (name.startsWith(str3)) {
                    str = cookie.getValue();
                    if (null != session) {
                        break;
                    }
                } else {
                    continue;
                }
            }
        }
        if (null == response.getData() || session == null || str == null || !session.getSecret().equals(str)) {
            SessionUtility.removeOXCookies(hash, httpServletRequest, httpServletResponse);
            SessionUtility.removeJSESSIONID(httpServletRequest, httpServletResponse);
            if (doAutoLogin(httpServletRequest, httpServletResponse) && Reply.STOP != SessionInspector.getInstance().getChain().onAutoLoginFailed(Reason.AUTO_LOGIN_FAILED, httpServletRequest, httpServletResponse)) {
                throw OXJSONExceptionCodes.INVALID_COOKIE.create();
            }
            return;
        }
        LoginServlet.writePublicSessionCookie(httpServletRequest, httpServletResponse, session, httpServletRequest.isSecure(), httpServletRequest.getServerName(), this.conf);
        Tools.disableCaching(httpServletResponse);
        httpServletResponse.setStatus(200);
        httpServletResponse.setContentType(AJAXServlet.CONTENTTYPE_JAVASCRIPT);
        try {
            if (response.hasError()) {
                ResponseWriter.write(response, httpServletResponse.getWriter(), LoginServlet.localeFrom(session));
            } else {
                ((JSONObject) response.getData()).write(httpServletResponse.getWriter());
            }
        } catch (JSONException e9) {
            LOG.error(AJAXServlet.RESPONSE_ERROR, e9);
            LoginServlet.sendError(httpServletResponse);
        }
    }

    private boolean doAutoLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, OXException {
        return loginOperation(httpServletRequest, httpServletResponse, new LoginClosure() { // from class: com.openexchange.ajax.login.AutoLogin.1
            @Override // com.openexchange.ajax.login.LoginClosure
            public LoginResult doLogin(HttpServletRequest httpServletRequest2) throws OXException {
                return LoginPerformer.getInstance().doAutoLogin(AutoLogin.this.parseAutoLoginRequest(httpServletRequest2));
            }
        }, this.conf);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public LoginRequest parseAutoLoginRequest(HttpServletRequest httpServletRequest) throws OXException {
        String parseAuthId = LoginTools.parseAuthId(httpServletRequest, false);
        String parseClient = LoginTools.parseClient(httpServletRequest, false, this.conf.getDefaultClient());
        return new LoginRequestImpl(null, null, LoginTools.parseClientIP(httpServletRequest), LoginTools.parseUserAgent(httpServletRequest), parseAuthId, parseClient, null, HashCalculator.getInstance().getHash(httpServletRequest, parseClient), Interface.HTTP_JSON, Tools.copyHeaders(httpServletRequest), Tools.getCookieFromHeader(httpServletRequest), Tools.considerSecure(httpServletRequest, this.conf.isCookieForceHTTPS()), httpServletRequest.getServerName(), httpServletRequest.getServerPort(), httpServletRequest.getSession(true).getId());
    }
}
