package com.aurel.track.prop.actions;

import com.aurel.track.ApplicationStarter;
import com.aurel.track.Constants;
import com.aurel.track.GeneralSettings;
import com.aurel.track.admin.customize.scripting.GroovyScriptExecuter;
import com.aurel.track.admin.user.person.PersonBL;
import com.aurel.track.beans.TMotdBean;
import com.aurel.track.beans.TPersonBean;
import com.aurel.track.fieldType.runtime.custom.picker.ItemPickerRT;
import com.aurel.track.json.JSONUtility;
import com.aurel.track.onboardingTools.Userlane;
import com.aurel.track.perspective.PerspectiveBL;
import com.aurel.track.perspective.runtime.PerspectiveTO;
import com.aurel.track.perspective.runtime.PerspectiveUserBL;
import com.aurel.track.prop.ApplicationBean;
import com.aurel.track.prop.AuthenticationType;
import com.aurel.track.prop.LoginBL;
import com.aurel.track.prop.RememberMeBL;
import com.aurel.track.resources.LocalizeUtil;
import com.aurel.track.sso.SSOManager;
import com.aurel.track.tpersonal.TPLicManager;
import com.aurel.track.util.LabelValueBean;
import com.aurel.track.util.SessionUtils;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
import com.opensymphony.xwork2.Preparable;
import groovy.lang.Binding;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.interceptor.ServletResponseAware;
import org.apache.struts2.interceptor.SessionAware;

/* loaded from: input_file:lib/tp-core-5.6.0.jar:com/aurel/track/prop/actions/LogonAction.class */
public final class LogonAction extends ActionSupport implements SessionAware, Preparable, ServletResponseAware {
    private static final long serialVersionUID = 340;
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) LogonAction.class);
    private static final Logger accessLogger = LogManager.getLogger("Access");
    private String forwardUrl;
    private TMotdBean motd;
    private Integer mobileApplicationVersionNo;
    private HttpServletResponse response;
    private String initData;
    private String nonce;
    protected transient Map<String, Object> session;
    private int errorType;
    private String errorMessage;
    private int state;
    private Integer lp;
    protected Locale locale;
    private boolean tpContinue;
    private String password = null;
    private String username = null;
    private String isInTestMode = null;
    private AuthenticationType authenticationType = AuthenticationType.NORMAL;
    private boolean springAuthenticated = false;
    private boolean directLogin = false;
    private List<LabelValueBean> errors = new ArrayList();
    private Boolean isMobileApplication = false;
    private boolean hasInitData = true;
    private String DB_CONNECTION_PROBLEM = "dbConnectionProblem";
    private final String TP_LIC_MANAGER_RESULT = "tpLicManager";
    private final String GENERAL_ERROR_RESULT = "generalError";
    private Set<String> SESSION_KEYS_TO_NOT_REMOVE = new HashSet(Arrays.asList("NONCE", "debug", Constants.POSTLOGINFORWARD, Userlane.USERLANE_TAGS));

    public void prepare() throws Exception {
        this.locale = ServletActionContext.getRequest().getLocale();
    }

    public String dbConnectionProblem() {
        setActionErrors(ApplicationBean.getInstance().getInstallProblem());
        return this.DB_CONNECTION_PROBLEM;
    }

    public String failLogin() {
        this.errors.add(new LabelValueBean("j_username", getText("logon.err.password.mismatch")));
        return "input";
    }

    public String execute() {
        HttpServletRequest request = ServletActionContext.getRequest();
        HttpSession session = request.getSession();
        if (ApplicationBean.getInstance().getAppType() == 4) {
            clearSessionValues(session);
            return directLoginTPersonal(request);
        }
        if (this.username != null && !"".equals(this.username) && this.password != null && !"".equals(this.password)) {
            if (!GeneralSettings.isDemoSite() && !ApplicationBean.getInstance().isInTestMode()) {
                return "forwardToLogin";
            }
            clearSessionValues(session);
            return directLogin(this.username, this.password, "8", request);
        }
        if (ApplicationBean.getInstance().getSiteBean() != null && ApplicationBean.getInstance().getSiteBean().getIsCbaAllowed().booleanValue()) {
            clearSessionValues(session);
            return cbaLogin(request);
        }
        if (SSOManager.isSsoActivated()) {
            clearSessionValues(session);
            return ssoLogin(request);
        }
        session.setAttribute(LoginBL.LoginSessionAttributes.CONTAINER_BASED_AUTHENTICATION.getName(), false);
        Boolean bool = (Boolean) ServletActionContext.getServletContext().getAttribute(ApplicationStarter.READY);
        TPersonBean tPersonBean = null;
        if (bool != null && bool.booleanValue()) {
            tPersonBean = (TPersonBean) session.getAttribute("user");
            if (tPersonBean == null) {
                LOGGER.debug("Person not found in session!");
                tPersonBean = new RememberMeBL(request, this.response).loginWithAuthToken(this.session);
            } else {
                LOGGER.debug("Person found in session!");
            }
        }
        return tPersonBean != null ? "perspective" : "forwardToLogin";
    }

    public String login() throws Exception {
        Locale locale = getLocale();
        clearSessionValues(ServletActionContext.getRequest().getSession());
        return LoginBL.login(this.isInTestMode, this.isMobileApplication.booleanValue(), this.username, this.authenticationType, this.password, this.forwardUrl, this.springAuthenticated, this.mobileApplicationVersionNo, locale, false);
    }

    public String restLogin() throws Exception {
        return LoginBL.restLogin(this.username, this.password, getLocale());
    }

    public void getRegistrationRights() {
        StringBuilder sb = new StringBuilder();
        sb.append("{");
        sb.append("\"data\":{");
        JSONUtility.appendBooleanValue(sb, "selfRegistration", ApplicationBean.getInstance().getSiteBean().getIsSelfRegisterAllowedBool().booleanValue());
        JSONUtility.appendBooleanValue(sb, "isLDAPOn", ApplicationBean.getInstance().getSiteBean().getIsLDAPOnBool().booleanValue(), true);
        sb.append("}");
        sb.append("}");
        JSONUtility.encodeJSON(ServletActionContext.getResponse(), sb.toString());
    }

    private String ssoLogin(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        String remoteUser = httpServletRequest.getRemoteUser();
        if (remoteUser == null) {
            remoteUser = getApacheRemoteUser(ServletActionContext.getRequest());
        }
        LOGGER.debug("User authentication through SSO cas, username: " + remoteUser);
        if (remoteUser == null) {
            this.errorType = 3;
            return "generalError";
        }
        this.username = remoteUser;
        this.authenticationType = AuthenticationType.SSO_BASED;
        session.setAttribute("containerBasedAuthentication", true);
        try {
            TPersonBean loadByLoginName = PersonBL.loadByLoginName(remoteUser);
            if (loadByLoginName != null && !loadByLoginName.isDisabled() && this.errors.size() <= 0) {
                LoginBL.login(null, false, this.username, this.authenticationType, null, null, false, null, getLocale(), true);
                return "perspective.action";
            }
            boolean z = false;
            if (loadByLoginName != null) {
                z = loadByLoginName.isDisabled();
            }
            LOGGER.debug("The passed person by SSO server is: " + remoteUser + " personBean: " + loadByLoginName + " isDisabled: " + z);
            this.errorMessage = LocalizeUtil.getLocalizedTextFromApplicationResources("logon.err.user.disabled", this.locale);
            return "generalError";
        } catch (Exception e) {
            session.setAttribute("containerBasedAuthentication", false);
            return "forwardToLogin";
        }
    }

    private String cbaLogin(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        String remoteUser = ServletActionContext.getRequest().getRemoteUser();
        if (remoteUser == null) {
            remoteUser = getApacheRemoteUser(ServletActionContext.getRequest());
        }
        if (remoteUser == null) {
            session.setAttribute(LoginBL.LoginSessionAttributes.CONTAINER_BASED_AUTHENTICATION.getName(), false);
            return "forwardToLogin";
        }
        this.username = remoteUser;
        this.authenticationType = AuthenticationType.CONTAINER_BASED;
        session.setAttribute(LoginBL.LoginSessionAttributes.CONTAINER_BASED_AUTHENTICATION.getName(), true);
        try {
            TPersonBean loadByLoginName = PersonBL.loadByLoginName(remoteUser);
            if (loadByLoginName == null || loadByLoginName.isDisabled() || this.errors.size() > 0) {
                return "forwardToLogin";
            }
            LoginBL.login(null, false, this.username, this.authenticationType, null, null, false, null, getLocale(), true);
            return "perspective.action";
        } catch (Exception e) {
            session.setAttribute(LoginBL.LoginSessionAttributes.CONTAINER_BASED_AUTHENTICATION.getName(), false);
            return "forwardToLogin";
        }
    }

    private String directLogin(String str, String str2, String str3, HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession();
        ArrayList arrayList = new ArrayList();
        try {
            TPersonBean authenticate = LoginBL.authenticate(str, str2, str3, arrayList, AuthenticationType.DIRECT_LOGIN, false, this.locale, LoginBL.getRemoteAddr(httpServletRequest));
            if (authenticate == null || !arrayList.isEmpty()) {
                this.errorType = 1;
                return "generalError";
            }
            this.authenticationType = AuthenticationType.DIRECT_LOGIN;
            LoginBL.login(null, false, str, this.authenticationType, null, null, false, null, getLocale(), true);
            PersonBL.setLicensedFeatures(authenticate);
            LoginBL.setEnvironment(authenticate.getLoginName(), null, null, httpServletRequest, ActionContext.getContext().getSession(), false, this.authenticationType, false);
            Boolean bool = (Boolean) ServletActionContext.getServletContext().getAttribute(ApplicationStarter.READY);
            if (bool == null || !bool.booleanValue()) {
                return "loading";
            }
            if (ApplicationBean.getInstance().isInTestMode()) {
                StringBuilder sb = new StringBuilder();
                sb.append("{");
                JSONUtility.appendStringValue(sb, "sessionId", session.getId(), true);
                sb.append("}");
                JSONUtility.encodeJSON(ServletActionContext.getResponse(), sb.toString());
                return null;
            }
            if (this.lp == null) {
                return "perspective";
            }
            LOGGER.info("Track+ direct login, lp is: " + this.lp);
            Map session2 = ActionContext.getContext().getSession();
            PerspectiveTO perspectiveTO = PerspectiveUserBL.getPerspectiveTO(null, this.lp, authenticate, this.locale, session2);
            if (perspectiveTO == null || perspectiveTO.getPerspective() == null) {
                LOGGER.info("Track+ direct login failed to load the perspective by landing page token, the lp is: " + this.lp + " Check if the user has access by license to the target page.");
                return "perspective";
            }
            PerspectiveUserBL.storeUserLastSelectedPerspective(perspectiveTO.getPerspective(), authenticate, session2);
            SessionUtils.setPerspectiveToken(session2, perspectiveTO.getPerspective().getObjectID(), Integer.toString(this.lp.intValue()));
            PerspectiveBL.storeLastVisitedTokensIntoDB(session2, null, authenticate);
            return "perspective";
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.getStackTrace(e));
            session.setAttribute("containerBasedAuthentication", false);
            this.errorType = 1;
            return "generalError";
        }
    }

    private String directLoginTPersonal(HttpServletRequest httpServletRequest) {
        LOGGER.debug("Track+ Personal direct login.");
        try {
            TPersonBean tPersonalUserForDirectLogin = LoginBL.getTPersonalUserForDirectLogin();
            if (tPersonalUserForDirectLogin == null) {
                LOGGER.error("There is no admin user in system! The TPersonal direct login failed!");
                this.errorType = 1;
                return "generalError";
            }
            Boolean bool = (Boolean) ServletActionContext.getServletContext().getAttribute(ApplicationStarter.READY);
            if (bool == null || !bool.booleanValue()) {
                return "loading";
            }
            Integer tPersonalState = TPLicManager.getTPersonalState(this.tpContinue, this.locale);
            if (tPersonalState != null && tPersonalState.intValue() != 3) {
                this.state = tPersonalState.intValue();
                return "tpLicManager";
            }
            this.authenticationType = AuthenticationType.CONTAINER_BASED;
            LoginBL.login(null, false, tPersonalUserForDirectLogin.getLoginName(), this.authenticationType, null, null, false, null, getLocale(), true);
            LoginBL.setEnvironment(tPersonalUserForDirectLogin.getLoginName(), null, null, httpServletRequest, ActionContext.getContext().getSession(), false, this.authenticationType, false);
            PersonBL.setLicensedFeatures(tPersonalUserForDirectLogin);
            return "perspective.action";
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.getStackTrace(e));
            this.errorType = 1;
            return "generalError";
        }
    }

    private String getApacheRemoteUser(HttpServletRequest httpServletRequest) {
        String str;
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        String str2 = null;
        while (headerNames.hasMoreElements()) {
            String str3 = (String) headerNames.nextElement();
            String header = httpServletRequest.getHeader(str3);
            LOGGER.debug(str3 + ItemPickerRT.NUMBER_TITLE_SPLITTER + header);
            if (str3.equals("authorization") && (str = new String(Base64.decodeBase64(header.replaceAll("Basic ", "")), StandardCharsets.UTF_8)) != null && str.split(":").length > 0) {
                str2 = str.split(":")[0];
            }
        }
        if ("".equals(str2) || str2 == null) {
            try {
                Binding binding = new Binding();
                binding.setProperty("request", httpServletRequest);
                Map<String, Object> executeGroovyScript = GroovyScriptExecuter.executeGroovyScript(GroovyScriptExecuter.USER_AUTHENTICATION_SCRIPT, binding);
                if (executeGroovyScript.get("error") != null) {
                    LOGGER.debug(((String) executeGroovyScript.get("error")) + ": this is perfectly okay.");
                } else {
                    str2 = (String) executeGroovyScript.get("result");
                }
            } catch (Exception e) {
                LOGGER.debug(e);
            }
        }
        return str2;
    }

    private void clearSessionValues(HttpSession httpSession) {
        Enumeration attributeNames;
        if (httpSession == null || (attributeNames = httpSession.getAttributeNames()) == null) {
            return;
        }
        while (attributeNames.hasMoreElements()) {
            String str = (String) attributeNames.nextElement();
            if (!this.SESSION_KEYS_TO_NOT_REMOVE.contains(str)) {
                httpSession.removeAttribute(str);
            }
        }
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getJ_password() {
        return this.password;
    }

    public void setJ_password(String str) {
        this.password = str;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setNonce(String str) {
        this.nonce = str;
    }

    public String getNonce() {
        return this.nonce;
    }

    public String getJ_username() {
        return this.username;
    }

    public void setJ_username(String str) {
        this.username = str;
    }

    public String getTestMode() {
        return this.isInTestMode;
    }

    public void setTestMode(String str) {
        this.isInTestMode = str;
    }

    public String getForwardUrl() {
        return this.forwardUrl;
    }

    public TMotdBean getMotd() {
        return this.motd;
    }

    public boolean isHasInitData() {
        return this.hasInitData;
    }

    public String getInitData() {
        return this.initData;
    }

    public Boolean getIsMobileApplication() {
        return this.isMobileApplication;
    }

    public void setIsMobileApplication(Boolean bool) {
        this.isMobileApplication = bool;
    }

    public Integer getMobileApplicationVersionNo() {
        return this.mobileApplicationVersionNo;
    }

    public void setMobileApplicationVersionNo(Integer num) {
        this.mobileApplicationVersionNo = num;
    }

    public boolean getDirectLogin() {
        return this.directLogin;
    }

    public void setDirectLogin(boolean z) {
        this.directLogin = z;
    }

    public int getErrorType() {
        return this.errorType;
    }

    public void setErrorType(int i) {
        this.errorType = i;
    }

    public boolean isTpContinue() {
        return this.tpContinue;
    }

    public void setTpContinue(boolean z) {
        this.tpContinue = z;
    }

    public int getState() {
        return this.state;
    }

    public void setState(int i) {
        this.state = i;
    }

    public String getErrorMessage() {
        return this.errorMessage;
    }

    public void setErrorMessage(String str) {
        this.errorMessage = str;
    }

    public Integer getLp() {
        return this.lp;
    }

    public void setLp(Integer num) {
        this.lp = num;
    }

    public void setServletResponse(HttpServletResponse httpServletResponse) {
        this.response = httpServletResponse;
    }

    public void setSession(Map<String, Object> map) {
        this.session = map;
    }
}
