package com.rational.wpf.security;

import com.catapulse.memsvc.AuthenticationManager;
import com.catapulse.memsvc.CataPrincipal;
import com.catapulse.memsvc.MembershipServicesFactory;
import com.catapulse.memsvc.SecurityContext;
import com.catapulse.memsvc.util.ServletUtil;
import com.rational.logging.Logger;
import com.rational.pjc.usecase.projectcontext.PJCConstants;
import com.rational.ssm.ISession;
import com.rational.ssm.ISessionManager;
import com.rational.ssm.SSMFinals;
import com.rational.ssm.SessionManager;
import com.rational.wpf.WPFConstants;
import com.rational.wpf.WPFMain;
import com.rational.wpf.request.HttpRequest;
import com.rational.wpf.util.FileUtil;
import com.rational.wpf.util.StrUtil;
import java.io.OutputStream;
import java.util.HashMap;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:PJCWeb.war:WEB-INF/lib/wpf.jar:com/rational/wpf/security/SecurityService.class */
public class SecurityService implements ISecurityService {
    public static final String SERVICE_NAME = "SecurityService";
    private static final String LOGIN_RETRIES = "LoginRetries";
    private static String CLASS_NAME = "com.rational.wpf.security.SecurityService";
    private static Logger logger = (Logger) Logger.getLogger("WPF.Logger");
    private ISessionManager sessionMgr;
    private AuthenticationManager authMgr;
    private String userId;
    private String password;
    private int maxLoginRetries = 6;
    private String securityAdmin = PJCConstants.MEMSVC_BACKDOOR;
    private String loginHtml = "/websdk/common/html/login_hds.html";
    private String invalidLoginHtml = "/websdk/common/html/login_hds_invalid.html";

    @Override // com.rational.wpf.service.IService
    public boolean init(HashMap hashMap) {
        String str = (String) hashMap.get("maxLoginRetries");
        if (!StrUtil.isBlank(str)) {
            try {
                this.maxLoginRetries = Integer.parseInt(str);
            } catch (NumberFormatException e) {
                this.maxLoginRetries = 6;
            }
        }
        String str2 = (String) hashMap.get("securityAdmin");
        if (!StrUtil.isBlank(str2)) {
            this.securityAdmin = str2;
        }
        String str3 = (String) hashMap.get("userId");
        if (!StrUtil.isBlank(str3)) {
            this.userId = str3;
        }
        String str4 = (String) hashMap.get("password");
        if (!StrUtil.isBlank(str4)) {
            this.password = str4;
        }
        String replace = FileUtil.getParentDirectory(WPFMain.getInstance().getDocDir()).replace('\\', '/');
        String str5 = (String) hashMap.get("loginHtml");
        if (!StrUtil.isBlank(str5)) {
            this.loginHtml = str5;
        }
        this.loginHtml = getAbsoluteUri(replace, this.loginHtml);
        String str6 = (String) hashMap.get("invalidLoginHtml");
        if (!StrUtil.isBlank(str6)) {
            this.invalidLoginHtml = str6;
        }
        this.invalidLoginHtml = getAbsoluteUri(replace, this.invalidLoginHtml);
        try {
            MembershipServicesFactory membershipServicesFactory = MembershipServicesFactory.getInstance();
            if (membershipServicesFactory != null) {
                this.authMgr = membershipServicesFactory.getAuthenticationManager(this.securityAdmin);
            }
        } catch (Exception e2) {
            this.authMgr = null;
            logger.severe(CLASS_NAME, "init", "Failed to obtain Membership Services Factory");
            logger.throwing(CLASS_NAME, "init", e2);
        }
        this.sessionMgr = SessionManager.getInstance();
        return true;
    }

    @Override // com.rational.wpf.service.IService
    public void start() {
    }

    @Override // com.rational.wpf.service.IService
    public void stop() {
    }

    @Override // com.rational.wpf.security.ISecurityService
    public boolean authenticateUser(HttpServletRequest httpServletRequest, Object obj, ISession iSession) throws SecurityServiceException {
        if (this.authMgr == null) {
            throw new SecurityServiceException("Failed to obtain Authentication Manager");
        }
        if (this.sessionMgr == null) {
            throw new SecurityServiceException("Failed to obtain Session Manager");
        }
        if (iSession.isNew()) {
            if (((this.userId == null || this.password == null) ? login(httpServletRequest, iSession) : login(this.userId, this.password, iSession)) && (obj instanceof HttpServletResponse)) {
                setSSMSessionCookie((HttpServletResponse) obj, iSession);
                return true;
            }
            displayLoginPage(httpServletRequest, obj, iSession);
            return false;
        }
        Integer num = (Integer) iSession.getAttribute(LOGIN_RETRIES);
        if (num == null) {
            if (isValidSessionCookie(httpServletRequest, iSession)) {
                return true;
            }
            displayLoginPage(httpServletRequest, obj, iSession);
            return false;
        }
        if (login(httpServletRequest, iSession)) {
            iSession.removeAttribute(LOGIN_RETRIES);
            if (!(obj instanceof HttpServletResponse)) {
                return true;
            }
            setSSMSessionCookie((HttpServletResponse) obj, iSession);
            return true;
        }
        int intValue = num.intValue() + 1;
        if (intValue >= this.maxLoginRetries) {
            iSession.invalidate();
            throw new SecurityServiceException("Exceeded maximum number of login attempts");
        }
        iSession.setAttribute(LOGIN_RETRIES, new Integer(intValue));
        generateLoginPage(httpServletRequest, obj, true);
        return false;
    }

    private void displayLoginPage(HttpServletRequest httpServletRequest, Object obj, ISession iSession) {
        iSession.setAttribute(LOGIN_RETRIES, new Integer(0));
        iSession.setAttribute(WPFConstants.TARGET_HTTP_REQUEST_ATTR, new HttpRequest(httpServletRequest, true));
        generateLoginPage(httpServletRequest, obj, false);
    }

    private void generateLoginPage(HttpServletRequest httpServletRequest, Object obj, boolean z) {
        try {
            String str = z ? this.invalidLoginHtml : this.loginHtml;
            if (obj instanceof OutputStream) {
                FileUtil.writeFile(str, (OutputStream) obj);
            } else if (obj instanceof HttpServletResponse) {
                ((HttpServletResponse) obj).setContentType("text/html");
                FileUtil.writeFile(str, ((HttpServletResponse) obj).getOutputStream());
            }
        } catch (Exception e) {
            logger.severe(CLASS_NAME, "displayLoginPage", "Failed to generate Login HTML page");
            logger.throwing(CLASS_NAME, "displayLoginPage", e);
        }
    }

    public boolean login(HttpServletRequest httpServletRequest, ISession iSession) throws SecurityServiceException {
        String parameter = httpServletRequest.getParameter("USER");
        String parameter2 = httpServletRequest.getParameter("PASSWORD");
        if (parameter2 == null) {
            parameter2 = "";
        }
        return login(parameter, parameter2, iSession);
    }

    public boolean login(String str, String str2, ISession iSession) throws SecurityServiceException {
        CataPrincipal principal;
        try {
            SecurityContext login = this.authMgr.login(str, str2);
            if (login == null || (principal = login.getPrincipal()) == null || principal.getLogin().equalsIgnoreCase(ServletUtil.GUEST_LOGIN)) {
                return false;
            }
            iSession.setSecurityContext(login);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private boolean isValidSessionCookie(HttpServletRequest httpServletRequest, ISession iSession) {
        Cookie sSMSessionCookie = getSSMSessionCookie(httpServletRequest);
        if (sSMSessionCookie != null) {
            String id = iSession.getId();
            String value = sSMSessionCookie.getValue();
            if (value != null && value.equals(id)) {
                return true;
            }
            logger.warning(CLASS_NAME, "isAuthenticated", new StringBuffer().append("Mismatched SSM session ID and cookie: session ID=").append(id).append(", cookie=").append(value).toString());
        }
        logger.warning(CLASS_NAME, "isAuthenticated", "Null SSM session cookie");
        return false;
    }

    private void setSSMSessionCookie(HttpServletResponse httpServletResponse, ISession iSession) {
        httpServletResponse.addCookie(new Cookie(SSMFinals.SESSION_CONTEXT_ID, iSession.getId()));
    }

    private Cookie getSSMSessionCookie(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        for (int i = 0; i < cookies.length; i++) {
            if (cookies[i].getName().equals(SSMFinals.SESSION_CONTEXT_ID)) {
                return cookies[i];
            }
        }
        return null;
    }

    protected String getAbsoluteUri(String str, String str2) {
        StringBuffer stringBuffer = new StringBuffer(32);
        stringBuffer.append("file:///").append(str);
        if (str2.startsWith("/")) {
            stringBuffer.append(str2);
        } else {
            stringBuffer.append("/").append(str2);
        }
        return stringBuffer.toString();
    }
}
