package com.liferay.portal.security.auto.login.request.header;

import com.liferay.portal.configuration.module.configuration.ConfigurationProvider;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.module.configuration.ConfigurationException;
import com.liferay.portal.kernel.security.access.control.AccessControlUtil;
import com.liferay.portal.kernel.security.auto.login.AutoLogin;
import com.liferay.portal.kernel.security.auto.login.BaseAutoLogin;
import com.liferay.portal.kernel.service.UserLocalService;
import com.liferay.portal.kernel.settings.CompanyServiceSettingsLocator;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.security.auto.login.internal.request.header.configuration.RequestHeaderAutoLoginConfiguration;
import com.liferay.portal.security.auto.login.internal.request.header.constants.RequestHeaderAutoLoginConstants;
import com.liferay.portal.security.exportimport.UserImporter;
import java.util.HashSet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(configurationPid = {"com.liferay.portal.security.auto.login.internal.request.header.configuration.RequestHeaderAutoLoginConfiguration"}, service = {AutoLogin.class})
/* loaded from: input_file:com/liferay/portal/security/auto/login/request/header/RequestHeaderAutoLogin.class */
public class RequestHeaderAutoLogin extends BaseAutoLogin {
    private static final Log _log = LogFactoryUtil.getLog(RequestHeaderAutoLogin.class);

    @Reference
    private ConfigurationProvider _configurationProvider;

    @Reference
    private Portal _portal;

    @Reference
    private UserImporter _userImporter;

    @Reference
    private UserLocalService _userLocalService;

    protected String[] doLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        long companyId = this._portal.getCompanyId(httpServletRequest);
        if (!isEnabled(companyId)) {
            return null;
        }
        String remoteAddr = httpServletRequest.getRemoteAddr();
        if (!isAccessAllowed(companyId, httpServletRequest)) {
            if (!_log.isWarnEnabled()) {
                return null;
            }
            _log.warn("Access denied for " + remoteAddr);
            return null;
        }
        if (_log.isDebugEnabled()) {
            _log.debug("Access allowed for " + remoteAddr);
        }
        String header = httpServletRequest.getHeader("LIFERAY_SCREEN_NAME");
        if (Validator.isNull(header)) {
            return null;
        }
        User user = null;
        if (isLDAPImportEnabled(companyId)) {
            try {
                user = this._userImporter.importUser(companyId, "", header);
            } catch (Exception e) {
                if (_log.isDebugEnabled()) {
                    _log.debug(e);
                }
            }
        }
        if (user == null) {
            user = this._userLocalService.getUserByScreenName(companyId, header);
        }
        return new String[]{String.valueOf(user.getUserId()), user.getPassword(), Boolean.TRUE.toString()};
    }

    protected boolean isAccessAllowed(long j, HttpServletRequest httpServletRequest) {
        RequestHeaderAutoLoginConfiguration _getRequestHeaderAutoLoginConfiguration = _getRequestHeaderAutoLoginConfiguration(j);
        if (_getRequestHeaderAutoLoginConfiguration == null) {
            return false;
        }
        String[] split = StringUtil.split(_getRequestHeaderAutoLoginConfiguration.authHostsAllowed());
        HashSet hashSet = new HashSet();
        for (String str : split) {
            hashSet.add(str);
        }
        return AccessControlUtil.isAccessAllowed(httpServletRequest, hashSet);
    }

    protected boolean isEnabled(long j) {
        RequestHeaderAutoLoginConfiguration _getRequestHeaderAutoLoginConfiguration = _getRequestHeaderAutoLoginConfiguration(j);
        if (_getRequestHeaderAutoLoginConfiguration == null) {
            return false;
        }
        return _getRequestHeaderAutoLoginConfiguration.enabled();
    }

    protected boolean isLDAPImportEnabled(long j) {
        RequestHeaderAutoLoginConfiguration _getRequestHeaderAutoLoginConfiguration = _getRequestHeaderAutoLoginConfiguration(j);
        if (_getRequestHeaderAutoLoginConfiguration == null) {
            return false;
        }
        return _getRequestHeaderAutoLoginConfiguration.importFromLDAP();
    }

    private RequestHeaderAutoLoginConfiguration _getRequestHeaderAutoLoginConfiguration(long j) {
        try {
            return (RequestHeaderAutoLoginConfiguration) this._configurationProvider.getConfiguration(RequestHeaderAutoLoginConfiguration.class, new CompanyServiceSettingsLocator(j, RequestHeaderAutoLoginConstants.SERVICE_NAME));
        } catch (ConfigurationException e) {
            _log.error("Unable to get request header auto login configuration", e);
            return null;
        }
    }
}
