package com.liferay.portal.security.auth.session;

import com.liferay.portal.events.EventsProcessorUtil;
import com.liferay.portal.kernel.cluster.ClusterExecutorUtil;
import com.liferay.portal.kernel.cluster.ClusterNode;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.json.JSONFactoryUtil;
import com.liferay.portal.kernel.json.JSONObject;
import com.liferay.portal.kernel.messaging.DestinationNames;
import com.liferay.portal.kernel.messaging.MessageBusUtil;
import com.liferay.portal.kernel.model.Company;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.model.UserTracker;
import com.liferay.portal.kernel.security.auth.AuthException;
import com.liferay.portal.kernel.security.auth.AuthenticatedUserUUIDStoreUtil;
import com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManager;
import com.liferay.portal.kernel.security.pacl.DoPrivileged;
import com.liferay.portal.kernel.service.CompanyLocalServiceUtil;
import com.liferay.portal.kernel.service.UserLocalServiceUtil;
import com.liferay.portal.kernel.util.CookieKeys;
import com.liferay.portal.kernel.util.GetterUtil;
import com.liferay.portal.kernel.util.Http;
import com.liferay.portal.kernel.util.MapUtil;
import com.liferay.portal.kernel.util.PortalUtil;
import com.liferay.portal.kernel.util.PropsKeys;
import com.liferay.portal.kernel.util.StringPool;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.kernel.util.WebKeys;
import com.liferay.portal.kernel.workflow.WorkflowConstants;
import com.liferay.portal.liveusers.LiveUsers;
import com.liferay.portal.util.PropsValues;
import com.liferay.util.Encryptor;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@DoPrivileged
/* loaded from: input_file:WEB-INF/lib/com.liferay.portal.impl.jar:com/liferay/portal/security/auth/session/AuthenticatedSessionManagerImpl.class */
public class AuthenticatedSessionManagerImpl implements AuthenticatedSessionManager {
    @Override // com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManager
    public long getAuthenticatedUserId(HttpServletRequest httpServletRequest, String str, String str2, String str3) throws PortalException {
        long j = GetterUtil.getLong(str);
        Company company = PortalUtil.getCompany(httpServletRequest);
        if (httpServletRequest.getRequestURI().startsWith(PortalUtil.getPathContext().concat("/api/liferay"))) {
            throw new AuthException();
        }
        HashMap hashMap = new HashMap();
        Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String nextElement = headerNames.nextElement();
            Enumeration<String> headers = httpServletRequest.getHeaders(nextElement);
            ArrayList arrayList = new ArrayList();
            while (headers.hasMoreElements()) {
                arrayList.add(headers.nextElement());
            }
            hashMap.put(nextElement, arrayList.toArray(new String[arrayList.size()]));
        }
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        HashMap hashMap2 = new HashMap();
        if (Validator.isNull(str3)) {
            str3 = company.getAuthType();
        }
        int i = -1;
        if (str3.equals("emailAddress")) {
            i = UserLocalServiceUtil.authenticateByEmailAddress(company.getCompanyId(), str, str2, hashMap, parameterMap, hashMap2);
            j = MapUtil.getLong(hashMap2, "userId", j);
        } else if (str3.equals("screenName")) {
            i = UserLocalServiceUtil.authenticateByScreenName(company.getCompanyId(), str, str2, hashMap, parameterMap, hashMap2);
            j = MapUtil.getLong(hashMap2, "userId", j);
        } else if (str3.equals("userId")) {
            i = UserLocalServiceUtil.authenticateByUserId(company.getCompanyId(), j, str2, hashMap, parameterMap, hashMap2);
        }
        if (i == 1) {
            return j;
        }
        User fetchUser = UserLocalServiceUtil.fetchUser(j);
        if (fetchUser != null) {
            UserLocalServiceUtil.checkLockout(fetchUser);
        }
        throw new AuthException();
    }

    @Override // com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManager
    public void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, boolean z, String str3) throws Exception {
        Boolean bool;
        HttpServletRequest originalServletRequest = PortalUtil.getOriginalServletRequest(httpServletRequest);
        CookieKeys.validateSupportCookie(originalServletRequest);
        HttpSession session = originalServletRequest.getSession();
        Company company = PortalUtil.getCompany(originalServletRequest);
        long authenticatedUserId = getAuthenticatedUserId(originalServletRequest, str, str2, str3);
        if (!PropsValues.AUTH_SIMULTANEOUS_LOGINS) {
            signOutSimultaneousLogins(authenticatedUserId);
        }
        if (PropsValues.SESSION_ENABLE_PHISHING_PROTECTION) {
            session = renewSession(originalServletRequest, session);
        }
        String domain = CookieKeys.getDomain(originalServletRequest);
        User userById = UserLocalServiceUtil.getUserById(authenticatedUserId);
        String valueOf = String.valueOf(authenticatedUserId);
        session.setAttribute("j_username", valueOf);
        if (PropsValues.PORTAL_JAAS_PLAIN_PASSWORD) {
            session.setAttribute("j_password", str2);
        } else {
            session.setAttribute("j_password", userById.getPassword());
        }
        session.setAttribute("j_remoteuser", valueOf);
        if (PropsValues.SESSION_STORE_PASSWORD) {
            session.setAttribute(WebKeys.USER_PASSWORD, str2);
        }
        Cookie cookie = new Cookie("COMPANY_ID", String.valueOf(company.getCompanyId()));
        if (Validator.isNotNull(domain)) {
            cookie.setDomain(domain);
        }
        cookie.setPath("/");
        Cookie cookie2 = new Cookie(CookieKeys.ID, Encryptor.encrypt(company.getKeyObj(), valueOf));
        if (Validator.isNotNull(domain)) {
            cookie2.setDomain(domain);
        }
        cookie2.setPath("/");
        Cookie cookie3 = new Cookie(CookieKeys.PASSWORD, Encryptor.encrypt(company.getKeyObj(), str2));
        if (Validator.isNotNull(domain)) {
            cookie3.setDomain(domain);
        }
        cookie3.setPath("/");
        Cookie cookie4 = new Cookie(CookieKeys.REMEMBER_ME, Boolean.TRUE.toString());
        if (Validator.isNotNull(domain)) {
            cookie4.setDomain(domain);
        }
        cookie4.setPath("/");
        int i = PropsValues.COMPANY_SECURITY_AUTO_LOGIN_MAX_AGE;
        String concat = valueOf.concat(StringPool.PERIOD).concat(String.valueOf(System.nanoTime()));
        Cookie cookie5 = new Cookie("USER_UUID", Encryptor.encrypt(company.getKeyObj(), concat));
        cookie5.setPath("/");
        session.setAttribute("USER_UUID", concat);
        if (PropsValues.SESSION_DISABLED) {
            z = true;
        }
        if (z) {
            cookie.setMaxAge(i);
            cookie2.setMaxAge(i);
            cookie3.setMaxAge(i);
            cookie4.setMaxAge(i);
            cookie5.setMaxAge(i);
        } else {
            cookie.setMaxAge(-1);
            cookie2.setMaxAge(-1);
            cookie3.setMaxAge(-1);
            cookie4.setMaxAge(0);
            cookie5.setMaxAge(-1);
        }
        Cookie cookie6 = new Cookie(CookieKeys.LOGIN, str);
        if (Validator.isNotNull(domain)) {
            cookie6.setDomain(domain);
        }
        cookie6.setMaxAge(i);
        cookie6.setPath("/");
        Cookie cookie7 = new Cookie(CookieKeys.SCREEN_NAME, Encryptor.encrypt(company.getKeyObj(), userById.getScreenName()));
        if (Validator.isNotNull(domain)) {
            cookie7.setDomain(domain);
        }
        cookie7.setMaxAge(i);
        cookie7.setPath("/");
        boolean isSecure = originalServletRequest.isSecure();
        if (isSecure && !PropsValues.COMPANY_SECURITY_AUTH_REQUIRES_HTTPS && !StringUtil.equalsIgnoreCase(Http.HTTPS, PropsValues.WEB_SERVER_PROTOCOL) && ((bool = (Boolean) session.getAttribute(WebKeys.HTTPS_INITIAL)) == null || !bool.booleanValue())) {
            isSecure = false;
        }
        CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie, isSecure);
        CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie2, isSecure);
        CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie5, isSecure);
        if (z) {
            CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie6, isSecure);
            CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie3, isSecure);
            CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie4, isSecure);
            CookieKeys.addCookie(originalServletRequest, httpServletResponse, cookie7, isSecure);
        }
        AuthenticatedUserUUIDStoreUtil.register(concat);
    }

    @Override // com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManager
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        EventsProcessorUtil.process(PropsKeys.LOGOUT_EVENTS_PRE, PropsValues.LOGOUT_EVENTS_PRE, httpServletRequest, httpServletResponse);
        String domain = CookieKeys.getDomain(httpServletRequest);
        deleteCookie(httpServletRequest, httpServletResponse, "COMPANY_ID", domain);
        deleteCookie(httpServletRequest, httpServletResponse, CookieKeys.GUEST_LANGUAGE_ID, domain);
        deleteCookie(httpServletRequest, httpServletResponse, CookieKeys.ID, domain);
        deleteCookie(httpServletRequest, httpServletResponse, CookieKeys.PASSWORD, domain);
        if (!GetterUtil.getBoolean(CookieKeys.getCookie(httpServletRequest, CookieKeys.REMEMBER_ME))) {
            deleteCookie(httpServletRequest, httpServletResponse, CookieKeys.LOGIN, domain);
        }
        deleteCookie(httpServletRequest, httpServletResponse, CookieKeys.REMEMBER_ME, domain);
        try {
            session.invalidate();
        } catch (Exception e) {
        }
        EventsProcessorUtil.process(PropsKeys.LOGOUT_EVENTS_POST, PropsValues.LOGOUT_EVENTS_POST, httpServletRequest, httpServletResponse);
    }

    @Override // com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManager
    public HttpSession renewSession(HttpServletRequest httpServletRequest, HttpSession httpSession) throws Exception {
        String[] strArr = PropsValues.SESSION_PHISHING_PROTECTED_ATTRIBUTES;
        HashMap hashMap = new HashMap();
        for (String str : strArr) {
            Object attribute = httpSession.getAttribute(str);
            if (attribute != null) {
                hashMap.put(str, attribute);
            }
        }
        httpSession.invalidate();
        HttpSession session = httpServletRequest.getSession(true);
        for (String str2 : strArr) {
            Object obj = hashMap.get(str2);
            if (obj != null) {
                session.setAttribute(str2, obj);
            }
        }
        return session;
    }

    @Override // com.liferay.portal.kernel.security.auth.session.AuthenticatedSessionManager
    public void signOutSimultaneousLogins(long j) throws Exception {
        long companyIdByUserId = CompanyLocalServiceUtil.getCompanyIdByUserId(j);
        for (UserTracker userTracker : new ArrayList(LiveUsers.getSessionUsers(companyIdByUserId).values())) {
            if (j == userTracker.getUserId()) {
                JSONObject createJSONObject = JSONFactoryUtil.createJSONObject();
                ClusterNode localClusterNode = ClusterExecutorUtil.getLocalClusterNode();
                if (localClusterNode != null) {
                    createJSONObject.put("clusterNodeId", localClusterNode.getClusterNodeId());
                }
                createJSONObject.put(WorkflowConstants.CONTEXT_COMMAND, "signOut");
                createJSONObject.put("companyId", companyIdByUserId);
                createJSONObject.put("sessionId", userTracker.getSessionId());
                createJSONObject.put("userId", j);
                MessageBusUtil.sendMessage(DestinationNames.LIVE_USERS, createJSONObject.toString());
            }
        }
    }

    protected void deleteCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        Cookie cookie = new Cookie(str, "");
        if (Validator.isNotNull(str2)) {
            cookie.setDomain(str2);
        }
        cookie.setMaxAge(0);
        cookie.setPath("/");
        CookieKeys.addCookie(httpServletRequest, httpServletResponse, cookie);
    }
}
