package org.apache.cocoon.webapps.authentication.components;

import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.avalon.framework.activity.Disposable;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.container.ContainerUtil;
import org.apache.avalon.framework.context.Context;
import org.apache.avalon.framework.context.ContextException;
import org.apache.avalon.framework.context.Contextualizable;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.avalon.framework.thread.ThreadSafe;
import org.apache.cocoon.ProcessingException;
import org.apache.cocoon.components.ContextHelper;
import org.apache.cocoon.components.SitemapConfigurable;
import org.apache.cocoon.components.SitemapConfigurationHolder;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.Session;
import org.apache.cocoon.util.ClassUtils;
import org.apache.cocoon.webapps.authentication.AuthenticationManager;
import org.apache.cocoon.webapps.authentication.components.Authenticator;
import org.apache.cocoon.webapps.authentication.configuration.ApplicationConfiguration;
import org.apache.cocoon.webapps.authentication.configuration.HandlerConfiguration;
import org.apache.cocoon.webapps.authentication.context.AuthenticationContext;
import org.apache.cocoon.webapps.authentication.user.RequestState;
import org.apache.cocoon.webapps.authentication.user.UserHandler;
import org.apache.cocoon.webapps.authentication.user.UserState;
import org.apache.cocoon.webapps.session.ContextManager;
import org.apache.cocoon.webapps.session.SessionConstants;
import org.apache.cocoon.webapps.session.SessionManager;
import org.apache.cocoon.webapps.session.context.SessionContext;
import org.apache.excalibur.source.SourceParameters;
import org.apache.excalibur.source.SourceResolver;
import org.apache.excalibur.source.SourceUtil;
import org.apache.excalibur.xml.xpath.XPathProcessor;
import org.w3c.dom.DocumentFragment;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;

/* loaded from: input_file:WEB-INF/lib/cocoon-authentication-fw-block.jar:org/apache/cocoon/webapps/authentication/components/DefaultAuthenticationManager.class */
public class DefaultAuthenticationManager extends AbstractLogEnabled implements AuthenticationManager, SitemapConfigurable, Serviceable, Disposable, ThreadSafe, Contextualizable, Component {
    public static final String SESSION_ATTRIBUTE_USER_STATUS;
    protected SitemapConfigurationHolder holder;
    protected ServiceManager manager;
    protected SourceResolver resolver;
    protected Context context;
    protected Map authenticators = new HashMap();
    protected XPathProcessor xpathProcessor;
    private static final String REQUEST_STATE_KEY;
    static Class class$org$apache$cocoon$webapps$authentication$components$DefaultAuthenticationManager;
    static Class class$org$apache$cocoon$webapps$authentication$user$RequestState;

    @Override // org.apache.cocoon.components.SitemapConfigurable
    public void configure(SitemapConfigurationHolder sitemapConfigurationHolder) throws ConfigurationException {
        this.holder = sitemapConfigurationHolder;
    }

    private Map getHandlerConfigurations() throws ProcessingException {
        Map map = (Map) this.holder.getPreparedConfiguration();
        if (null == map) {
            try {
                map = DefaultHandlerManager.prepareHandlerConfiguration(ContextHelper.getObjectModel(this.context), this.holder);
            } catch (ConfigurationException e) {
                throw new ProcessingException("Configuration error.", e);
            }
        }
        return map;
    }

    private HandlerConfiguration getHandlerConfiguration(String str) throws ProcessingException {
        Map handlerConfigurations = getHandlerConfigurations();
        HandlerConfiguration handlerConfiguration = null;
        if (handlerConfigurations != null) {
            handlerConfiguration = (HandlerConfiguration) handlerConfigurations.get(str);
        }
        return handlerConfiguration;
    }

    private Request getRequest() {
        return ContextHelper.getRequest(this.context);
    }

    private Session getSession(boolean z) {
        return getRequest().getSession(z);
    }

    private UserState getUserState() {
        Session session = getSession(false);
        UserState userState = null;
        if (session != null) {
            userState = (UserState) session.getAttribute(SESSION_ATTRIBUTE_USER_STATUS);
        }
        return userState;
    }

    private UserState createUserState() {
        UserState userState = getUserState();
        if (userState == null) {
            Session session = getSession(true);
            userState = new UserState();
            session.setAttribute(SESSION_ATTRIBUTE_USER_STATUS, userState);
        }
        return userState;
    }

    private UserHandler getUserHandler(String str) {
        UserState userState = getUserState();
        if (userState != null) {
            return userState.getHandler(str);
        }
        return null;
    }

    private void updateUserState() {
        Session session = getSession(true);
        session.setAttribute(SESSION_ATTRIBUTE_USER_STATUS, session.getAttribute(SESSION_ATTRIBUTE_USER_STATUS));
    }

    @Override // org.apache.cocoon.webapps.authentication.AuthenticationManager
    public UserHandler login(String str, String str2, SourceParameters sourceParameters) throws ProcessingException {
        HandlerConfiguration handlerConfiguration = getHandlerConfiguration(str);
        if (handlerConfiguration == null) {
            throw new ProcessingException(new StringBuffer().append("Unknown handler to authenticate: ").append(str).toString());
        }
        UserHandler userHandler = getUserHandler(str);
        if (userHandler != null) {
            throw new ProcessingException(new StringBuffer().append("User is already authenticated using handler: ").append(str).toString());
        }
        Authenticator lookupAuthenticator = lookupAuthenticator(handlerConfiguration);
        try {
            Authenticator.AuthenticationResult authenticate = lookupAuthenticator.authenticate(handlerConfiguration, sourceParameters);
            if (authenticate != null && authenticate.valid) {
                AuthenticationContext authenticationContext = new AuthenticationContext(this.context, this.xpathProcessor, this.resolver);
                userHandler = new UserHandler(handlerConfiguration, authenticationContext);
                authenticationContext.init(authenticate.result);
            } else if (authenticate != null) {
                try {
                    try {
                        ContextManager contextManager = (ContextManager) this.manager.lookup(ContextManager.ROLE);
                        SessionContext context = contextManager.getContext(SessionConstants.TEMPORARY_CONTEXT);
                        DocumentFragment createDocumentFragment = authenticate.result.createDocumentFragment();
                        Element documentElement = authenticate.result.getDocumentElement();
                        documentElement.normalize();
                        boolean z = false;
                        while (documentElement.hasChildNodes()) {
                            Node firstChild = documentElement.getFirstChild();
                            documentElement.removeChild(firstChild);
                            if (z || firstChild.getNodeType() != 3 || firstChild.getNodeValue().trim().length() > 0) {
                                createDocumentFragment.appendChild(firstChild);
                                z = true;
                            }
                        }
                        context.appendXML("/", createDocumentFragment);
                        this.manager.release(contextManager);
                    } catch (Throwable th) {
                        this.manager.release(null);
                        throw th;
                    }
                } catch (ServiceException e) {
                    throw new ProcessingException("Unable to lookup session manager.", e);
                }
            }
            if (userHandler != null) {
                createUserState().addHandler(userHandler);
                updateUserState();
                RequestState requestState = new RequestState(userHandler, str2);
                setState(requestState);
                requestState.initialize(this.resolver);
                for (ApplicationConfiguration applicationConfiguration : userHandler.getHandlerConfiguration().getApplications().values()) {
                    if (!applicationConfiguration.getLoadOnDemand()) {
                        userHandler.getContext().loadApplicationXML(applicationConfiguration, this.resolver);
                    }
                }
            }
            return userHandler;
        } finally {
            releaseAuthenticator(lookupAuthenticator, handlerConfiguration);
        }
    }

    protected void releaseAuthenticator(Authenticator authenticator, HandlerConfiguration handlerConfiguration) {
    }

    protected Authenticator lookupAuthenticator(HandlerConfiguration handlerConfiguration) throws ProcessingException {
        String authenticatorClassName = handlerConfiguration.getAuthenticatorClassName();
        Authenticator authenticator = (Authenticator) this.authenticators.get(authenticatorClassName);
        if (authenticator == null) {
            synchronized (this) {
                authenticator = (Authenticator) this.authenticators.get(authenticatorClassName);
                if (authenticator == null) {
                    try {
                        authenticator = (Authenticator) ClassUtils.newInstance(authenticatorClassName);
                        ContainerUtil.enableLogging(authenticator, getLogger());
                        ContainerUtil.contextualize(authenticator, this.context);
                        ContainerUtil.service(authenticator, this.manager);
                        ContainerUtil.initialize(authenticator);
                        this.authenticators.put(authenticatorClassName, authenticator);
                    } catch (Exception e) {
                        throw new ProcessingException(new StringBuffer().append("Unable to initialize authenticator from class ").append(authenticatorClassName).toString(), e);
                    }
                }
            }
        }
        return authenticator;
    }

    @Override // org.apache.cocoon.webapps.authentication.AuthenticationManager
    public boolean checkAuthentication(Redirector redirector, String str, String str2) throws IOException, ProcessingException {
        HandlerConfiguration handlerConfiguration = getHandlerConfiguration(str);
        if (handlerConfiguration == null) {
            throw new ProcessingException(new StringBuffer().append("Unknown handler to check: ").append(str).toString());
        }
        UserHandler userHandler = getUserHandler(str);
        boolean z = userHandler != null;
        if (z) {
            RequestState requestState = new RequestState(userHandler, str2);
            setState(requestState);
            requestState.initialize(this.resolver);
        } else if (redirector != null) {
            SourceParameters redirectParameters = handlerConfiguration.getRedirectParameters();
            if (redirectParameters == null) {
                redirectParameters = new SourceParameters();
            }
            Request request = getRequest();
            String requestURI = request.getRequestURI();
            if (request.getQueryString() != null) {
                requestURI = new StringBuffer().append(requestURI).append('?').append(request.getQueryString()).toString();
            }
            redirectParameters.setSingleParameterValue("resource", requestURI);
            redirector.globalRedirect(false, SourceUtil.appendParameters(handlerConfiguration.getRedirectURI(), redirectParameters));
        }
        return z;
    }

    public String getForwardingURI(String str) throws ProcessingException {
        HandlerConfiguration handlerConfiguration = getHandlerConfiguration(str);
        SourceParameters redirectParameters = handlerConfiguration.getRedirectParameters();
        if (redirectParameters == null) {
            redirectParameters = new SourceParameters();
        }
        Request request = getRequest();
        String requestURI = request.getRequestURI();
        if (request.getQueryString() != null) {
            requestURI = new StringBuffer().append(requestURI).append('?').append(request.getQueryString()).toString();
        }
        redirectParameters.setSingleParameterValue("resource", requestURI);
        return SourceUtil.appendParameters(handlerConfiguration.getRedirectURI(), redirectParameters);
    }

    @Override // org.apache.cocoon.webapps.authentication.AuthenticationManager
    public UserHandler isAuthenticated(String str) throws ProcessingException {
        return getUserHandler(str);
    }

    @Override // org.apache.cocoon.webapps.authentication.AuthenticationManager
    public void logout(String str, int i) throws ProcessingException {
        HandlerConfiguration handlerConfiguration = getHandlerConfiguration(str);
        if (handlerConfiguration == null) {
            throw new ProcessingException(new StringBuffer().append("Unknown handler to logout: ").append(str).toString());
        }
        UserHandler userHandler = getUserHandler(str);
        if (userHandler != null) {
            try {
                lookupAuthenticator(handlerConfiguration).logout(userHandler);
            } catch (Exception e) {
            }
            List applicationContexts = userHandler.getApplicationContexts();
            if (applicationContexts != null) {
                ContextManager contextManager = null;
                try {
                    try {
                        contextManager = (ContextManager) this.manager.lookup(ContextManager.ROLE);
                        Iterator it = applicationContexts.iterator();
                        while (it.hasNext()) {
                            contextManager.deleteContext((String) it.next());
                        }
                        this.manager.release(contextManager);
                    } catch (ServiceException e2) {
                        throw new ProcessingException("Unable to create session context.", e2);
                    }
                } catch (Throwable th) {
                    this.manager.release(contextManager);
                    throw th;
                }
            }
            UserState userState = getUserState();
            userState.removeHandler(str);
            updateUserState();
            try {
                try {
                    SessionManager sessionManager = (SessionManager) this.manager.lookup(SessionManager.ROLE);
                    if (i == 0) {
                        sessionManager.terminateSession(true);
                    } else if (i == 1) {
                        if (!userState.hasHandler()) {
                            sessionManager.terminateSession(false);
                        }
                    } else {
                        if (i != 2) {
                            throw new ProcessingException(new StringBuffer().append("Unknown logout mode: ").append(i).toString());
                        }
                        if (!userState.hasHandler()) {
                            sessionManager.terminateSession(true);
                        }
                    }
                    this.manager.release(sessionManager);
                } catch (ServiceException e3) {
                    throw new ProcessingException("Unable to lookup session manager.", e3);
                }
            } catch (Throwable th2) {
                this.manager.release(null);
                throw th2;
            }
        }
    }

    @Override // org.apache.avalon.framework.service.Serviceable
    public void service(ServiceManager serviceManager) throws ServiceException {
        this.manager = serviceManager;
        this.resolver = (SourceResolver) this.manager.lookup(SourceResolver.ROLE);
        this.xpathProcessor = (XPathProcessor) this.manager.lookup(XPathProcessor.ROLE);
    }

    @Override // org.apache.avalon.framework.activity.Disposable
    public void dispose() {
        Iterator it = this.authenticators.values().iterator();
        while (it.hasNext()) {
            ContainerUtil.dispose((Authenticator) it.next());
        }
        if (this.manager != null) {
            this.manager.release(this.resolver);
            this.manager.release(this.xpathProcessor);
            this.resolver = null;
            this.xpathProcessor = null;
            this.manager = null;
        }
    }

    @Override // org.apache.cocoon.webapps.authentication.AuthenticationManager
    public RequestState getState() {
        return getRequestState(this.context);
    }

    public static RequestState getRequestState(Context context) {
        return (RequestState) ContextHelper.getRequest(context).getAttribute(REQUEST_STATE_KEY);
    }

    @Override // org.apache.avalon.framework.context.Contextualizable
    public void contextualize(Context context) throws ContextException {
        this.context = context;
    }

    protected void setState(RequestState requestState) {
        Request request = ContextHelper.getRequest(this.context);
        if (requestState != null) {
            request.setAttribute(REQUEST_STATE_KEY, requestState);
        } else {
            request.removeAttribute(REQUEST_STATE_KEY);
        }
    }

    @Override // org.apache.cocoon.webapps.authentication.AuthenticationManager
    public SessionContext createApplicationContext(String str, String str2, String str3) throws ProcessingException {
        UserHandler handler = getState().getHandler();
        if (handler == null) {
            throw new ProcessingException("No handler defined. Unable to create application context.");
        }
        ContextManager contextManager = null;
        try {
            try {
                try {
                    contextManager = (ContextManager) this.manager.lookup(ContextManager.ROLE);
                    SessionContext createContext = contextManager.createContext(str, str2, str3);
                    handler.addApplicationContext(str);
                    this.manager.release(contextManager);
                    return createContext;
                } catch (ServiceException e) {
                    throw new ProcessingException("Unable to create session context.", e);
                }
            } catch (IOException e2) {
                throw new ProcessingException("Unable to create session context.", e2);
            } catch (SAXException e3) {
                throw new ProcessingException("Unable to create session context.", e3);
            }
        } catch (Throwable th) {
            this.manager.release(contextManager);
            throw th;
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        Class cls2;
        StringBuffer stringBuffer = new StringBuffer();
        if (class$org$apache$cocoon$webapps$authentication$components$DefaultAuthenticationManager == null) {
            cls = class$("org.apache.cocoon.webapps.authentication.components.DefaultAuthenticationManager");
            class$org$apache$cocoon$webapps$authentication$components$DefaultAuthenticationManager = cls;
        } else {
            cls = class$org$apache$cocoon$webapps$authentication$components$DefaultAuthenticationManager;
        }
        SESSION_ATTRIBUTE_USER_STATUS = stringBuffer.append(cls.getName()).append("/UserStatus").toString();
        if (class$org$apache$cocoon$webapps$authentication$user$RequestState == null) {
            cls2 = class$("org.apache.cocoon.webapps.authentication.user.RequestState");
            class$org$apache$cocoon$webapps$authentication$user$RequestState = cls2;
        } else {
            cls2 = class$org$apache$cocoon$webapps$authentication$user$RequestState;
        }
        REQUEST_STATE_KEY = cls2.getName();
    }
}
