package com.gentics.contentnode.rest;

import com.gentics.api.lib.etc.ObjectTransformer;
import com.gentics.api.lib.exception.NodeException;
import com.gentics.contentnode.etc.NodeSetup;
import com.gentics.contentnode.etc.NodeSetupValuePair;
import com.gentics.contentnode.factory.object.SystemUserFactory;
import com.gentics.contentnode.object.SystemUser;
import com.gentics.contentnode.perm.PermHandler;
import com.gentics.contentnode.rest.api.AuthenticationResource;
import com.gentics.contentnode.rest.model.Reference;
import com.gentics.contentnode.rest.model.request.LoginRequest;
import com.gentics.contentnode.rest.model.response.AuthenticationResponse;
import com.gentics.contentnode.rest.model.response.GenericResponse;
import com.gentics.contentnode.rest.model.response.LoginResponse;
import com.gentics.contentnode.rest.model.response.Message;
import com.gentics.contentnode.rest.model.response.ResponseCode;
import com.gentics.contentnode.rest.model.response.ResponseInfo;
import com.gentics.contentnode.rest.util.ModelBuilder;
import com.gentics.lib.base.factory.InvalidSessionIdException;
import com.gentics.lib.base.factory.Session;
import com.gentics.lib.base.factory.SessionToken;
import com.gentics.lib.base.factory.Transaction;
import com.gentics.lib.base.factory.TransactionManager;
import com.gentics.lib.log.ActionLogger;
import com.gentics.lib.log.NodeLogger;
import com.gentics.portalnode.portlet.PortletApplication;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;

@Path("/auth")
/* loaded from: input_file:com/gentics/contentnode/rest/AuthenticationResourceImpl.class */
public class AuthenticationResourceImpl extends AbstractContentNodeResource implements AuthenticationResource {
    protected NodeLogger logger = NodeLogger.getNodeLogger(getClass());

    @GET
    @Path("/validate/{sid}")
    public AuthenticationResponse validate(@PathParam("sid") String str) {
        AuthenticationResponse authenticationResponse = new AuthenticationResponse();
        try {
            int validateSID = validateSID(str);
            authenticationResponse.setResponseInfo(new ResponseInfo(ResponseCode.OK, "Successfully validated given SID"));
            authenticationResponse.setUser(ModelBuilder.getUser((SystemUser) this.transaction.getObject(SystemUser.class, Integer.valueOf(validateSID)), new Reference[0]));
        } catch (Exception e) {
            authenticationResponse.setResponseInfo(new ResponseInfo(ResponseCode.INVALIDDATA, "Invalid SID given"));
        }
        return authenticationResponse;
    }

    @GET
    @Produces({"text/plain; charset=UTF-8"})
    @Path("/ssologin")
    public String ssoLogin() {
        try {
            Transaction currentTransaction = TransactionManager.getCurrentTransaction();
            SessionToken sessionToken = new SessionToken(getRequest());
            Session session = new Session(sessionToken.getSessionId(), currentTransaction);
            if (!sessionToken.authenticates(session)) {
                throw new InvalidSessionIdException(ObjectTransformer.getString(Integer.valueOf(sessionToken.getSessionId()), ""));
            }
            Transaction startTransaction = getFactory().startTransaction(null, Integer.valueOf(session.getUserId()), true);
            try {
                NodeSetupValuePair keyValue = NodeSetup.getKeyValue(NodeSetup.NODESETUP_KEY.maintenancemode);
                if ((keyValue != null && keyValue.getIntValue() > 0) && !startTransaction.getPermHandler().checkPermissionBit(Integer.valueOf(PermHandler.TYPE_MAINTENCANCE), 84, 0)) {
                    this.logger.info("The maintenance mode is currently enabled. Login was therefore disabled.");
                    String responseCode = ResponseCode.MAINTENANCEMODE.toString();
                    startTransaction.commit();
                    TransactionManager.setCurrentTransaction(currentTransaction);
                    return responseCode;
                }
                startTransaction.commit();
                TransactionManager.setCurrentTransaction(currentTransaction);
                Cookie cookie = new Cookie(SessionToken.SESSION_SECRET_COOKIE_NAME, session.getSessionSecret());
                cookie.setPath(PortletApplication.MODULEPATH_DELIMITER);
                cookie.setSecure(false);
                getResponse().addCookie(cookie);
                return ObjectTransformer.getString(Integer.valueOf(sessionToken.getSessionId()), "");
            } catch (Throwable th) {
                startTransaction.commit();
                TransactionManager.setCurrentTransaction(currentTransaction);
                throw th;
            }
        } catch (InvalidSessionIdException e) {
            return ResponseCode.NOTFOUND.toString();
        } catch (Exception e2) {
            return ResponseCode.FAILURE.toString();
        }
    }

    @GET
    @Produces({"text/plain; charset=UTF-8"})
    @Path("/login")
    public String alternateSsoLogin() {
        return ssoLogin();
    }

    @POST
    @Path("/login")
    public LoginResponse login(LoginRequest loginRequest) {
        try {
            Transaction currentTransaction = TransactionManager.getCurrentTransaction();
            SystemUser systemUser = ((SystemUserFactory) currentTransaction.getObjectFactory(SystemUser.class)).getSystemUser(loginRequest.getLogin(), ObjectTransformer.getString(loginRequest.getPassword(), ""));
            if (systemUser == null) {
                LoginResponse loginResponse = new LoginResponse();
                loginResponse.setResponseInfo(new ResponseInfo(ResponseCode.NOTFOUND, "Did not find a user with given credentials"));
                return loginResponse;
            }
            Transaction startTransaction = getFactory().startTransaction(null, (Integer) systemUser.getId(), true);
            try {
                NodeSetupValuePair keyValue = NodeSetup.getKeyValue(NodeSetup.NODESETUP_KEY.maintenancemode);
                if ((keyValue != null && keyValue.getIntValue() > 0) && !startTransaction.getPermHandler().checkPermissionBit(Integer.valueOf(PermHandler.TYPE_MAINTENCANCE), 84, 0)) {
                    LoginResponse loginResponse2 = new LoginResponse();
                    loginResponse2.setResponseInfo(new ResponseInfo(ResponseCode.MAINTENANCEMODE, "The maintenance mode is currently enabled. Login was therefore disabled."));
                    startTransaction.commit();
                    TransactionManager.setCurrentTransaction(currentTransaction);
                    return loginResponse2;
                }
                startTransaction.commit();
                TransactionManager.setCurrentTransaction(currentTransaction);
                HttpServletRequest request = getRequest();
                Session session = new Session(systemUser, request != null ? request.getRemoteAddr() : "", request != null ? request.getHeader("user-agent") : "", getSessionSecret());
                boolean z = false;
                Cookie cookie = new Cookie(SessionToken.SESSION_SECRET_COOKIE_NAME, session.getSessionSecret());
                cookie.setPath(PortletApplication.MODULEPATH_DELIMITER);
                cookie.setSecure(false);
                if (getResponse() != null) {
                    getResponse().addCookie(cookie);
                    z = true;
                }
                LoginResponse loginResponse3 = new LoginResponse();
                loginResponse3.setResponseInfo(new ResponseInfo(ResponseCode.OK, "Successfully performed login"));
                loginResponse3.setUser(ModelBuilder.getUser(systemUser, new Reference[0]));
                if (z) {
                    loginResponse3.setSid(Integer.toString(session.getSessionId()));
                } else {
                    loginResponse3.setSid(Integer.toString(session.getSessionId()) + session.getSessionSecret());
                }
                ActionLogger.logCmd(ActionLogger.LOGIN, 10, systemUser.getId(), Integer.valueOf(currentTransaction.getUnixTimestamp()), "restApi:auth/login");
                return loginResponse3;
            } catch (Throwable th) {
                startTransaction.commit();
                TransactionManager.setCurrentTransaction(currentTransaction);
                throw th;
            }
        } catch (NodeException e) {
            LoginResponse loginResponse4 = new LoginResponse();
            loginResponse4.setResponseInfo(new ResponseInfo(ResponseCode.FAILURE, e.getLocalizedMessage()));
            return loginResponse4;
        }
    }

    @POST
    @Path("/logout/{sid}")
    public GenericResponse logout(@PathParam("sid") String str) {
        try {
            SessionToken sessionToken = new SessionToken(str, getSessionSecret());
            Session session = new Session(sessionToken.getSessionId(), this.transaction);
            if (!sessionToken.authenticates(session)) {
                return new GenericResponse((Message) null, new ResponseInfo(ResponseCode.INVALIDDATA, "Invalid SID given"));
            }
            session.logout();
            Cookie cookie = new Cookie(SessionToken.SESSION_SECRET_COOKIE_NAME, "");
            cookie.setMaxAge(0);
            cookie.setPath(PortletApplication.MODULEPATH_DELIMITER);
            cookie.setSecure(false);
            getResponse().addCookie(cookie);
            return new GenericResponse((Message) null, new ResponseInfo(ResponseCode.OK, "Successfully logged out"));
        } catch (Exception e) {
            return new GenericResponse((Message) null, new ResponseInfo(ResponseCode.FAILURE, "Error while logout"));
        }
    }

    protected int validateSID(String str) throws Exception {
        SessionToken sessionToken = new SessionToken(str);
        Session session = new Session(sessionToken.getSessionId(), this.transaction);
        if (sessionToken.authenticates(session)) {
            return session.getUserId();
        }
        throw new NodeException("SessionToken does not authenticate the session");
    }
}
